ScanForge Security Digest 2622-03

May 31, 2026200 items

63 critical61 high10 news

This week's security digest includes 0 actively exploited vulnerabilities (CISA KEV), 63 critical CVEs, and 61 high-severity CVEs. Review the details below and prioritize patching for any affected systems.

Critical

10.0 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in the Publish CVE-2026-8054

10.0 sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core CVE-2021-41556

9.9 OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses CVE-2026-45102

9.9 An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserv CVE-2018-11091

9.8 In the Linux kernel, the following vulnerability 13 CVEs

CVE-2026-46195, CVE-2026-46137, CVE-2026-46135, CVE-2026-46115, CVE-2026-46039 +8 more

9.8 Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port CVE-2026-8364

9.8 A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL CVE-2026-8363

9.8 A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long UR CVE-2026-8362

9.8 There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthenticated Remote Database CVE-2026-9642

9.8 IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an unauthenticated remote a CVE-2026-3660

9.8 The password and username reset features created plain http links for https connections if the "Forc CVE-2026-48902

9.8 Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the CVE-2026-45185

High Severity

8.8 Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticate CVE-2018-25425

8.8 Gate Pass Management System 2.1 contains an SQL injection vulnerability that all CVE-2018-25424

8.8 MOGG web simulator Script contains an SQL injection vulnerability that allows un CVE-2018-25422

8.8 AiOPMSD Final 1.0.0 8 CVEs CVE-2018-25420, CVE-2018-25419, CVE-2018-25418, CVE-2018-25417 +4

8.8 MGB OpenSource Guestbook 0.7.0.2 contains an SQL injection vulnerability that al CVE-2018-25411

8.8 eNdonesia Portal 8.7 3 CVEs CVE-2018-25407, CVE-2018-25406, CVE-2018-25405

8.8 The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for W CVE-2026-7465

8.8 In the Linux kernel, the following vulnerability 12 CVEs CVE-2026-46238, CVE-2026-46212, CVE-2026-46198, CVE-2026-46174 +8

8.8 BentoML 2 CVEs CVE-2026-44346, CVE-2026-44345

8.8 LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and CVE-2026-44988

+26 more products affected

Security News

Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices The Hacker News

Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computer

Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks Bleeping Computer

Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked

Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say SecurityWeek

Moscow’s agents are building fake companies, recruiting middlemen and deploying cyber spies and hackers who gather infor

Exploit Code Published for Critical Flowise RCE Vulnerability SecurityWeek

The one-click vulnerability allows attackers to execute arbitrary code on self-hosted Flowise servers by tricking users

New CIFSwitch Linux flaw gives root on multiple distributions Bleeping Computer

A newly discovered local privilege escalation vulnerability dubbed 'CIFSwitch' in the Linux kernel could allow attackers

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation The Hacker News

Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access

Friday Squid Blogging: Another Squid Schneier on Security

Someone named “Squid” seems to be a “West Country legend.” As usual, you can also use this squid

Name That Toon: Mark of (Cybersecurity) Progress Dark Reading

As part of Dark Reading's 20th anniversary package, we asked readers for a cybersecurity-related caption that captures t

Exploits & Threats

[remote] Notepad++ 8.9.6 - Arbitrary Code Execution

[webapps] YAMCS yamcs-core 5.12.7 - LDAP Injection

[webapps] YAMCS yamcs-core 5.12.7 - No Rate Limiting

[webapps] YAMCS yamcs-core 5.12.7 - User Enumeration

[webapps] Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution