| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-0538 | 7.8 | 0.01% | 1 | 0 | 2026-02-06T17:49:06.210000 | A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force | |
| CVE-2025-70073 | 9.8 | 0.06% | 2 | 0 | 2026-02-06T17:16:18.283000 | An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute a | |
| CVE-2026-24423 | 9.8 | 18.23% | 14 | 1 | 2026-02-06T16:45:15.323000 | SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated | |
| CVE-2026-0661 | 7.8 | 0.01% | 1 | 0 | 2026-02-06T16:26:55.207000 | A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force | |
| CVE-2025-69906 | 8.8 | 0.05% | 2 | 1 | 2026-02-06T16:16:14.713000 | Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files | |
| CVE-2025-69619 | 7.5 | 0.02% | 2 | 0 | 2026-02-06T16:16:14.533000 | A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of | |
| CVE-2025-13523 | 7.7 | 0.00% | 2 | 0 | 2026-02-06T16:16:13.370000 | Mattermost Confluence plugin version <1.7.0 fails to properly escape user-contro | |
| CVE-2026-21643 | 9.8 | 0.13% | 4 | 1 | 2026-02-06T15:14:47.703000 | An improper neutralization of special elements used in an sql command ('sql inje | |
| CVE-2025-15566 | 8.8 | 0.03% | 4 | 0 | 2026-02-06T15:14:47.703000 | A security issue was discovered in ingress-nginx where the `nginx.ingress.kubern | |
| CVE-2026-24302 | 8.6 | 0.08% | 2 | 0 | 2026-02-06T15:14:47.703000 | Azure Arc Elevation of Privilege Vulnerability | |
| CVE-2026-2017 | 9.8 | 0.08% | 2 | 1 | 2026-02-06T12:30:32 | A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by t | |
| CVE-2026-1499 | 9.8 | 1.23% | 2 | 0 | 2026-02-06T09:30:36 | The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization lea | |
| CVE-2026-24930 | 8.4 | 0.01% | 2 | 0 | 2026-02-06T09:30:35 | UAF concurrency vulnerability in the graphics module. Impact: Successful exploit | |
| CVE-2026-24926 | 8.4 | 0.01% | 2 | 0 | 2026-02-06T09:30:35 | Out-of-bounds write vulnerability in the camera module. Impact: Successful explo | |
| CVE-2025-15080 | 0 | 0.05% | 2 | 0 | 2026-02-06T07:16:11.187000 | Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi E | |
| CVE-2026-0106 | 9.4 | 0.00% | 2 | 0 | 2026-02-06T03:30:19 | In vpu_mmap of vpu_ioctl, there is a possible arbitrary address mmap due to a mi | |
| CVE-2026-0391 | 6.5 | 0.06% | 2 | 0 | 2026-02-06T00:30:32 | User interface (ui) misrepresentation of critical information in Microsoft Edge | |
| CVE-2026-24300 | 9.8 | 0.09% | 2 | 1 | 2026-02-06T00:30:32 | Azure Front Door Elevation of Privilege Vulnerability | |
| CVE-2026-21532 | 8.2 | 0.09% | 2 | 0 | 2026-02-06T00:30:32 | Azure Function Information Disclosure Vulnerability | |
| CVE-2025-11953 | 9.8 | 15.61% | 12 | 4 | 2026-02-05T21:38:32 | The Metro Development Server, which is opened by the React Native CLI, binds to | |
| CVE-2026-20979 | 7.8 | 0.01% | 2 | 0 | 2026-02-05T21:33:39 | Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows | |
| CVE-2025-11234 | 7.5 | 0.10% | 1 | 0 | 2026-02-05T21:33:38 | A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is w | |
| CVE-2025-15330 | 8.8 | 0.04% | 2 | 0 | 2026-02-05T21:32:42 | Tanium addressed an improper input validation vulnerability in Deploy. | |
| CVE-2025-68721 | 9.1 | 0.01% | 4 | 1 | 2026-02-05T21:32:40 | Axigen Mail Server before 10.5.57 contains an improper access control vulnerabil | |
| CVE-2026-20983 | 7.8 | 0.01% | 2 | 0 | 2026-02-05T21:21:13.780000 | Improper export of android application components in Samsung Dialer prior to SMR | |
| CVE-2025-68722 | 8.8 | 0.03% | 2 | 1 | 2026-02-05T21:15:52.127000 | Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Sit | |
| CVE-2025-15311 | 7.8 | 0.01% | 2 | 0 | 2026-02-05T20:47:37.777000 | Tanium addressed an unauthorized code execution vulnerability in Tanium Applianc | |
| CVE-2026-25055 | 8.1 | 0.08% | 2 | 0 | 2026-02-05T20:41:47.613000 | n8n is an open source workflow automation platform. Prior to versions 1.123.12 a | |
| CVE-2026-25049 | 9.9 | 0.03% | 19 | 0 | 2026-02-05T20:22:47.870000 | n8n is an open source workflow automation platform. Prior to versions 1.123.17 a | |
| CVE-2026-25539 | 9.1 | 0.27% | 1 | 0 | 2026-02-05T19:15:56.253000 | SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /a | |
| CVE-2026-25237 | 9.8 | 0.08% | 2 | 0 | 2026-02-05T18:05:46.980000 | PEAR is a framework and distribution system for reusable PHP components. Prior t | |
| CVE-2026-25240 | 9.8 | 0.03% | 2 | 0 | 2026-02-05T17:56:13.807000 | PEAR is a framework and distribution system for reusable PHP components. Prior t | |
| CVE-2025-46651 | 4.3 | 0.02% | 1 | 0 | 2026-02-05T16:15:50.200000 | Tiny File Manager through 2.6 contains a server-side request forgery (SSRF) vuln | |
| CVE-2026-25546 | 7.8 | 0.07% | 2 | 1 | 2026-02-05T15:34:59 | ### Impact A Command Injection vulnerability in godot-mcp allows remote code ex | |
| CVE-2025-71031 | 7.5 | 0.04% | 2 | 0 | 2026-02-05T15:32:15 | Water-Melon Melon commit 9df9292 and below is vulnerable to Denial of Service. T | |
| CVE-2025-67188 | 9.8 | 0.10% | 2 | 0 | 2026-02-05T15:32:11 | A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204_B2021011 | |
| CVE-2025-67189 | 9.8 | 0.15% | 2 | 0 | 2026-02-05T15:32:10 | A buffer overflow vulnerability exists in the setParentalRules interface of TOTO | |
| CVE-2025-13379 | 8.6 | 0.09% | 2 | 0 | 2026-02-05T15:31:15 | IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote | |
| CVE-2025-61732 | 8.6 | 0.01% | 4 | 0 | 2026-02-05T15:16:06.870000 | A discrepancy between how Go and C/C++ comments were parsed allowed for code smu | |
| CVE-2026-22038 | 8.1 | 0.08% | 1 | 0 | 2026-02-05T14:57:20.563000 | AutoGPT is a platform that allows users to create, deploy, and manage continuous | |
| CVE-2026-25582 | 7.8 | 0.01% | 1 | 0 | 2026-02-05T14:57:20.563000 | iccDEV provides a set of libraries and tools that allow for the interaction, man | |
| CVE-2025-13375 | 9.8 | 0.06% | 1 | 0 | 2026-02-05T14:57:20.563000 | IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an una | |
| CVE-2026-24844 | 7.9 | 0.02% | 1 | 0 | 2026-02-05T14:57:20.563000 | melange allows users to build apk packages using declarative pipelines. From ver | |
| CVE-2026-25161 | 8.8 | 0.05% | 1 | 0 | 2026-02-05T14:57:20.563000 | Alist is a file list program that supports multiple storages, powered by Gin and | |
| CVE-2026-25140 | 7.5 | 0.04% | 1 | 0 | 2026-02-05T14:57:20.563000 | apko allows users to build and publish OCI container images built from apk packa | |
| CVE-2026-20119 | 7.5 | 0.08% | 2 | 0 | 2026-02-05T14:57:20.563000 | A vulnerability in the text rendering subsystem of Cisco TelePresence Collaborat | |
| CVE-2026-25614 | 7.5 | 0.05% | 1 | 0 | 2026-02-05T09:31:13 | Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5680. | |
| CVE-2026-1642 | 5.9 | 0.01% | 1 | 0 | 2026-02-05T06:32:26 | A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to u | |
| CVE-2025-11730 | 7.2 | 0.20% | 3 | 0 | 2026-02-05T03:30:23 | A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) | |
| CVE-2025-10314 | 8.8 | 0.01% | 1 | 0 | 2026-02-05T03:30:23 | Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation F | |
| CVE-2026-25526 | 9.8 | 0.07% | 1 | 0 | 2026-02-05T00:35:16 | ## Impact **Vulnerability Type**: Sandbox Bypass / Remote Code Execution **Aff | |
| CVE-2025-13192 | 8.2 | 0.08% | 1 | 0 | 2026-02-05T00:31:08 | The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, an | |
| CVE-2026-24735 | 7.5 | 0.01% | 1 | 0 | 2026-02-04T21:57:36 | Exposure of Private Personal Information to an Unauthorized Actor vulnerability | |
| CVE-2026-25160 | 9.1 | 0.01% | 2 | 0 | 2026-02-04T21:56:51 | ### Summary The application disables TLS certificate verification by default for | |
| CVE-2026-25505 | 9.8 | 0.07% | 1 | 0 | 2026-02-04T21:56:46 | ### Summary 1. A hardcoded secret key used for signing JWTs is checked into sour | |
| CVE-2026-25157 | 7.8 | 0.02% | 3 | 0 | 2026-02-04T21:56:26 | Two related vulnerabilities existed in the macOS application's SSH remote connec | |
| CVE-2026-25143 | 7.8 | 0.02% | 3 | 0 | 2026-02-04T21:56:11 | An attacker who can influence inputs to the patch pipeline could execute arbitra | |
| CVE-2026-25121 | 7.5 | 0.04% | 1 | 0 | 2026-02-04T21:55:46 | A Path Traversal vulnerability was discovered in apko's dirFS filesystem abstrac | |
| CVE-2026-24884 | 8.4 | 0.02% | 1 | 0 | 2026-02-04T21:55:36 | # Arbitrary File Write via Symlink Extraction in `github.com/node-modules/compre | |
| CVE-2026-24843 | 8.2 | 0.02% | 1 | 0 | 2026-02-04T21:55:21 | An attacker who can influence the tar stream from a QEMU guest VM could write fi | |
| CVE-2026-23897 | 7.5 | 0.04% | 1 | 0 | 2026-02-04T21:55:12 | ### Impact The default configuration of `startStandaloneServer` from `@apollo/s | |
| CVE-2026-0536 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T21:30:43 | A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause | |
| CVE-2025-69620 | 7.5 | 0.01% | 1 | 0 | 2026-02-04T21:30:32 | A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of S | |
| CVE-2025-59439 | 7.5 | 0.04% | 1 | 0 | 2026-02-04T21:30:32 | An issue was discovered in Samsung Modem Exynos through 2025-08-29. Incorrect ha | |
| CVE-2025-69875 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T21:30:32 | A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine man | |
| CVE-2025-70841 | 10.0 | 0.04% | 1 | 0 | 2026-02-04T21:30:32 | Dokans Multi-Tenancy Based eCommerce Platform SaaS 3.9.2 allows unauthenticated | |
| CVE-2026-25027 | 7.5 | 0.11% | 1 | 0 | 2026-02-04T21:30:30 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP | |
| CVE-2026-24514 | 6.5 | 0.04% | 1 | 0 | 2026-02-04T20:05:49 | A security issue was discovered in ingress-nginx where the validating admission | |
| CVE-2026-24513 | 3.1 | 0.03% | 1 | 0 | 2026-02-04T20:05:32 | A security issue was discovered in ingress-nginx where the protection afforded b | |
| CVE-2026-24512 | 8.8 | 0.10% | 3 | 0 | 2026-02-04T20:04:50 | A security issue was discovered in ingress-nginx. Tthe `rules.http.paths.path` I | |
| CVE-2026-25052 | None | 0.01% | 2 | 0 | 2026-02-04T19:53:39 | ## Impact A vulnerability in the file access controls allows authenticated user | |
| CVE-2025-64712 | 9.8 | 0.06% | 1 | 0 | 2026-02-04T19:53:06 | A Path Traversal vulnerability in the `partition_msg` function allows an attacke | |
| CVE-2025-61917 | 7.7 | 0.01% | 1 | 0 | 2026-02-04T19:53:01 | ### Impact The use of `Buffer.allocUnsafe()` and `Buffer.allocUnsafeSlow()` in | |
| CVE-2026-25115 | None | 0.04% | 2 | 0 | 2026-02-04T19:42:05 | ## Impact A vulnerability in the Python Code node allows authenticated users to | |
| CVE-2026-25056 | None | 0.13% | 2 | 0 | 2026-02-04T19:39:42 | ## Impact A vulnerability in the Merge node's SQL Query mode allowed authentica | |
| CVE-2025-69970 | None | 0.05% | 2 | 0 | 2026-02-04T19:34:42 | FUXA v1.2.7 contains an insecure default configuration vulnerability in server/s | |
| CVE-2026-25053 | None | 0.02% | 2 | 0 | 2026-02-04T18:38:16 | ## Impact Vulnerabilities in the Git node allowed authenticated users with perm | |
| CVE-2025-67187 | 9.8 | 0.04% | 1 | 0 | 2026-02-04T18:31:37 | A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4 | |
| CVE-2025-60865 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T18:31:36 | Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174 | |
| CVE-2025-57529 | 9.8 | 0.04% | 1 | 1 | 2026-02-04T18:31:36 | YouDataSum CPAS Audit Management System <=v4.9 is vulnerable to SQL Injection in | |
| CVE-2025-66374 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T18:31:36 | CyberArk Endpoint Privilege Manager Agent through 25.10.0 allows a local user to | |
| CVE-2026-20098 | 8.8 | 0.90% | 2 | 0 | 2026-02-04T18:30:53 | A vulnerability in the Certificate Management feature of Cisco Meeting Managemen | |
| CVE-2026-0660 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T18:30:51 | A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause | |
| CVE-2026-0659 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T18:30:51 | A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or | |
| CVE-2026-0662 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T18:30:51 | A maliciously crafted project directory, when opening a max file in Autodesk 3ds | |
| CVE-2026-0537 | 7.8 | 0.01% | 2 | 0 | 2026-02-04T18:30:50 | A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force | |
| CVE-2025-59818 | 10.0 | 0.10% | 1 | 0 | 2026-02-04T18:30:39 | This vulnerability allows authenticated attackers to execute arbitrary commands | |
| CVE-2025-61506 | 9.8 | 0.09% | 1 | 1 | 2026-02-04T18:30:31 | An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated | |
| CVE-2025-63624 | 9.8 | 0.16% | 1 | 0 | 2026-02-04T18:30:31 | SQL Injection vulnerability in Shandong Kede Electronics Co., Ltd IoT smart wate | |
| CVE-2025-63372 | 7.5 | 0.29% | 1 | 0 | 2026-02-04T18:30:31 | Articentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Trave | |
| CVE-2025-65875 | 8.8 | 0.06% | 1 | 0 | 2026-02-04T18:30:31 | An arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 a | |
| CVE-2025-64328 | 7.2 | 20.56% | 3 | 1 | 2026-02-04T18:00:49.260000 | FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX | |
| CVE-2026-25510 | 10.0 | 0.23% | 2 | 0 | 2026-02-04T17:46:00 | **Summary** A critical vulnerability has been identified in CI4MS that allows a | |
| CVE-2026-25150 | 9.3 | 0.02% | 1 | 0 | 2026-02-04T17:45:45 | ### Summary A Prototype Pollution vulnerability exists in the `formToObj()` fun | |
| CVE-2025-67186 | 9.8 | 0.15% | 1 | 0 | 2026-02-04T17:16:10.007000 | TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability | |
| CVE-2025-14550 | 7.5 | 0.04% | 1 | 0 | 2026-02-04T17:09:58.100000 | An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4 | |
| CVE-2025-70560 | 8.4 | 0.06% | 1 | 0 | 2026-02-04T16:34:21.763000 | Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule l | |
| CVE-2026-1580 | 8.8 | 0.10% | 3 | 0 | 2026-02-04T16:33:44.537000 | A security issue was discovered in ingress-nginx where the `nginx.ingress.kubern | |
| CVE-2026-1633 | 10.0 | 0.05% | 3 | 0 | 2026-02-04T16:33:44.537000 | The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes its web mana | |
| CVE-2025-15368 | 8.8 | 0.14% | 1 | 0 | 2026-02-04T16:33:44.537000 | The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in al | |
| CVE-2026-1756 | 8.8 | 0.22% | 1 | 0 | 2026-02-04T16:33:44.537000 | The WP FOFT Loader plugin for WordPress is vulnerable to arbitrary file uploads | |
| CVE-2026-1861 | 8.8 | 0.02% | 1 | 0 | 2026-02-04T16:33:44.537000 | Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed | |
| CVE-2026-25223 | 7.5 | 0.03% | 2 | 0 | 2026-02-04T16:33:44.537000 | Fastify is a fast and low overhead web framework, for Node.js. Prior to version | |
| CVE-2026-24149 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T16:33:44.537000 | NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where | |
| CVE-2026-24669 | 7.8 | 0.01% | 2 | 0 | 2026-02-04T16:33:44.537000 | The Open eClass platform (formerly known as GUnet eClass) is a complete course m | |
| CVE-2025-5329 | 9.8 | 0.01% | 1 | 1 | 2026-02-04T15:30:29 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-0818 | 4.3 | 0.02% | 1 | 0 | 2026-02-04T12:32:27 | CSS-based exfiltration of the content from partially encrypted emails when allow | |
| CVE-2025-15285 | 7.5 | 0.08% | 1 | 0 | 2026-02-04T09:30:36 | The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized mo | |
| CVE-2025-15268 | 7.5 | 0.07% | 1 | 0 | 2026-02-04T09:30:36 | The Infility Global plugin for WordPress is vulnerable to unauthenticated SQL In | |
| CVE-2026-1819 | 8.8 | 0.05% | 1 | 0 | 2026-02-04T09:30:35 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2026-1632 | 9.1 | 0.13% | 2 | 0 | 2026-02-04T00:30:41 | MOMA Seismic Station Version v2.4.2520 and prior exposes its web management inte | |
| CVE-2026-1341 | None | 0.02% | 1 | 0 | 2026-02-04T00:30:40 | Avation Light Engine Pro exposes its configuration and control interface without | |
| CVE-2026-1862 | 8.8 | 0.02% | 1 | 0 | 2026-02-04T00:30:28 | Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote a | |
| CVE-2025-10878 | 10.0 | 0.18% | 1 | 1 | 2026-02-03T21:31:59 | A SQL injection vulnerability exists in the login functionality of Fikir Odalari | |
| CVE-2026-1803 | 8.1 | 0.02% | 2 | 0 | 2026-02-03T21:31:58 | A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unk | |
| CVE-2026-24954 | 8.8 | 0.05% | 1 | 0 | 2026-02-03T21:31:51 | Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage | |
| CVE-2025-40551 | 9.8 | 22.94% | 10 | 0 | 2026-02-03T21:31:50 | SolarWinds Web Help Desk was found to be susceptible to an untrusted data deseri | |
| CVE-2026-1207 | None | 0.01% | 2 | 0 | 2026-02-03T19:32:57 | An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4 | |
| CVE-2026-1285 | None | 0.04% | 1 | 0 | 2026-02-03T19:31:19 | An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4 | |
| CVE-2025-67853 | 7.5 | 0.01% | 1 | 0 | 2026-02-03T19:15:23 | A flaw was found in Moodle. A remote attacker could exploit a lack of proper rat | |
| CVE-2026-1568 | 9.6 | 0.02% | 1 | 0 | 2026-02-03T18:30:53 | Rapid7 InsightVM versions before 8.34.0 contain a signature verification issue o | |
| CVE-2021-39935 | 7.5 | 53.46% | 3 | 0 | 2026-02-03T18:30:29 | An issue has been discovered in GitLab CE/EE affecting all versions starting fro | |
| CVE-2019-19006 | 9.8 | 31.61% | 3 | 0 | 2026-02-03T18:30:27 | Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and bel | |
| CVE-2026-25253 | 8.8 | 0.04% | 1 | 3 | 2026-02-03T16:44:36.630000 | OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value f | |
| CVE-2025-6397 | 8.6 | 0.04% | 1 | 0 | 2026-02-03T16:44:03.343000 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2025-67848 | 8.1 | 0.02% | 1 | 0 | 2026-02-03T16:44:03.343000 | A flaw was found in Moodle. This authentication bypass vulnerability allows susp | |
| CVE-2026-25022 | 8.5 | 0.03% | 1 | 0 | 2026-02-03T15:30:38 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2025-5319 | 9.8 | 0.01% | 1 | 1 | 2026-02-03T15:30:33 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2025-7760 | 7.6 | 0.01% | 1 | 0 | 2026-02-03T15:30:33 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2025-8461 | 7.6 | 0.03% | 1 | 0 | 2026-02-03T09:30:34 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2026-1281 | 9.8 | 16.41% | 6 | 0 | 2026-01-30T13:28:18.610000 | A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve | |
| CVE-2026-1340 | 9.8 | 0.18% | 4 | 0 | 2026-01-30T00:31:28 | A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve | |
| CVE-2026-24061 | 9.8 | 29.55% | 3 | 62 | template | 2026-01-29T21:30:27 | telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a " |
| CVE-2026-21509 | 7.8 | 2.91% | 15 | 8 | 2026-01-26T21:31:39 | Reliance on untrusted inputs in a security decision in Microsoft Office allows a | |
| CVE-2025-9086 | 7.5 | 0.03% | 1 | 0 | 2026-01-20T15:31:21 | 1. A cookie is set using the `secure` keyword for `https://target` 2. curl is re | |
| CVE-2025-68613 | 10.0 | 71.72% | 1 | 30 | template | 2026-01-09T16:53:16 | ### Impact n8n contains a critical Remote Code Execution (RCE) vulnerability in |
| CVE-2025-13607 | 9.4 | 0.08% | 2 | 0 | 2025-12-10T21:31:32 | A malicious actor can access camera configuration information, including account | |
| CVE-2024-3596 | 9.0 | 23.85% | 4 | 1 | 2025-11-04T18:16:31.367000 | RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local atta | |
| CVE-2024-42318 | 5.5 | 0.01% | 2 | 0 | 2025-11-04T00:31:15 | In the Linux kernel, the following vulnerability has been resolved: landlock: D | |
| CVE-2025-22226 | 7.1 | 4.11% | 2 | 0 | 2025-10-30T19:52:41.973000 | VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerabi | |
| CVE-2025-8088 | 8.8 | 3.90% | 6 | 27 | 2025-10-30T15:50:59.680000 | A path traversal vulnerability affecting the Windows version of WinRAR allows th | |
| CVE-2025-6978 | 7.2 | 0.24% | 2 | 0 | 2025-10-27T13:20:15.637000 | Diagnostics command injection vulnerability | |
| CVE-2025-22224 | 9.4 | 56.62% | 2 | 0 | 2025-10-22T00:34:17 | VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulner | |
| CVE-2025-22225 | 8.3 | 6.15% | 4 | 0 | 2025-10-22T00:33:13 | VMware ESXi contains an arbitrary write vulnerability. A malicious actor with pr | |
| CVE-2025-59419 | 0 | 0.97% | 1 | 0 | 2025-10-17T20:15:40.663000 | Netty is an asynchronous, event-driven network application framework. In version | |
| CVE-2025-49825 | 9.8 | 11.53% | 1 | 0 | template | 2025-06-18T14:15:12 | ### Impact A full technical disclosure and open-source patch will be published |
| CVE-2025-1920 | 8.8 | 0.15% | 1 | 0 | 2025-04-07T18:54:46.053000 | Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote at | |
| CVE-2018-19333 | 9.8 | 0.17% | 2 | 0 | 2023-02-01T05:05:52 | pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers | |
| CVE-2026-25233 | 0 | 0.04% | 2 | 0 | N/A | ||
| CVE-2026-25234 | 0 | 0.03% | 2 | 0 | N/A | ||
| CVE-2026-25236 | 0 | 0.03% | 2 | 0 | N/A | ||
| CVE-2026-25235 | 0 | 0.03% | 2 | 0 | N/A | ||
| CVE-2026-25241 | 0 | 0.08% | 2 | 0 | N/A | ||
| CVE-2026-25239 | 0 | 0.03% | 2 | 0 | N/A | ||
| CVE-2026-25238 | 0 | 0.03% | 2 | 0 | N/A | ||
| CVE-2026-2150 | 0 | 0.00% | 2 | 6 | N/A | ||
| CVE-2026-25585 | 0 | 0.01% | 1 | 0 | N/A | ||
| CVE-2026-25584 | 0 | 0.01% | 1 | 0 | N/A | ||
| CVE-2026-25583 | 0 | 0.01% | 1 | 0 | N/A | ||
| CVE-2026-25519 | 0 | 0.04% | 2 | 0 | N/A | ||
| CVE-2025-67987 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-25502 | 0 | 0.01% | 2 | 0 | N/A | ||
| CVE-2026-24665 | 0 | 0.03% | 2 | 0 | N/A | ||
| CVE-2026-24773 | 0 | 0.03% | 2 | 0 | N/A |
updated 2026-02-06T17:49:06.210000
1 posts
🟠 CVE-2026-0538 - High (7.8)
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0538/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T17:16:18.283000
2 posts
🔴 CVE-2025-70073 - Critical (9.8)
An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70073/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-70073 - Critical (9.8)
An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70073/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T16:45:15.323000
14 posts
1 repos
"CISA warns of SmarterMail RCE flaw used in ransomware attacks"
"[...] has issued a warning about CVE-2026-24423, an unauthenticated remote code execution (RCE) flaw in SmarterMail that is used in ransomware attacks. The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S."
##CISA warns of SmarterMail RCE flaw used in ransomware attacks
The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S. has issued a warning about CVE-2026-24423, an unauthenticated remote code...
🔗️ [Bleepingcomputer] https://link.is.it/Kkych1
##📰 CISA: Critical SmarterMail RCE Flaw Actively Exploited in Ransomware Attacks
⚠️ CISA KEV ALERT: A critical RCE flaw in SmarterMail (CVE-2026-24423) is actively exploited in ransomware attacks. Unauthenticated attackers can take over mail servers. Patch to build 9511+ immediately! #CVE #Ransomware #PatchNow
##🚨 [CISA-2026:0205] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0205)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2025-11953 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-11953)
- Name: React Native Community CLI OS Command Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: React Native Community
- Product: CLI
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: ; https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547;https://github.com/react-native-community/cli/pull/2735 ; https://nvd.nist.gov/vuln/detail/CVE-2025-11953
⚠️ CVE-2026-24423 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24423)
- Name: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: SmarterTools
- Product: SmarterMail
- Notes: https://www.smartertools.com/smartermail/release-notes/current ; https://www.cve.org/CVERecord?id=CVE-2026-24423 ; https://nvd.nist.gov/vuln/detail/CVE-2026-24423
#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260205 #cisa20260205 #cve_2025_11953 #cve_2026_24423 #cve202511953 #cve202624423
##CVE-2026-24423 - Changed to Known Ransomware Status
SmarterTools SmarterMail Missing Authentication for Critical Function VulnerabilityVendor: SmarterToolsProduct: SmarterMailSmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead https://nvd.nist.gov/vuln/detail/CVE-2026-24423
##CVE ID: CVE-2026-24423
Vendor: SmarterTools
Product: SmarterMail
Date Added: 2026-02-05
Notes: https://www.smartertools.com/smartermail/release-notes/current ; https://www.cve.org/CVERecord?id=CVE-2026-24423 ; https://nvd.nist.gov/vuln/detail/CVE-2026-24423
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-24423
New:
CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats https://www.cisa.gov/news-events/news/cisa-orders-federal-agencies-strengthen-edge-device-security-amid-rising-cyber-threats
CISA has also updated the KEV catalogue.
- CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-24423
- CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-11953
Five industrial vulnerabilities have also been added: https://www.cisa.gov/ #CISA #infosec #vulnerabilities
##‼️ CISA has added two vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability:
SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead to command execution.
CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability:
React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the Metro Development Server and run arbitrary executables via a vulnerable endpoint exposed by the server. On Windows, attackers can also execute arbitrary shell commands with fully controlled arguments.
##"CISA warns of SmarterMail RCE flaw used in ransomware attacks"
"[...] has issued a warning about CVE-2026-24423, an unauthenticated remote code execution (RCE) flaw in SmarterMail that is used in ransomware attacks. The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S."
##CISA warns of SmarterMail RCE flaw used in ransomware attacks
The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S. has issued a warning about CVE-2026-24423, an unauthenticated remote code...
🔗️ [Bleepingcomputer] https://link.is.it/Kkych1
##CVE-2026-24423 - Changed to Known Ransomware Status
SmarterTools SmarterMail Missing Authentication for Critical Function VulnerabilityVendor: SmarterToolsProduct: SmarterMailSmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead https://nvd.nist.gov/vuln/detail/CVE-2026-24423
##CVE ID: CVE-2026-24423
Vendor: SmarterTools
Product: SmarterMail
Date Added: 2026-02-05
Notes: https://www.smartertools.com/smartermail/release-notes/current ; https://www.cve.org/CVERecord?id=CVE-2026-24423 ; https://nvd.nist.gov/vuln/detail/CVE-2026-24423
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-24423
New:
CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats https://www.cisa.gov/news-events/news/cisa-orders-federal-agencies-strengthen-edge-device-security-amid-rising-cyber-threats
CISA has also updated the KEV catalogue.
- CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-24423
- CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-11953
Five industrial vulnerabilities have also been added: https://www.cisa.gov/ #CISA #infosec #vulnerabilities
##‼️ CISA has added two vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability:
SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead to command execution.
CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability:
React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the Metro Development Server and run arbitrary executables via a vulnerable endpoint exposed by the server. On Windows, attackers can also execute arbitrary shell commands with fully controlled arguments.
##updated 2026-02-06T16:26:55.207000
1 posts
🟠 CVE-2026-0661 - High (7.8)
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0661/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T16:16:14.713000
2 posts
1 repos
https://github.com/cypherdavy/CVE-2025-69906-Monstra-CMS-3.0.4-Arbitrary-File-Upload-to-RCE
🟠 CVE-2025-69906 - High (8.8)
Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files Manager plugin. The application relies on blacklist-based file extension validation and stores uploaded files directly in a web-accessible directory. Under typical ser...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69906/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-69906 - High (8.8)
Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files Manager plugin. The application relies on blacklist-based file extension validation and stores uploaded files directly in a web-accessible directory. Under typical ser...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69906/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T16:16:14.533000
2 posts
🟠 CVE-2025-69619 - High (7.5)
A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69619/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-69619 - High (7.5)
A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69619/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T16:16:13.370000
2 posts
🟠 CVE-2025-13523 - High (7.7)
Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim bro...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13523/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-13523 - High (7.7)
Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim bro...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13523/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T15:14:47.703000
4 posts
1 repos
ahhh… la bonne vuln critique du vendredi qui sent le café ☕️
🕵️♂️ CVE-2026-21643
D’après la fiche : SQL Injection (improper neutralization of special elements used in an SQL command) dans Fortinet FortiClientEMS 7.4.4
➡️ pourrait permettre à un attaquant non authentifié d’exécuter du code/commandes via des requêtes HTTP spécialement forgées.
RCE “unauth” sur un produit exposé, quelle surprise… 🙃
il me manque un traversal path dans l'histoire pour être définitivement comblé
may or may not, qui sait…
attendons l’advisory officiel avant de sortir les fourches (ou les patchs).
👇
https://cve.circl.lu/vuln/CVE-2026-21643 👀
🔴 CVE-2026-21643 - Critical (9.8)
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP req...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21643/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##ahhh… la bonne vuln critique du vendredi qui sent le café ☕️
🕵️♂️ CVE-2026-21643
D’après la fiche : SQL Injection (improper neutralization of special elements used in an SQL command) dans Fortinet FortiClientEMS 7.4.4
➡️ pourrait permettre à un attaquant non authentifié d’exécuter du code/commandes via des requêtes HTTP spécialement forgées.
RCE “unauth” sur un produit exposé, quelle surprise… 🙃
il me manque un traversal path dans l'histoire pour être définitivement comblé
may or may not, qui sait…
attendons l’advisory officiel avant de sortir les fourches (ou les patchs).
👇
https://cve.circl.lu/vuln/CVE-2026-21643 👀
🔴 CVE-2026-21643 - Critical (9.8)
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP req...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21643/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T15:14:47.703000
4 posts
CVE-2025-15566 #devopsish #kubernetes #cve https://github.com/kubernetes/kubernetes/issues/136789
##🟠 CVE-2025-15566 - High (8.8)
A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ing...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15566/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2025-15566 #devopsish #kubernetes #cve https://github.com/kubernetes/kubernetes/issues/136789
##🟠 CVE-2025-15566 - High (8.8)
A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ing...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15566/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T15:14:47.703000
2 posts
🟠 CVE-2026-24302 - High (8.6)
Azure Arc Elevation of Privilege Vulnerability
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24302/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24302 - High (8.6)
Azure Arc Elevation of Privilege Vulnerability
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24302/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T12:30:32
2 posts
1 repos
🔴 CVE-2026-2017 - Critical (9.8)
A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in sta...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2017/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-2017 - Critical (9.8)
A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in sta...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2017/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T09:30:36
2 posts
🔴 CVE-2026-1499 - Critical (9.8)
The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization leading to Arbitrary File Upload in all versions up to and including 1.1.8. This is due to a missing capability check on the `process_add_site()` AJAX action combined wit...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1499/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-1499 - Critical (9.8)
The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization leading to Arbitrary File Upload in all versions up to and including 1.1.8. This is due to a missing capability check on the `process_add_site()` AJAX action combined wit...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1499/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T09:30:35
2 posts
🟠 CVE-2026-24930 - High (8.4)
UAF concurrency vulnerability in the graphics module.
Impact: Successful exploitation of this vulnerability may affect availability.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24930/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24930 - High (8.4)
UAF concurrency vulnerability in the graphics module.
Impact: Successful exploitation of this vulnerability may affect availability.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24930/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T09:30:35
2 posts
🟠 CVE-2026-24926 - High (8.4)
Out-of-bounds write vulnerability in the camera module.
Impact: Successful exploitation of this vulnerability may affect availability.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24926/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24926 - High (8.4)
Out-of-bounds write vulnerability in the camera module.
Impact: Successful exploitation of this vulnerability may affect availability.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24926/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T07:16:11.187000
2 posts
Mitsubishi Electric Patches Critical Remote Takeover Flaw in MELSEC iQ-R Series PLCs
Mitsubishi Electric patched a critical vulnerability (CVE-2025-15080) in MELSEC iQ-R Series PLCs that allows unauthenticated remote attackers to read or tamper with control data and cause system outages.
**Make sure all MELSEC iQ-R Series PLCs are isolated from the public internet and accessible only from trusted networks. Then plan an update to firmware version 49.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/mitsubishi-electric-patches-critical-remote-takeover-flaw-in-melsec-iq-r-series-plcs-y-b-o-n-n/gD2P6Ple2L
Mitsubishi Electric Patches Critical Remote Takeover Flaw in MELSEC iQ-R Series PLCs
Mitsubishi Electric patched a critical vulnerability (CVE-2025-15080) in MELSEC iQ-R Series PLCs that allows unauthenticated remote attackers to read or tamper with control data and cause system outages.
**Make sure all MELSEC iQ-R Series PLCs are isolated from the public internet and accessible only from trusted networks. Then plan an update to firmware version 49.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/mitsubishi-electric-patches-critical-remote-takeover-flaw-in-melsec-iq-r-series-plcs-y-b-o-n-n/gD2P6Ple2L
updated 2026-02-06T03:30:19
2 posts
🔴 CVE-2026-0106 - Critical (9.3)
In vpu_mmap of vpu_ioctl, there is a possible arbitrary address mmap due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0106/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-0106 - Critical (9.3)
In vpu_mmap of vpu_ioctl, there is a possible arbitrary address mmap due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0106/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T00:30:32
2 posts
https://winbuzzer.com/2026/02/06/cve-2026-0391-microsoft-edge-android-ui-spoofing-xcxwbn/
CVE-2026-0391: Edge Android Flaw Enables Spoofing Attacks
#MicrosoftEdge #Security #Cybersecurity #Microsoft #Android #WebBrowsers #Phishing #CredentialTheft #ZeroDayVulnerabilities #Chromium
##https://winbuzzer.com/2026/02/06/cve-2026-0391-microsoft-edge-android-ui-spoofing-xcxwbn/
CVE-2026-0391: Edge Android Flaw Enables Spoofing Attacks
#MicrosoftEdge #Security #Cybersecurity #Microsoft #Android #WebBrowsers #Phishing #CredentialTheft #ZeroDayVulnerabilities #Chromium
##updated 2026-02-06T00:30:32
2 posts
1 repos
🔴 CVE-2026-24300 - Critical (9.8)
Azure Front Door Elevation of Privilege Vulnerability
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24300/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-24300 - Critical (9.8)
Azure Front Door Elevation of Privilege Vulnerability
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24300/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T00:30:32
2 posts
🟠 CVE-2026-21532 - High (8.2)
Azure Function Information Disclosure Vulnerability
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21532/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-21532 - High (8.2)
Azure Function Information Disclosure Vulnerability
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21532/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T21:38:32
12 posts
4 repos
https://github.com/N3k0t-dev/PoC-CVE-collection
https://github.com/boroeurnprach/CVE-2025-11953-PoC
https://github.com/Mr-In4inci3le/CVE-2025-11953-POC-
https://github.com/SaidBenaissa/cve-2025-11953-vulnerability-demo
Critical React Native CLI Vulnerability Puts Development Environments at Risk, CISA Warns
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert following the discovery of a critical vulnerability in the React Native Community Command-Line Interface (CLI). Tracked as CVE-2025-11953, this flaw allows attackers to execute arbitrary system commands on vulnerable development machines. The vulnerability has already been actively…
##🚨 [CISA-2026:0205] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0205)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2025-11953 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-11953)
- Name: React Native Community CLI OS Command Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: React Native Community
- Product: CLI
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: ; https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547;https://github.com/react-native-community/cli/pull/2735 ; https://nvd.nist.gov/vuln/detail/CVE-2025-11953
⚠️ CVE-2026-24423 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24423)
- Name: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: SmarterTools
- Product: SmarterMail
- Notes: https://www.smartertools.com/smartermail/release-notes/current ; https://www.cve.org/CVERecord?id=CVE-2026-24423 ; https://nvd.nist.gov/vuln/detail/CVE-2026-24423
#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260205 #cisa20260205 #cve_2025_11953 #cve_2026_24423 #cve202511953 #cve202624423
##CVE ID: CVE-2025-11953
Vendor: React Native Community
Product: CLI
Date Added: 2026-02-05
Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: ; https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547;https://github.com/react-native-community/cli/pull/2735 ; https://nvd.nist.gov/vuln/detail/CVE-2025-11953
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-11953
New:
CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats https://www.cisa.gov/news-events/news/cisa-orders-federal-agencies-strengthen-edge-device-security-amid-rising-cyber-threats
CISA has also updated the KEV catalogue.
- CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-24423
- CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-11953
Five industrial vulnerabilities have also been added: https://www.cisa.gov/ #CISA #infosec #vulnerabilities
##‼️ CISA has added two vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability:
SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead to command execution.
CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability:
React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the Metro Development Server and run arbitrary executables via a vulnerable endpoint exposed by the server. On Windows, attackers can also execute arbitrary shell commands with fully controlled arguments.
##CVE ID: CVE-2025-11953
Vendor: React Native Community
Product: CLI
Date Added: 2026-02-05
Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: ; https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547;https://github.com/react-native-community/cli/pull/2735 ; https://nvd.nist.gov/vuln/detail/CVE-2025-11953
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-11953
New:
CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats https://www.cisa.gov/news-events/news/cisa-orders-federal-agencies-strengthen-edge-device-security-amid-rising-cyber-threats
CISA has also updated the KEV catalogue.
- CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-24423
- CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-11953
Five industrial vulnerabilities have also been added: https://www.cisa.gov/ #CISA #infosec #vulnerabilities
##‼️ CISA has added two vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability:
SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead to command execution.
CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability:
React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the Metro Development Server and run arbitrary executables via a vulnerable endpoint exposed by the server. On Windows, attackers can also execute arbitrary shell commands with fully controlled arguments.
##Critical React Native Metro Server Bug Under Active Exploitation
Attackers are actively exploiting a critical command injection vulnerability (CVE-2025-11953) in the React Native Metro development server to deploy malware on Windows and Linux systems.
**This is now urgent and important. If you're a React Native developer, update @react-native-community/cli-server-api to version 20.0.0 or higher. Your tools are being actively exploited. If you can't update right away, start your Metro server with the --host 127.0.0.1 flag (like `npx react-native start --host 127.0.0.1`). Make sure to patch all projects on your computer and the globally installed version.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/critical-react-native-metro-server-bug-under-active-exploitation-m-3-d-o-k/gD2P6Ple2L
Our team wrote about in-the-wild exploitation of React Metro Server CVE-2025-11953, which VulnCheck's Canary Intelligence network detected for the first time in December 2025.
##Hackers exploit critical React Native Metro bug to breach dev systems
Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious...
🔗️ [Bleepingcomputer] https://link.is.it/9a1Dng
##Hackers exploit critical React Native Metro bug to breach dev systems
Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious...
🔗️ [Bleepingcomputer] https://link.is.it/w9Y7HI
##updated 2026-02-05T21:33:39
2 posts
🟠 CVE-2026-20979 - High (7.8)
Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20979/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20979 - High (7.8)
Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20979/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T21:33:38
1 posts
updated 2026-02-05T21:32:42
2 posts
🟠 CVE-2025-15330 - High (8.8)
Tanium addressed an improper input validation vulnerability in Deploy.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15330/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-15330 - High (8.8)
Tanium addressed an improper input validation vulnerability in Deploy.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15330/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T21:32:40
4 posts
1 repos
🔴 CVE-2025-68721 - Critical (9.1)
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates ma...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68721/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-68721 - Critical (9.1)
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates ma...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68721/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-68721 - Critical (9.1)
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates ma...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68721/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-68721 - Critical (9.1)
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates ma...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68721/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T21:21:13.780000
2 posts
🟠 CVE-2026-20983 - High (7.8)
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20983/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20983 - High (7.8)
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20983/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T21:15:52.127000
2 posts
1 repos
🟠 CVE-2025-68722 - High (8.8)
Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery (CSRF) vulnerability in the WebAdmin interface through improper handling of the _s (breadcrumb) parameter. The application accepts state-changing req...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68722/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-68722 - High (8.8)
Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery (CSRF) vulnerability in the WebAdmin interface through improper handling of the _s (breadcrumb) parameter. The application accepts state-changing req...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68722/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T20:47:37.777000
2 posts
🟠 CVE-2025-15311 - High (7.8)
Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15311/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-15311 - High (7.8)
Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15311/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T20:41:47.613000
2 posts
🟠 CVE-2026-25055 - High (8.1)
n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to fi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25055/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25055 - High (8.1)
n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to fi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25055/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T20:22:47.870000
19 posts
📰 Critical RCE Flaw in n8n Automation Platform Allows Full Server Takeover
🔥 CRITICAL RCE: A sandbox escape flaw (CVE-2026-25049, CVSS 9.4) in the n8n automation platform allows full server takeover and credential theft. Update to versions 1.123.17 or 2.5.2 immediately! #CVE #RCE #DevSecOps
##🔴 CVE-2026-25049 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system comma...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25049/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 THE NI8MARE IS REAL. 🚨
Survived a critical RCE breach attempt (CVE-2026-25049) on my n8n setup. I didn’t just patch; I surgically hardened to v2.7.1.
🛑 No "latest" tags. 🛑 No ghost credentials. 🛠️ Sequential pinning only.
Get the forensic playbook FIX IT: https://thecybermind.co/n8n-update
https://thecybermind.co/2026/02/05/cve-2026-25049-rce/?utm_source=mastodon&utm_medium=jetpack_social
##Collectively tracked as CVE-2026-25049, the issues can be exploited by any authenticated user who can create or edit workflows on the platform to perform unrestricted remote code execution on the n8n server. https://www.bleepingcomputer.com/news/security/critical-n8n-flaws-disclosed-along-with-public-exploits/
##Critical n8n Flaw Exposes Automation Platforms to Remote Code Execution
Introduction: Why This n8n Vulnerability Matters Workflow automation tools like n8n sit at the heart of modern DevOps, data pipelines, and business automation. They connect APIs, move sensitive data, and execute logic with elevated trust inside organizations. A newly disclosed critical vulnerability in n8n, tracked as CVE-2026-25049, shows how dangerous even “authenticated-only” flaws can be when…
https://undercodenews.com/critical-n8n-flaw-exposes-automation-platforms-to-remote-code-execution/
##CVE-2026-25049 highlights weaknesses in sandboxing user-defined JavaScript expressions within n8n workflows.
Multiple research teams demonstrated authenticated sandbox escape leading to unrestricted RCE, credential exposure, filesystem access, cloud pivoting, and AI workflow manipulation. The issue stems from incomplete AST-based sandboxing and runtime enforcement gaps.
Fixes have been released, and mitigation guidance includes updating, rotating secrets, and restricting workflow permissions.
💬 What lessons does this case offer for securing automation platforms?
➕ Follow TechNadu for accurate, vendor-neutral infosec reporting.
#Infosec #CVE #n8n #SandboxEscape #RCE #CloudSecurity #DevSecOps
##n8n : la faille critique CVE-2026-25049 réactive une précédente vulnérabilité https://www.it-connect.fr/n8n-cve-2026-25049-execution-code-a-distance/ #ActuCybersécurité #Cybersécurité #Vulnérabilité
##It seems that the recent #n8n CVE-2026-25049 is (EDIT: or was? My e-mail got answered with a generic response by an AI assistant) not only exploitable on self-hosted instances, but also in the n8n cloud. At least this is what the URL briefly visible in this video indicates. https://www.youtube.com/watch?v=QLrm7jx8kew (skip to 0:15 for a clear shot).
##Critical Sandbox Escapes in n8n AI Platform Enable Full Server Takeover
n8n patched another critical sandbox escape vulnerabilities (CVE-2026-25049) that allow authenticated users to execute arbitrary code and steal sensitive AI and cloud credentials.
**This is another important and urgent flaw in n8n. Update your n8n instances to the latest version ASAP and rotate all stored API keys and encryption secrets. Since these flaws allow full server takeover, you must assume any credentials stored in an unpatched instance are already compromised.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-sandbox-escapes-in-n8n-ai-platform-enable-full-server-takeover-h-k-y-o-v/gD2P6Ple2L
Yet another critical vulnerability in n8n - CVE-2026-25049 (CVSS 9.4).
Vulnerability detection script here:
https://github.com/rxerium/rxerium-templates/blob/main/2026/CVE-2026-25049.yaml
Patched versions are 1.123.17 / 2.5.2 as per:
https://github.com/n8n-io/n8n/security/advisories/GHSA-6cqr-8cfr-67f8
Critical RCE Alert: n8n Workflow Automation Hit by Severe Vulnerability Allowing System Takeover
The popular workflow automation platform n8n has been rocked by a critical security flaw that could let attackers execute arbitrary system commands on affected servers. Tracked as CVE-2026-25049 with a high CVSS score of 9.4, the vulnerability stems from insufficient input sanitization—despite previous fixes for CVE-2025-68613, a similar high-severity flaw patched in…
##🔴 CVE-2026-25049 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system comma...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25049/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Collectively tracked as CVE-2026-25049, the issues can be exploited by any authenticated user who can create or edit workflows on the platform to perform unrestricted remote code execution on the n8n server. https://www.bleepingcomputer.com/news/security/critical-n8n-flaws-disclosed-along-with-public-exploits/
##CVE-2026-25049 highlights weaknesses in sandboxing user-defined JavaScript expressions within n8n workflows.
Multiple research teams demonstrated authenticated sandbox escape leading to unrestricted RCE, credential exposure, filesystem access, cloud pivoting, and AI workflow manipulation. The issue stems from incomplete AST-based sandboxing and runtime enforcement gaps.
Fixes have been released, and mitigation guidance includes updating, rotating secrets, and restricting workflow permissions.
💬 What lessons does this case offer for securing automation platforms?
➕ Follow TechNadu for accurate, vendor-neutral infosec reporting.
#Infosec #CVE #n8n #SandboxEscape #RCE #CloudSecurity #DevSecOps
##n8n : la faille critique CVE-2026-25049 réactive une précédente vulnérabilité https://www.it-connect.fr/n8n-cve-2026-25049-execution-code-a-distance/ #ActuCybersécurité #Cybersécurité #Vulnérabilité
##It seems that the recent #n8n CVE-2026-25049 is (EDIT: or was? My e-mail got answered with a generic response by an AI assistant) not only exploitable on self-hosted instances, but also in the n8n cloud. At least this is what the URL briefly visible in this video indicates. https://www.youtube.com/watch?v=QLrm7jx8kew (skip to 0:15 for a clear shot).
##Critical Sandbox Escapes in n8n AI Platform Enable Full Server Takeover
n8n patched another critical sandbox escape vulnerabilities (CVE-2026-25049) that allow authenticated users to execute arbitrary code and steal sensitive AI and cloud credentials.
**This is another important and urgent flaw in n8n. Update your n8n instances to the latest version ASAP and rotate all stored API keys and encryption secrets. Since these flaws allow full server takeover, you must assume any credentials stored in an unpatched instance are already compromised.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-sandbox-escapes-in-n8n-ai-platform-enable-full-server-takeover-h-k-y-o-v/gD2P6Ple2L
2026: New N8N RCE Deep Dive into CVE-2026-25049 https://blog.securelayer7.net/cve-2026-25049/
##‼️CVE-2026-25049: N8n AI Workflow Remote Code Execution
"This vulnerability allows an attacker to execute arbitrary system commands through misconfigured or insecure AI workflow execution paths. When chained correctly, it can lead to full server compromise depending on deployment configuration."
Video Credit: youtube.com/@SecureLayer7
##updated 2026-02-05T19:15:56.253000
1 posts
🔴 CVE-2026-25539 - Critical (9.1)
SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25539/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T18:05:46.980000
2 posts
🔴 CVE-2026-25237 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of preg_replace() with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the eval...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25237/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25237 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of preg_replace() with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the eval...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25237/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T17:56:13.807000
2 posts
🔴 CVE-2026-25240 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains() when role filters are provided as an array and interpolated into an IN (...) clause. Thi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25240/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25240 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains() when role filters are provided as an array and interpolated into an IN (...) clause. Thi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25240/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T16:15:50.200000
1 posts
🔴 CVE-2025-46651 - Critical (9.1)
Tiny File Manager through 2.6 contains a server-side request forgery (SSRF) vulnerability in the URL upload feature. Due to insufficient validation of user-supplied URLs, an attacker can send crafted requests to localhost by using http://www.127.0...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-46651/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T15:34:59
2 posts
1 repos
https://github.com/mbanyamer/CVE-2026-25546-godot-mcp-0.1.1-OS-Command-Injection
🟠 CVE-2026-25546 - High (7.8)
Godot MCP is a Model Context Protocol (MCP) server for interacting with the Godot game engine. Prior to version 0.1.1, a command injection vulnerability in godot-mcp allows remote code execution. The executeOperation function passed user-controlle...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25546/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25546 - High (7.8)
Godot MCP is a Model Context Protocol (MCP) server for interacting with the Godot game engine. Prior to version 0.1.1, a command injection vulnerability in godot-mcp allows remote code execution. The executeOperation function passed user-controlle...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25546/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T15:32:15
2 posts
🟠 CVE-2025-71031 - High (7.5)
Water-Melon Melon commit 9df9292 and below is vulnerable to Denial of Service. The HTTP component doesn't have any maximum length. As a result, an excessive request header could cause a denial of service by consuming RAM memory.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71031/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-71031 - High (7.5)
Water-Melon Melon commit 9df9292 and below is vulnerable to Denial of Service. The HTTP component doesn't have any maximum length. As a result, an excessive request header could cause a denial of service by consuming RAM memory.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71031/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T15:32:11
2 posts
🔴 CVE-2025-67188 - Critical (9.8)
A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The issue resides in the setRadvdCfg interface of the /lib/cste_modules/ipv6.so module. The function fails to properly validate the length of the user-controlled ra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67188/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-67188 - Critical (9.8)
A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The issue resides in the setRadvdCfg interface of the /lib/cste_modules/ipv6.so module. The function fails to properly validate the length of the user-controlled ra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67188/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T15:32:10
2 posts
🔴 CVE-2025-67189 - Critical (9.8)
A buffer overflow vulnerability exists in the setParentalRules interface of TOTOLINK A950RG V4.1.2cu.5204_B20210112. The urlKeyword parameter is not properly validated, and the function concatenates multiple user-controlled fields into a fixed-siz...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67189/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-67189 - Critical (9.8)
A buffer overflow vulnerability exists in the setParentalRules interface of TOTOLINK A950RG V4.1.2cu.5204_B20210112. The urlKeyword parameter is not properly validated, and the function concatenates multiple user-controlled fields into a fixed-siz...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67189/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T15:31:15
2 posts
🟠 CVE-2025-13379 - High (8.6)
IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13379/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-13379 - High (8.6)
IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13379/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T15:16:06.870000
4 posts
🟠 CVE-2025-61732 - High (8.6)
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61732/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-61732 - High (8.6)
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61732/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-61732 - High (8.6)
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61732/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-61732 - High (8.6)
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61732/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2026-22038 - High (8.1)
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.46, the AutoGPT platform's Stagehand integration blocks log API ke...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22038/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2026-25582 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow (read) vulnerability in CIccIO::WriteUInt16Float...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25582/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🔴 CVE-2025-13375 - Critical (9.8)
IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13375/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2026-24844 - High (7.9)
melange allows users to build apk packages using declarative pipelines. From version 0.3.0 to before 0.40.3, an attacker who can provide build input values, but not modify pipeline definitions, could execute arbitrary shell commands if the pipelin...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24844/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2026-25161 - High (8.8)
Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the application contains path traversal vulnerability in multiple file operation handlers. An authenticated attacker can bypass dire...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25161/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2026-25140 - High (7.5)
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, an attacker who controls or compromises an APK repository used by apko could cause resource exhaustion on the build host. The...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25140/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
2 posts
🟠 CVE-2026-20119 - High (7.5)
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20119/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20119 - High (7.5)
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20119/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T09:31:13
1 posts
🟠 CVE-2026-25614 - High (7.5)
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5680.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25614/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T06:32:26
1 posts
nginx-1.28.2 stable and nginx-1.29.5 mainline versions have been released, with a fix for the SSL upstream injection vulnerability (CVE-2026-1642).
http://nginx.org/#2026-02-04
#nginx #security
updated 2026-02-05T03:30:23
3 posts
I’ve published a technical analysis of CVE-2025-11730, a Remote Code Execution vulnerability affecting ZYXEL ATP/USG Series devices running firmware 5.41.
The issue is caused by improper input sanitization in the DDNS profile configuration.
A crafted public-ip-url value allows arbitrary command execution as root during DDNS updates.
Technical details and PoC:
https://rainpwn.blog/blog/cve-2025-11730/
Affected: ZYXEL ATP/USG Series (fw 5.41)
##CVE-2025-11730: Remote Code Execution via DDNS configuration in ZYXEL ATP/USG Series (V5.41) https://rainpwn.blog/blog/cve-2025-11730/
##CVE-2025-11730: Remote Code Execution via DDNS configuration in ZYXEL ATP/USG Series (V5.41) https://rainpwn.blog/blog/cve-2025-11730/
##updated 2026-02-05T03:30:23
1 posts
🟠 CVE-2025-10314 - High (8.8)
Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2 allows a local attacker to execute arbitrary code with system privileges by replacing service executable files (EXE) o...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-10314/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T00:35:16
1 posts
🔴 CVE-2026-25526 - Critical (9.8)
JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Prior to versions 2.7.6 and 2.8.3, JinJava is vulnerable to arbitrary Java execution via bypass through ForTag. This allows arbitrary Java ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25526/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T00:31:08
1 posts
🟠 CVE-2025-13192 - High (8.2)
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to generic SQL Injection via the multiple REST API endpoints in all versions up to, and including, 2.2.0 due ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13192/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:57:36
1 posts
🟠 CVE-2026-24735 - High (7.5)
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer.
This issue affects Apache Answer: through 1.7.1.
An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. Thi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24735/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:56:51
2 posts
🔴 CVE-2026-25160 - Critical (9.1)
Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the application disables TLS certificate verification by default for all outgoing storage driver communications, making the system v...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25160/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25160 - Critical (9.1)
Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the application disables TLS certificate verification by default for all outgoing storage driver communications, making the system v...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25160/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:56:46
1 posts
🔴 CVE-2026-25505 - Critical (9.8)
Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue ha...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25505/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:56:26
3 posts
Blip blop, I'm a #mastobot.
Here is a summary (in beta) of the latest posts in #technologyAtKukei https://masto.kukei.eu/browse/technology category:
- Agentic AI and multi-agent systems: OpenClaw, Moltbook, and Claude enabling autonomous planning and action.
- Moltbook security breach: exposure of 1.5M API keys and related risk.
- European AI sovereignty: Germany’s Munich KI Factory and the move toward sovereign, EU-led AI infrastructure.
- AI security and CVEs: OpenClaw CVE-2026-25157; [1/2]
🟠 CVE-2026-25157 - High (7.7)
OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25157/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25157 - High (7.7)
OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25157/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:56:11
3 posts
Melange CVE-2026-25143 and related patch/defense concerns.
- Google Gemini growth: Gemini app surpassing 750M monthly active users; Pixel 10a launch teased.
- Artemis II launch update: NASA targets March for Artemis II lunar mission, with new windows. [2/2]
🟠 CVE-2026-25143 - High (7.8)
melange allows users to build apk packages using declarative pipelines. From version 0.10.0 to before 0.40.3, an attacker who can influence inputs to the patch pipeline could execute arbitrary shell commands on the build host. The patch pipeline i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25143/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25143 - High (7.8)
melange allows users to build apk packages using declarative pipelines. From version 0.10.0 to before 0.40.3, an attacker who can influence inputs to the patch pipeline could execute arbitrary shell commands on the build host. The patch pipeline i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25143/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:55:46
1 posts
🟠 CVE-2026-25121 - High (7.5)
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25121/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:55:36
1 posts
🟠 CVE-2026-24884 - High (8.4)
Compressing is a compressing and uncompressing lib for node. In version 2.0.0 and 1.10.3 and prior, Compressing extracts TAR archives while restoring symbolic links without validating their targets. By embedding symlinks that resolve outside the i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24884/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:55:21
1 posts
🟠 CVE-2026-24843 - High (8.2)
melange allows users to build apk packages using declarative pipelines. In version 0.11.3 to before 0.40.3, an attacker who can influence the tar stream from a QEMU guest VM could write files outside the intended workspace directory on the host. T...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24843/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:55:12
1 posts
🟠 CVE-2026-23897 - High (7.5)
Apollo Server is an open-source, spec-compliant GraphQL server that's compatible with any GraphQL client, including Apollo Client. In versions from 2.0.0 to 3.13.0, 4.2.0 to before 4.13.0, and 5.0.0 to before 5.4.0, the default configuration of st...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23897/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:30:43
1 posts
🟠 CVE-2026-0536 - High (7.8)
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0536/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:30:32
1 posts
🟠 CVE-2025-69620 - High (7.5)
A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69620/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:30:32
1 posts
🟠 CVE-2025-59439 - High (7.5)
An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123. Incorrect handling of NAS Registration messages leads to a Denial of Service because of Improper ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-59439/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:30:32
1 posts
🟠 CVE-2025-69875 - High (7.8)
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into p...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69875/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:30:32
1 posts
🔴 CVE-2025-70841 - Critical (10)
Dokans Multi-Tenancy Based eCommerce Platform SaaS 3.9.2 allows unauthenticated remote attackers to obtain sensitive application configuration data via direct request to /script/.env file. The exposed file contains Laravel application encryption k...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70841/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:30:30
1 posts
🟠 CVE-2026-25027 - High (7.5)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Unicamp unicamp allows PHP Local File Inclusion.This issue affects Unicamp: from n/a through <= 2.7.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25027/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T20:05:49
1 posts
updated 2026-02-04T20:05:32
1 posts
updated 2026-02-04T20:04:50
3 posts
💡 CVE-2026-24512: la vulnerabilità di ingress-NGINX che minaccia i cluster Kubernetes
##🟠 CVE-2026-24512 - High (8.8)
A security issue was discovered in ingress-nginx cthe `rules.http.paths.path` Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24512/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-24512 #devopsish #kubernetes #cve https://github.com/kubernetes/kubernetes/issues/136678
##updated 2026-02-04T19:53:39
2 posts
🔴 CVE-2026-25052 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n hos...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25052/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25052 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n hos...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25052/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T19:53:06
1 posts
🔴 CVE-2025-64712 - Critical (9.8)
The unstructured library provides open-source components for ingesting and pre-processing images and text documents, such as PDFs, HTML, Word docs, and many more. Prior to version 0.18.18, a path traversal vulnerability in the partition_msg functi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-64712/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T19:53:01
1 posts
🟠 CVE-2025-61917 - High (7.7)
n8n is an open source workflow automation platform. From version 1.65.0 to before 1.114.3, the use of Buffer.allocUnsafe() and Buffer.allocUnsafeSlow() in the task runner allowed untrusted code to allocate uninitialized memory. Such uninitialized ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61917/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T19:42:05
2 posts
🔴 CVE-2026-25115 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25115/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25115 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25115/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T19:39:42
2 posts
🟠 CVE-2026-25056 - High (8.8)
n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerability in the Merge node's SQL Query mode allowed authenticated users with permission to create or modify workflows to write arbitrary files to the n...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25056/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25056 - High (8.8)
n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerability in the Merge node's SQL Query mode allowed authenticated users with permission to create or modify workflows to write arbitrary files to the n...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25056/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T19:34:42
2 posts
🔴 CVE-2025-69970 - Critical (9.3)
FUXA v1.2.7 contains an insecure default configuration vulnerability in server/settings.default.js. The 'secureEnabled' flag is commented out by default, causing the application to initialize with authentication disabled. This allows unauthenticat...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69970/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-69970 - Critical (9.3)
FUXA v1.2.7 contains an insecure default configuration vulnerability in server/settings.default.js. The 'secureEnabled' flag is commented out by default, causing the application to initialize with authentication disabled. This allows unauthenticat...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69970/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:38:16
2 posts
🔴 CVE-2026-25053 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25053/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25053 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25053/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:31:37
1 posts
🔴 CVE-2025-67187 - Critical (9.8)
A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The flaw exists in the setIpQosRules interface of /lib/cste_modules/firewall.so where the comment parameter is not properly validated for length.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67187/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:31:36
1 posts
🟠 CVE-2025-60865 - High (7.8)
Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174 allows a local attacker to escalate privileges via the Driver Updater Service windows component.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-60865/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:31:36
1 posts
1 repos
🔴 CVE-2025-57529 - Critical (9.8)
YouDataSum CPAS Audit Management System <=v4.9 is vulnerable to SQL Injection in /cpasList/findArchiveReportByDah due to insufficient input validation. This allows remote unauthenticated attackers to execute arbitrary SQL commands via crafted i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-57529/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:31:36
1 posts
🟠 CVE-2025-66374 - High (7.8)
CyberArk Endpoint Privilege Manager Agent through 25.10.0 allows a local user to achieve privilege escalation through policy elevation of an Administration task.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-66374/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:53
2 posts
🟠 CVE-2026-20098 - High (8.8)
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system.
This vu...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20098/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20098 - High (8.8)
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system.
This vu...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20098/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:51
1 posts
🟠 CVE-2026-0660 - High (7.8)
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0660/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:51
1 posts
🟠 CVE-2026-0659 - High (7.8)
A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the cur...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0659/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:51
1 posts
🟠 CVE-2026-0662 - High (7.8)
A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current process due to an Untrusted Search Path being utilized.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0662/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:50
2 posts
🟠 CVE-2026-0537 - High (7.8)
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0537/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-0537 - High (7.8)
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0537/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:39
1 posts
🔴 CVE-2025-59818 - Critical (10)
This vulnerability allows authenticated attackers to execute arbitrary commands on the underlying system using the file name of an uploaded file.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-59818/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:31
1 posts
1 repos
🔴 CVE-2025-61506 - Critical (9.8)
An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61506/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:31
1 posts
🔴 CVE-2025-63624 - Critical (9.8)
SQL Injection vulnerability in Shandong Kede Electronics Co., Ltd IoT smart water meter monitoring platform v.1.0 allows a remote attacker to execute arbitrary code via the imei_list.aspx file.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-63624/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:31
1 posts
🟠 CVE-2025-63372 - High (7.5)
Articentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing component, specifically in the functionality responsible for extracting and handling ZIP archive contents.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-63372/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:31
1 posts
🟠 CVE-2025-65875 - High (8.8)
An arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-65875/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:00:49.260000
3 posts
1 repos
https://github.com/mcorybillington/CVE-2025-64328_FreePBX-framework-Command-Injection
‼️ CISA has added 4 vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2025-40551: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability
CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability
CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability
##CISA has updated the KEV catalogue.
- CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability https://www.cve.org/CVERecord?id=CVE-2019-19006
- CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-64328
- CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability https://www.cve.org/CVERecord?id=CVE-2021-39935 #CISA #infosec #GitLab #vulnerability
##CVE ID: CVE-2025-64328
Vendor: Sangoma
Product: FreePBX
Date Added: 2026-02-03
Notes: https://github.com/FreePBX/security-reporting/security/advisories/GHSA-vm9p-46mv-5xvw ; https://nvd.nist.gov/vuln/detail/CVE-2025-64328
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-64328
updated 2026-02-04T17:46:00
2 posts
🔴 CVE-2026-25510 - Critical (9.9)
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote Code Exe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25510/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25510 - Critical (9.9)
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote Code Exe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25510/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T17:45:45
1 posts
🔴 CVE-2026-25150 - Critical (9.3)
Qwik is a performance focused javascript framework. Prior to version 1.19.0, a prototype pollution vulnerability exists in the formToObj() function within @builder.io/qwik-city middleware. The function processes form field names with dot notation ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25150/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T17:16:10.007000
1 posts
🔴 CVE-2025-67186 - Critical (9.8)
TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability in the setUrlFilterRules interface of /lib/cste_modules/firewall.so. The vulnerability occurs because the `url` parameter is not properly validated for length, allowi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67186/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T17:09:58.100000
1 posts
🟠 CVE-2025-14550 - High (7.5)
An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28.
`ASGIRequest` allows a remote attacker to cause a potential denial-of-service via a crafted request with multiple duplicate headers.
Earlier, unsupported Django...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14550/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:34:21.763000
1 posts
🟠 CVE-2025-70560 - High (8.4)
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickl...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70560/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
3 posts
Blip blop, I'm a #mastobot.
Here is a summary (in beta) of the latest posts in #programmingAtKukei https://masto.kukei.eu/browse/programming category:
- Xcode 26.3 adds agentic coding with Claude/Codex via MCP in the IDE
- AI agents security: OpenClaw and Moltbot/MCP ecosystems risk; need guardrails
- GnuPG/Gpg4win vulnerabilities enabling code execution and DoS (WID-SEC-2026-0231)
- Ingress-Nginx auth-url bypass vulnerability CVE-2026-1580 (Kubernetes)
- ZetaSQL renamed to GoogleSQL for public [1/2]
🟠 CVE-2026-1580 - High (8.8)
A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-method` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1580/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-1580 #devopsish #kubernetes #cve https://github.com/kubernetes/kubernetes/issues/136677
##updated 2026-02-04T16:33:44.537000
3 posts
CVE-2026-1633 Missing Authentication for Critical Function (CWE-306) https://feedly.com/cve/CVE-2026-1633
##Critical Authentication Bypass in End-of-Life Synectix LAN 232 TRIO Adapters
Synectix LAN 232 TRIO adapters contain a critical vulnerability (CVE-2026-1633) that allows unauthenticated remote attackers to take full control of the device. Because the manufacturer is out of business, no patches will be released.
**If you use these Synectix adapters, isolate them from the internet immediately because they have no password protection and will never be patched. Since the company is out of business, plan a replacement of the devices.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-end-of-life-synectix-lan-232-trio-adapters-j-r-d-l-z/gD2P6Ple2L
🔴 CVE-2026-1633 - Critical (10)
The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes its web management interface without requiring authentication, allowing unauthenticated users to modify critical device settings or factory reset the device.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1633/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
1 posts
🟠 CVE-2025-15368 - High (8.8)
The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'template_name' attribute. This makes it possible for authenticated attackers, with contributor-level and above ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15368/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
1 posts
🟠 CVE-2026-1756 - High (8.8)
The WP FOFT Loader plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'WP_FOFT_Loader_Mimes::file_and_ext' function in all versions up to, and including, 2.1.39. This makes it possible for aut...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1756/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
1 posts
🟠 CVE-2026-1861 - High (8.8)
Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1861/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
2 posts
🟠 CVE-2026-25223 - High (7.5)
Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.2, a validation bypass vulnerability exists in Fastify where request body validation schemas specified by Content-Type can be completely circumvented. By appending...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25223/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25223 - High (7.5)
Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.2, a validation bypass vulnerability exists in Fastify where request body validation schemas specified by Content-Type can be completely circumvented. By appending...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25223/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
1 posts
🟠 CVE-2026-24149 - High (7.8)
NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privilege...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24149/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
2 posts
🟠 CVE-2026-24669 - High (7.8)
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, an insecure password reset mechanism allows local attackers to reuse a valid password reset token after it has already been use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24669/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24669 - High (7.8)
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, an insecure password reset mechanism allows local attackers to reuse a valid password reset token after it has already been use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24669/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T15:30:29
1 posts
1 repos
🔴 CVE-2025-5329 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Martcode Software Inc. Delta Course Automation allows SQL Injection.This issue affects Delta Course Automation: through 04022026.
NOTE: The vend...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-5329/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T12:32:27
1 posts
updated 2026-02-04T09:30:36
1 posts
🟠 CVE-2025-15285 - High (7.5)
The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication() and checkCategoryAuthentication() functions in all versions up to, and including,...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15285/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T09:30:36
1 posts
🟠 CVE-2025-15268 - High (7.5)
The Infility Global plugin for WordPress is vulnerable to unauthenticated SQL Injection via the 'infility_get_data' API action in all versions up to, and including, 2.14.46. This is due to insufficient escaping on the user supplied parameter and l...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15268/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T09:30:35
1 posts
🟠 CVE-2026-1819 - High (8.8)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Karel Electronics Industry and Trade Inc. ViPort allows Stored XSS.This issue affects ViPort: through 23012026.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1819/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T00:30:41
2 posts
Critical Authentication Bypass Reported in RISS SRL MOMA Seismic Stations
RISS SRL MOMA Seismic Station versions <=v2.4.2520 contain a critical vulnerability (CVE-2026-1632) that allows unauthenticated attackers to take full control of the device via its web interface.
**If you use MOMA Seismic Station seismic stations, isolate them off the public internet immediately and put them behind a firewall or VPN. Since the vendor hasn't responded with a patch, your only real defense is strict network isolation. And consider if it's feasible to replace these devices, especially if they are networked or connected to public systems.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-riss-srl-moma-seismic-stations-exposes-infrastructure-5-4-4-r-f/gD2P6Ple2L
🔴 CVE-2026-1632 - Critical (9.1)
MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1632/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T00:30:40
1 posts
Critical Authentication Bypass in Avation Light Engine Pro Allows Full Device Takeover
Avation Light Engine Pro contains a critical vulnerability (CVE-2026-1341) that allows unauthenticated remote attackers to take full control of the device due to a complete lack of authentication.
**Isolate your Avation Light Engine Pro from the internet and make them accessible only from trusted networks. There is no patch, and the vendor is unresponsive. Use a VPN and firewalls to ensure only authorized internal staff can reach the control interface, and start planning for a replacement.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-avation-light-engine-pro-allows-full-device-takeover-r-o-s-n-n/gD2P6Ple2L
updated 2026-02-04T00:30:28
1 posts
🟠 CVE-2026-1862 - High (8.8)
Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1862/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T21:31:59
1 posts
1 repos
https://github.com/onurcangnc/CVE-2025-10878-AdminPandov1.0.1-SQLi
🔴 CVE-2025-10878 - Critical (10)
A SQL injection vulnerability exists in the login functionality of Fikir Odalari AdminPando 1.0.1 before 2026-01-26. The username and password parameters are vulnerable to SQL injection, allowing unauthenticated attackers to bypass authentication ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-10878/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T21:31:58
2 posts
🟠 CVE-2026-1803 - High (8.1)
A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear SSH Service. This manipulation causes use of default credentials. Remote exploitation of the attack is possible. The complexity...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1803/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-1803 - High (8.1)
A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear SSH Service. This manipulation causes use of default credentials. Remote exploitation of the attack is possible. The complexity...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1803/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T21:31:51
1 posts
🟠 CVE-2026-24954 - High (8.8)
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Object Injection.This issue affects WpEvently: from n/a through <= 5.0.8.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24954/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T21:31:50
10 posts
Here's a summary of the latest important global, technology, and cybersecurity news from the last 24 hours:
**Global:** The US and Russia's New START treaty expired February 5, raising nuclear stability concerns. Israeli airstrikes killed at least 21 Palestinians in Gaza on February 4.
**Technology:** Intel launched new AI chips to challenge Nvidia, and Microsoft/Apple expanded AI tools. SpaceX acquired xAI to advance orbital data centers on February 5. AI is now central to business, drawing half of global startup funding.
**Cybersecurity:** A ransomware group allegedly hit a US airport on February 4. CISA added an actively exploited SolarWinds RCE vulnerability (CVE-2025-40551) to its KEV catalog. Gartner outlined top 2026 cyber trends, including Agentic AI oversight and post-quantum computing.
##The vulnerability under attack, CVE-2025-40551, is an untrusted deserialization flaw that can lead to remote code execution, allowing a remote, unauthenticated attacker to execute OS commands on the affected system. https://www.theregister.com/2026/02/04/critical_solarwinds_web_help_desk/
##Here's a summary of the latest important global, technology, and cybersecurity news from the last 24 hours:
**Global:** The US and Russia's New START treaty expired February 5, raising nuclear stability concerns. Israeli airstrikes killed at least 21 Palestinians in Gaza on February 4.
**Technology:** Intel launched new AI chips to challenge Nvidia, and Microsoft/Apple expanded AI tools. SpaceX acquired xAI to advance orbital data centers on February 5. AI is now central to business, drawing half of global startup funding.
**Cybersecurity:** A ransomware group allegedly hit a US airport on February 4. CISA added an actively exploited SolarWinds RCE vulnerability (CVE-2025-40551) to its KEV catalog. Gartner outlined top 2026 cyber trends, including Agentic AI oversight and post-quantum computing.
##The vulnerability under attack, CVE-2025-40551, is an untrusted deserialization flaw that can lead to remote code execution, allowing a remote, unauthenticated attacker to execute OS commands on the affected system. https://www.theregister.com/2026/02/04/critical_solarwinds_web_help_desk/
##Looks like CISA added SolarWinds to the KEV catalogue yesterday:
Critical: CVE-2025-40551: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability #infosec #CISA #SolarWinds #vulnerability
##CISA Mandates Immediate Patching for Actively Exploited SolarWinds Web Help Desk RCE Flaw
CISA reports active exploitation of a critical flaw in SolarWinds Web Help Desk software (CVE-2025-40551). CISA has mandated that federal agencies apply the update within three days.
**If you are using Web Help Desk, this is urgent and important. Your Solar Web Help Desk is under attack. If your process allows for it, isolate Web Help Desk from the internet, then plan a quick update. If you can't isolate from the internet, patch now!**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-mandates-immediate-patching-for-actively-exploited-solarwinds-web-help-desk-rce-flaw-q-e-8-a-2/gD2P6Ple2L
CISA has added CVE-2025-40551, a critical SolarWinds Web Help Desk deserialization vulnerability, to the KEV catalog after confirming active exploitation.
The flaw enables unauthenticated remote code execution and has already been patched, though exploitation details remain undisclosed. Additional KEV inclusions span Sangoma FreePBX and GitLab, reflecting continued abuse of both enterprise and open-source platforms.
This reinforces the importance of KEV-driven prioritization and continuous monitoring beyond initial disclosure.
Source: https://thehackernews.com/2026/02/cisa-adds-actively-exploited-solarwinds.html
Community insight welcome.
Follow TechNadu for ongoing vulnerability and threat intelligence updates.
#Infosec #KEV #CISA #VulnerabilityResearch #SolarWinds #ThreatLandscape #CyberDefense
##CISA orders federal agencies to patch exploited SolarWinds bug by Friday
CVE-2025-40551 carries a critical severity score of 9.8 out of 10 and impacts SolarWinds Web Help Desk (WHD) — an IT service management platform...
🔗️ [Therecord] https://link.is.it/Ir7OlU
##‼️ CISA has added 4 vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2025-40551: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability
CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability
CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability
##CVE ID: CVE-2025-40551
Vendor: SolarWinds
Product: Web Help Desk
Date Added: 2026-02-03
Notes: https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40551 ; https://nvd.nist.gov/vuln/detail/CVE-2025-40551
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-40551
updated 2026-02-03T19:32:57
2 posts
Django SQL Injection in RasterField lookup (CVE-2026-1207) https://vulnerabletarget.com/VT-2026-1207
##Django SQL Injection in RasterField lookup (CVE-2026-1207) https://vulnerabletarget.com/VT-2026-1207
##updated 2026-02-03T19:31:19
1 posts
🟠 CVE-2026-1285 - High (7.5)
An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28.
`django.utils.text.Truncator.chars()` and `Truncator.words()` methods (with `html=True`) and the `truncatechars_html` and `truncatewords_html` template filters ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1285/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T19:15:23
1 posts
🟠 CVE-2025-67853 - High (7.5)
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67853/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T18:30:53
1 posts
🔴 CVE-2026-1568 - Critical (9.6)
Rapid7 InsightVM versions before 8.34.0 contain a signature verification issue on the Assertion Consumer Service (ACS) cloud endpoint that could allow an attacker to gain unauthorized access to InsightVM accounts setup
via "Security Console" ins...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1568/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T18:30:29
3 posts
‼️ CISA has added 4 vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2025-40551: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability
CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability
CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability
##CISA has updated the KEV catalogue.
- CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability https://www.cve.org/CVERecord?id=CVE-2019-19006
- CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-64328
- CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability https://www.cve.org/CVERecord?id=CVE-2021-39935 #CISA #infosec #GitLab #vulnerability
##CVE ID: CVE-2021-39935
Vendor: GitLab
Product: Community and Enterprise Editions
Date Added: 2026-02-03
Notes: https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/ ; https://nvd.nist.gov/vuln/detail/CVE-2021-39935
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2021-39935
updated 2026-02-03T18:30:27
3 posts
‼️ CISA has added 4 vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2025-40551: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability
CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability
CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability
##CISA has updated the KEV catalogue.
- CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability https://www.cve.org/CVERecord?id=CVE-2019-19006
- CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-64328
- CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability https://www.cve.org/CVERecord?id=CVE-2021-39935 #CISA #infosec #GitLab #vulnerability
##CVE ID: CVE-2019-19006
Vendor: Sangoma
Product: FreePBX
Date Added: 2026-02-03
Notes: https://wiki.freepbx.org/display/FOP/2019-11-20%2BRemote%2BAdmin%2BAuthentication%2BBypass ; https://nvd.nist.gov/vuln/detail/CVE-2019-19006
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2019-19006
updated 2026-02-03T16:44:36.630000
1 posts
3 repos
https://github.com/adibirzu/openclaw-security-monitor
OpenClaw – CVE-2026-25253 : un lien malveillant suffit à exécuter du code à distance en 1-clic https://www.it-connect.fr/openclaw-cve-2026-25253-un-lien-malveillant-suffit-a-executer-du-code-a-distance-en-1-clic/ #ActuCybersécurité #Cybersécurité #IA
##updated 2026-02-03T16:44:03.343000
1 posts
🟠 CVE-2025-6397 - High (8.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS.This issue affects Website Software: through 03022026.
NOTE: The ve...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-6397/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
1 posts
🟠 CVE-2025-67848 - High (8.1)
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI authentication handlers failing to enforce the us...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67848/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T15:30:38
1 posts
🟠 CVE-2026-25022 - High (8.5)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Blind SQL Injection.This issue affects KiviCare: from n/a through <= 3.6.16.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25022/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T15:30:33
1 posts
1 repos
🔴 CVE-2025-5319 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Emit Information and Communication Technologies Industry and Trade Ltd. Co. Efficiency Management System allows SQL Injection.This issue affects ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-5319/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T15:30:33
1 posts
🟠 CVE-2025-7760 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ofisimo Web-Based Software Technologies Association Web Package Flora allows XSS Through HTTP Headers.This issue affects Association Web P...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-7760/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T09:30:34
1 posts
🟠 CVE-2025-8461 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Seres Software syWEB allows Reflected XSS.This issue affects syWEB: through 03022026.
NOTE: The vendor was contacted early about this d...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8461/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T13:28:18.610000
6 posts
This Ivanti Endpoint Manager Mobile (IPMM) security advisory seems to fit the timeline of the incident: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
##📢 Ivanti EPMM : deux RCE pré-auth (CVE-2026-1281/1340) activement exploitées — analyse watchTowr
📝 Source: watchTowr Labs publie une analyse technique de...
📖 cyberveille : https://cyberveille.ch/posts/2026-02-05-ivanti-epmm-deux-rce-pre-auth-cve-2026-1281-1340-activement-exploitees-analyse-watchtowr/
🌐 source : https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/
#Apache_RewriteMap #Bash #Cyberveille
📢 NCSC NL alerte: exploitation active de la zero‑day Ivanti EPMM (CVE‑2026‑1281), assume‑breach requis
📝 Selon le NCSC (Pays-Bas), une mise à jour de son av...
📖 cyberveille : https://cyberveille.ch/posts/2026-02-05-ncsc-nl-alerte-exploitation-active-de-la-zero-day-ivanti-epmm-cve-2026-1281-assume-breach-requis/
🌐 source : https://www.ncsc.nl/waarschuwing/ncsc-roept-organisaties-op-zich-te-melden-bij-gebruik-van-ivanti-endpoint-manager
#CVE_2026_1281 #Ivanti_EPMM #Cyberveille
This Ivanti Endpoint Manager Mobile (IPMM) security advisory seems to fit the timeline of the incident: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
##📢 NCSC NL alerte: exploitation active de la zero‑day Ivanti EPMM (CVE‑2026‑1281), assume‑breach requis
📝 Selon le NCSC (Pays-Bas), une mise à jour de son av...
📖 cyberveille : https://cyberveille.ch/posts/2026-02-05-ncsc-nl-alerte-exploitation-active-de-la-zero-day-ivanti-epmm-cve-2026-1281-assume-breach-requis/
🌐 source : https://www.ncsc.nl/waarschuwing/ncsc-roept-organisaties-op-zich-te-melden-bij-gebruik-van-ivanti-endpoint-manager
#CVE_2026_1281 #Ivanti_EPMM #Cyberveille
Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 and CVE-2026-1340) https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/
##updated 2026-01-30T00:31:28
4 posts
This Ivanti Endpoint Manager Mobile (IPMM) security advisory seems to fit the timeline of the incident: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
##📢 Ivanti EPMM : deux RCE pré-auth (CVE-2026-1281/1340) activement exploitées — analyse watchTowr
📝 Source: watchTowr Labs publie une analyse technique de...
📖 cyberveille : https://cyberveille.ch/posts/2026-02-05-ivanti-epmm-deux-rce-pre-auth-cve-2026-1281-1340-activement-exploitees-analyse-watchtowr/
🌐 source : https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/
#Apache_RewriteMap #Bash #Cyberveille
This Ivanti Endpoint Manager Mobile (IPMM) security advisory seems to fit the timeline of the incident: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
##Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 and CVE-2026-1340) https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/
##updated 2026-01-29T21:30:27
3 posts
62 repos
https://github.com/Parad0x7e/CVE-2026-24061
https://github.com/SeptembersEND/CVE--2026-24061
https://github.com/0xXyc/telnet-inetutils-auth-bypass-CVE-2026-24061
https://github.com/obrunolima1910/CVE-2026-24061
https://github.com/z3n70/CVE-2026-24061
https://github.com/DeadlyHollows/CVE-2026-24061-setup
https://github.com/Alter-N0X/CVE-2026-24061-POC
https://github.com/SafeBreach-Labs/CVE-2026-24061
https://github.com/m3ngx1ng/cve_2026_24061_cli
https://github.com/ms0x08-dev/CVE-2026-24061-POC
https://github.com/TryA9ain/CVE-2026-24061
https://github.com/canpilayda/inetutils-telnetd-cve-2026-24061
https://github.com/cumakurt/tscan
https://github.com/FurkanKAYAPINAR/CVE-2026-24061-telnet2root
https://github.com/hackingyseguridad/root
https://github.com/leonjza/inetutils-telnetd-auth-bypass
https://github.com/SystemVll/CVE-2026-24061
https://github.com/Mefhika120/Ashwesker-CVE-2026-24061
https://github.com/0x7556/CVE-2026-24061
https://github.com/hilwa24/CVE-2026-24061
https://github.com/punitdarji/telnetd-cve-2026-24061
https://github.com/monstertsl/CVE-2026-24061
https://github.com/r00tuser111/CVE-2026-24061
https://github.com/Chocapikk/CVE-2026-24061
https://github.com/franckferman/CVE_2026_24061_PoC
https://github.com/XsanFlip/CVE-2026-24061-Scanner
https://github.com/MY0723/GNU-Inetutils-telnet-CVE-2026-24061-
https://github.com/scumfrog/cve-2026-24061
https://github.com/buzz075/CVE-2026-24061
https://github.com/ibrahmsql/CVE-2026-24061-PoC
https://github.com/xuemian168/CVE-2026-24061
https://github.com/lavabyte/telnet-CVE-2026-24061
https://github.com/obrunolima1910/obrunolima1910.github.io
https://github.com/typeconfused/CVE-2026-24061
https://github.com/midox008/CVE-2026-24061
https://github.com/JayGLXR/CVE-2026-24061-POC
https://github.com/nrnw/CVE-2026-24061-GNU-inetutils-Telnet-Detector
https://github.com/Mr-Zapi/CVE-2026-24061
https://github.com/Gabs-hub/CVE-2026-24061_Lab
https://github.com/Moxxic1/Tell-Me-Root
https://github.com/Ali-brarou/telnest
https://github.com/dotelpenguin/telnetd_CVE-2026-24061_tester
https://github.com/BrainBob/Telnet-TestVuln-CVE-2026-24061
https://github.com/novitahk/Exploit-CVE-2026-24061
https://github.com/androidteacher/CVE-2026-24061-PoC-Telnetd
https://github.com/X-croot/CVE-2026-24061_POC
https://github.com/BrainBob/CVE-2026-24061
https://github.com/Moxxic1/moxxic1.github.io
https://github.com/parameciumzhang/Tell-Me-Root
https://github.com/Good123321-bot/CVE-2026-24061-POC
https://github.com/Lingzesec/CVE-2026-24061-GUI
https://github.com/balgan/CVE-2026-24061
https://github.com/Good123321-bot/good123321-bot.github.io
https://github.com/killsystema/scan-cve-2026-24061
https://github.com/cyberpoul/CVE-2026-24061-POC
https://github.com/madfxr/Twenty-Three-Scanner
https://github.com/h3athen/CVE-2026-24061
https://github.com/yanxinwu946/CVE-2026-24061--telnetd
https://github.com/infat0x/CVE-2026-24061
https://github.com/ridpath/Terrminus-CVE-2026-2406
Here are the release notes from Synology, the CVE and some lay reporting on just how incredibly bad this bug is and how long it has lingered providing backdoor root level access to a really long list of devices running Telnet. So many routing/networking devices have Telnet access at least as an option which can be enabled to this day, despite this being an absolutely terrible idea.
https://www.synology.com/en-us/releaseNote/DSM?model=DS1821%2B#ver_86009-1
##Here are the release notes from Synology, the CVE and some lay reporting on just how incredibly bad this bug is and how long it has lingered providing backdoor root level access to a really long list of devices running Telnet. So many routing/networking devices have Telnet access at least as an option which can be enabled to this day, despite this being an absolutely terrible idea.
https://www.synology.com/en-us/releaseNote/DSM?model=DS1821%2B#ver_86009-1
##🚨 Active exploitation confirmed: CVE-2026-24061.
This isn't just theoretical, it's a massive exposure. With nearly 800,000 Telnet instances exposed globally across legacy IoT and outdated servers, the risk of a root-level compromise is real and immediate.
We have updated Pentest-Tools.com to help you validate your exposure:
📡 Network Scanner - detects exposed Telnet services across your internal and external perimeters, identifying potentially vulnerable GNU Inetutils daemons.
🎯 Sniper Auto-Exploiter - safely executes a proof-of-concept to confirm if the authentication bypass is actually exploitable on your systems, providing the evidence needed to prioritize an immediate fix.
⚠️ Crucial detail: This critical vulnerability exists because telnetd fails to sanitize the USER environment variable. An attacker can simply supply -f root to bypass the login prompt entirely and gain instant, unauthenticated root shell access.
Attacks are happening in real-time. Validate your risk before it becomes a root-level compromise.
#offensivesecurity #ethicalhacking #infosec #cybersecurity
Check out more details about this critical vulnerability: https://pentest-tools.com/vulnerabilities-exploits/telnet-inetutils-authentication-bypass_28759
Detect with Network Scanner: https://pentest-tools.com/network-vulnerability-scanning/network-security-scanner-online
Validate with Sniper Auto-Exploiter: https://pentest-tools.com/exploit-helpers/sniper
##updated 2026-01-26T21:31:39
15 posts
8 repos
https://github.com/SimoesCTT/SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-
https://github.com/kimstars/Ashwesker-CVE-2026-21509
https://github.com/SimoesCTT/CTT-NFS-Vortex-RCE
https://github.com/SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509
https://github.com/kaizensecurity/CVE-2026-21509
https://github.com/ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation
Russian APT28 Launches Swift Cyberattack on European Maritime and Transport Sectors
In a chilling display of cyber aggression, the notorious Russian-linked hacking group APT28 has launched a concentrated 72-hour attack targeting Europe’s maritime and transport infrastructure. Exploiting the recently disclosed Microsoft Office vulnerability CVE-2026-21509, the campaign leveraged sophisticated malware payloads including MiniDoor, PixyNetLoader, and the Covenant backdoor,…
##How can we detect malicious documents exploiting CVE-2026-21509, the recent 0-day vulnerability in MS Office ?
=> I designed a YARA rule for this, which detects all the malicious files that have been reported.
I also improved oletools to analyze those files and see the suspicious URLs.
You can find the YARA rule and all the explanations about that vulnerability on my website https://decalage.info/CVE-2026-21509/
⚪ APT28 group exploits new vulnerability in Microsoft Office
🗨️ Just three days after Microsoft released an out-of-band patch for Office, the APT28 group began exploiting the CVE-2026-21509 vulnerability in attacks against Ukrainian and European organizations.
##Fancy Bear Strikes Fast: How APT28 Exploited CVE-2026-21509 in a Sophisticated European Espionage Campaign
In early 2026, European governments and strategic organizations found themselves targeted by one of the most aggressive cyber-espionage operations of the year. Russian state-sponsored group APT28, also known as Fancy Bear, leveraged a newly disclosed Office vulnerability, CVE-2026-21509, to launch a lightning-fast attack. Within just 24 hours of the flaw’s…
##How can we detect malicious documents exploiting CVE-2026-21509, the recent 0-day vulnerability in MS Office ?
=> I designed a YARA rule for this, which detects all the malicious files that have been reported.
I also improved oletools to analyze those files and see the suspicious URLs.
You can find the YARA rule and all the explanations about that vulnerability on my website https://decalage.info/CVE-2026-21509/
⚪ APT28 group exploits new vulnerability in Microsoft Office
🗨️ Just three days after Microsoft released an out-of-band patch for Office, the APT28 group began exploiting the CVE-2026-21509 vulnerability in attacks against Ukrainian and European organizations.
##APT28’s Stealthy Multi-Stage Campaign Leveraging CVE‑2026‑21509 and Cloud C2 Infrastructure
Attack exploited a 1-day vuln within 24 hours of the patch release
https://www.trellix.com/blogs/research/apt28-stealthy-campaign-leveraging-cve-2026-21509-cloud-c2/
New. You'd think it's Tuesday, based on today's prolific output.
Picus: CVE-2026-21509: APT28 Exploits Microsoft Office Zero-day Vulnerability https://www.picussecurity.com/resource/blog/cve-2026-21509-apt28-exploits-microsoft-office-zero-day-vulnerability
Securonix: Analyzing Dead#Vax: Analyzing Multi-Stage VHD Delivery and Self-Parsing Batch Scripts to Deploy In-Memory Shellcode https://www.securonix.com/blog/deadvax-threat-research-security-advisory/
Silent Push Identifies More Than 10,000 Infected IPs as Part of SystemBC Botnet Malware Family https://www.silentpush.com/blog/systembc/
Sophos: Malicious use of virtual machine infrastructure https://www.sophos.com/en-us/blog/malicious-use-of-virtual-machine-infrastructure @sophos
Tenable: LookOut: Discovering RCE and Internal Access on Looker (Google Cloud & On-Prem) https://www.tenable.com/blog/google-looker-vulnerabilities-rce-internal-access-lookout @tenable #infosec #Google #Microsoft #threatresearch #zeroday #vulnerability #malware #botnet
##Robin Dost details how APT28 uses CVE-2026-21509 in practice, relying on crafted RTF files that trigger OLE parsing without macros. The blog post walks through efficient IOC extraction from weaponised documents. https://blog.synapticsystems.de/apt28-geofencing-as-a-targeting-signal-cve-2026-21509/
##This is from yesterday.
Zscaler: APT28 Leverages CVE-2026-21509 in Operation Neusploit https://www.zscaler.com/blogs/security-research/apt28-leverages-cve-2026-21509-operation-neusploit #infosec #vulnerability #threatresearch
##Russian state hackers exploit new Microsoft Office flaw in attacks on Ukraine, EU
Ukraine’s computer emergency response team, CERT-UA, said attackers began abusing the flaw — tracked as CVE-2026-21509 — shortly after Microsoft...
🔗️ [Therecord] https://link.is.it/ZQMXsZ
##RE: https://mastodon.social/@campuscodi/116006284031729445
More on this campaign from Zscaler: https://www.zscaler.com/blogs/security-research/apt28-leverages-cve-2026-21509-operation-neusploit
Other targets also include Romania and Slovakia
##Latest News (Feb 2-3, 2026):
Global: India and the US have finalized a trade deal. Pakistani forces killed 145 militants in Balochistan after coordinated attacks.
Tech: SpaceX merged with xAI, announcing plans for space-based AI data centers. Oracle plans a $50B expansion for AI cloud infrastructure.
Cybersecurity: A Russian hacker alliance, "Russian Legion," threatens a major cyberattack on Denmark. Russia-linked APT28 exploits a new Microsoft Office flaw (CVE-2026-21509) in attacks across Ukraine and the EU.
##Zscaler ThreatLabz reports on Operation Neusploit, a January 2026 campaign targeting Central and Eastern Europe. Weaponised Microsoft RTF files exploit CVE-2026-21509 to deliver multi-stage backdoors. The campaign is attributed to APT28 with high confidence. https://www.zscaler.com/blogs/security-research/apt28-leverages-cve-2026-21509-operation-neusploit
##updated 2026-01-20T15:31:21
1 posts
updated 2026-01-09T16:53:16
1 posts
30 repos
https://github.com/GnuTLam/POC-CVE-2025-68613
https://github.com/Ak-cybe/CVE-2025-68613-n8n-rce-analysis
https://github.com/J4ck3LSyN-Gen2/n8n-CVE-2025-68613-TryHackMe
https://github.com/manyaigdtuw/CVE-2025-68613_Scanner
https://github.com/TheInterception/n8n_CVE-2025-68613_exploit_payloads
https://github.com/r4j3sh-com/CVE-2025-68613-n8n-lab
https://github.com/secjoker/CVE-2025-68613
https://github.com/sahilccras/Blackash-CVE-2025-68613
https://github.com/Rishi-kaul/n8n-CVE-2025-68613
https://github.com/AbdulRKB/n8n-RCE
https://github.com/ahmedshamsddin/n8n-RCE-CVE-2025-68613
https://github.com/intbjw/CVE-2025-68613-poc-via-copilot
https://github.com/JohannesLks/CVE-2025-68613-Python-Exploit
https://github.com/intelligent-ears/CVE-2025-68613
https://github.com/reem-012/poc_CVE-2025-68613
https://github.com/cv-sai-kamesh/n8n-CVE-2025-68613
https://github.com/Dlanang/homelab-CVE-2025-68613
https://github.com/ali-py3/Exploit-CVE-2025-68613
https://github.com/nehkark/CVE-2025-68613
https://github.com/releaseown/analysis-and-poc-n8n-CVE-2025-68613
https://github.com/rxerium/CVE-2025-68613
https://github.com/Khin-96/n8n-cve-2025-68613-thm
https://github.com/Victorhugofariasvieir66/relatorio-n8n.md
https://github.com/wioui/n8n-CVE-2025-68613-exploit
https://github.com/hackersatyamrastogi/n8n-exploit-CVE-2025-68613-n8n-God-Mode-Ultimate
https://github.com/shibaaa204/CVE-2025-68613
https://github.com/TheStingR/CVE-2025-68613-POC
https://github.com/gagaltotal/n8n-cve-2025-68613
https://github.com/LingerANR/n8n-CVE-2025-68613
https://github.com/mbanyamer/n8n-Authenticated-Expression-Injection-RCE-CVE-2025-68613
Critical RCE Alert: n8n Workflow Automation Hit by Severe Vulnerability Allowing System Takeover
The popular workflow automation platform n8n has been rocked by a critical security flaw that could let attackers execute arbitrary system commands on affected servers. Tracked as CVE-2026-25049 with a high CVSS score of 9.4, the vulnerability stems from insufficient input sanitization—despite previous fixes for CVE-2025-68613, a similar high-severity flaw patched in…
##updated 2025-12-10T21:31:32
2 posts
Critical Authentication Bypass in D-Link, Securus, and Sparsh CCTV Cameras
A critical vulnerability (CVE-2025-13607) in D-Link, Securus, and Sparsh Securitech CCTV cameras allows unauthenticated remote attackers to steal account credentials and configuration data.
**As a general rule, make sure your CCTV cameras are not accessible from the internet. Check your CCTV inventory immediately for these models and apply the available firmware updates from D-Link and Securus. If you use Sparsh cameras or cannot patch, isolate these devices, and place them behind a VPN and consider replacement**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-d-link-securus-and-sparsh-cctv-cameras-a-g-i-n-p/gD2P6Ple2L
Critical Authentication Bypass in D-Link, Securus, and Sparsh CCTV Cameras
A critical vulnerability (CVE-2025-13607) in D-Link, Securus, and Sparsh Securitech CCTV cameras allows unauthenticated remote attackers to steal account credentials and configuration data.
**As a general rule, make sure your CCTV cameras are not accessible from the internet. Check your CCTV inventory immediately for these models and apply the available firmware updates from D-Link and Securus. If you use Sparsh cameras or cannot patch, isolate these devices, and place them behind a VPN and consider replacement**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-d-link-securus-and-sparsh-cctv-cameras-a-g-i-n-p/gD2P6Ple2L
updated 2025-11-04T18:16:31.367000
4 posts
1 repos
Hitachi Energy Patches a Blast-RADIUS Flaw in FOX61x
Hitachi Energy patched the Blast-RADIUS vulnerability (CVE-2024-3596) in FOX61x industrial communication devices that allows attackers to bypass RADIUS authentication using MD5 forgery.
**First, make sure your industrial network is isolated from the internet and accessible only from trusted networks. Then plan a patch for your Hitachi FOX61x devices and your RADIUS servers.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hitachi-energy-patches-a-blast-radius-flaw-in-fox61x-e-l-1-s-p/gD2P6Ple2L
Hitachi Energy Patches Critical Blast-RADIUS Vulnerability in XMC20 Industrial Platforms
Hitachi Energy patched the Blast-RADIUS vulnerability (CVE-2024-3596) in XMC20 industrial communication devices that allows attackers to bypass RADIUS authentication using MD5 forgery.
**First, make sure your industrial network is isolated from the internet and accessible only from trusted networks. Then plan a patch for your Hitachi XMC20 devices and your RADIUS servers.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hitachi-energy-addresses-critical-blast-radius-vulnerability-in-xmc20-industrial-platforms-p-b-u-t-a/gD2P6Ple2L
Hitachi Energy Patches a Blast-RADIUS Flaw in FOX61x
Hitachi Energy patched the Blast-RADIUS vulnerability (CVE-2024-3596) in FOX61x industrial communication devices that allows attackers to bypass RADIUS authentication using MD5 forgery.
**First, make sure your industrial network is isolated from the internet and accessible only from trusted networks. Then plan a patch for your Hitachi FOX61x devices and your RADIUS servers.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hitachi-energy-patches-a-blast-radius-flaw-in-fox61x-e-l-1-s-p/gD2P6Ple2L
Hitachi Energy Patches Critical Blast-RADIUS Vulnerability in XMC20 Industrial Platforms
Hitachi Energy patched the Blast-RADIUS vulnerability (CVE-2024-3596) in XMC20 industrial communication devices that allows attackers to bypass RADIUS authentication using MD5 forgery.
**First, make sure your industrial network is isolated from the internet and accessible only from trusted networks. Then plan a patch for your Hitachi XMC20 devices and your RADIUS servers.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hitachi-energy-addresses-critical-blast-radius-vulnerability-in-xmc20-industrial-platforms-p-b-u-t-a/gD2P6Ple2L
updated 2025-11-04T00:31:15
2 posts
To compare #sydbox and #gvisor, take 2 CVEs: CVE-2018-19333, gvisor proc2proc arbitrary-memory-write which wasn't classified as sandbox break. Vuln is there because gvisor uses the seccomp-trap API to run all in a single process ignoring ASLR.. CVE-2024-42318 aka Houdini is a #landlock break where a keyrings(7) call would unlock the sandbox. Syd wasn't affected: 1. keyrings is def disabled 2. open call happens in a syd emulator thread confined by same landlock sandbox. #exherbo #linux #security
##To compare #sydbox and #gvisor, take 2 CVEs: CVE-2018-19333, gvisor proc2proc arbitrary-memory-write which wasn't classified as sandbox break. Vuln is there because gvisor uses the seccomp-trap API to run all in a single process ignoring ASLR.. CVE-2024-42318 aka Houdini is a #landlock break where a keyrings(7) call would unlock the sandbox. Syd wasn't affected: 1. keyrings is def disabled 2. open call happens in a syd emulator thread confined by same landlock sandbox. #exherbo #linux #security
##updated 2025-10-30T19:52:41.973000
2 posts
Broadcom patched this ESXi arbitrary-write vulnerability (tracked as CVE-2025-22225) almost one year ago, in March 2025, alongside a memory leak (CVE-2025-22226) and a TOCTOU flaw (CVE-2025-22224), and tagged them all as actively exploited zero-days. https://www.bleepingcomputer.com/news/security/cisa-vmware-esxi-flaw-now-exploited-in-ransomware-attacks/
##Broadcom patched this ESXi arbitrary-write vulnerability (tracked as CVE-2025-22225) almost one year ago, in March 2025, alongside a memory leak (CVE-2025-22226) and a TOCTOU flaw (CVE-2025-22224), and tagged them all as actively exploited zero-days. https://www.bleepingcomputer.com/news/security/cisa-vmware-esxi-flaw-now-exploited-in-ransomware-attacks/
##updated 2025-10-30T15:50:59.680000
6 posts
27 repos
https://github.com/0xAbolfazl/CVE-2025-8088-WinRAR-PathTraversal-PoC
https://github.com/nuky-alt/CVE-2025-8088
https://github.com/pescada-dev/-CVE-2025-8088
https://github.com/jordan922/CVE-2025-8088
https://github.com/hbesljx/CVE-2025-8088-EXP
https://github.com/onlytoxi/CVE-2025-8088-Winrar-Tool
https://github.com/lucyna77/winrar-exploit
https://github.com/pentestfunctions/best-CVE-2025-8088
https://github.com/knight0x07/WinRAR-CVE-2025-8088-PoC-RAR
https://github.com/ilhamrzr/RAR-Anomaly-Inspector
https://github.com/papcaii2004/CVE-2025-8088-WinRAR-builder
https://github.com/Syrins/CVE-2025-8088-Winrar-Tool-Gui
https://github.com/walidpyh/CVE-2025-8088
https://github.com/kitsuneshade/WinRAR-Exploit-Tool---Rust-Edition
https://github.com/Markusino488/cve-2025-8088
https://github.com/xi0onamdev/WinRAR-CVE-2025-8088-Exploitation-Toolkit
https://github.com/AdityaBhatt3010/CVE-2025-8088-WinRAR-Zero-Day-Path-Traversal
https://github.com/pentestfunctions/CVE-2025-8088-Multi-Document
https://github.com/ghostn4444/CVE-2025-8088
https://github.com/DeepBlue-dot/CVE-2025-8088-WinRAR-Startup-PoC
https://github.com/Shinkirou789/Cve-2025-8088-WinRar-vulnerability
https://github.com/travisbgreen/cve-2025-8088
https://github.com/nhattanhh/CVE-2025-8088
https://github.com/hexsecteam/CVE-2025-8088-Winrar-Tool
https://github.com/techcorp/CVE-2025-8088-Exploit
https://github.com/pexlexity/WinRAR-CVE-2025-8088-Path-Traversal-PoC
https://github.com/sxyrxyy/CVE-2025-8088-WinRAR-Proof-of-Concept-PoC-Exploit-
Amaranth-Dragon Exploits WinRAR Flaw to Target Southeast Asian Governments and Law Enforcement
A new wave of cyberattacks has emerged in Southeast Asia, revealing a sophisticated campaign orchestrated by the threat actor known as Amaranth-Dragon. Leveraging a recently discovered WinRAR vulnerability (CVE-2025-8088), attackers managed to deploy malicious RAR archives within just ten days of the flaw being publicly reported. These attacks specifically targeted government…
##📰 Chinese APT 'Amaranth-Dragon' Hits Southeast Asian Governments with WinRAR Exploit
🇨🇳 New Chinese APT 'Amaranth-Dragon' targets Southeast Asian governments. Exploits WinRAR flaw CVE-2025-8088 for initial access. Uses custom 'TGAmaranth RAT' with Telegram for stealthy C2. 🐉 #APT #CyberEspionage #AmaranthDragon
##Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia - Check Point Research
##Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia - Check Point Research
##New.
Check Point: Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia https://research.checkpoint.com/2026/amaranth-dragon-weaponizes-cve-2025-8088-for-targeted-espionage/
More:
The Hacker News: China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns https://thehackernews.com/2026/02/china-linked-amaranth-dragon-exploits.html #Windows #infosec #vulnerability
##New Amaranth Dragon cyberespionage group exploits WinRAR flaw
A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 vulnerability in WinRAR...
🔗️ [Bleepingcomputer] https://link.is.it/vE4Qlj
##updated 2025-10-27T13:20:15.637000
2 posts
CVE-2025-6978: Arbitrary Code Execution in the #Arista NG Firewall - our researchers took a deep dive into this recently patched RCE to provide root cause and detection guidance. Read all the details at https://www.zerodayinitiative.com/blog/2026/2/4/cve-2025-6978-arbitrary-code-execution-in-the-arista-ng-firewall
##CVE-2025-6978: Arbitrary Code Execution in the #Arista NG Firewall - our researchers took a deep dive into this recently patched RCE to provide root cause and detection guidance. Read all the details at https://www.zerodayinitiative.com/blog/2026/2/4/cve-2025-6978-arbitrary-code-execution-in-the-arista-ng-firewall
##updated 2025-10-22T00:34:17
2 posts
Broadcom patched this ESXi arbitrary-write vulnerability (tracked as CVE-2025-22225) almost one year ago, in March 2025, alongside a memory leak (CVE-2025-22226) and a TOCTOU flaw (CVE-2025-22224), and tagged them all as actively exploited zero-days. https://www.bleepingcomputer.com/news/security/cisa-vmware-esxi-flaw-now-exploited-in-ransomware-attacks/
##Broadcom patched this ESXi arbitrary-write vulnerability (tracked as CVE-2025-22225) almost one year ago, in March 2025, alongside a memory leak (CVE-2025-22226) and a TOCTOU flaw (CVE-2025-22224), and tagged them all as actively exploited zero-days. https://www.bleepingcomputer.com/news/security/cisa-vmware-esxi-flaw-now-exploited-in-ransomware-attacks/
##updated 2025-10-22T00:33:13
4 posts
CISA Reports Actively Exploited VMware ESXi Flaw in Ransomware Campaigns
CISA reports active exploitation of VMware ESXi flaw (CVE-2025-22225) after reports of ransomware gangs using sandbox escape techniques to compromise hypervisors and encrypt virtual disks.
**If you are using VMware ESXi, Fusion, Workstation, Cloud Foundation or Telco Cloud, and have not patched them since March 2025, this is now URGENT. Not only you are actively hacked, now regulators mandate urgent patching. So start patching.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-reports-actively-exploited-vmware-esxi-flaw-in-ransomware-campaigns-9-6-2-3-k/gD2P6Ple2L
Broadcom patched this ESXi arbitrary-write vulnerability (tracked as CVE-2025-22225) almost one year ago, in March 2025, alongside a memory leak (CVE-2025-22226) and a TOCTOU flaw (CVE-2025-22224), and tagged them all as actively exploited zero-days. https://www.bleepingcomputer.com/news/security/cisa-vmware-esxi-flaw-now-exploited-in-ransomware-attacks/
##CISA Reports Actively Exploited VMware ESXi Flaw in Ransomware Campaigns
CISA reports active exploitation of VMware ESXi flaw (CVE-2025-22225) after reports of ransomware gangs using sandbox escape techniques to compromise hypervisors and encrypt virtual disks.
**If you are using VMware ESXi, Fusion, Workstation, Cloud Foundation or Telco Cloud, and have not patched them since March 2025, this is now URGENT. Not only you are actively hacked, now regulators mandate urgent patching. So start patching.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-reports-actively-exploited-vmware-esxi-flaw-in-ransomware-campaigns-9-6-2-3-k/gD2P6Ple2L
Broadcom patched this ESXi arbitrary-write vulnerability (tracked as CVE-2025-22225) almost one year ago, in March 2025, alongside a memory leak (CVE-2025-22226) and a TOCTOU flaw (CVE-2025-22224), and tagged them all as actively exploited zero-days. https://www.bleepingcomputer.com/news/security/cisa-vmware-esxi-flaw-now-exploited-in-ransomware-attacks/
##updated 2025-10-17T20:15:40.663000
1 posts
depthfirst | Casting a Net(ty) for Bugs, and Catching a Big One (CVE-2025-59419)
https://depthfirst.com/post/casting-a-net-ty-for-bugs-and-catching-a-big-one-cve-2025-59419?utm_source=tldrinfosec&utm_medium=newsletter&utm_campaign=2026Q1_newsletter_TLDRInfoSec&utm_content=secondary_placement&utm_term=blog_post
updated 2025-06-18T14:15:12
1 posts
Exploiting CVE-2025-49825 - authentication bypass vulnerability in Teleport https://blog.offensive.af/posts/exploiting-cve-2025-49825/
##updated 2025-04-07T18:54:46.053000
1 posts
updated 2023-02-01T05:05:52
2 posts
To compare #sydbox and #gvisor, take 2 CVEs: CVE-2018-19333, gvisor proc2proc arbitrary-memory-write which wasn't classified as sandbox break. Vuln is there because gvisor uses the seccomp-trap API to run all in a single process ignoring ASLR.. CVE-2024-42318 aka Houdini is a #landlock break where a keyrings(7) call would unlock the sandbox. Syd wasn't affected: 1. keyrings is def disabled 2. open call happens in a syd emulator thread confined by same landlock sandbox. #exherbo #linux #security
##To compare #sydbox and #gvisor, take 2 CVEs: CVE-2018-19333, gvisor proc2proc arbitrary-memory-write which wasn't classified as sandbox break. Vuln is there because gvisor uses the seccomp-trap API to run all in a single process ignoring ASLR.. CVE-2024-42318 aka Houdini is a #landlock break where a keyrings(7) call would unlock the sandbox. Syd wasn't affected: 1. keyrings is def disabled 2. open call happens in a syd emulator thread confined by same landlock sandbox. #exherbo #linux #security
##🔴 CVE-2026-25233 - Critical (9.1)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, logic bug in the roadmap role check allows non-lead maintainers to create, update, or delete roadmaps. This issue has been patched in version 1.33.0.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25233/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25233 - Critical (9.1)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, logic bug in the roadmap role check allows non-lead maintainers to create, update, or delete roadmaps. This issue has been patched in version 1.33.0.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25233/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25234 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category manager workflow to inject SQL via a category id...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25234/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25234 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category manager workflow to inject SQL via a category id...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25234/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25236 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN (...) list. This issue has been patched in version 1.33.0.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25236/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25236 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN (...) list. This issue has been patched in version 1.33.0.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25236/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25235 - High (7.5)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, predictable verification hashes may allow attackers to guess verification tokens and potentially verify election account requests without authorizati...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25235/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25235 - High (7.5)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, predictable verification hashes may allow attackers to guess verification tokens and potentially verify election account requests without authorizati...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25235/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25241 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, an unauthenticated SQL injection in the /get// endpoint allows remote attackers to execute arbitrary SQL via a crafted package version. This issue ha...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25241/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25241 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, an unauthenticated SQL injection in the /get// endpoint allows remote attackers to execute arbitrary SQL via a crafted package version. This issue ha...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25241/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25239 - High (7.5)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in apidoc queue insertion can allow query manipulation if an attacker can influence the inserted filename value. This i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25239/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25239 - High (7.5)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in apidoc queue insertion can allow query manipulation if an attacker can influence the inserted filename value. This i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25239/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25238 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in bug subscription deletion may allow attackers to inject SQL via a crafted email value. This issue has been patched i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25238/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25238 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in bug subscription deletion may allow attackers to inject SQL via a crafted email value. This issue has been patched i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25238/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##2 posts
6 repos
https://github.com/kimstars/Ashwesker-CVE-2026-21509
https://github.com/SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509
https://github.com/kaizensecurity/CVE-2026-21509
https://github.com/ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation
⚪ APT28 group exploits new vulnerability in Microsoft Office
🗨️ Just three days after Microsoft released an out-of-band patch for Office, the APT28 group began exploiting the CVE-2026-21509 vulnerability in attacks against Ukrainian and European organizations.
##⚪ APT28 group exploits new vulnerability in Microsoft Office
🗨️ Just three days after Microsoft released an out-of-band patch for Office, the APT28 group began exploiting the CVE-2026-21509 vulnerability in attacks against Ukrainian and European organizations.
##🟠 CVE-2026-25585 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a vulnerability IccCmm.cpp:5793 when reading through index during ICC p...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25585/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25584 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a stack-buffer-overflow vulnerability in CIccTagFloatNum::GetValues(). ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25584/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25583 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow vulnerability in CIccFileIO::Read8() when proces...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25583/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25519 - High (8.1)
OpenSlides is a free, web based presentation and assembly system for managing and projecting agenda, motions and elections of an assembly. Prior to version 4.2.29, OpenSlides supports local logins with username and password or an optionally config...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25519/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25519 - High (8.1)
OpenSlides is a free, web based presentation and assembly system for managing and projecting agenda, motions and elections of an assembly. Prior to version 4.2.29, OpenSlides supports local logins with username and password or an optionally config...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25519/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##SQL Injection Vulnerability Reported in Quiz and Survey Master WordPress Plugin
A SQL injection vulnerability (CVE-2025-67987) in the Quiz and Survey Master WordPress plugin affects over 40,000 sites, allowing authenticated users with Subscriber-level access to extract sensitive database information.
**If you are using the Quiz and Survey Master plugin, plan a quick update to version 10.3.2. Even low-level user accounts can exploit this flaw, so do not assume your site is safe just because you trust your registered users.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/sql-injection-vulnerability-reported-in-quiz-and-survey-master-wordpress-plugin-k-x-8-0-b/gD2P6Ple2L
🟠 CVE-2026-25502 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, stack-based buffer overflow in icFixXml() function when processing malformed ICC...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25502/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25502 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, stack-based buffer overflow in icFixXml() function when processing malformed ICC...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25502/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24665 - High (8.7)
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, a stored Cross-Site Scripting (XSS) vulnerability allows authenticated students to inject malicious JavaScript into uploaded as...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24665/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24665 - High (8.7)
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, a stored Cross-Site Scripting (XSS) vulnerability allows authenticated students to inject malicious JavaScript into uploaded as...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24665/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24773 - High (7.5)
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, an Insecure Direct Object Reference (IDOR) vulnerability allows unauthenticated remote attackers to access personal files of ot...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24773/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24773 - High (7.5)
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, an Insecure Direct Object Reference (IDOR) vulnerability allows unauthenticated remote attackers to access personal files of ot...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24773/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##