May 2026 – Page 4 – Yet Another News Aggregator Channel

PAC: Now why can’t everybody else in public sector do it like this? Parliament’s spending watchdog has held up a

May 3, 2026 Yanac

CVE-2026-5063 | webaways NEX-Forms Plugin up to 9.1.11 on WordPress POST Parameter submit_nex_form cross site scripting

A vulnerability identified as problematic has been detected in webaways NEX-Forms Plugin up to 9.1.11 on WordPress. The impacted element

Security Vulns

May 3, 2026 Yanac

CVE-2026-40561 | KAZUHO Starlet up to 0.31 on Perl Reverse Proxy Content-Length request smuggling (EUVD-2026-26806)

A vulnerability labeled as critical has been found in KAZUHO Starlet up to 0.31 on Perl. This affects an unknown

Security Vulns

May 3, 2026 Yanac

CVE-2026-5337 | Frontend File Manager Plugin up to 23.6 on WordPress Download Endpoint wpfm_download file_id authorization

A vulnerability marked as problematic has been reported in Frontend File Manager Plugin up to 23.6 on WordPress. This impacts

Security Vulns

May 3, 2026 Yanac

CVE-2026-42809 | Apache Polaris up to 1.4.0 Staged Table Creation information disclosure

A vulnerability described as problematic has been identified in Apache Polaris up to 1.4.0. Affected is an unknown function of

Security Vulns

May 3, 2026 Yanac

CVE-2026-42810 | Apache Polaris up to 1.4.0 Asterisk escape output

A vulnerability classified as critical has been found in Apache Polaris up to 1.4.0. Affected by this vulnerability is an

Security Vulns

May 3, 2026 Yanac

CVE-2026-42811 | Apache Polaris up to 1.4.0 improper authentication

A vulnerability classified as critical was found in Apache Polaris up to 1.4.0. Affected by this issue is some unknown

Security Vulns

May 3, 2026 Yanac

CVE-2026-42812 | Apache Polaris up to 1.4.0 access control

A vulnerability, which was classified as critical, has been found in Apache Polaris up to 1.4.0. This affects an unknown

Security Vulns

May 3, 2026 Yanac

CVE-2026-7705 | JD Cloud JDCOS 4.5.1.r4518 Service Interface /jdcap set_iptv_info vid command injection

A vulnerability, which was classified as critical, was found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function set_iptv_info

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

News

May 3, 2026 Yanac

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions

Month: May 2026

Job’s a good ‘un: Bank of England tech project wins watchdog praise

CVE-2026-5063 | webaways NEX-Forms Plugin up to 9.1.11 on WordPress POST Parameter submit_nex_form cross site scripting

CVE-2026-40561 | KAZUHO Starlet up to 0.31 on Perl Reverse Proxy Content-Length request smuggling (EUVD-2026-26806)

CVE-2026-5337 | Frontend File Manager Plugin up to 23.6 on WordPress Download Endpoint wpfm_download file_id authorization

CVE-2026-42809 | Apache Polaris up to 1.4.0 Staged Table Creation information disclosure

CVE-2026-42810 | Apache Polaris up to 1.4.0 Asterisk escape output

CVE-2026-42811 | Apache Polaris up to 1.4.0 improper authentication

CVE-2026-42812 | Apache Polaris up to 1.4.0 access control

CVE-2026-7705 | JD Cloud JDCOS 4.5.1.r4518 Service Interface /jdcap set_iptv_info vid command injection

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV