CVE-2026-61492: CWE-79 in JetBrains YouTrack
A stored cross-site scripting (XSS) vulnerability exists in JetBrains YouTrack before version 2026.2.17394. This vulnerability allows malicious script injection via article titles in digest emails…
Read the full articleYou might also wanna read
CVE-2026-48800 Bypass: Path Traversal Vulnerability Discovered in Notepad++ v8.9.6.1
## Vulnerability Summary **Product**: Notepad++ v8.9.6.1 (latest patched version) **Type**: CWE-42 (Path Traversal) / CWE-59 (Improper Link
Critical Cursor AI IDE Vulnerabilities Allow Remote Code Execution via Prompt Injection
Two Cursor vulnerabilities enable remote code execution outside the IDE sandbox via prompt injection and terminal command execution without
Critical Cursor AI IDE Vulnerabilities Allow Remote Code Execution via Prompt Injection
Two Cursor vulnerabilities enable remote code execution outside the IDE sandbox via prompt injection and terminal command execution without

CVE-2025-14773: Cross-Site Scripting Vulnerability in ABB T-MAC Plus (Version 4.0-24)
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-M

Understanding and mitigating the Jinja2 XSS vulnerability (CVE-2024-22195)
On January 11th, 2024, a significant security vulnerability was disclosed in Jinja2, a widely used Python templating library. Identified as

WAF - WAF Release - 2026-04-07
This week's release introduces new detections for a critical Remote Code Execution (RCE) vulnerability in MCP Server (CVE-2026-23744), along
Broadcom Discloses Three Stored XSS Vulnerabilities in VMware Cloud Foundation Operations
Broadcom has disclosed three stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation Operations and several rela
cybersecuritynews.com·1mo ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.