📰 Cyber Feed Aggregator

⚔️ Exploit

Latest Exploit coverage curated from trusted cybersecurity sources.

• [remote] windows 10/11 - NTLM Hash Disclosure Spoofing
  Exploit-DB.com RSS Feed — Wed, 04 Feb 2026 00:00:00 +0000

  windows 10/11 - NTLM Hash Disclosure Spoofing

• [remote] Redis 8.0.2 - RCE
  Exploit-DB.com RSS Feed — Wed, 04 Feb 2026 00:00:00 +0000

  Redis 8.0.2 - RCE

• [webapps] OctoPrint 1.11.2 - File Upload
  Exploit-DB.com RSS Feed — Wed, 04 Feb 2026 00:00:00 +0000

  OctoPrint 1.11.2 - File Upload

• [remote] Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE
  Exploit-DB.com RSS Feed — Wed, 04 Feb 2026 00:00:00 +0000

  Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE

• [webapps] aiohttp 3.9.1 - directory traversal PoC
  Exploit-DB.com RSS Feed — Wed, 04 Feb 2026 00:00:00 +0000

  aiohttp 3.9.1 - directory traversal PoC

• Lighttpd 1.4.56 - 1.4.66 Resource Leak Denial of Service PoC
  Vulnerabilities! - Zero Science Lab — Friday, 23 Jan 2026 12:21:37 GMT

  CVE-2022-41556 is a resource exhaustion vulnerability in lighttpd 1.4.56 - 1.4.66 affecting gateway backends such as FastCGI. When handling an HTTP/1.1 request with chunked transfer encoding and request-body streaming enabled, lighttpd mishandles an anomalous client disconnect (RDHUP / half-closed TCP connection)...

• Logitech Streamlabs Desktop 1.19.6 (overlay) CPU Exhaustion
  Vulnerabilities! - Zero Science Lab — Thursday, 13 Nov 2025 15:59:33 GMT

  A vulnerability exists in Streamlabs Desktop where importing a crafted .overlay file can cause uncontrolled CPU consumption, leading to a denial-of-service condition. The .overlay file is an archive containing a config.json configuration. By inserting an excessively large string into the name attribute of a scene...

• Ilevia EVE X1/X5 Server 4.7.18.0.eden Authenticated Remote Command Injections
  Vulnerabilities! - Zero Science Lab — Thursday, 13 Nov 2025 15:59:33 GMT

  The EVE X1/X5 server suffers from multiple authenticated OS command injection vulnerabilities. This can be exploited to inject and execute arbitrary shell commands through multiple scripts affecting multiple parameters.

• Ilevia EVE X1/X5 Server 4.7.18.0.eden Root Privilege Escalation
  Vulnerabilities! - Zero Science Lab — Thursday, 06 Nov 2025 14:59:33 GMT

  A misconfiguration in the sudoers file permits passwordless execution of specific Bash shell scripts via sudo, exposing a critical privilege escalation vulnerability. When such scripts are writable by a web-facing user (www-data) or accessible through a command injection vector, an attacker can overwrite or replace...

• Ilevia EVE X1/X5 Server 4.7.18.0.eden Insecure Hashing Algorithm
  Vulnerabilities! - Zero Science Lab — Thursday, 06 Nov 2025 14:59:33 GMT

  The application stores user passwords in the database using the MD5 hashing algorithm, which is considered cryptographically insecure due to its vulnerability to collision and brute-force attacks. MD5 lacks modern protections such as salting and computational hardness, making it trivial for attackers to crack...

• Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability
  Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research — Mon, 03 Jul 2023 06:20:42 +0000
• Bundeswehr Generalmajor officially acknowledges Whitehat for Responsible Disclosure Activities
  Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research — Mon, 25 Oct 2021 08:51:55 +0000
• BMW Mail - Persistent Validation Vulnerability
  Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research — Tue, 19 Oct 2021 16:40:46 +0000
• Google Upgrades VRP Bug Bounty Platform
  Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research — Wed, 28 Jul 2021 08:28:31 +0000
• MSRC extends Bug Bounty Program for Microsoft Teams
  Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research — Tue, 06 Apr 2021 14:11:08 +0000