Posted by Milan Berger via Fulldisclosure on Apr 29

# Security Advisory: ESP-RFID-Tool v2 PRO

**Product:** ESP-RFID-Tool v2 PRO
**Vendor:** Raik Schneider (Einstein2150), foto-video-it.de
**Repository:** https://github.com/Einstein2150/ESP-RFID-Tool-v2
**Affected Version:** v2.2.1 (latest as of 2026-04-28)
**Severity:** CRITICAL
**Disclosure Type:** Full Public Disclosure
**Disclosure Date:** 2026-04-28
**Researcher:** Milan 't4c' Berger

---

## Disclosure Timeline

| Date | Event |...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29

*Update 2026-04-28:* The vendor contacted us and now provides a patched version v1.3.674 which can be obtained at the
following URL:

https://desktime.com/download

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29

SEC Consult Vulnerability Lab Security Advisory < 20260427-0 >
=======================================================================
title: Missing TLS Certificate Validation leading to RCE
product: DeskTime Time Tracking App
vulnerable version: 1.3.671
fixed version: -
CVE number: CVE-2025-10539
             impact: medium
homepage:https://desktime.com...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29

SEC Consult Vulnerability Lab Security Advisory < 20260423-0 >
=======================================================================
title: DLL Hijacking
product: EfficientLab Controlio (cloud-based employee monitoring service)
vulnerable version: <1.3.95
     fixed version: 1.3.95
        CVE number: CVE-2025-10549
            impact: High
homepage:https://controlio.net...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29

SEC Consult Vulnerability Lab Security Advisory < 20260421-0 >
=======================================================================
title: Broken Access Control in Config Endpoint
product: LiteLLM
vulnerable version: <=v1.83.0
      fixed version: v1.83.0-nightly
         CVE number: CVE-2026-35029
             impact: high
homepage:https://www.litellm.ai/
           ...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29

SEC Consult Vulnerability Lab Security Advisory < 20260415-0 >
=======================================================================
title: Exposed Private Key of X.509 Certificate
            product: SAP HANA Cockpit & SAP HANA Database Explorer
vulnerable version: HANA Cockpit <2.18.2 (HRTT <2.16.254002)
      fixed version: HANA Cockpit 2.18.2 (HRTT 2.16.254002)
         CVE number:...

Posted by Apple Product Security via Fulldisclosure on Apr 29

APPLE-SA-04-22-2026-2 iOS 18.7.8 and iPadOS 18.7.8

iOS 18.7.8 and iPadOS 18.7.8 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/en-us/127003.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Notification Services
Available for: iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all...

Posted by Apple Product Security via Fulldisclosure on Apr 29

APPLE-SA-04-22-2026-1 iOS 26.4.2 and iPadOS 26.4.2

iOS 26.4.2 and iPadOS 26.4.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/en-us/127002.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Notification Services
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and...

Posted by Nir Yehoshua on Apr 29

Hi Full Disclosure list,

I published a technical research article titled:

When Trusted Tools Become Attack Primitives

The article examines how trusted local utilities can become
security-relevant primitives when used inside automated processing
pipelines.

It covers two case studies:

1. macOS textutil resolving remote resources during HTML-to-text
conversion.
2. KeePassXC KDBX-controlled KDF parameters creating significant...

Posted by Egidio Romano on Apr 29

-----------------------------------------------------------------
SocialEngine <= 7.8.0 (get-memberall) SQL Injection Vulnerability
-----------------------------------------------------------------

[-] Software Link:

https://socialengine.com

[-] Affected Versions:

Versions 7.8.0, 7.7.0, and likely prior versions.

[-] Vulnerability Description:

User input passed through the "text" request parameter to the...

Posted by Egidio Romano on Apr 29

---------------------------------------------------------------------
SocialEngine <= 7.8.0 Blind Server-Side Request Forgery Vulnerability
---------------------------------------------------------------------

[-] Software Link:

https://socialengine.com

[-] Affected Versions:

Versions 7.8.0, 7.7.0, and likely prior versions.

[-] Vulnerability Description:

User input passed through the "uri" request parameter to the...

Posted by malvuln on Apr 29

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2026
Original source:
https://malvuln.com/advisory/8c15ec5f0137d097a345b693f0bffedb.txt
Malvuln Intelligence Feed: https://intel.malvuln.com/
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Trojan-Spy.Win32.Small
Vulnerability: Remote Command Execution
Description: The malware opens a listener on TCP port 65535, allowing
unauthenticated remote attackers with network access...

Posted by Artur Janicki via Fulldisclosure on Apr 29

[APOLOGIES FOR CROSS-POSTING]

CALL FOR PAPERS
15th International Workshop on Cyber Crime (IWCC 2026 -
https://www.ares-conference.eu/iwcc)
to be held in conjunction with the International Conference on Availability,
Reliability and Security (ARES 2026 - https://www.ares-conference.eu/) in
Linköping, Sweden, August 24-27, 2026

IMPORTANT DATES
Submission Deadline May 11, 2026
Author Notification May 29, 2026
Proceedings Version June...

Posted by SBA Research Security Advisory via Fulldisclosure on Apr 29

# GoAnywhere MFT Email HTML Injection #

Link: https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20251120-01_GoAnywhere_MFT_Email_HTML_Injection

## Vulnerability Overview ##

GoAnywhere MFT before 7.10.0 is affected by an HTML injection vulnerability
in its email templating functionality. If an attacker is able to influence
the content of a template variable, malicious HTML can be embedded into
outgoing emails generated by the...

Posted by Thomas Weber | CyberDanube via Fulldisclosure on Apr 14

CyberDanube Security Research 20260408-1
-------------------------------------------------------------------------------
title| Multiple Vulnerabilities
product| Siemens SICAM A8000 CP-8050/CP-8031/CP-8010/CP-8012
vulnerable version| <=V25.30
fixed version| V26.10
CVE number| CVE-2026-27664
impact| High
homepage| https://siemens.com/
found|...

Posted by Thomas Weber | CyberDanube via Fulldisclosure on Apr 14

CyberDanube Security Research 20260408-0
-------------------------------------------------------------------------------
title| Remote Operation Denial of Service
product| Siemens SICAM A8000 CP-8050/CP-8031/CP-8010/CP-8012
vulnerable version| <=V25.30
fixed version| V26.10
CVE number| CVE-2026-27663
impact| Medium
homepage| https://siemens.com/...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 14

SEC Consult Vulnerability Lab Security Advisory < 20260414-0 >
=======================================================================
title: Improper Enforcement of Locked Accounts in WebUI (SSO)
            product: Kiuwan SAST on-premise (KOP) & cloud/SaaS
 vulnerable version: <2.8.2509.4
      fixed version: 2.8.2509.4
         CVE number: CVE-2026-24069
             impact: medium...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02

SEC Consult Vulnerability Lab Security Advisory < 20260401-0 >
=======================================================================
title: Broken Access Control
            product: Open WebUI
 vulnerable version: <v0.8.11
      fixed version: v0.8.11
CVE number: CVE-2026-34222
             impact: high
homepage:https://openwebui.com
              found: 2026-02-06...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02

SEC Consult Vulnerability Lab Security Advisory < 20260326-0 >
=======================================================================
title: Local Privilege Escalation
product: Vienna Assistant (MacOS) - Vienna Symphonic Library
 vulnerable version: 1.2.542
fixed version: -
CVE number: CVE-2026-24068
             impact: high
homepage:https://www.vsl.co.at/
         ...

Posted by Joseph Goydish II via Fulldisclosure on Apr 02

SUMMARY

Apple's Oblivious HTTP relay for Live Caller ID Lookup (iOS 18+) routes
traffic through 14 third-party endpoints across six countries. These include
an anonymous Delaware LLC sharing data with OpenAI, a Russian endpoint
(Yandex), and a Swiss GmbH whose privacy policy names "The Legal Entity to
be Confirmed" as its data controller. None of this is disclosed to users.

This is shared infrastructure. All devices using Live...