ex-aws-sns-signingcerturl-spoofing-cve-2026-47074
CVE-2026-47074: ex_aws_sns verify_message/1 fails to validate SigningCertURL, allowing unauthenticated SNS message signature spoofing; affects versions 2.0.1 to before 2.3.5.
CVE-2026-47074: ex_aws_sns verify_message/1 fails to validate SigningCertURL, allowing unauthenticated SNS message signature spoofing; affects versions 2.0.1 to before 2.3.5.
The amendment adds hantavirus to the notifiable diseases list in England, expanding reporting duties for organisations.
Creartia’s ICMS has a critical authorisation bypass (CVE-2026-4320) that could let attackers manipulate HTTP redirect headers to gain unauthorised admin access; patch, isolate and audit immediately.
Northern Ireland explosives precursors amendment and its implications for regulatory compliance under UK health and safety law.
CVE-2026-8719 in AI Engine 3.4.9 allows authenticated Subscriber+ users to escalate to Administrator via missing capability checks in the MCP OAuth bearer-token path; check versions, revoke tokens, patch or remove the plugin.
CVE-2026-45672: Open WebUI’s /api/v1/utils/code/execute allows arbitrary Python execution even when ENABLE_CODE_EXECUTION=false; fixed in 0.8.12.
CVE-2026-8532 is an XML integer overflow in Google Chrome prior to 148.0.7778.168 that can lead to arbitrary code execution inside the sandbox; reported ~2 hours ago, apply vendor updates and follow incident playbooks.
Donec ullamcorper nulla non metus auctor fringilla. Cras justo odio, dapibus ac facilisis in, egestas eget
Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.
Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.
Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.