CVE-2026-0514 | SAP Business Connector cross site scripting
A vulnerability, which was classified as problematic, has been found in SAP Business Connector. This affects an unknown part. Performing
Read More
Security
03
CVE-2023-36331 | xmall 1.1 Query Parameter /member/orderList userId access control (Issue 100)
A vulnerability, which was classified as critical, was found in xmall 1.1. This vulnerability affects unknown code of the file
Read More
CVE-2026-22804 | Termix-SSH Termix up to 1.9.x File Manager FileViewer.tsx privileges management (GHSA-m3cv-5hgp-hv35)
A vulnerability has been found in Termix-SSH Termix up to 1.9.x and classified as critical. This issue affects some unknown
Read More
CVE-2026-22800 | THM-Health PILOS up to 4.9.x API Endpoint cross-site request forgery (GHSA-r24c-9p4j-rqw9)
A vulnerability was found in THM-Health PILOS up to 4.9.x and classified as problematic. Impacted is an unknown function of
Read More
CVE-2026-0493 | SAP Fiori App up to UIS4H 109 cross-site request forgery
A vulnerability was found in SAP Fiori App up to UIS4H 109. It has been classified as problematic. The affected
Read More
CVE-2025-14001 | WP Duplicate Page Plugin up to 1.8 on WordPress Post authorization
A vulnerability was found in WP Duplicate Page Plugin up to 1.8 on WordPress. It has been declared as problematic.
Read More
CVE-2025-14507 | EventPrime Plugin up to 4.2.7.0 on WordPress REST API information disclosure
A vulnerability was found in EventPrime Plugin up to 4.2.7.0 on WordPress. It has been rated as problematic. This affects
Read More
CVE-2026-0684 | CP Image Store with Slideshow Plugin up to 1.1.9 on WordPress XML File Parser cpis_admin_init authorization
A vulnerability categorized as problematic has been discovered in CP Image Store with Slideshow Plugin up to 1.1.9 on WordPress.
Read More
CVE-2026-0775 | npm CLI permission
A vulnerability identified as critical has been detected in npm CLI. Affected is an unknown function. The manipulation leads to
Read More
CastleLoader: A Deep Dive into Stealthy Loader Targeting Government Sector
ANY.RUN’s team conducted an extensive malware analysis of CastleLoader, the first link in the chain of attacks impacting various industries, including government agencies and critical infrastructures. It’s a unique walkthrough of its entire execution path, from a packaged
Read More