CYBERHAWK / CVE / CVE-2026-53674

CVE-2026-53674

HIGH CVSS 7.1 other

The flaw

BuddyPress 14.4.0 contains a regular expression injection vulnerability in the activity mention resolver that, when username compatibility mode is enabled, allows attackers to manipulate a REGEXP database clause by crafting mention names co

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-53674

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits