Skip to content
The Nexus
DossierENTITY

CVE-2026-4020

Coverage of CVE-2026-4020 in the Nexus archive.

Earliest in view: Jun 17 · 08:47 UTCMost recent: Jun 20 · 09:56 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 20 · 09:56 UTCTHE HACKER NEWS
    Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

    Hackers are exploiting a patched security flaw in the Gravity SMTP WordPress plugin, affecting approximately 100,000 sites. The vulnerability, CVE-2026-4020, is a medium-severity information disclosure flaw allowing unauthenticated attackers to extract sensitive data like API keys and OAuth tokens.

  • SECURITYJun 17 · 08:47 UTCHACKER NEWS
    Most of the CVE-2026-4020 attackers are the same client

    Most attackers exploiting CVE-2026-4020 originate from the same client, according to an analysis by HoneyLabs. The article is featured on HoneyLabs' blog and linked on Hacker News with no comments.