Cybersecurity & Regolamentazione UE

News & Sicurezza

Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.

25210 risultati

VulnerabilitàAlta
CVE-2026-10837 - Open redirection vulnerability in Password Manager

CVE ID :CVE-2026-10837 Published : June 17, 2026, 11:11 a.m. | 2 hours, 31 minutes ago Description :Open redirection vulnerability due to insufficient validation of the X-Forwarded-Host HTTP header. An attacker could create manipulated links that, when opened by a victim, cause the victim to be redirected to domains controlled by the attacker, enabling phishing or deception attacks with limited impact on confidentiality and integrity. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-10836 - Improper neutralization of HTTP headers in Password Manager

CVE ID :CVE-2026-10836 Published : June 17, 2026, 11:10 a.m. | 2 hours, 31 minutes ago Description :Improper handling of HTTP headers that allows a remote attacker to manipulate the value of the Host header using specially crafted requests. A successful exploit could result in the generation of manipulated links or responses, potentially leading to limited information disclosure or compromising the integrity of dependent services. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-5667 - Information Disclosure, Information Tampering, or Denial-of-Service (DoS) Vulnerability in Multiple Home Appliances

CVE ID :CVE-2026-5667 Published : June 17, 2026, 10:53 a.m. | 2 hours, 48 minutes ago Description :Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Room Air Conditioners (for Japan and outside Japan); Wireless LAN Adapters for Room Air Conditioners (for Japan and outside Japan); Wireless LAN Adapters for Packaged Air Conditioners (for Japan and outside Japan); Refrigerators (for Japan); Heat Pump Water Heaters / HEMS-Compatible Adapters / Wireless LAN Adapters (for Japan); Bathroom Dryer / Heater / Ventilation Systems (for Japan); Adapters for Airflow Ventilation Systems, Heat Pump Chilled / Hot Water Systems, and Ventilation / Air-Conditioning System Air Resorts (for Japan); Lossnay Central Ventilation Systems (for Japan); Smart Switches for Ventilation Fans and Lossnay (for Japan); IH Cooking Heaters (for Japan); and Rice Cookers (for Japan) allows an attacker within Wi-Fi radio range of an affected product to access the affected product using a hard-coded SSID and password, thereby obtaining device data such as operation status, room set temperature, and room temperature; changing the air-conditioner or Wi-Fi settings; or causing Wi-Fi communication to enter a denial-of-service (DoS) condition. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2024-34810 - WordPress Skyline WP theme <= 1.0.10 - Cross Site Request Forgery (CSRF) vulnerability

CVE ID :CVE-2024-34810 Published : June 17, 2026, 10:25 a.m. | 3 hours, 17 minutes ago Description :Cross-Site request forgery (CSRF) vulnerability in Extend Themes Skyline WP allows Cross Site Request Forgery. This issue affects Skyline WP: from n/a through 1.0.10. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
News
Bluetooth-lek in Apple Beats Studio Buds maakt afluisteren gebruikers mogelijk

Bluetooth-lek in Apple Beats Studio Buds maakt afluisteren gebruikers mogelijk Een bluetooth-kwetsbaarheid in de Beats Studio Buds van Apple maakt het afluisteren van gebruikers mogelijk. Apple heeft een firmware-update uitgebracht om het probleem te verhelpen. "Een aanvaller bi ... Read more Published Date: Jun 17, 2026 (5 days, 9 hours ago) Vulnerabilities has been mentioned in this article. CVE-2025-20701

CVEfeed Newsroom17 giu 2026
VulnerabilitàAlta
CVE-2026-12491 - Vllm: vllm: image exif rotation & png trns transparency not normalized, causing mismatch between model input and expectations

CVE ID :CVE-2026-12491 Published : June 17, 2026, 10:07 a.m. | 3 hours, 35 minutes ago Description :A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency (tRNS) data, during image processing. When images are converted to RGB, transparency information may be implicitly discarded or remapped, leading to unexpected rendering of transparent pixels and distortion of input content. This can result in the model misinterpreting image content, potentially affecting the integrity of processed data. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
News
Joomla-websites aangevallen via kritiek beveiligingslek in JCE-editor

Joomla-websites aangevallen via kritiek beveiligingslek in JCE-editor Een kritieke kwetsbaarheid in de Joomla Content Editor (JCE) wordt actief misbruikt om Joomla-websites mee aan te vallen, zo waarschuwen de ontwikkelaars en de Amerikaanse en Italiaanse autoriteiten. ... Read more Published Date: Jun 17, 2026 (5 days, 7 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-48907

CVEfeed Newsroom17 giu 2026
VulnerabilitàAlta
CVE-2026-54811 - WordPress WP eMember plugin < v10.9.4 - SQL Injection vulnerability

CVE ID :CVE-2026-54811 Published : June 17, 2026, 9:51 a.m. | 3 hours, 50 minutes ago Description :Unauthenticated SQL Injection in WP eMember Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-54807 - WordPress Registration Form for WooCommerce plugin <= 1.0.9 - Privilege Escalation vulnerability

CVE ID :CVE-2026-54807 Published : June 17, 2026, 9:51 a.m. | 3 hours, 50 minutes ago Description :Unauthenticated Privilege Escalation in Registration Form for WooCommerce Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-54806 - WordPress WP Activity Log plugin <= 5.6.3.1 - PHP Object Injection vulnerability

CVE ID :CVE-2026-54806 Published : June 17, 2026, 9:51 a.m. | 3 hours, 50 minutes ago Description :Unauthenticated PHP Object Injection in WP Activity Log Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-54805 - WordPress Falang multilanguage plugin <= 1.4.2 - Privilege Escalation vulnerability

CVE ID :CVE-2026-54805 Published : June 17, 2026, 9:51 a.m. | 1 hour, 50 minutes ago Description :Subscriber Privilege Escalation in Falang multilanguage Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026
VulnerabilitàAlta
CVE-2026-54804 - WordPress Melhor Envio plugin <= 2.16.3 - Broken Authentication vulnerability

CVE ID :CVE-2026-54804 Published : June 17, 2026, 9:51 a.m. | 1 hour, 50 minutes ago Description :Subscriber Broken Authentication in Melhor Envio Severity: 7.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE17 giu 2026

Pagina 253 di 2101

Resta aggiornato sulla cybersecurity

Iscriviti a CodersRegistry per ricevere gli aggiornamenti più importanti su regolamentazione EU e vulnerabilità critiche.