Security Intel Hub 23488+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

CVE-2026-6383: KubeVirt Unauthorized Subresource Access via RBAC Flaw

bugzilla.redhat.com · 2026-04-18

### Vulnerability Overview - **CVE ID**: CVE-2026-6383 - **Vulnerability Name**: KubeVirt: Unauthorized subresource access due to improper RBAC evaluation - **Reported Date**: 2026-04-15 18:08 UTC - *…

Huawei HarmonyOS April 2026 Security Bulletin (CVE-2026-34853, UAF, LBS Bypass)

consumer.huawei.com · 2026-04-18

# Huawei Security Bulletin Summary (April 2026) ## Vulnerability Overview Huawei released its monthly security update in April 2026, including patches for Huawei-owned components and third-party libra…

Huawei HarmonyOS 6.0.0 April 2026 Security Bulletin (CVE-2026-34850, Race Conditions, Stack Overflow)

consumer.huawei.com · 2026-04-18

# Huawei PC Security Bulletin Summary (April 2026) ## Vulnerability Overview Huawei released its monthly security update for April 2026, which includes both Huawei proprietary patches and third-party …

Huawei Smartwatch HarmonyOS April 2026 Security Bulletin (CVE Summary)

consumer.huawei.com · 2026-04-18

# Huawei Smartwatch Security Bulletin Summary (April 2026) ## Vulnerability Overview Huawei has released the April 2026 security update for smartwatches, including both internal Huawei patches and thi…

Ubiquiti UniFi Play Firmware Vulnerability Advisory (CVE-2026-22563 to 22566)

community.ui.com · 2026-04-18

# UniFi Security Advisory Bulletin 063 Vulnerability Summary ## Vulnerability Overview This bulletin addresses multiple security vulnerabilities in the firmware of UniFi Play devices, including path t…

dnsmasq CVE-2026-6507: Out-of-bounds write in DHCP BOOTREPLY causing DoS

bugzilla.redhat.com · 2026-04-18

# Bug 2459191 (CVE-2026-6507) - dnsmasq: Denial of Service due to out-of-bounds write in DHCP BOOTREPLY processing ## Vulnerability Overview In `dnsmasq` version 2.92, when using the `--dhcp-split-rel…

CWE-427 Uncontrolled Search Path Element Vulnerability Analysis and Mitigation

cwe.mitre.org · 2026-04-18

# CWE-427: Uncontrolled Search Path Element ## Vulnerability Overview This vulnerability refers to products that use fixed or controlled search paths to locate resources, but one or more locations wit…

Siemens SCALANCE/RUGGEDCOM Web Interface Privilege Escalation (CVE-2022-31765)

cert-portal.siemens.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Name**: SSA-552702: Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Products - **Release Date**: 2022-10-11 - **Last Upda…

Siemens SCALANCE W-700 Wi-Fi Multiple Vulnerabilities Security Advisory (CVE-2020/2021/2022/2023)

cert-portal.siemens.com · 2026-04-18

# Siemens Security Advisory: Multiple Vulnerabilities in SCALANCE W-700 IEEE 802.11n Devices ## Vulnerability Overview Siemens SCALANCE W-700 IEEE 802.11n series devices contain multiple security vuln…

Toshiba/Dynabook Bluetooth Driver Stack Buffer Overflow (CVE-2026-3553)

corporate.jp.sharp · 2026-04-18

# Toshiba/Dynabook Bluetooth Driver Security Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: Bluetooth ACPI Driver Stack Buffer Overflow Vulnerability * **Affected Drivers**:…

Chrome 147 Security Update: 31 Vulnerabilities Fixed (RCE/Heap Overflow)

chromereleases.googleblog.com · 2026-04-18

# Chrome Stable Channel Security Update Summary ## Vulnerability Overview This update fixes **31 security vulnerabilities**, including multiple Critical and High severity issues. The main types of pro…

Android MediaProvider Arbitrary File Read Vulnerability Analysis

download.mw-rmm.barracudamsp.com · 2026-04-18

# Vulnerability Overview This vulnerability exists in the `com.android.providers.media` application, specifically within the `MediaProvider` component. An attacker can construct a malicious `ContentPr…

PAC4J CSRF and LDAP Injection Vulnerabilities (CVE-2026-40458/40459) Advisory

cert.pl · 2026-04-18

# PAC4J Software Vulnerability Summary ## Vulnerability Overview CERT Polska disclosed two security vulnerabilities in the PAC4J software: 1. **Cross-Site Request Forgery (CSRF)** - **CVE ID**: CVE-20…

Siemens Industrial Edge Management Authentication Bypass (CVE-2026-33892)

cert-portal.siemens.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Name**: SSA-609469: Authorization Bypass Vulnerability in Industrial Edge Management - **Release Date**: 2026-04-14 - **Current Version**: V1.0 - **CVSS v3…

CVE-2026-30995 Slah CMS SQL Injection Vulnerability and POC

cve.joaopaulodeoliveira.dev · 2026-04-18

# CVE-2026-30995 - Slah Informática CMS SQL Injection Vulnerability Summary ## Vulnerability Overview - **Vulnerability Type**: SQL Injection - **CVE ID**: CVE-2026-30995 - **CVSS Score**: 9.3 Critica…

Slah CMS Sensitive Data Disclosure Vulnerability (CVE-2026-30994) Analysis and POC

cve.joaopaulodeoliveira.dev · 2026-04-18

# CVE-2026-30994 - Slah Informática CMS Sensitive Data Disclosure Vulnerability Summary ## Vulnerability Overview Slah CMS contains a high-severity sensitive information disclosure vulnerability. The …

Schneider Electric PowerChute Serial Shutdown Vulnerabilities Analysis (CVE-2026-2399/2404/2402)

download.schneider-electric.com · 2026-04-18

# Schneider Electric PowerChute Serial Shutdown Vulnerability Summary ## Overview Schneider Electric’s PowerChute™ Serial Shutdown product contains multiple security vulnerabilities. This product is U…

Chamilo Course Catalog Access Control Fix (Role-based Security)

github.com · 2026-04-18

### Vulnerability Overview - **Vulnerability Type**: Security Vulnerability - **Description**: This vulnerability involves adding `CourseRelUserStateProcessor` and improving course catalog filtering l…

CVE-2026-30996: SoftSul SAC-NFe Unauthenticated Path Traversal

cve.joaopaulodeoliveira.dev · 2026-04-18

# CVE-2026-30996 - SoftSul SAC-NFe Unauthorized Path Traversal Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: Unauthorized Path Traversal (Arbitrary File Read) * **CVE ID**:…

Siemens Analytics Toolkit Improper Certificate Validation (CVE-2025-40745)

cert-portal.siemens.com · 2026-04-18

# Siemens Security Advisory SSA-981622 Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: Improper Certificate Validation Vulnerability in Siemens Analytics Toolkit * **CVE ID**…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 23488+