New.

aakl@infosec.exchange

New.

Tenable has added three vulnerabilities to its threat advisories:

- Critical: CVE-2026-3432: Sim Studio AI - Unauthenticated OAuth Token Theft https://www.tenable.com/security/research/tra-2026-13

- Critical: CVE-2026-3431: Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion https://www.tenable.com/security/research/tra-2026-12

- Medium: CVE-2026-27167: Gradio - Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret https://www.tenable.com/security/research/tra-2026-11 @tenable #vulnerability #infosec