TrillionEye

Real-time, open-source intelligence on AI, cyber security, research and global tech — headlines from 15+ free sources, clustered and ranked.

• baidu/Unlimited-OCR is moving on Hugging Face Hugging Face · AI Trends · Jun 28, 2026
• GHSA-q6xx-5vr8-p898: Nezha vulnerable to cross-tenant terminal/file-manager session hijack via WebSocket stream UUID without ownership check GitHub Advisories · Cyber Intelligence · Jun 26, 2026
• GHSA-73cv-556c-w3g6 (CVE-2026-49257): mcp-pinot: Unauthenticated tool invocation via default oauth_enabled=False + host 0.0.0.0 bind GitHub Advisories · Cyber Intelligence · Jun 26, 2026
• GHSA-9v98-6g37-x9g6 (CVE-2026-49252): deepstream is vulnerable to prototype pollution GitHub Advisories · Cyber Intelligence · Jun 26, 2026
• GHSA-f6m5-xw2g-xc4x (CVE-2026-48769): Incus has an arbitrary file write on its client due to trusted image hash GitHub Advisories · Cyber Intelligence · Jun 26, 2026
• CVE-2026-56027: Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions. NVD · Cyber Intelligence · Jun 26, 2026
• CVE-2026-57878: An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-L NVD · Cyber Intelligence · Jun 26, 2026
• CVE-2026-56028: Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website Templates = NVD · Cyber Intelligence · Jun 26, 2026
• CVE-2026-56030: Unauthenticated Privilege Escalation in Paytium = 5.0.2 versions. NVD · Cyber Intelligence · Jun 26, 2026
• CVE-2026-56032: Subscriber PHP Object Injection in Buddyboss Platform = 3.0.4 versions. NVD · Cyber Intelligence · Jun 26, 2026
• CVE-2026-54820: Unauthenticated SQL Injection in JetBooking = 4.0.4.1 versions. NVD · Cyber Intelligence · Jun 26, 2026
• CVE-2026-56034: Unauthenticated SQL Injection in Library Management System = 3.5.7 versions. NVD · Cyber Intelligence · Jun 26, 2026
• GHSA-5c25-7vpj-9mqh (CVE-2026-53519): Nezha Monitoring: Pre-auth path traversal via /dashboard.. prefix confusion leaks jwt_secret_key GitHub Advisories · Cyber Intelligence · Jun 26, 2026
• GHSA-jv46-xfwm-36j7 (CVE-2026-49454): Relyra SAML SignatureValue not cryptographically verified - authentication bypass GitHub Advisories · Cyber Intelligence · Jun 26, 2026
• CVE-2025-55017: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache IoTDB. NVD · Cyber Intelligence · Jun 26, 2026
• Response to AI slop is from Robin Williams Hacker News · Global Tech Pulse · Jun 28, 2026
• GHSA-w466-c33r-3gjp (CVE-2026-55698): pnpm: Project env lockfile can short-circuit package-manager resolution and execute lockfile-selected pnpm bytes GitHub Advisories · Cyber Intelligence · Jun 26, 2026
• GHSA-hwx4-2j3j-g496 (CVE-2026-50016): pnpm: Transitive dependency alias path traversal allows project path override via symlink replacement GitHub Advisories · Cyber Intelligence · Jun 26, 2026
• GHSA-c6v2-3ffm-vcmc (CVE-2026-49258): Nebula Mesh: Web UI lacks ownership checks, enabling cross-operator access to hosts and networks (read, block, delete) GitHub Advisories · Cyber Intelligence · Jun 26, 2026
• CVE-2025-68052: Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking = 1.3.4.3 versions. NVD · Cyber Intelligence · Jun 26, 2026
• CVE-2026-56008: Contributor Privilege Escalation in Fusion Builder = 3.15.4 versions. NVD · Cyber Intelligence · Jun 26, 2026
• CVE-2026-56010: Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce = 10.4.0 versions. NVD · Cyber Intelligence · Jun 26, 2026
• llama.cpp b9829 released ggml-org/llama.cpp · AI Trends · Jun 28, 2026
• neovim Nvim development (prerelease) build released neovim/neovim · Future Systems · Jun 28, 2026
• CVE-2026-57877: An unauthenticated format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 an NVD · Cyber Intelligence · Jun 26, 2026
• CVE-2026-13325: A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true o NVD · Cyber Intelligence · Jun 26, 2026
• CVE-2026-56035: Unauthenticated Multiple Vulnerabilities in BitFire Security = 5.0.3 versions. NVD · Cyber Intelligence · Jun 26, 2026
• Ford hired AI and sacked humans. It backfired badly Hacker News · Global Tech Pulse · Jun 28, 2026
• Feds Killed Polestar and Spared Volvo. That Should Terrify You Hacker News · Global Tech Pulse · Jun 28, 2026
• CVE-2026-2053: The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does not sufficiently va NVD · Cyber Intelligence · Jun 26, 2026