โŒ

Normal view

CyberDanube Security Research 20260408-1 | Multiple Vulnerabilities in Siemens SICAM A8000

14 April 2026 at 19:07

Posted by Thomas Weber | CyberDanube via Fulldisclosure on Apr 14

CyberDanube Security Research 20260408-1
-------------------------------------------------------------------------------
title| Multiple Vulnerabilities
product| Siemens SICAM A8000 CP-8050/CP-8031/CP-8010/CP-8012
vulnerable version| <=V25.30
fixed version| V26.10
CVE number| CVE-2026-27664
impact| High
homepage| https://siemens.com/
found|...

CyberDanube Security Research 20260408-0 | Remote Operation Denial of Service in Siemens SICAM A8000

14 April 2026 at 19:07

Posted by Thomas Weber | CyberDanube via Fulldisclosure on Apr 14

CyberDanube Security Research 20260408-0
-------------------------------------------------------------------------------
title| Remote Operation Denial of Service
product| Siemens SICAM A8000 CP-8050/CP-8031/CP-8010/CP-8012
vulnerable version| <=V25.30
fixed version| V26.10
CVE number| CVE-2026-27663
impact| Medium
homepage| https://siemens.com/...

SEC Consult SA-20260414-0 :: Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS

14 April 2026 at 19:07

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 14

SEC Consult Vulnerability Lab Security Advisory < 20260414-0 >
=======================================================================
title: Improper Enforcement of Locked Accounts in WebUI (SSO)
ย  ย  ย  ย  ย  ย  product: Kiuwan SAST on-premise (KOP) & cloud/SaaS
ย vulnerable version: <2.8.2509.4
ย  ย  ย  fixed version: 2.8.2509.4
ย  ย  ย  ย  ย CVE number: CVE-2026-24069
ย  ย  ย  ย  ย  ย  ย impact: medium...

SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI

3 April 2026 at 05:55

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02

SEC Consult Vulnerability Lab Security Advisory < 20260401-0 >
=======================================================================
title: Broken Access Control
ย  ย  ย  ย  ย  ย  product: Open WebUI
ย vulnerable version: <v0.8.11
ย  ย  ย  fixed version: v0.8.11
CVE number: CVE-2026-34222
ย  ย  ย  ย  ย  ย  ย impact: high
homepage:https://openwebui.com
ย  ย  ย  ย  ย  ย  ย  found: 2026-02-06...

SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library

3 April 2026 at 05:55

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02

SEC Consult Vulnerability Lab Security Advisory < 20260326-0 >
=======================================================================
title: Local Privilege Escalation
product: Vienna Assistant (MacOS) - Vienna Symphonic Library
ย vulnerable version: 1.2.542
fixed version: -
CVE number: CVE-2026-24068
ย  ย  ย  ย  ย  ย  ย impact: high
homepage:https://www.vsl.co.at/
ย  ย  ย  ย  ย ...

Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility

3 April 2026 at 05:54

Posted by Joseph Goydish II via Fulldisclosure on Apr 02

SUMMARY

Apple's Oblivious HTTP relay for Live Caller ID Lookup (iOS 18+) routes
traffic through 14 third-party endpoints across six countries. These include
an anonymous Delaware LLC sharing data with OpenAI, a Russian endpoint
(Yandex), and a Swiss GmbH whose privacy policy names "The Legal Entity to
be Confirmed" as its data controller. None of this is disclosed to users.

This is shared infrastructure. All devices using Live...

[KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability

3 April 2026 at 05:53

Posted by Egidio Romano on Apr 02

---------------------------------------------------------------------------
MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability
---------------------------------------------------------------------------

[-] Software Link:

https://www.metinfo.cn

[-] Affected Versions:

Versions 7.9, 8.0, and 8.1.

[-] Vulnerability Description:

The vulnerable code is located into the...

[CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability

3 April 2026 at 05:52

Posted by cyber security on Apr 02

A vulnerability was identified in OWASP CRS where whitespace padding
in filenames can bypass file upload extension checks, allowing uploads
of dangerous files such as .php, .phar, .jsp, and .jspx. This issue
has been assigned CVEโ€‘2026โ€‘33691.

Impact: Attackers may evade CRS protections and upload web shells
disguised with whitespaceโ€‘padded extensions. Exploitation is most
practical on Windows backends that normalize whitespace in filenames...

APPLE-SA-03-24-2026-10 Xcode 26.4

29 March 2026 at 05:11

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-10 Xcode 26.4

Xcode 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126801.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

otool
Available for: macOS Tahoe 26.2 and later
Impact: An app may be able to cause unexpected system termination
Description: An...

APPLE-SA-03-24-2026-9 Safari 26.4

29 March 2026 at 05:11

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-9 Safari 26.4

Safari 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126800.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

WebKit
Available for: macOS Sonoma and macOS Sequoia
Impact: Processing maliciously crafted web content may prevent Content
Security...

APPLE-SA-03-24-2026-8 visionOS 26.4

29 March 2026 at 05:11

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-8 visionOS 26.4

visionOS 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126799.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: Apple Vision Pro (all models)
Impact: An attacker in a privileged network position may be able to
intercept...

APPLE-SA-03-24-2026-7 watchOS 26.4

29 March 2026 at 05:11

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-7 watchOS 26.4

watchOS 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126798.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: Apple Watch Series 6 and later
Impact: An attacker in a privileged network position may be able to
intercept...

APPLE-SA-03-24-2026-6 tvOS 26.4

29 March 2026 at 05:11

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-6 tvOS 26.4

tvOS 26.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126797.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: An attacker in a privileged network position may be able to
intercept...

APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5

29 March 2026 at 05:11

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5

macOS Sonoma 14.8.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126796.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: macOS Sonoma
Impact: An attacker in a privileged network position may be able to
intercept network...

APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5

29 March 2026 at 05:10

Posted by Apple Product Security via Fulldisclosure on Mar 28

APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5

macOS Sequoia 15.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126795.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: macOS Sequoia
Impact: An attacker in a privileged network position may be able to
intercept...

JSON Deserialiser Unconstrained Resource Consumption Quick Overview

12 March 2026 at 23:02

Posted by Daniel Owens via Fulldisclosure on Mar 12

As previously mentioned, via "Struts2 and Related Framework Array/Collection DoS" (26 October 2025), hundreds of
JavaScript object notation (JSON) libraries are vulnerable to unconstrained resource consumption through large JSON
arrays, which, when deserialised, create arbitrarily large collections/arrays/data structures. This work looks
specifically at the Apache Struts2 JSON Plugin, using it as an example for why this...

Defense in depth -- the Microsoft way (part 96): yet another SAFER (SRPv1) and AppLocker (SRPv2) loophole

12 March 2026 at 23:00

Posted by Stefan Kanthak via Fulldisclosure on Mar 12

Hi @ll,

about 2 months ago I posted
<https://seclists.org/fulldisclosure/2025/Dec/29>
"Defense in depth -- the Microsoft way (part 94):
SAFER (SRPv1 and AppLocker alias SRPv2) bypass for dummies"

Here's the continuation...

About 23 years ago, 64-bit Windows introduced the WoW64 subsystem, which
performs a transpatent redirection of file system and registry accesses
for 32-bit applications.
To allow consistent appearance...

Alipay DeepLink+JSBridge Attack Chain: Silent GPS Exfiltration, 17 Vulns, 6 CVEs (CVSS 9.3)

12 March 2026 at 22:59

Posted by Feng Ning via Fulldisclosure on Mar 12

Subject: Alipay DeepLink+JSBridge Attack Chain: Silent GPS Exfiltration, 17 Vulns, 6 CVEs (CVSS 9.3)

# Alipay DeepLink + JSBridge Attack Chain
# Silent GPS Exfiltration via Crafted URL

## Overview

Researcher: Jiqiang Feng / Innora AI Security Research
Vendor: Ant Group (่š‚่š้›†ๅ›ข) / Alibaba Group
Product: Alipay (ๆ”ฏไป˜ๅฎ) v10.x (Android & iOS)
Users Affected: 1 billion+
CVEs: 6 submitted to MITRE CNA-LR (2026-03-12)
CVSS: 7.4โ€“9.3...

Cohesity TranZman Migration Appliance - 5 CVEs (command injection, LPE, unsigned patches, weak crypto)

12 March 2026 at 22:58

Posted by GregD via Fulldisclosure on Mar 12

Hi,

I'm disclosing five vulnerabilities discovered during an authorised
security assessment of the Cohesity TranZman Migration Appliance
(formerly Stone Ram TranZman), Release 4.0 Build 14614.

CVE-2025-67840 - Web API Command Injection (CVSS 7.2 High)
The /api/v1/scheduler/run and /api/v1/actions/run endpoints allow
authenticated administrators to execute arbitrary commands as root by
injecting into POST request parameters. Input is...

APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7

12 March 2026 at 22:57

Posted by Apple Product Security via Fulldisclosure on Mar 12

APPLE-SA-03-11-2026-2 iOS 15.8.7 and iPadOS 15.8.7

iOS 15.8.7 and iPadOS 15.8.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126632.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Kernel
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE
(1st generation), iPad...
โŒ