ScanForge Security Digest 2614-01

ScanForge Security Digest 2614-01

200 items
55 critical82 high10 news

This week presented a moderate vulnerability landscape with 55 critical CVEs requiring attention, though no actively exploited vulnerabilities were tracked by CISA. Notable critical issues include OS command injection in CodeRider-Kilo, arbitrary file access vulnerabilities in Incus versions prior to 6.23.0, and code injection flaws in WordPress plugins Total Poll Lite and Woody ad snippets. Organizations should prioritize patching Incus deployments and reviewing CodeRider-Kilo whitelist configurations immediately. The broader threat environment remains elevated, with reports of Iranian cyber operations targeting hospitals and Russian APT groups deploying new iOS exploit kits, underscoring the need for heightened monitoring and incident response readiness.

Critical

55
9.9 Incus 2 CVEs
9.9 Improper Control of Generation of Code ('Code Injection') vu 3 CVEs
9.8 A SQL Injection vulnerability exists in SourceCodester Onlin 3 CVEs
9.8 SiYuan 2 CVEs
9.8 Deserialization of Untrusted Data vulnerability in ThemeREX 3 CVEs

High Severity

82
8.9 Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level CVE-2026-33765
8.9 nanobot is a personal AI assistant. Prior to version 0.1.6, an indirect prompt i CVE-2026-33654
8.9 MyTube is a self-hosted downloader and player for several video websites Prior t CVE-2026-33890
8.8 Ghidra versions prior to 12.0.3 improperly process annotation directives embedde CVE-2026-4946
8.8 In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11 devices, r CVE-2026-34005
8.8 OpenClaw 7 CVEs CVE-2026-32974, CVE-2026-32973, CVE-2026-33573, CVE-2026-32980 +3
8.8 A SQL Injection vulnerability exists in SourceCodester Onlin 3 CVEs CVE-2026-30531, CVE-2026-30529, CVE-2026-30534
8.8 Group-Office is an enterprise customer relationship management and groupware too CVE-2026-33755
8.8 Incus is a system container and virtual machine manager. Prior to version 6.23.0 CVE-2026-33898
8.8 vLLM is an inference and serving engine for large language models (LLMs). Starti CVE-2026-27893

+62 more products affected

Security News

10
Huskeys Emerges From Stealth With $8 Million in Funding SecurityWeek

The startup has built an edge security management (ESM) platform, an AI engine atop the entire edge security stack. The

Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit SecurityWeek

The state-sponsored group’s campaign has targeted government, higher education, financial, and legal entities, as well a

The State of Secrets Sprawl 2026: 9 Takeaways for CISOs The Hacker News

Secrets sprawl isn't slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian's St

European Commission Reports Cyber Intrusion and Data Theft SecurityWeek

The ShinyHunters hacker group claimed to have stolen over 350GB of information from European Commission cloud systems. T

Hacked Hospitals, Hidden Spyware: Iran Conflict Shows How Digital Fight Is Ingrained in Warfare SecurityWeek

Iran-linked hacking groups are turning to high-volume, low-impact cyberattacks, and AI is providing a boost. The post Ha

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now Bleeping Computer

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE

Telnyx Targeted in Growing TeamPCP Supply Chain Attack SecurityWeek

Two malicious versions of the popular SDK were uploaded to the PyPI registry, targeting Windows, macOS, and Linux. The p

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels The Hacker News

Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Win

Content aggregated from NIST/NVD, CISA, CERT/CC, and public security news sources. External articles are linked to their original source.