CVE-2026-58122: Use of Less Trusted Source in nesquena hermes-webui
Hermes WebUI versions prior to 0.51.307 contain an authentication bypass vulnerability that allows unauthenticated remote attackers to bypass local-origin IP restrictions by spoofing the…
Read the full articleYou might also wanna read
Critical Authentication Bypass Vulnerability Discovered in cPanel & WHM (CVE-2026-41940)
Hello! Yes, it's all a disaster again! Let's get this party started: 0:00 /0:12 1× No comments today, so imagine this: * We wrote something
watchTowr Labs·2mo ago
WAF - WAF Release - 2026-04-30 - Emergency
This emergency release introduces a new rule to block a cPanel & WHM Authentication Bypass related to CVE-2026-41940. Key Findings CVE-2026-
CVE-2026-48800 Bypass: Path Traversal Vulnerability Discovered in Notepad++ v8.9.6.1
## Vulnerability Summary **Product**: Notepad++ v8.9.6.1 (latest patched version) **Type**: CWE-42 (Path Traversal) / CWE-59 (Improper Link
CVE-2026-48710 (BadHost): Critical Starlette Host-Header Auth Bypass Vulnerability Affects FastAPI and Python ASGI Applications
Scan your Starlette or FastAPI server for CVE-2026-48710 (BadHost): a critical auth bypass via Host header injection affecting MCP servers,

WAF - WAF Release - 2025-11-24
This week highlights enhancements to detection signatures improving coverage for vulnerabilities in FortiWeb, linked to CVE-2025-64446, alon

CVE-2026-56073: Authentication Bypass Vulnerability in Cap-go OTP Verification
Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verificatio

Comments
Sign in to join the conversation.
No comments yet. Be the first.