[ News | Newsletters | Blogs | Lists | Media | Jobs ] HoneyDB
  [ vulnerabilities | tools ]
CISA Advisories
US-CERT
FullDisclosure
SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI
SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library
Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility
[KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability
[CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability
APPLE-SA-03-24-2026-10 Xcode 26.4
APPLE-SA-03-24-2026-9 Safari 26.4
APPLE-SA-03-24-2026-8 visionOS 26.4
APPLE-SA-03-24-2026-7 watchOS 26.4
APPLE-SA-03-24-2026-6 tvOS 26.4
US CERT Weekly
Open Source Security
Security Audit of Hex, the Erlang package manager
Re: GNU tar: listing/extraction desynchronization allows hidden file injection
Re: GNU tar: listing/extraction desynchronization allows hidden file injection
Re: GNU tar: listing/extraction desynchronization allows hidden file injection
Re: GNU tar: listing/extraction desynchronization allows hidden file injection
GNU tar: listing/extraction desynchronization allows hidden file injection
Avahi: Reachable assertion in transport_flags_from_domain (CVE-2026-34933)
LibRaw 0.22.1 Release with security fixes
Re: CVE-2026-35537+more: Roundcube arbitrary write + ID/XSS/etc. prior to 1.6.14
CVE-2026-35537+more: Roundcube arbitrary write + ID/XSS/etc. prior to 1.6.14
© 2026 RiskDiscovery | Sponsored by: Deception Logic