CVE-2026-43646 - Apache Wicket: crafted URLs can bypass PackageResourceGuard
CVE ID :CVE-2026-43646 Published : May 6, 2026, 8:31 a.m. | 1 hour, 56 minutes ago Description :Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, from 9.0.0 through 9.22.0, from 10.0.0 throug
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware
- [CYBER] From Stuxnet to ChatGPT: 20 News Events That Shaped Cyber
- [CYBER] CyberSecurity Nightmares
- [CYBER] CloudZ RAT Exploits Microsoft Phone Link to Steal SMS OTPs
- [CYBER] Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE
- [CYBER] KuCoin pone en marcha el Mes de Concientización sobre el Phishing para reforzar la protección de los usuarios en el marco de las iniciativas globales de concientización en seguridad