{"generated_at":"2026-06-28T12:02:19.555Z","date_label":"2026-06-28","total_cves":29,"critical_count":1,"high_count":28,"one_line":"1 critical / 28 high CVEs in last 24h — 1 flagged patch-now.","highlights":[{"id":"CVE-2026-58053","published":"2026-06-28T02:16:32.420","modified":"2026-06-28T02:16:32.420","cvss_score":9.9,"severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","description":"Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, forces only the Privileged flag off while merging options such as --pid=host, --cap-add, and --security-opt unchanged. A user who can run a workflow on a Docker-backed runner can create a job container with host namespaces and broad capabilities and escape to the host as root despite privileged mode being disabled.","references":["https://github.com/bikini/exploitarium/tree/main/gitea-act-runner-container-options-poc","https://www.vulncheck.com/advisories/gitea-act-runner-container-hardening-bypass-via-workflow-container-options"],"cwe_ids":["CWE-269"],"ai_impact":"An attacker can escape a container and gain root access to the host system, despite privileged mode being disabled, by creating a malicious job container with host namespaces and broad capabilities. No authentication is required for this vulnerability as it can be exploited by any user who can run a workflow on a Docker-backed runner.","ai_mitigation":"To fix this vulnerability, update act to a version later than 0.262.0. Alternatively, restrict access to running workflows on Docker-backed runners to trusted users only.","ai_exploitability":"in_the_wild","ai_priority":"patch_now","ai_tags":["container","rce","escape","docker"],"ai_class":"container"},{"id":"CVE-2024-54013","published":"2026-04-28T08:16:01.147","modified":"2026-06-27T18:12:54.480","cvss_score":8.8,"severity":"HIGH","vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","description":"Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds","references":["https://www.hanwhavision.com/wp-content/uploads/2026/04/Camera-Vulnerability-ReportCVE-2024-5401154013.pdf"],"cwe_ids":["CWE-306"],"ai_impact":"An attacker can gain unintended access to protected functions, potentially leading to sensitive data exposure and system compromise, without requiring authentication. The vulnerability is network-reachable.","ai_mitigation":"Apply the patch firmware released by the manufacturer to fix the vulnerability. Refer to the manufacturer's report for details and workarounds.","ai_exploitability":"poc_likely","ai_priority":"patch_soon","ai_tags":["web","auth-bypass","info-leak"],"ai_class":"web-app"},{"id":"CVE-2026-58049","published":"2026-06-28T02:16:30.477","modified":"2026-06-28T02:16:30.477","cvss_score":8.6,"severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H","description":"FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes at the row cursor before the NEXT_LINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A crafted media stream using the RASC FourCC, decoded by libavcodec, triggers a bitstream-controlled out-of-bounds heap write and adjacent out-of-bounds read, leading to memory corruption.","references":["https://github.com/FFmpeg/FFmpeg/blob/master/libavcodec/rasc.c","https://github.com/bikini/exploitarium/tree/main/ffmpeg-rasc-dlta-calc-poc","https://www.vulncheck.com/advisories/ffmpeg-out-of-bounds-write-in-rasc-decoder-decode-dlta"],"cwe_ids":["CWE-787"],"ai_impact":"An attacker can trigger a bitstream-controlled out-of-bounds heap write and adjacent out-of-bounds read, leading to memory corruption. No authentication is required, and the vulnerability is network reachable via a crafted media stream.","ai_mitigation":"To fix this vulnerability, update FFmpeg to a version that includes the patched libavcodec, or apply the relevant configuration changes to prevent the use of the RASC video decoder.","ai_exploitability":"poc_likely","ai_priority":"patch_soon","ai_tags":["rce","memory-corruption","media-processing"],"ai_class":"library"},{"id":"CVE-2026-2053","published":"2026-06-26T08:16:21.603","modified":"2026-06-27T19:38:55.727","cvss_score":8.3,"severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L","description":"The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does not sufficiently validate or restrict user-controlled input within these headers. This omission allows an attacker to manipulate WS-Addressing headers to specify arbitrary destinations for server-initiated requests.\n\nSuccessful exploitation allows an unauthenticated attacker to control the destination of server-initiated requests originating from the WSO2 API Manager. This direct control can enable unauthorized access to internal network resources or services that would typically be inaccessible from external networks.","references":["https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2026/WSO2-2026-5072/"],"cwe_ids":["CWE-918"],"ai_impact":"An attacker can manipulate WS-Addressing headers to control the destination of server-initiated requests, potentially accessing internal network resources without authentication. This allows unauthorized access to resources that would normally be inaccessible from external networks.","ai_mitigation":"Patch the WSO2 API Manager to a version that properly validates user-controlled input within WS-Addressing headers. If a patch is not available, consider implementing network segmentation or restricting access to internal resources as a temporary mitigation.","ai_exploitability":"poc_likely","ai_priority":"patch_soon","ai_tags":["network","rce","ssrf"],"ai_class":"network-stack"},{"id":"CVE-2026-41045","published":"2026-06-22T16:16:34.873","modified":"2026-06-28T00:10:33.460","cvss_score":8.1,"severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","description":"A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user.","references":["https://bugzilla.suse.com/show_bug.cgi?id=1261795","https://github.com/presire/qSnapper/releases/tag/v1.3.3","https://security.opensuse.org/2026/05/26/qsnapper-dbus-issues.html#issue-polkit-bypass"],"cwe_ids":["CWE-367"],"ai_impact":"An attacker can bypass qSnapper's authentication mechanism and operate as the root user, gaining elevated privileges on the local system. No network access or authentication is required.","ai_mitigation":"Update qSnapper to version 1.3.3 or later to fix the time-to-check-time-of-use vulnerability in polkit authentication.","ai_exploitability":"poc_likely","ai_priority":"patch_soon","ai_tags":["auth","auth-bypass","local","elevation-of-privilege"],"ai_class":"os-kernel"},{"id":"CVE-2026-8095","published":"2026-06-28T00:16:25.180","modified":"2026-06-28T00:16:25.180","cvss_score":8.1,"severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","description":"The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authenticated Arbitrary File Deletion in versions up to and including 23.6. This is due to a case-sensitive bypass of the wpfm_dir_path parameter sanitization in the wpfm_file_meta_update AJAX handler, where supplying WPFM_DIR_PATH in uppercase evades the unset check and is normalized to wpfm_dir_path by sanitize_key() during update_post_meta(), allowing an attacker to overwrite the stored file path with an arbitrary filesystem path that is then passed directly to unlink() in delete_file_locally() without any directory containment validation. This makes it possible for authenticated attackers with Subscriber-level access to delete arbitrary files on the server, including sensitive files such as wp-config.php, potentially leading to full site takeover.","references":["https://plugins.trac.wordpress.org/browser/nmedia-user-file-uploader/tags/23.6/inc/file.class.php#L729","https://plugins.trac.wordpress.org/browser/nmedia-user-file-uploader/tags/23.6/inc/files.php#L767","https://www.wordfence.com/threat-intel/vulnerabilities/id/506006ce-7b1c-4f9d-93f3-abc87abea2bb?source=cve"],"cwe_ids":["CWE-73"],"ai_impact":"An attacker with Subscriber-level access can delete arbitrary files on the server, including sensitive files like wp-config.php, potentially leading to full site takeover. Authentication is required, but the vulnerability can be exploited through the network.","ai_mitigation":"Update the Frontend File Manager Plugin to a version later than 23.6. If updating is not possible, consider removing the plugin or restricting access to authenticated users with higher privileges.","ai_exploitability":"poc_likely","ai_priority":"patch_soon","ai_tags":["web","auth","path-traversal","info-leak"],"ai_class":"web-app"},{"id":"CVE-2026-58056","published":"2026-06-28T02:16:32.860","modified":"2026-06-28T02:16:32.860","cvss_score":7.6,"severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L","description":"RustDesk gates incoming control messages on per-capability flags rather than on the session's authorized connection type, and a file-transfer session does not clear those flags. A peer holding only a valid FileTransfer authorization can inject keyboard and mouse input and reach the unguarded screenshot and display-capture handlers, acting outside its granted scope.","references":["https://github.com/bikini/exploitarium/tree/main/rustdesk-session-permission-pocs","https://www.vulncheck.com/advisories/rustdesk-filetransfer-session-authorization-scope-bypass"],"cwe_ids":["CWE-863"],"ai_impact":"An attacker with a valid FileTransfer authorization can inject keyboard and mouse input, and access unguarded screenshot and display-capture handlers, acting outside their granted scope. No additional authentication is required beyond the initial valid authorization.","ai_mitigation":"To mitigate this vulnerability, update to a patched version of RustDesk that properly gates incoming control messages on the session's authorized connection type. If a patch is not available, consider implementing additional access controls or monitoring for suspicious activity.","ai_exploitability":"poc_likely","ai_priority":"patch_soon","ai_tags":["rce","auth","info-leak"],"ai_class":"library"},{"id":"CVE-2026-6734","published":"2026-06-17T18:18:05.617","modified":"2026-06-27T23:49:02.097","cvss_score":7.5,"severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","description":"Impact:\nWhen using Socks5ProxyAgent, undici reuses a single connection pool across different origins without verifying that the pool's origin matches the requested origin. All requests are dispatched through the pool connected to the first origin, regardless of the intended destination.\n\nThis causes cross-origin request routing: credentials and request data intended for origin B are sent to origin A, responses from the wrong origin are trusted, and HTTPS requests may be silently downgraded to HTTP.\n\nImpacted users are applications that use Socks5ProxyAgent (directly or via setGlobalDispatcher) and make requests to more than one origin.\n\nThis was introduced in undici 7.23.0 via PR #4385 and affects all versions through 8.1.0.\n\nPatches:\nUpgrade to undici v7.26.0 or v8.2.0.\n\nWorkarounds:\nUse a separate Socks5ProxyAgent instance per origin, or avoid using Socks5ProxyAgent with multiple origins.","references":["https://cna.openjsf.org/security-advisories.html","https://github.com/nodejs/undici/security/advisories/GHSA-hm92-r4w5-c3mj"],"cwe_ids":["CWE-346"],"ai_impact":"An attacker can intercept and manipulate sensitive data, including credentials, due to cross-origin request routing, and potentially downgrade HTTPS requests to HTTP. No authentication is required as the vulnerability occurs at the network level.","ai_mitigation":"Upgrade to undici version 7.26.0 or 8.2.0 to fix the issue. Alternatively, use a separate Socks5ProxyAgent instance per origin or avoid using Socks5ProxyAgent with multiple origins as a workaround.","ai_exploitability":"poc_likely","ai_priority":"patch_soon","ai_tags":["network","info-leak","proxy"],"ai_class":"library"},{"id":"CVE-2026-50193","published":"2026-06-23T21:17:01.117","modified":"2026-06-27T21:05:59.680","cvss_score":7.5,"severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","description":"jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.13.0 until 2.14.0, a potential Denial-of-Service exists when attacker sends deeply nested JSON if (and only if) the service reads deeply nested (1000s of levels) JSON as JsonNode (ObjectMapper.readTree()) and writes out same (or modifided) node using JsonNode.toString(). This can consume significant amount of resources with concurrent relatively small requests (1000 nested arrays is 2kB). This vulnerability is fixed in 2.14.0.","references":["https://github.com/FasterXML/jackson-databind/commit/a1fa4ae4ecf5cee16da465985f135f3e81816f8c","https://github.com/FasterXML/jackson-databind/issues/3447","https://github.com/FasterXML/jackson-databind/security/advisories/GHSA-3wrr-7qpf-2prh"],"cwe_ids":["CWE-400"],"ai_impact":"An attacker can cause a Denial-of-Service by sending deeply nested JSON, consuming significant resources. No authentication is required and the service is network reachable.","ai_mitigation":"Upgrade jackson-databind to version 2.14.0 or later to fix the vulnerability. If upgrading is not possible, consider implementing rate limiting or input validation to mitigate the issue.","ai_exploitability":"poc_likely","ai_priority":"patch_soon","ai_tags":["dos","denial-of-service","json","jackson-databind"],"ai_class":"library"},{"id":"CVE-2026-55092","published":"2026-06-25T17:16:41.647","modified":"2026-06-27T20:45:23.603","cvss_score":7.5,"severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","description":"Trivy is a security scanner. Prior to 0.71.1, when Trivy downloads an OCI artifact, it uses the org.opencontainers.image.title annotation from the artifact manifest as the destination filename without validation. An attacker who can make Trivy fetch an attacker-controlled artifact can supply a crafted annotation that resolves to a path outside the intended destination, causing Trivy to write the layer content to an arbitrary location on the host filesystem. This vulnerability is fixed in 0.71.1.","references":["https://github.com/aquasecurity/trivy/security/advisories/GHSA-mcj4-mphf-j9ff"],"cwe_ids":["CWE-22"],"ai_impact":"An attacker can write to arbitrary locations on the host filesystem by supplying a crafted annotation, potentially leading to code execution or data tampering. No authentication is required, and the vulnerability is reachable over the network.","ai_mitigation":"Upgrade Trivy to version 0.71.1 or later to fix the vulnerability. If upgrading is not possible, consider implementing additional validation on the org.opencontainers.image.title annotation.","ai_exploitability":"poc_likely","ai_priority":"patch_soon","ai_tags":["path-traversal","container"],"ai_class":"library"}],"by_class":{"container":1,"web-app":2,"library":13,"network-stack":3,"os-kernel":1},"patch_now_ids":["CVE-2026-58053"]}