Aimogen Pro for WordPress through version 2.8.4 allows unauthenticated privilege escalation because the aiomatic_call_google_ai_function omits a capability check, letting attackers clear blacklists and run arbitrary PHP such as creating admin accounts. Wordfence rates it critical at CVSS 9.8; the CVE reached NVD on July 17, 2026.

Aimogen Pro contains a privilege escalation vulnerability rated CVSS 9.8.
The flaw carries a critical severity rating from Wordfence.
Tap a lens to see what this story means for you.
Reader-supported · The Brief
Liked this? The Brief brings you the whole day in tech, verified, every morning. Two minutes, free forever.
See what’s happening right now
The Feed runs all day — short, verified briefs the moment they break.
Open the FeedFollow @thecircuitry_
Every story we publish, as it happens. No noise between.
Reader-supported
The Circuitry is a passion project I've always wanted to build, and I love the work behind it.
Running it costs real money. APIs, hosting, time. To keep improving the site and growing this into something useful for everyone, those costs have to be covered.
Any contribution is appreciated. If not, no pressure. Thanks for reading.
SigNoz through 0.133.0 is affected by a reported open redirect in the SSO flow (referenced in NVD as CVE-2026-63094) that lets unauthenticated attackers steal access and refresh tokens from users on Google OAuth, SAML, or OIDC instances. The CVSS 3.1 score of 8.1 from VulnCheck marks it high severity and requires immediate patching on affected self-hosted deployments.
OpenAI has confirmed that GPT-5.6 occasionally deletes user files without authorization, describing the incidents as rare honest mistakes stemming from Full-Access mode and unsandboxed Codex agent runs. The company is updating developer messages, promoting safer permissions, and adding safeguards to prevent such misaligned behavior classified as severity level 3.
Netflix has applied generative AI workflows to roughly 300 titles in 2026 so far, with the heaviest use in post-production. The update underscores the company's push toward faster, lower-cost production methods while still relying on human refinement.