CVE-2026-22182 - Exploiting wpDiscuz’s Notification Flood Vulnerability (DoS) in WordPress
If you’re using the wpDiscuz plugin for WordPress (version before 7.6.47), your website could be at risk of a denial of service
CVE-2026-28697 - Remote Code Execution in Craft CMS via Twig SSTI and Malicious File Write
Craft CMS is a popular, flexible content management system used by designers and developers to build websites. In June 2026, a significant security flaw was
CVE-2025-66035 - XSRF Token Leak in Angular via Protocol-Relative URLs
A new critical vulnerability—CVE-2025-66035—has been found in Angular’s popular HttpClient, affecting versions prior to 19.2.16, 20.3.14, and 21.
CVE-2025-64149 - Exploiting CSRF in Jenkins Publish to Bitbucket Plugin to Steal Credentials
A new vulnerability has been discovered in the hugely popular Jenkins automation server. This bug, CVE-2025-64149, affects the _Publish to Bitbucket Plugin_ version .4 and
CVE-2025-58794 - CSRF Vulnerability in Notification for Telegram (Up to 3.4.6) – How Attackers Can Exploit Your Site
The security world has spotted a major flaw in the popular Notification for Telegram plugin, which affects versions up to 3.4.6. Tracked as
Episode
00:00:00
00:00:00