CVE-2026-13238: CWE-863 Incorrect Authorization in Drupal Commerce Realex / Global Payments
Incorrect Authorization vulnerability in Drupal Commerce Realex / Global Payments allows Forceful Browsing. This issue affects Commerce Realex / Global Payments versions: from 0.0.0 to 3.0.2.
Read the full articleYou might also wanna read

WAF - WAF Release - 2025-10-23 - Emergency
This week highlights enhancements to detection signatures improving coverage for vulnerabilities in Adobe Commerce and Magento Open Source,

CVE-2026-11462: Improper Authorization Vulnerability in BeikeShop Stripe Plugin (Up to v1.6.0.22)
A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. This impacts the function callback of the file p

WAF - WAF Release - 2025-11-03
This week highlights enhancements to detection signatures improving coverage for vulnerabilities in Adobe Commerce and Magento Open Source,
Technical Analysis of CVE-2025-10035: A CVSS 10.0 Vulnerability in Fortra GoAnywhere MFT
File transfer used to be simple fun - fire up your favourite FTP client, log in to a glFTPd site, and you were done. Fast forward to 2025, a
labs.watchtowr.com·9mo ago
WAF - WAF Release - 2025-09-24 - Emergency
This week highlights a critical vendor-specific vulnerability: a deserialization flaw in the License Servlet of Fortra’s GoAnywhere MFT. By
Active exploitation begins for critical Oracle E-Business Suite vulnerability CVE-2026-46817
CVE-2026-46817 has a CVSS score of 9.8 and affects the File Transmissions component within the Payments product of Oracle E-Business Suite.

Comments
Sign in to join the conversation.
No comments yet. Be the first.