CVE Alert: CVE-2025-26998
Vulnerability Summary: CVE-2025-26998 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks – Gutenberg...
OSINT
CVE Alert: CVE-2025-27008
Vulnerability Summary: CVE-2025-27008 Missing Authorization vulnerability in NotFound Unlimited Timeline allows Accessing Functionality Not Properly Constrained by ACLs. This issue...
CVE Alert: CVE-2025-26996
Vulnerability Summary: CVE-2025-26996 Improper Control of Generation of Code ('Code Injection') vulnerability in Fetch Designs Sign-up Sheets allows Code Injection....
Wappalyzer-Next – Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies
This project is a command line tool and python library that uses Wappalyzer extension (and its fingerprints) to detect technologies....
Telegram-Checker – A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames
Enhanced version of bellingcat's Telegram Phone Checker! A Python script to check Telegram accounts using phone numbers or username. ✨...
Cobalt Strike Beacon Detected – 23[.]95[.]230[.]147:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 123[.]249[.]34[.]118:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]92[.]108[.]229:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-27719
Vulnerability Summary: CVE-2025-27719 Unauthenticated attackers can query an API endpoint and get device details. Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2025-27927
Vulnerability Summary: CVE-2025-27927 An unauthenticated attackers can obtain a list of smart devices by knowing a valid username through an...
CVE Alert: CVE-2025-30982
Vulnerability Summary: CVE-2025-30982 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zookatron MyBookProgress by Stormhill Media...
CVE Alert: CVE-2025-27929
Vulnerability Summary: CVE-2025-27929 Unauthenticated attackers can retrieve full list of users associated with arbitrary accounts. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-30970
Vulnerability Summary: CVE-2025-30970 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Easy Contact allows Reflected...
CVE Alert: CVE-2025-30966
Vulnerability Summary: CVE-2025-30966 Path Traversal vulnerability in NotFound WPJobBoard allows Path Traversal. This issue affects WPJobBoard: from n/a through n/a....
CVE Alert: CVE-2025-30257
Vulnerability Summary: CVE-2025-30257 Unauthenticated attackers can retrieve serial number of smart meters associated to a specific user account. Affected Endpoints:...
CVE Alert: CVE-2025-30510
Vulnerability Summary: CVE-2025-30510 An attacker can upload an arbitrary file instead of a plant image. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-30512
Vulnerability Summary: CVE-2025-30512 Unauthenticated attackers can send configuration settings to device and possible perform physical actions remotely (e.g., on/off). Affected...
CVE Alert: CVE-2025-30967
Vulnerability Summary: CVE-2025-30967 Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard allows Upload a Web Shell to a Web Server....
CVE Alert: CVE-2025-31950
Vulnerability Summary: CVE-2025-31950 An unauthenticated attacker can obtain EV charger energy consumption information of other users. Affected Endpoints: No affected...
CVE Alert: CVE-2025-31654
Vulnerability Summary: CVE-2025-31654 An attacker can get information about the groups of the smart home devices for arbitrary users (i.e.,...
CVE Alert: CVE-2025-31945
Vulnerability Summary: CVE-2025-31945 An unauthenticated attacker can obtain other users' charger information. Affected Endpoints: No affected endpoints listed. Published Date:...
CVE Alert: CVE-2025-31147
Vulnerability Summary: CVE-2025-31147 Unauthenticated attackers can query information about total energy consumed by EV chargers of arbitrary users. Affected Endpoints:...
CVE Alert: CVE-2025-31360
Vulnerability Summary: CVE-2025-31360 Unauthenticated attackers can trigger device actions associated with specific "scenes" of arbitrary users. Affected Endpoints: No affected...
CVE Alert: CVE-2025-32388
Vulnerability Summary: CVE-2025-32388 SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.20.6 ,...
