Lightnews — Scholar-powered news

EUVD Bot

@euvd-bot.bsky.social

🛡️ Unofficial bot posting new entries from the EU Vulnerability Database (EUVD).

🔔 Stay updated on the latest security vulnerabilities.
🤖 Automated • Not affiliated with ENISA or the EU

Maintainer: https://bsky.app/profile/moltenbit.bsky.social

Posts Replies Media Videos

Pinned

EUVD Bot @euvd-bot.bsky.social · 10d

📊 EUVD Monthly CVSS
🟡 Avg: 6.71/10 (Medium)
📈 1334 vulns | Min: 1.0 Max: 10.0
📅 2025-12-19 - 2026-01-17
#cybersecurity #infosec #cvss #euvd

EUVD Bot

@euvd-bot.bsky.social

📊 EUVD Daily CVSS
🟠 Avg: 7.62/10 (High)
📈 66 vulns | Min: 3.7 Max: 10.0
📅 2026-01-27
#cybersecurity #infosec #cvss #euvd

January 28, 2026 at 5:00 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4740
📊 5.9/10
🏢 gmrtd

📝 gmrtd is a Go library for reading Machine Readable Travel Documents (MRTDs). Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to ...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4740

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:46 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4739
📊 8.1/10
🏢 C4illin

📝 ConvertXis a self-hosted online file converter. In versions prior to 0.17.0, the `POST /delete` endpoint uses a user-controlled `filename` value to construc...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4739

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:46 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4738
📊 8.8/10
🏢 pytorch

📝 PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attac...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4738

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:46 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4737
📊 6.5/10
🏢 Google

📝 Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a craft...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4737

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:46 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-3974
📊 8.8/10
🏢 designthemes

📝 Deserialization of Untrusted Data vulnerability in designthemes Vivagh vivagh allows Object Injection.This issue affects Vivagh: from n/a through <= 2.4.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-3974

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:46 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-3975
📊 5.8/10
🏢 cjjparadoxmax

📝 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cjjparadoxmax Synergy Project Manager synergy-pr...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-3975

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:46 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4736
📊 6.9/10
🏢 akuity

📝 Kargo manages and automates the promotion of software artifacts. Prior to versions 1.8.7, 1.7.7, and 1.6.3, a bug was found with authentication checks on the...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4736

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:45 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-3979
📊 6.5/10
🏢 vrpr

📝 Missing Authorization vulnerability in vrpr WDV One Page Docs wdv-one-page-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This is...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-3979

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:45 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-3967
📊 7.1/10
🏢 shoutoutglobal

📝 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shoutoutglobal ShoutOut shoutout allows Reflect...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-3967

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:45 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-3961
📊 7.1/10
🏢 Arevico

📝 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arevico WP Simple Redirect wp-simple-redirect allows R...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-3961

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:45 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4006
📊 7.1/10
🏢 Remi Corson

📝 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Remi Corson Easy Theme Options easy-theme-options ...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4006

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:44 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4735
📊 6.9/10
🏢 Hisense TransTech

📝 A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function Page_Load of the file YZSoft/Forms...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4735

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:44 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2025-206381
📊 9.3/10
🏢 Juniper Networks

📝 An Authentication Bypass Using an
Alternate Path or Channel vulnerability in Juniper Networks Session Smart
Router may allows a network-based a...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-206381

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:44 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4734
📊 8.6/10
🏢 D-Link

📝 A vulnerability was detected in D-Link DIR-615 up to 4.10. This impacts an unknown function of the file /wiz_policy_3_machine.php of the component Web Manage...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4734

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:44 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4733
📊 7.2/10
🏢 mintplex-labs

📝 AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.10.0, a...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4733

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:44 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4732
📊 8.7/10
🏢 mintplex-labs

📝 AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. If AnythingLLM prior to ve...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4732

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:44 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2025-206380
📊 8.9/10
🏢 Western Digital

📝 DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-206380

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:42 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4731
📊 7.8/10
🏢 yoyofr

📝 Integer Overflow or Wraparound vulnerability in yoyofr modizer.This issue affects modizer: before 4.1.1.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4731

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:42 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4730
📊 10.0/10
🏢 pilgrimage233

📝 Improper Control of Generation of Code ('Code Injection') vulnerability in pilgrimage233 Minecraft-Rcon-Manage.This issue affects Minecraft-Rcon-Mana...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4730

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:42 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4728
📊 3.7/10
🏢 ixray-team

📝 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4728

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:42 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4729
📊 n/a
🏢 sigstore

📝 sigstore-python is a Python tool for generating and verifying Sigstore signatures. Prior to version 4.2.0, the sigstore-python OAuth authentication flow is su...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4729

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:42 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4727
📊 9.8/10
🏢 ixray-team

📝 Out-of-bounds Write vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4727

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:42 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4726
📊 7.5/10
🏢 ixray-team

📝 Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4726

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:42 PM

EUVD Bot

@euvd-bot.bsky.social

🚨 EUVD-2026-4725
📊 7.8/10
🏢 sebastianbergmann

📝 PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 invo...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-4725

#cybersecurity #infosec #cve #euvd

January 27, 2026 at 10:42 PM

Add to Home Screen

Light up
your news

Add to Home Screen

Light upyour news

Sign in to Lightnews

Sign up to start reading

Connect Bluesky

Connect with Bluesky

Light up
your news