Cross-site Scripting is a attack_type tracked across 50 threat clusters and 59 intelligence report mentions on ThreatCluster. First observed October 27, 2025; most recent activity July 11, 2026.
CVE-2026-55879 is a critical vulnerability affecting OpenReplay versions 1.24.0 to 1.25.0, allowing unauthenticated attackers to execute stored XSS in the dashboard. The flaw arises from the OpenReplay tracking SDK's…
A study by security startup Tenzai revealed that popular vibe coding platforms produce insecure code, including critical vulnerabilities, when responding to common programming prompts. The assessment, conducted in…
Multiple high and critical vulnerabilities have been identified in Splunk Enterprise, allowing attackers to execute malicious scripts and exfiltrate sensitive data. The most severe vulnerability, CVE-2026-20253, has a…
Multiple vulnerabilities have been identified in the SPIP website engine affecting Ubuntu 16.04 LTS and its derivatives. These vulnerabilities include cross site scripting (CVE-2022-28959), PHP injection…
CISA has identified a high-severity vulnerability in Ivanti Endpoint Manager (EPM), tracked as CVE-2026-1603, which is currently being exploited in attacks. The flaw allows remote threat actors to bypass authentication…
A critical SQL injection vulnerability, tracked as CVE-2026-2313, has been discovered in the Ally WordPress plugin, which is used on over 400,000 sites. This flaw allows unauthenticated attackers to inject SQL commands…
On March 10, 2026, SAP released 15 security notes, including two critical vulnerabilities that could allow remote code execution and system compromise. Administrators are urged to apply the patches promptly to protect…
Microsoft Office Excel has multiple vulnerabilities that allow unauthorized attackers to execute code locally. These include an out-of-bounds read, use after free, untrusted pointer dereference, heap-based buffer…
Roundcube Webmail has been found vulnerable due to eight security flaws, four of which are rated high severity (CVE-2026-48842, CVE-2026-48843, CVE-2026-48844, CVE-2026-48848). Attackers can exploit these…
Recent vulnerabilities in the ESAPI library have been identified, impacting several versions of Ubuntu, including 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS. The vulnerabilities include a control-flow…