News & Sicurezza

The Good, the Bad and the Ugly in Cybersecurity – Week 26 The Good | Authorities Dismantle Malware Networks and Seize Cambodian Scam Infrastructure Following the seizure of a major Phishing-as-a-Service last week, the latest move, part of Operation Endgame, ... Read more Published Date: Jun 26, 2026 (1 day, 4 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-20245 CVE-2026-20230

CVE ID :CVE-2026-57925 Published : June 26, 2026, 12:38 p.m. | 1 hour, 6 minutes ago Description :In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-57926 Published : June 26, 2026, 12:38 p.m. | 1 hour, 6 minutes ago Description :In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack Severity: 2.6 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-57923 Published : June 26, 2026, 12:38 p.m. | 1 hour, 6 minutes ago Description :In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-57924 Published : June 26, 2026, 12:38 p.m. | 1 hour, 6 minutes ago Description :In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-57921 Published : June 26, 2026, 12:38 p.m. | 1 hour, 6 minutes ago Description :In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templates endpoint Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-57922 Published : June 26, 2026, 12:38 p.m. | 1 hour, 6 minutes ago Description :In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible Severity: 3.1 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Dat ... Read more Published Date: Jun 26, 2026 (1 day, 5 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-12569 CVE-2026-11645

CVE ID :CVE-2026-40711 Published : June 26, 2026, 12:31 p.m. | 1 hour, 14 minutes ago Description :Dell Dell Container Storage Modules, version(s) csi-powerstore v2.16.0, csi-unity v2.16.0, csi-powerflex v2.16.0, csi-powermax v2.16.0, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-57920 Published : June 26, 2026, 12:20 p.m. | 1 hour, 24 minutes ago Description :Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/{orgId} endpoints. Severity: 7.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2025-64152 Published : June 26, 2026, 12:16 p.m. | 1 hour, 28 minutes ago Description :Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.6, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.6 and 2.0.7, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2025-55017 Published : June 26, 2026, 12:15 p.m. | 1 hour, 29 minutes ago Description :Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 2.0.0 before 2.0.6, from 1.0.0 before 1.3.6. Users are recommended to upgrade to version 1.3.6 and 2.0.6, which fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...