| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-2086 | 8.8 | 0.00% | 2 | 0 | 2026-02-07T14:16:08.047000 | A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by t | |
| CVE-2026-2071 | 8.8 | 0.04% | 2 | 0 | 2026-02-07T03:30:18 | A vulnerability was found in UTT 进取 520W 1.7.7-180627. The impacted element is t | |
| CVE-2026-25762 | 7.5 | 0.01% | 2 | 0 | 2026-02-07T00:33:35 | ### Summary A Denial of Service (DoS) vulnerability (CWE-400) exists in the mul | |
| CVE-2026-2070 | 8.8 | 0.04% | 2 | 0 | 2026-02-07T00:30:34 | A vulnerability has been found in UTT 进取 520W 1.7.7-180627. The affected element | |
| CVE-2026-2068 | 8.8 | 0.04% | 2 | 0 | 2026-02-07T00:30:34 | A vulnerability was detected in UTT 进取 520W 1.7.7-180627. This issue affects the | |
| CVE-2026-25803 | 9.8 | 0.04% | 6 | 0 | 2026-02-06T23:15:54.973000 | 3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the a | |
| CVE-2026-1709 | 9.4 | 0.04% | 2 | 0 | 2026-02-06T22:34:46 | ### Impact The Keylime registrar does not enforce mutual TLS (mTLS) client cert | |
| CVE-2026-25763 | 0 | 0.04% | 1 | 0 | 2026-02-06T22:16:12.420000 | OpenProject is an open-source, web-based project management software. Prior to v | |
| CVE-2026-25732 | 7.5 | 0.12% | 2 | 0 | 2026-02-06T22:16:11.993000 | NiceGUI is a Python-based UI framework. Prior to 3.7.0, NiceGUI's FileUpload.nam | |
| CVE-2026-25544 | 9.8 | 0.05% | 5 | 0 | 2026-02-06T22:16:11.597000 | Payload is a free and open source headless content management system. Prior to 3 | |
| CVE-2026-1731 | 0 | 0.44% | 1 | 0 | 2026-02-06T22:16:11.020000 | BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote | |
| CVE-2026-1727 | 0 | 0.04% | 1 | 0 | 2026-02-06T22:16:10.860000 | The Agentspace service was affected by a vulnerability that exposed sensitive in | |
| CVE-2026-25586 | 10.0 | 0.05% | 3 | 0 | 2026-02-06T21:57:22.450000 | SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, a sandbox escape | |
| CVE-2026-25632 | 10.0 | 0.11% | 5 | 0 | 2026-02-06T21:57:22.450000 | EPyT-Flow is a Python package designed for the easy generation of hydraulic and | |
| CVE-2026-25592 | 9.9 | 0.10% | 3 | 0 | 2026-02-06T21:57:22.450000 | Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and m | |
| CVE-2026-25635 | 8.6 | 0.05% | 6 | 0 | 2026-02-06T21:57:22.450000 | calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a pa | |
| CVE-2026-25628 | 8.5 | 0.04% | 4 | 0 | 2026-02-06T21:57:22.450000 | Qdrant is a vector similarity search engine and vector database. From 1.9.3 to b | |
| CVE-2026-25641 | 10.0 | 0.04% | 4 | 0 | 2026-02-06T21:57:22.450000 | SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, there is a sandbo | |
| CVE-2026-25587 | 10.0 | 0.05% | 2 | 0 | 2026-02-06T21:57:22.450000 | SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, as Map is in SAFE | |
| CVE-2025-13523 | 7.7 | 0.01% | 2 | 0 | 2026-02-06T21:57:22.450000 | Mattermost Confluence plugin version <1.7.0 fails to properly escape user-contro | |
| CVE-2026-25593 | 8.4 | 0.10% | 2 | 0 | 2026-02-06T21:43:42 | ### Summary An unauthenticated local client could use the Gateway WebSocket API | |
| CVE-2026-25580 | 8.6 | 0.01% | 2 | 0 | 2026-02-06T21:42:28 | ## Summary A Server-Side Request Forgery (SSRF) vulnerability exists in Pydanti | |
| CVE-2026-25520 | 10.0 | 0.08% | 4 | 0 | 2026-02-06T21:42:24 | ### Summary The return values of functions aren't wrapped. `Object.values`/`Obj | |
| CVE-2026-23989 | 8.2 | 0.03% | 2 | 0 | 2026-02-06T21:42:17 | ### Impact A security issue was discovered in Reva based products that enables | |
| CVE-2025-70963 | None | 0.04% | 2 | 0 | 2026-02-06T21:38:16 | Gophish <= 0.12.1 is vulnerable to Incorrect Access Control. The administrative | |
| CVE-2026-25505 | 9.8 | 0.09% | 1 | 0 | 2026-02-06T21:38:04 | ### Summary 1. A hardcoded secret key used for signing JWTs is checked into sour | |
| CVE-2026-2067 | 8.8 | 0.04% | 4 | 0 | 2026-02-06T21:30:58 | A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. This vul | |
| CVE-2026-2066 | 8.8 | 0.04% | 2 | 0 | 2026-02-06T21:30:58 | A weakness has been identified in UTT 进取 520W 1.7.7-180627. This affects the fun | |
| CVE-2025-11953 | 9.8 | 6.95% | 8 | 4 | 2026-02-06T19:43:47.703000 | The Metro Development Server, which is opened by the React Native Community CLI, | |
| CVE-2025-69906 | 8.8 | 0.21% | 2 | 1 | 2026-02-06T18:31:38 | Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files | |
| CVE-2025-69619 | 7.5 | 0.05% | 2 | 0 | 2026-02-06T18:31:38 | A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of | |
| CVE-2026-24423 | 9.8 | 9.22% | 11 | 1 | 2026-02-06T18:30:29 | SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated | |
| CVE-2026-0538 | 7.8 | 0.01% | 1 | 0 | 2026-02-06T17:49:06.210000 | A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force | |
| CVE-2025-70073 | 9.8 | 0.25% | 2 | 0 | 2026-02-06T17:16:18.283000 | An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute a | |
| CVE-2026-0661 | 7.8 | 0.01% | 1 | 0 | 2026-02-06T16:26:55.207000 | A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force | |
| CVE-2025-15566 | 8.8 | 0.03% | 4 | 0 | 2026-02-06T15:14:47.703000 | A security issue was discovered in ingress-nginx where the `nginx.ingress.kubern | |
| CVE-2026-2017 | 9.8 | 0.08% | 2 | 1 | 2026-02-06T15:14:47.703000 | A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by t | |
| CVE-2026-1499 | 9.8 | 1.23% | 2 | 0 | 2026-02-06T15:14:47.703000 | The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization lea | |
| CVE-2026-24926 | 8.4 | 0.01% | 2 | 0 | 2026-02-06T15:14:47.703000 | Out-of-bounds write vulnerability in the camera module. Impact: Successful explo | |
| CVE-2026-21532 | 8.2 | 0.09% | 1 | 0 | 2026-02-06T15:14:47.703000 | Azure Function Information Disclosure Vulnerability | |
| CVE-2026-0106 | 9.3 | 0.00% | 1 | 0 | 2026-02-06T15:14:47.703000 | In vpu_mmap of vpu_ioctl, there is a possible arbitrary address mmap due to a mi | |
| CVE-2026-21643 | 9.8 | 0.13% | 4 | 1 | 2026-02-06T09:30:35 | An improper neutralization of special elements used in an sql command ('sql inje | |
| CVE-2026-24930 | 8.4 | 0.01% | 2 | 0 | 2026-02-06T09:30:35 | UAF concurrency vulnerability in the graphics module. Impact: Successful exploit | |
| CVE-2025-15080 | 0 | 0.05% | 2 | 0 | 2026-02-06T07:16:11.187000 | Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi E | |
| CVE-2026-24302 | 8.6 | 0.08% | 1 | 0 | 2026-02-06T00:30:37 | Azure Arc Elevation of Privilege Vulnerability | |
| CVE-2026-0391 | 6.5 | 0.06% | 2 | 0 | 2026-02-06T00:30:32 | User interface (ui) misrepresentation of critical information in Microsoft Edge | |
| CVE-2026-24300 | 9.8 | 0.09% | 1 | 1 | 2026-02-06T00:30:32 | Azure Front Door Elevation of Privilege Vulnerability | |
| CVE-2026-0536 | 7.8 | 0.01% | 1 | 0 | 2026-02-05T22:06:39.947000 | A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause | |
| CVE-2026-20979 | 7.8 | 0.01% | 1 | 0 | 2026-02-05T21:33:39 | Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows | |
| CVE-2026-20983 | 7.8 | 0.01% | 1 | 0 | 2026-02-05T21:33:39 | Improper export of android application components in Samsung Dialer prior to SMR | |
| CVE-2025-15311 | 7.8 | 0.01% | 1 | 0 | 2026-02-05T21:32:48 | Tanium addressed an unauthorized code execution vulnerability in Tanium Applianc | |
| CVE-2025-15330 | 8.8 | 0.04% | 1 | 0 | 2026-02-05T21:32:42 | Tanium addressed an improper input validation vulnerability in Deploy. | |
| CVE-2025-68721 | 9.1 | 0.01% | 2 | 1 | 2026-02-05T21:32:40 | Axigen Mail Server before 10.5.57 contains an improper access control vulnerabil | |
| CVE-2025-68722 | 8.8 | 0.03% | 1 | 1 | 2026-02-05T21:15:52.127000 | Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Sit | |
| CVE-2026-25056 | 8.8 | 0.13% | 1 | 0 | 2026-02-05T20:42:20.263000 | n8n is an open source workflow automation platform. Prior to versions 1.118.0 an | |
| CVE-2026-25055 | 8.1 | 0.08% | 1 | 0 | 2026-02-05T20:41:47.613000 | n8n is an open source workflow automation platform. Prior to versions 1.123.12 a | |
| CVE-2026-25053 | 9.9 | 0.02% | 1 | 0 | 2026-02-05T20:32:37.750000 | n8n is an open source workflow automation platform. Prior to versions 1.123.10 a | |
| CVE-2026-25049 | 9.9 | 0.03% | 9 | 0 | 2026-02-05T20:22:47.870000 | n8n is an open source workflow automation platform. Prior to versions 1.123.17 a | |
| CVE-2025-11234 | 7.5 | 0.10% | 1 | 0 | 2026-02-05T20:15:52.003000 | A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is w | |
| CVE-2026-25234 | 9.8 | 0.03% | 2 | 0 | 2026-02-05T18:08:05.863000 | PEAR is a framework and distribution system for reusable PHP components. Prior t | |
| CVE-2026-25235 | 7.5 | 0.03% | 1 | 0 | 2026-02-05T18:07:35.470000 | PEAR is a framework and distribution system for reusable PHP components. Prior t | |
| CVE-2026-25239 | 7.5 | 0.03% | 1 | 0 | 2026-02-05T18:00:51.113000 | PEAR is a framework and distribution system for reusable PHP components. Prior t | |
| CVE-2026-25240 | 9.8 | 0.03% | 1 | 0 | 2026-02-05T17:56:13.807000 | PEAR is a framework and distribution system for reusable PHP components. Prior t | |
| CVE-2026-25241 | 9.8 | 0.08% | 1 | 0 | 2026-02-05T17:55:10.430000 | PEAR is a framework and distribution system for reusable PHP components. Prior t | |
| CVE-2025-59439 | 7.5 | 0.04% | 1 | 0 | 2026-02-05T17:27:26.890000 | An issue was discovered in Samsung Mobile Processor, Wearable Processor and Mode | |
| CVE-2026-25546 | 7.8 | 0.07% | 2 | 1 | 2026-02-05T15:34:59 | ### Impact A Command Injection vulnerability in godot-mcp allows remote code ex | |
| CVE-2025-61732 | 8.6 | 0.01% | 2 | 0 | 2026-02-05T15:32:15 | A discrepancy between how Go and C/C++ comments were parsed allowed for code smu | |
| CVE-2025-67189 | 9.8 | 0.15% | 1 | 0 | 2026-02-05T15:32:10 | A buffer overflow vulnerability exists in the setParentalRules interface of TOTO | |
| CVE-2025-71031 | 7.5 | 0.04% | 1 | 0 | 2026-02-05T15:16:08.583000 | Water-Melon Melon commit 9df9292 and below is vulnerable to Denial of Service. T | |
| CVE-2025-67188 | 9.8 | 0.10% | 1 | 0 | 2026-02-05T15:16:07.170000 | A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204_B2021011 | |
| CVE-2025-61917 | 7.7 | 0.01% | 1 | 0 | 2026-02-05T14:57:34.297000 | n8n is an open source workflow automation platform. From version 1.65.0 to befor | |
| CVE-2026-20098 | 8.8 | 0.90% | 2 | 0 | 2026-02-05T14:57:34.297000 | A vulnerability in the Certificate Management feature of Cisco Meeting Managemen | |
| CVE-2025-13379 | 8.6 | 0.09% | 1 | 0 | 2026-02-05T14:57:20.563000 | IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote | |
| CVE-2026-25585 | 7.8 | 0.01% | 1 | 0 | 2026-02-05T14:57:20.563000 | iccDEV provides a set of libraries and tools that allow for the interaction, man | |
| CVE-2026-25526 | 9.8 | 0.07% | 1 | 0 | 2026-02-05T14:57:20.563000 | JinJava is a Java-based template engine based on django template syntax, adapted | |
| CVE-2026-25583 | 7.8 | 0.01% | 1 | 0 | 2026-02-05T14:57:20.563000 | iccDEV provides a set of libraries and tools that allow for the interaction, man | |
| CVE-2026-25582 | 7.8 | 0.01% | 1 | 0 | 2026-02-05T14:57:20.563000 | iccDEV provides a set of libraries and tools that allow for the interaction, man | |
| CVE-2026-25519 | 8.1 | 0.04% | 2 | 0 | 2026-02-05T14:57:20.563000 | OpenSlides is a free, web based presentation and assembly system for managing an | |
| CVE-2026-24844 | 7.9 | 0.02% | 1 | 0 | 2026-02-05T14:57:20.563000 | melange allows users to build apk packages using declarative pipelines. From ver | |
| CVE-2026-25160 | 9.1 | 0.01% | 2 | 0 | 2026-02-05T14:57:20.563000 | Alist is a file list program that supports multiple storages, powered by Gin and | |
| CVE-2026-24843 | 8.2 | 0.02% | 1 | 0 | 2026-02-05T14:57:20.563000 | melange allows users to build apk packages using declarative pipelines. In versi | |
| CVE-2026-25121 | 7.5 | 0.04% | 1 | 0 | 2026-02-05T14:57:20.563000 | apko allows users to build and publish OCI container images built from apk packa | |
| CVE-2025-11730 | 7.2 | 0.20% | 2 | 0 | 2026-02-05T03:30:23 | A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) | |
| CVE-2025-10314 | 8.8 | 0.01% | 1 | 0 | 2026-02-05T03:30:23 | Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation F | |
| CVE-2026-25539 | 9.1 | 0.27% | 1 | 0 | 2026-02-05T00:36:45 | ## Summary The `/api/file/copyFile` endpoint does not validate the `dest` param | |
| CVE-2025-13192 | 8.2 | 0.08% | 1 | 0 | 2026-02-05T00:31:08 | The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, an | |
| CVE-2026-24735 | 7.5 | 0.02% | 1 | 0 | 2026-02-04T21:57:36 | Exposure of Private Personal Information to an Unauthorized Actor vulnerability | |
| CVE-2026-25161 | 8.8 | 0.05% | 1 | 0 | 2026-02-04T21:56:57 | ### Summary The application contains a Path Traversal vulnerability (CWE-22) in | |
| CVE-2026-25157 | 7.8 | 0.02% | 2 | 0 | 2026-02-04T21:56:26 | Two related vulnerabilities existed in the macOS application's SSH remote connec | |
| CVE-2026-25143 | 7.8 | 0.02% | 2 | 0 | 2026-02-04T21:56:11 | An attacker who can influence inputs to the patch pipeline could execute arbitra | |
| CVE-2026-25140 | 7.5 | 0.04% | 1 | 0 | 2026-02-04T21:56:01 | An attacker who controls or compromises an APK repository used by apko could cau | |
| CVE-2026-24884 | 8.4 | 0.02% | 1 | 0 | 2026-02-04T21:55:36 | # Arbitrary File Write via Symlink Extraction in `github.com/node-modules/compre | |
| CVE-2026-23897 | 7.5 | 0.04% | 1 | 0 | 2026-02-04T21:55:12 | ### Impact The default configuration of `startStandaloneServer` from `@apollo/s | |
| CVE-2025-13375 | 9.8 | 0.06% | 1 | 0 | 2026-02-04T21:30:43 | IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an una | |
| CVE-2025-69620 | 7.5 | 0.01% | 1 | 0 | 2026-02-04T21:30:32 | A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of S | |
| CVE-2025-69875 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T21:30:32 | A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine man | |
| CVE-2026-25027 | 7.5 | 0.11% | 1 | 0 | 2026-02-04T20:16:05.863000 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP | |
| CVE-2026-24512 | 8.8 | 0.10% | 2 | 0 | 2026-02-04T20:04:50 | A security issue was discovered in ingress-nginx. Tthe `rules.http.paths.path` I | |
| CVE-2026-25052 | None | 0.01% | 1 | 0 | 2026-02-04T19:53:39 | ## Impact A vulnerability in the file access controls allows authenticated user | |
| CVE-2025-64712 | 9.8 | 0.06% | 1 | 0 | 2026-02-04T19:53:06 | A Path Traversal vulnerability in the `partition_msg` function allows an attacke | |
| CVE-2026-25115 | None | 0.04% | 1 | 0 | 2026-02-04T19:42:05 | ## Impact A vulnerability in the Python Code node allows authenticated users to | |
| CVE-2025-69970 | None | 0.05% | 1 | 0 | 2026-02-04T19:34:42 | FUXA v1.2.7 contains an insecure default configuration vulnerability in server/s | |
| CVE-2025-46651 | 9.1 | 0.02% | 1 | 0 | 2026-02-04T18:31:36 | Tiny File Manager through 2.6 contains a server-side request forgery (SSRF) vuln | |
| CVE-2025-60865 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T18:31:36 | Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174 | |
| CVE-2025-67186 | 9.8 | 0.15% | 1 | 0 | 2026-02-04T18:31:36 | TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability | |
| CVE-2025-57529 | 9.8 | 0.04% | 1 | 1 | 2026-02-04T18:31:36 | YouDataSum CPAS Audit Management System <=v4.9 is vulnerable to SQL Injection in | |
| CVE-2025-66374 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T18:31:36 | CyberArk Endpoint Privilege Manager Agent through 25.10.0 allows a local user to | |
| CVE-2026-0660 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T18:30:51 | A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause | |
| CVE-2026-20119 | 7.5 | 0.08% | 2 | 0 | 2026-02-04T18:30:51 | A vulnerability in the text rendering subsystem of Cisco TelePresence Collaborat | |
| CVE-2026-0659 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T18:30:51 | A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or | |
| CVE-2026-0662 | 7.8 | 0.01% | 1 | 0 | 2026-02-04T18:30:51 | A maliciously crafted project directory, when opening a max file in Autodesk 3ds | |
| CVE-2026-0537 | 7.8 | 0.01% | 2 | 0 | 2026-02-04T18:30:50 | A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force | |
| CVE-2025-63624 | 9.8 | 0.16% | 1 | 0 | 2026-02-04T18:30:31 | SQL Injection vulnerability in Shandong Kede Electronics Co., Ltd IoT smart wate | |
| CVE-2025-63372 | 7.5 | 0.29% | 1 | 0 | 2026-02-04T18:30:31 | Articentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Trave | |
| CVE-2026-25510 | 10.0 | 0.23% | 2 | 0 | 2026-02-04T17:46:00 | **Summary** A critical vulnerability has been identified in CI4MS that allows a | |
| CVE-2026-25150 | 9.3 | 0.02% | 1 | 0 | 2026-02-04T17:45:45 | ### Summary A Prototype Pollution vulnerability exists in the `formToObj()` fun | |
| CVE-2025-67187 | 9.8 | 0.04% | 1 | 0 | 2026-02-04T17:16:10.167000 | A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4 | |
| CVE-2025-61506 | 9.8 | 0.09% | 1 | 1 | 2026-02-04T17:16:08.663000 | An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated | |
| CVE-2026-1340 | 9.8 | 0.18% | 4 | 1 | 2026-02-04T16:34:21.763000 | A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve | |
| CVE-2025-70560 | 8.4 | 0.06% | 1 | 0 | 2026-02-04T16:34:21.763000 | Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule l | |
| CVE-2026-1633 | 10.0 | 0.05% | 3 | 0 | 2026-02-04T16:33:44.537000 | The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes its web mana | |
| CVE-2026-1341 | 0 | 0.02% | 1 | 0 | 2026-02-04T16:33:44.537000 | Avation Light Engine Pro exposes its configuration and control interface without | |
| CVE-2025-59818 | 10.0 | 0.10% | 1 | 0 | 2026-02-04T16:33:44.537000 | This vulnerability allows authenticated attackers to execute arbitrary commands | |
| CVE-2025-15268 | 7.5 | 0.07% | 1 | 0 | 2026-02-04T16:33:44.537000 | The Infility Global plugin for WordPress is vulnerable to unauthenticated SQL In | |
| CVE-2026-1580 | 8.8 | 0.10% | 1 | 0 | 2026-02-04T16:33:44.537000 | A security issue was discovered in ingress-nginx where the `nginx.ingress.kubern | |
| CVE-2026-1862 | 8.8 | 0.02% | 1 | 0 | 2026-02-04T16:33:44.537000 | Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote a | |
| CVE-2026-25223 | 7.5 | 0.03% | 2 | 0 | 2026-02-04T16:33:44.537000 | Fastify is a fast and low overhead web framework, for Node.js. Prior to version | |
| CVE-2025-15368 | 8.8 | 0.14% | 1 | 0 | 2026-02-04T15:30:35 | The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in al | |
| CVE-2025-5329 | 9.8 | 0.01% | 1 | 1 | 2026-02-04T15:30:29 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-0818 | 4.3 | 0.02% | 1 | 0 | 2026-02-04T10:16:04.550000 | When a user explicitly requested Thunderbird to decrypt an inline OpenPGP messag | |
| CVE-2025-15285 | 7.5 | 0.08% | 1 | 0 | 2026-02-04T09:30:36 | The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized mo | |
| CVE-2026-1819 | 8.8 | 0.05% | 1 | 0 | 2026-02-04T09:30:35 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2026-1756 | 8.8 | 0.22% | 1 | 0 | 2026-02-04T09:30:30 | The WP FOFT Loader plugin for WordPress is vulnerable to arbitrary file uploads | |
| CVE-2026-1861 | 8.8 | 0.02% | 1 | 0 | 2026-02-04T00:31:33 | Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed | |
| CVE-2026-1632 | 9.1 | 0.13% | 2 | 0 | 2026-02-04T00:30:41 | MOMA Seismic Station Version v2.4.2520 and prior exposes its web management inte | |
| CVE-2026-1803 | 8.1 | 0.02% | 1 | 0 | 2026-02-03T21:31:58 | A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unk | |
| CVE-2025-40551 | 9.8 | 22.94% | 6 | 0 | 2026-02-03T21:31:50 | SolarWinds Web Help Desk was found to be susceptible to an untrusted data deseri | |
| CVE-2026-1207 | None | 0.01% | 1 | 0 | 2026-02-03T19:32:57 | An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4 | |
| CVE-2026-1281 | 9.8 | 16.41% | 5 | 1 | 2026-01-30T13:28:18.610000 | A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve | |
| CVE-2026-24061 | 9.8 | 29.55% | 2 | 62 | template | 2026-01-29T21:30:27 | telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a " |
| CVE-2026-21509 | 7.8 | 2.91% | 7 | 8 | 2026-01-26T21:31:39 | Reliance on untrusted inputs in a security decision in Microsoft Office allows a | |
| CVE-2026-21441 | 7.5 | 0.02% | 2 | 0 | 2026-01-23T09:15:47.823000 | urllib3 is an HTTP client library for Python. urllib3's streaming API is designe | |
| CVE-2025-9086 | 7.5 | 0.03% | 1 | 0 | 2026-01-20T15:31:21 | 1. A cookie is set using the `secure` keyword for `https://target` 2. curl is re | |
| CVE-2025-13607 | 9.4 | 0.08% | 2 | 0 | 2025-12-10T21:31:32 | A malicious actor can access camera configuration information, including account | |
| CVE-2024-3596 | 9.1 | 23.85% | 4 | 1 | 2025-11-04T18:31:08 | RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local atta | |
| CVE-2024-42318 | 5.5 | 0.01% | 1 | 0 | 2025-11-04T00:31:15 | In the Linux kernel, the following vulnerability has been resolved: landlock: D | |
| CVE-2025-8088 | 8.8 | 3.90% | 4 | 27 | 2025-10-30T15:50:59.680000 | A path traversal vulnerability affecting the Windows version of WinRAR allows th | |
| CVE-2025-6978 | 7.2 | 0.24% | 1 | 0 | 2025-10-23T21:31:50 | Diagnostics command injection vulnerability | |
| CVE-2025-22224 | 9.4 | 56.62% | 1 | 0 | 2025-10-22T00:34:17 | VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulner | |
| CVE-2025-22225 | 8.3 | 6.15% | 3 | 0 | 2025-10-22T00:33:13 | VMware ESXi contains an arbitrary write vulnerability. A malicious actor with pr | |
| CVE-2025-22226 | 7.1 | 6.02% | 1 | 0 | 2025-10-22T00:33:13 | VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerabi | |
| CVE-2017-12617 | 8.1 | 94.36% | 2 | 13 | template | 2025-10-22T00:16:04.407000 | When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC |
| CVE-2017-12615 | 8.1 | 94.22% | 2 | 18 | template | 2025-10-22T00:16:04.227000 | When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e. |
| CVE-2025-59419 | 0 | 0.97% | 1 | 0 | 2025-10-17T20:15:40.663000 | Netty is an asynchronous, event-driven network application framework. In version | |
| CVE-2025-49825 | 9.8 | 11.53% | 1 | 0 | template | 2025-06-18T13:46:52.973000 | Teleport provides connectivity, authentication, access controls and audit for in |
| CVE-2025-1920 | 8.8 | 0.15% | 1 | 0 | 2025-04-07T18:54:46.053000 | Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote at | |
| CVE-2018-19333 | 9.8 | 0.17% | 1 | 0 | 2023-02-01T05:05:52 | pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers | |
| CVE-2026-25644 | 0 | 0.03% | 2 | 0 | N/A | ||
| CVE-2026-25636 | 0 | 0.01% | 6 | 0 | N/A | ||
| CVE-2026-25634 | 0 | 0.01% | 6 | 0 | N/A | ||
| CVE-2026-25731 | 0 | 0.01% | 4 | 1 | N/A | ||
| CVE-2026-25643 | 0 | 0.47% | 4 | 1 | N/A | ||
| CVE-2026-25233 | 0 | 0.04% | 2 | 0 | N/A | ||
| CVE-2026-25237 | 0 | 0.08% | 2 | 0 | N/A | ||
| CVE-2026-25236 | 0 | 0.03% | 2 | 0 | N/A | ||
| CVE-2026-25238 | 0 | 0.03% | 1 | 0 | N/A | ||
| CVE-2026-2150 | 0 | 0.00% | 1 | 6 | N/A | ||
| CVE-2026-22038 | 0 | 0.08% | 1 | 0 | N/A | ||
| CVE-2026-25584 | 0 | 0.01% | 1 | 0 | N/A | ||
| CVE-2025-67987 | 0 | 0.00% | 1 | 0 | N/A |
updated 2026-02-07T14:16:08.047000
2 posts
🟠 CVE-2026-2086 - High (8.8)
A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2086/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2086 - High (8.8)
A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2086/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-07T03:30:18
2 posts
🟠 CVE-2026-2071 - High (8.8)
A vulnerability was found in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formP2PLimitConfig. Performing a manipulation of the argument except results in buffer overflow. The attack is possible to b...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2071/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2071 - High (8.8)
A vulnerability was found in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formP2PLimitConfig. Performing a manipulation of the argument except results in buffer overflow. The attack is possible to b...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2071/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-07T00:33:35
2 posts
🟠 CVE-2026-25762 - High (7.5)
AdonisJS is a TypeScript-first web framework. Prior to versions 10.1.3 and 11.0.0-next.9, a denial of service (DoS) vulnerability exists in the multipart file handling logic of @adonisjs/bodyparser. When processing file uploads, the multipart pars...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25762/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25762 - High (7.5)
AdonisJS is a TypeScript-first web framework. Prior to versions 10.1.3 and 11.0.0-next.9, a denial of service (DoS) vulnerability exists in the multipart file handling logic of @adonisjs/bodyparser. When processing file uploads, the multipart pars...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25762/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-07T00:30:34
2 posts
🟠 CVE-2026-2070 - High (8.8)
A vulnerability has been found in UTT 进取 520W 1.7.7-180627. The affected element is the function strcpy of the file /goform/formPolicyRouteConf. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed r...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2070/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2070 - High (8.8)
A vulnerability has been found in UTT 进取 520W 1.7.7-180627. The affected element is the function strcpy of the file /goform/formPolicyRouteConf. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed r...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2070/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-07T00:30:34
2 posts
🟠 CVE-2026-2068 - High (8.8)
A vulnerability was detected in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/formSyslogConf. The manipulation of the argument ServerIp results in buffer overflow. The attack may be launched remotely. The...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2068/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2068 - High (8.8)
A vulnerability was detected in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/formSyslogConf. The manipulation of the argument ServerIp results in buffer overflow. The attack may be launched remotely. The...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2068/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T23:15:54.973000
6 posts
🚨 CVE-2026-25803 (CRITICAL, CVSS 9.8): denpiligrim 3dp-manager ≤2.0.1 creates admin/admin by default. Network attackers get full control of VPN & settings. Patch to 2.0.2 ASAP or restrict access! https://radar.offseq.com/threat/cve-2026-25803-cwe-798-use-of-hard-coded-credentia-52e7d009 #OffSeq #Vuln #PatchManagement #CVE2026_25803
##🚩 CRITICAL: CVE-2026-25803 in denpiligrim 3dp-manager (≤2.0.1) — hard-coded admin creds allow full takeover via network. Patch to 2.0.2 ASAP & restrict access. Monitor for unusual logins. Details: https://radar.offseq.com/threat/cve-2026-25803-cwe-798-use-of-hard-coded-credentia-52e7d009 #OffSeq #CVE202625803 #Infosec #Vuln
##🔴 CVE-2026-25803 - Critical (9.8)
3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials (admin/admin) upon the first initialization. Attackers with network access to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25803/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25803 - Critical (9.8)
3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials (admin/admin) upon the first initialization. Attackers with network access to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25803/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25803 - Critical (9.8)
3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials (admin/admin) upon the first initialization. Attackers with network access to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25803/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25803 - Critical (9.8)
3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials (admin/admin) upon the first initialization. Attackers with network access to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25803/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T22:34:46
2 posts
🔴 CVE-2026-1709 - Critical (9.4)
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to pe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1709/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-1709 - Critical (9.4)
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to pe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1709/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T22:16:12.420000
1 posts
⚠️ CVE-2026-25763: CRITICAL OS command injection in OpenProject (<16.6.7, <17.0.3) allows RCE via repository changes endpoint. Patch now! Restrict browse_repository access & monitor for suspicious activity. Details: https://radar.offseq.com/threat/cve-2026-25763-cwe-78-improper-neutralization-of-s-f2d1f8d7 #OffSeq #OpenProject #Vuln
##updated 2026-02-06T22:16:11.993000
2 posts
🟠 CVE-2026-25732 - High (7.5)
NiceGUI is a Python-based UI framework. Prior to 3.7.0, NiceGUI's FileUpload.name property exposes client-supplied filename metadata without sanitization, enabling path traversal when developers use the pattern UPLOAD_DIR / file.name. Malicious fi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25732/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25732 - High (7.5)
NiceGUI is a Python-based UI framework. Prior to 3.7.0, NiceGUI's FileUpload.name property exposes client-supplied filename metadata without sanitization, enabling path traversal when developers use the pattern UPLOAD_DIR / file.name. Malicious fi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25732/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T22:16:11.597000
5 posts
🚨 CVE-2026-25544: CRITICAL SQL injection in Payload CMS (<3.73.0). Unauthenticated attackers can extract emails & reset tokens — full account takeover possible. Patch to 3.73.0+ ASAP! https://radar.offseq.com/threat/cve-2026-25544-cwe-89-improper-neutralization-of-s-972c134b #OffSeq #PayloadCMS #SQLInjection #Infosec
##🔴 CVE-2026-25544 - Critical (9.8)
Payload is a free and open source headless content management system. Prior to 3.73.0, when querying JSON or richText fields, user input was directly embedded into SQL without escaping, enabling blind SQL injection attacks. An unauthenticated atta...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25544/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25544 - Critical (9.8)
Payload is a free and open source headless content management system. Prior to 3.73.0, when querying JSON or richText fields, user input was directly embedded into SQL without escaping, enabling blind SQL injection attacks. An unauthenticated atta...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25544/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25544 - Critical (9.8)
Payload is a free and open source headless content management system. Prior to 3.73.0, when querying JSON or richText fields, user input was directly embedded into SQL without escaping, enabling blind SQL injection attacks. An unauthenticated atta...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25544/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25544 - Critical (9.8)
Payload is a free and open source headless content management system. Prior to 3.73.0, when querying JSON or richText fields, user input was directly embedded into SQL without escaping, enabling blind SQL injection attacks. An unauthenticated atta...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25544/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T22:16:11.020000
1 posts
🚨 CVE-2026-1731: CRITICAL RCE in BeyondTrust RS & PRA. Unauthenticated attackers can execute OS commands pre-auth. Restrict access, monitor logs, and prep for patching. CVSS 9.9 — act now! https://radar.offseq.com/threat/cve-2026-1731-cwe-78-improper-neutralization-of-sp-066ed5de #OffSeq #BeyondTrust #Vuln #InfoSec
##updated 2026-02-06T22:16:10.860000
1 posts
CRITICAL: CVE-2026-1727 in Google Cloud Gemini Enterprise exposes sensitive info via predictable GCS bucket names (bucket squatting risk). All versions prior to Dec 12, 2025 are vulnerable — ensure you're patched! https://radar.offseq.com/threat/cve-2026-1727-cwe-200-exposure-of-sensitive-inform-c82534e3 #OffSeq #CloudSecurity #GoogleCloud #CVE2026_1727
##updated 2026-02-06T21:57:22.450000
3 posts
🔥 CRITICAL vuln: CVE-2026-25586 in SandboxJS (<0.8.29) enables prototype pollution & sandbox escapes via hasOwnProperty shadowing. Remote RCE & cross-sandbox impact possible. Upgrade to 0.8.29+ ASAP! https://radar.offseq.com/threat/cve-2026-25586-cwe-74-improper-neutralization-of-s-3231fe20 #OffSeq #CVE202625586 #JavaScript #Security
##🔴 CVE-2026-25586 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, a sandbox escape is possible by shadowing hasOwnProperty on a sandbox object, which disables prototype whitelist enforcement in the property-access path. This permits direct access to ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25586/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25586 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, a sandbox escape is possible by shadowing hasOwnProperty on a sandbox object, which disables prototype whitelist enforcement in the property-access path. This permits direct access to ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25586/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:57:22.450000
5 posts
🚨 CRITICAL (CVSS 10.0): CVE-2026-25632 in WaterFutures EPyT-Flow (<0.16.1) — attacker-controlled JSON allows OS command execution via unsafe deserialization. Upgrade to 0.16.1+ ASAP. Monitor for suspicious activity. https://radar.offseq.com/threat/cve-2026-25632-cwe-502-deserialization-of-untruste-d8f5be65 #OffSeq #CVE202625632 #infosec #OTsecurity
##🔴 CVE-2026-25632 - Critical (10)
EPyT-Flow is a Python package designed for the easy generation of hydraulic and water quality scenario data of water distribution networks. Prior to 0.16.1, EPyT-Flow’s REST API parses attacker-controlled JSON request bodies using a custom deser...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25632/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25632 - Critical (10)
EPyT-Flow is a Python package designed for the easy generation of hydraulic and water quality scenario data of water distribution networks. Prior to 0.16.1, EPyT-Flow’s REST API parses attacker-controlled JSON request bodies using a custom deser...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25632/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25632 - Critical (10)
EPyT-Flow is a Python package designed for the easy generation of hydraulic and water quality scenario data of water distribution networks. Prior to 0.16.1, EPyT-Flow’s REST API parses attacker-controlled JSON request bodies using a custom deser...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25632/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25632 - Critical (10)
EPyT-Flow is a Python package designed for the easy generation of hydraulic and water quality scenario data of water distribution networks. Prior to 0.16.1, EPyT-Flow’s REST API parses attacker-controlled JSON request bodies using a custom deser...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25632/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:57:22.450000
3 posts
🚨 CVE-2026-25592 (CRITICAL, CVSS 10) impacts Microsoft Semantic Kernel <1.70.0: Remote path traversal in SessionsPythonPlugin enables arbitrary file writes. Upgrade to 1.70.0+ & validate file paths! https://radar.offseq.com/threat/cve-2026-25592-cwe-22-improper-limitation-of-a-pat-e2f967bb #OffSeq #PathTraversal #AIsecurity
##🔴 CVE-2026-25592 - Critical (9.9)
Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems. Prior to 1.70.0, an Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the Ses...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25592/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25592 - Critical (9.9)
Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems. Prior to 1.70.0, an Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the Ses...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25592/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:57:22.450000
6 posts
🟠 CVE-2026-25635 - High (8.6)
calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows (haven't tested on other OS's), this can lead to Remot...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25635/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25635 - High (8.6)
calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows (haven't tested on other OS's), this can lead to Remot...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25635/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25635 - High (8.6)
calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows (haven't tested on other OS's), this can lead to Remot...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25635/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25635 - High (8.6)
calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows (haven't tested on other OS's), this can lead to Remot...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25635/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25635 - High (8.6)
calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows (haven't tested on other OS's), this can lead to Remot...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25635/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25635 - High (8.6)
calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows (haven't tested on other OS's), this can lead to Remot...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25635/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:57:22.450000
4 posts
🟠 CVE-2026-25628 - High (8.5)
Qdrant is a vector similarity search engine and vector database. From 1.9.3 to before 1.16.0, it is possible to append to arbitrary files via /logger endpoint using an attacker-controlled on_disk.log_file path. Minimal privileges are required (rea...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25628/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25628 - High (8.5)
Qdrant is a vector similarity search engine and vector database. From 1.9.3 to before 1.16.0, it is possible to append to arbitrary files via /logger endpoint using an attacker-controlled on_disk.log_file path. Minimal privileges are required (rea...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25628/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25628 - High (8.5)
Qdrant is a vector similarity search engine and vector database. From 1.9.3 to before 1.16.0, it is possible to append to arbitrary files via /logger endpoint using an attacker-controlled on_disk.log_file path. Minimal privileges are required (rea...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25628/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25628 - High (8.5)
Qdrant is a vector similarity search engine and vector database. From 1.9.3 to before 1.16.0, it is possible to append to arbitrary files via /logger endpoint using an attacker-controlled on_disk.log_file path. Minimal privileges are required (rea...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25628/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:57:22.450000
4 posts
🔴 CVE-2026-25641 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, there is a sandbox escape vulnerability due to a mismatch between the key on which the validation is performed and the key used for accessing properties. Even though the key used in pr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25641/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25641 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, there is a sandbox escape vulnerability due to a mismatch between the key on which the validation is performed and the key used for accessing properties. Even though the key used in pr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25641/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25641 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, there is a sandbox escape vulnerability due to a mismatch between the key on which the validation is performed and the key used for accessing properties. Even though the key used in pr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25641/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25641 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, there is a sandbox escape vulnerability due to a mismatch between the key on which the validation is performed and the key used for accessing properties. Even though the key used in pr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25641/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:57:22.450000
2 posts
🔴 CVE-2026-25587 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, as Map is in SAFE_PROTOYPES, it's prototype can be obtained via Map.prototype. By overwriting Map.prototype.has the sandbox can be escaped. This vulnerability is fixed in 0.8.29.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25587/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25587 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, as Map is in SAFE_PROTOYPES, it's prototype can be obtained via Map.prototype. By overwriting Map.prototype.has the sandbox can be escaped. This vulnerability is fixed in 0.8.29.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25587/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:57:22.450000
2 posts
🟠 CVE-2025-13523 - High (7.7)
Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim bro...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13523/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-13523 - High (7.7)
Mattermost Confluence plugin version <1.7.0 fails to properly escape user-controlled display names in HTML template rendering which allows authenticated Confluence users with malicious display names to execute arbitrary JavaScript in victim bro...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13523/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:43:42
2 posts
🟠 CVE-2026-25593 - High (8.4)
OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling comman...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25593/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25593 - High (8.4)
OpenClaw is a personal AI assistant. Prior to 2026.1.20, an unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling comman...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25593/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:42:28
2 posts
🟠 CVE-2026-25580 - High (8.6)
Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 0.0.26 to before 1.56.0, aServer-Side Request Forgery (SSRF) vulnerability exists in Pydantic AI's URL download functionality. When applicatio...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25580/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25580 - High (8.6)
Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 0.0.26 to before 1.56.0, aServer-Side Request Forgery (SSRF) vulnerability exists in Pydantic AI's URL download functionality. When applicatio...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25580/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:42:24
4 posts
🔴 CVE-2026-25520 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, The return values of functions aren't wrapped. Object.values/Object.entries can be used to get an Array containing the host's Function constructor, by using Array.prototype.at you can ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25520/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25520 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, The return values of functions aren't wrapped. Object.values/Object.entries can be used to get an Array containing the host's Function constructor, by using Array.prototype.at you can ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25520/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25520 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, The return values of functions aren't wrapped. Object.values/Object.entries can be used to get an Array containing the host's Function constructor, by using Array.prototype.at you can ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25520/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25520 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, The return values of functions aren't wrapped. Object.values/Object.entries can be used to get an Array containing the host's Function constructor, by using Array.prototype.at you can ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25520/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:42:17
2 posts
🟠 CVE-2026-23989 - High (8.2)
REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23989/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-23989 - High (8.2)
REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23989/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:38:16
2 posts
🟠 CVE-2025-70963 - High (7.6)
Gophish <=0.12.1 is vulnerable to Incorrect Access Control. The administrative dashboard exposes each user’s long-lived API key directly inside the rendered HTML/JavaScript of the page on every login. This makes permanent API credentials acce...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70963/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-70963 - High (7.6)
Gophish <=0.12.1 is vulnerable to Incorrect Access Control. The administrative dashboard exposes each user’s long-lived API key directly inside the rendered HTML/JavaScript of the page on every login. This makes permanent API credentials acce...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70963/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:38:04
1 posts
🔴 CVE-2026-25505 - Critical (9.8)
Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue ha...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25505/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:30:58
4 posts
🟠 CVE-2026-2067 - High (8.8)
A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/formTimeGroupConfig. The manipulation of the argument year1 leads to buffer overflow. The attack may be ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2067/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2067 - High (8.8)
A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/formTimeGroupConfig. The manipulation of the argument year1 leads to buffer overflow. The attack may be ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2067/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2067 - High (8.8)
A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/formTimeGroupConfig. The manipulation of the argument year1 leads to buffer overflow. The attack may be ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2067/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2067 - High (8.8)
A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/formTimeGroupConfig. The manipulation of the argument year1 leads to buffer overflow. The attack may be ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2067/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:30:58
2 posts
🟠 CVE-2026-2066 - High (8.8)
A weakness has been identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formIpGroupConfig. Executing a manipulation of the argument groupName can lead to buffer overflow. The attack can be launched remo...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2066/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2066 - High (8.8)
A weakness has been identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formIpGroupConfig. Executing a manipulation of the argument groupName can lead to buffer overflow. The attack can be launched remo...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2066/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T19:43:47.703000
8 posts
4 repos
https://github.com/N3k0t-dev/PoC-CVE-collection
https://github.com/Mr-In4inci3le/CVE-2025-11953-POC-
https://github.com/boroeurnprach/CVE-2025-11953-PoC
https://github.com/SaidBenaissa/cve-2025-11953-vulnerability-demo
⚪ Critical Metro4Shell Vulnerability Exploited to Breach Development Systems
🗨️ Attackers are actively exploiting the critical CVE-2025-11953 vulnerability in the React Native Metro server to infect developers’ systems with malware for Windows and Linux.
##Critical React Native CLI Vulnerability Puts Development Environments at Risk, CISA Warns
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert following the discovery of a critical vulnerability in the React Native Community Command-Line Interface (CLI). Tracked as CVE-2025-11953, this flaw allows attackers to execute arbitrary system commands on vulnerable development machines. The vulnerability has already been actively…
##🚨 [CISA-2026:0205] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0205)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2025-11953 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-11953)
- Name: React Native Community CLI OS Command Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: React Native Community
- Product: CLI
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: ; https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547;https://github.com/react-native-community/cli/pull/2735 ; https://nvd.nist.gov/vuln/detail/CVE-2025-11953
⚠️ CVE-2026-24423 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24423)
- Name: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: SmarterTools
- Product: SmarterMail
- Notes: https://www.smartertools.com/smartermail/release-notes/current ; https://www.cve.org/CVERecord?id=CVE-2026-24423 ; https://nvd.nist.gov/vuln/detail/CVE-2026-24423
#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260205 #cisa20260205 #cve_2025_11953 #cve_2026_24423 #cve202511953 #cve202624423
##⚪ Critical Metro4Shell Vulnerability Exploited to Breach Development Systems
🗨️ Attackers are actively exploiting the critical CVE-2025-11953 vulnerability in the React Native Metro server to infect developers’ systems with malware for Windows and Linux.
##CVE ID: CVE-2025-11953
Vendor: React Native Community
Product: CLI
Date Added: 2026-02-05
Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: ; https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547;https://github.com/react-native-community/cli/pull/2735 ; https://nvd.nist.gov/vuln/detail/CVE-2025-11953
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-11953
New:
CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats https://www.cisa.gov/news-events/news/cisa-orders-federal-agencies-strengthen-edge-device-security-amid-rising-cyber-threats
CISA has also updated the KEV catalogue.
- CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-24423
- CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-11953
Five industrial vulnerabilities have also been added: https://www.cisa.gov/ #CISA #infosec #vulnerabilities
##‼️ CISA has added two vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability:
SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead to command execution.
CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability:
React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the Metro Development Server and run arbitrary executables via a vulnerable endpoint exposed by the server. On Windows, attackers can also execute arbitrary shell commands with fully controlled arguments.
##Critical React Native Metro Server Bug Under Active Exploitation
Attackers are actively exploiting a critical command injection vulnerability (CVE-2025-11953) in the React Native Metro development server to deploy malware on Windows and Linux systems.
**This is now urgent and important. If you're a React Native developer, update @react-native-community/cli-server-api to version 20.0.0 or higher. Your tools are being actively exploited. If you can't update right away, start your Metro server with the --host 127.0.0.1 flag (like `npx react-native start --host 127.0.0.1`). Make sure to patch all projects on your computer and the globally installed version.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/critical-react-native-metro-server-bug-under-active-exploitation-m-3-d-o-k/gD2P6Ple2L
updated 2026-02-06T18:31:38
2 posts
1 repos
https://github.com/cypherdavy/CVE-2025-69906-Monstra-CMS-3.0.4-Arbitrary-File-Upload-to-RCE
🟠 CVE-2025-69906 - High (8.8)
Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files Manager plugin. The application relies on blacklist-based file extension validation and stores uploaded files directly in a web-accessible directory. Under typical ser...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69906/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-69906 - High (8.8)
Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files Manager plugin. The application relies on blacklist-based file extension validation and stores uploaded files directly in a web-accessible directory. Under typical ser...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69906/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T18:31:38
2 posts
🟠 CVE-2025-69619 - High (7.5)
A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69619/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-69619 - High (7.5)
A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69619/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T18:30:29
11 posts
1 repos
CISA Sounds the Alarm: SmarterMail Zero-Click RCE Actively Used in Ransomware Attacks
Introduction: A Quiet API, A Loud Crisis U.S. cybersecurity authorities have issued an urgent warning after confirming active ransomware exploitation of a newly disclosed vulnerability in SmarterMail, a widely used email server platform. The flaw, tracked as CVE-2026-24423, allows unauthenticated remote code execution (RCE) through the product’s ConnectToHub API, meaning attackers can…
##"CISA warns of SmarterMail RCE flaw used in ransomware attacks"
"[...] has issued a warning about CVE-2026-24423, an unauthenticated remote code execution (RCE) flaw in SmarterMail that is used in ransomware attacks. The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S."
##CISA warns of SmarterMail RCE flaw used in ransomware attacks
The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S. has issued a warning about CVE-2026-24423, an unauthenticated remote code...
🔗️ [Bleepingcomputer] https://link.is.it/Kkych1
##📰 CISA: Critical SmarterMail RCE Flaw Actively Exploited in Ransomware Attacks
⚠️ CISA KEV ALERT: A critical RCE flaw in SmarterMail (CVE-2026-24423) is actively exploited in ransomware attacks. Unauthenticated attackers can take over mail servers. Patch to build 9511+ immediately! #CVE #Ransomware #PatchNow
##🚨 [CISA-2026:0205] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0205)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2025-11953 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-11953)
- Name: React Native Community CLI OS Command Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: React Native Community
- Product: CLI
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: ; https://github.com/react-native-community/cli/commit/15089907d1f1301b22c72d7f68846a2ef20df547;https://github.com/react-native-community/cli/pull/2735 ; https://nvd.nist.gov/vuln/detail/CVE-2025-11953
⚠️ CVE-2026-24423 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24423)
- Name: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: SmarterTools
- Product: SmarterMail
- Notes: https://www.smartertools.com/smartermail/release-notes/current ; https://www.cve.org/CVERecord?id=CVE-2026-24423 ; https://nvd.nist.gov/vuln/detail/CVE-2026-24423
#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260205 #cisa20260205 #cve_2025_11953 #cve_2026_24423 #cve202511953 #cve202624423
##"CISA warns of SmarterMail RCE flaw used in ransomware attacks"
"[...] has issued a warning about CVE-2026-24423, an unauthenticated remote code execution (RCE) flaw in SmarterMail that is used in ransomware attacks. The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S."
##CISA warns of SmarterMail RCE flaw used in ransomware attacks
The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S. has issued a warning about CVE-2026-24423, an unauthenticated remote code...
🔗️ [Bleepingcomputer] https://link.is.it/Kkych1
##CVE-2026-24423 - Changed to Known Ransomware Status
SmarterTools SmarterMail Missing Authentication for Critical Function VulnerabilityVendor: SmarterToolsProduct: SmarterMailSmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead https://nvd.nist.gov/vuln/detail/CVE-2026-24423
##CVE ID: CVE-2026-24423
Vendor: SmarterTools
Product: SmarterMail
Date Added: 2026-02-05
Notes: https://www.smartertools.com/smartermail/release-notes/current ; https://www.cve.org/CVERecord?id=CVE-2026-24423 ; https://nvd.nist.gov/vuln/detail/CVE-2026-24423
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-24423
New:
CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats https://www.cisa.gov/news-events/news/cisa-orders-federal-agencies-strengthen-edge-device-security-amid-rising-cyber-threats
CISA has also updated the KEV catalogue.
- CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-24423
- CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-11953
Five industrial vulnerabilities have also been added: https://www.cisa.gov/ #CISA #infosec #vulnerabilities
##‼️ CISA has added two vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability:
SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead to command execution.
CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability:
React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the Metro Development Server and run arbitrary executables via a vulnerable endpoint exposed by the server. On Windows, attackers can also execute arbitrary shell commands with fully controlled arguments.
##updated 2026-02-06T17:49:06.210000
1 posts
🟠 CVE-2026-0538 - High (7.8)
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0538/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T17:16:18.283000
2 posts
🔴 CVE-2025-70073 - Critical (9.8)
An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70073/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-70073 - Critical (9.8)
An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70073/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T16:26:55.207000
1 posts
🟠 CVE-2026-0661 - High (7.8)
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0661/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T15:14:47.703000
4 posts
CVE-2025-15566 #devopsish #kubernetes #cve https://github.com/kubernetes/kubernetes/issues/136789
##🟠 CVE-2025-15566 - High (8.8)
A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ing...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15566/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2025-15566 #devopsish #kubernetes #cve https://github.com/kubernetes/kubernetes/issues/136789
##🟠 CVE-2025-15566 - High (8.8)
A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ing...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15566/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T15:14:47.703000
2 posts
1 repos
🔴 CVE-2026-2017 - Critical (9.8)
A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in sta...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2017/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-2017 - Critical (9.8)
A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in sta...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2017/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T15:14:47.703000
2 posts
🔴 CVE-2026-1499 - Critical (9.8)
The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization leading to Arbitrary File Upload in all versions up to and including 1.1.8. This is due to a missing capability check on the `process_add_site()` AJAX action combined wit...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1499/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-1499 - Critical (9.8)
The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization leading to Arbitrary File Upload in all versions up to and including 1.1.8. This is due to a missing capability check on the `process_add_site()` AJAX action combined wit...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1499/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T15:14:47.703000
2 posts
🟠 CVE-2026-24926 - High (8.4)
Out-of-bounds write vulnerability in the camera module.
Impact: Successful exploitation of this vulnerability may affect availability.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24926/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24926 - High (8.4)
Out-of-bounds write vulnerability in the camera module.
Impact: Successful exploitation of this vulnerability may affect availability.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24926/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T15:14:47.703000
1 posts
🟠 CVE-2026-21532 - High (8.2)
Azure Function Information Disclosure Vulnerability
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21532/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T15:14:47.703000
1 posts
🔴 CVE-2026-0106 - Critical (9.3)
In vpu_mmap of vpu_ioctl, there is a possible arbitrary address mmap due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0106/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T09:30:35
4 posts
1 repos
ahhh… la bonne vuln critique du vendredi qui sent le café ☕️
🕵️♂️ CVE-2026-21643
D’après la fiche : SQL Injection (improper neutralization of special elements used in an SQL command) dans Fortinet FortiClientEMS 7.4.4
➡️ pourrait permettre à un attaquant non authentifié d’exécuter du code/commandes via des requêtes HTTP spécialement forgées.
RCE “unauth” sur un produit exposé, quelle surprise… 🙃
il me manque un traversal path dans l'histoire pour être définitivement comblé
may or may not, qui sait…
attendons l’advisory officiel avant de sortir les fourches (ou les patchs).
👇
https://cve.circl.lu/vuln/CVE-2026-21643 👀
🔴 CVE-2026-21643 - Critical (9.8)
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP req...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21643/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##ahhh… la bonne vuln critique du vendredi qui sent le café ☕️
🕵️♂️ CVE-2026-21643
D’après la fiche : SQL Injection (improper neutralization of special elements used in an SQL command) dans Fortinet FortiClientEMS 7.4.4
➡️ pourrait permettre à un attaquant non authentifié d’exécuter du code/commandes via des requêtes HTTP spécialement forgées.
RCE “unauth” sur un produit exposé, quelle surprise… 🙃
il me manque un traversal path dans l'histoire pour être définitivement comblé
may or may not, qui sait…
attendons l’advisory officiel avant de sortir les fourches (ou les patchs).
👇
https://cve.circl.lu/vuln/CVE-2026-21643 👀
🔴 CVE-2026-21643 - Critical (9.8)
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP req...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21643/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T09:30:35
2 posts
🟠 CVE-2026-24930 - High (8.4)
UAF concurrency vulnerability in the graphics module.
Impact: Successful exploitation of this vulnerability may affect availability.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24930/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24930 - High (8.4)
UAF concurrency vulnerability in the graphics module.
Impact: Successful exploitation of this vulnerability may affect availability.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24930/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T07:16:11.187000
2 posts
Mitsubishi Electric Patches Critical Remote Takeover Flaw in MELSEC iQ-R Series PLCs
Mitsubishi Electric patched a critical vulnerability (CVE-2025-15080) in MELSEC iQ-R Series PLCs that allows unauthenticated remote attackers to read or tamper with control data and cause system outages.
**Make sure all MELSEC iQ-R Series PLCs are isolated from the public internet and accessible only from trusted networks. Then plan an update to firmware version 49.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/mitsubishi-electric-patches-critical-remote-takeover-flaw-in-melsec-iq-r-series-plcs-y-b-o-n-n/gD2P6Ple2L
Mitsubishi Electric Patches Critical Remote Takeover Flaw in MELSEC iQ-R Series PLCs
Mitsubishi Electric patched a critical vulnerability (CVE-2025-15080) in MELSEC iQ-R Series PLCs that allows unauthenticated remote attackers to read or tamper with control data and cause system outages.
**Make sure all MELSEC iQ-R Series PLCs are isolated from the public internet and accessible only from trusted networks. Then plan an update to firmware version 49.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/mitsubishi-electric-patches-critical-remote-takeover-flaw-in-melsec-iq-r-series-plcs-y-b-o-n-n/gD2P6Ple2L
updated 2026-02-06T00:30:37
1 posts
🟠 CVE-2026-24302 - High (8.6)
Azure Arc Elevation of Privilege Vulnerability
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24302/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T00:30:32
2 posts
https://winbuzzer.com/2026/02/06/cve-2026-0391-microsoft-edge-android-ui-spoofing-xcxwbn/
CVE-2026-0391: Edge Android Flaw Enables Spoofing Attacks
#MicrosoftEdge #Security #Cybersecurity #Microsoft #Android #WebBrowsers #Phishing #CredentialTheft #ZeroDayVulnerabilities #Chromium
##https://winbuzzer.com/2026/02/06/cve-2026-0391-microsoft-edge-android-ui-spoofing-xcxwbn/
CVE-2026-0391: Edge Android Flaw Enables Spoofing Attacks
#MicrosoftEdge #Security #Cybersecurity #Microsoft #Android #WebBrowsers #Phishing #CredentialTheft #ZeroDayVulnerabilities #Chromium
##updated 2026-02-06T00:30:32
1 posts
1 repos
🔴 CVE-2026-24300 - Critical (9.8)
Azure Front Door Elevation of Privilege Vulnerability
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24300/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T22:06:39.947000
1 posts
🟠 CVE-2026-0536 - High (7.8)
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0536/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T21:33:39
1 posts
🟠 CVE-2026-20979 - High (7.8)
Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20979/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T21:33:39
1 posts
🟠 CVE-2026-20983 - High (7.8)
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20983/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T21:32:48
1 posts
🟠 CVE-2025-15311 - High (7.8)
Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15311/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T21:32:42
1 posts
🟠 CVE-2025-15330 - High (8.8)
Tanium addressed an improper input validation vulnerability in Deploy.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15330/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T21:32:40
2 posts
1 repos
🔴 CVE-2025-68721 - Critical (9.1)
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates ma...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68721/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-68721 - Critical (9.1)
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates ma...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68721/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T21:15:52.127000
1 posts
1 repos
🟠 CVE-2025-68722 - High (8.8)
Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery (CSRF) vulnerability in the WebAdmin interface through improper handling of the _s (breadcrumb) parameter. The application accepts state-changing req...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68722/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T20:42:20.263000
1 posts
🟠 CVE-2026-25056 - High (8.8)
n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerability in the Merge node's SQL Query mode allowed authenticated users with permission to create or modify workflows to write arbitrary files to the n...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25056/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T20:41:47.613000
1 posts
🟠 CVE-2026-25055 - High (8.1)
n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to fi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25055/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T20:32:37.750000
1 posts
🔴 CVE-2026-25053 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25053/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T20:22:47.870000
9 posts
📰 Critical RCE Flaw in n8n Automation Platform Allows Full Server Takeover
🔥 CRITICAL RCE: A sandbox escape flaw (CVE-2026-25049, CVSS 9.4) in the n8n automation platform allows full server takeover and credential theft. Update to versions 1.123.17 or 2.5.2 immediately! #CVE #RCE #DevSecOps
##🔴 CVE-2026-25049 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system comma...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25049/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Collectively tracked as CVE-2026-25049, the issues can be exploited by any authenticated user who can create or edit workflows on the platform to perform unrestricted remote code execution on the n8n server. https://www.bleepingcomputer.com/news/security/critical-n8n-flaws-disclosed-along-with-public-exploits/
##CVE-2026-25049 highlights weaknesses in sandboxing user-defined JavaScript expressions within n8n workflows.
Multiple research teams demonstrated authenticated sandbox escape leading to unrestricted RCE, credential exposure, filesystem access, cloud pivoting, and AI workflow manipulation. The issue stems from incomplete AST-based sandboxing and runtime enforcement gaps.
Fixes have been released, and mitigation guidance includes updating, rotating secrets, and restricting workflow permissions.
💬 What lessons does this case offer for securing automation platforms?
➕ Follow TechNadu for accurate, vendor-neutral infosec reporting.
#Infosec #CVE #n8n #SandboxEscape #RCE #CloudSecurity #DevSecOps
##n8n : la faille critique CVE-2026-25049 réactive une précédente vulnérabilité https://www.it-connect.fr/n8n-cve-2026-25049-execution-code-a-distance/ #ActuCybersécurité #Cybersécurité #Vulnérabilité
##It seems that the recent #n8n CVE-2026-25049 is (EDIT: or was? My e-mail got answered with a generic response by an AI assistant) not only exploitable on self-hosted instances, but also in the n8n cloud. At least this is what the URL briefly visible in this video indicates. https://www.youtube.com/watch?v=QLrm7jx8kew (skip to 0:15 for a clear shot).
##Critical Sandbox Escapes in n8n AI Platform Enable Full Server Takeover
n8n patched another critical sandbox escape vulnerabilities (CVE-2026-25049) that allow authenticated users to execute arbitrary code and steal sensitive AI and cloud credentials.
**This is another important and urgent flaw in n8n. Update your n8n instances to the latest version ASAP and rotate all stored API keys and encryption secrets. Since these flaws allow full server takeover, you must assume any credentials stored in an unpatched instance are already compromised.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-sandbox-escapes-in-n8n-ai-platform-enable-full-server-takeover-h-k-y-o-v/gD2P6Ple2L
2026: New N8N RCE Deep Dive into CVE-2026-25049 https://blog.securelayer7.net/cve-2026-25049/
##‼️CVE-2026-25049: N8n AI Workflow Remote Code Execution
"This vulnerability allows an attacker to execute arbitrary system commands through misconfigured or insecure AI workflow execution paths. When chained correctly, it can lead to full server compromise depending on deployment configuration."
Video Credit: youtube.com/@SecureLayer7
##updated 2026-02-05T20:15:52.003000
1 posts
updated 2026-02-05T18:08:05.863000
2 posts
🔴 CVE-2026-25234 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category manager workflow to inject SQL via a category id...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25234/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25234 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in category deletion can allow an attacker with access to the category manager workflow to inject SQL via a category id...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25234/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T18:07:35.470000
1 posts
🟠 CVE-2026-25235 - High (7.5)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, predictable verification hashes may allow attackers to guess verification tokens and potentially verify election account requests without authorizati...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25235/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T18:00:51.113000
1 posts
🟠 CVE-2026-25239 - High (7.5)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in apidoc queue insertion can allow query manipulation if an attacker can influence the inserted filename value. This i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25239/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T17:56:13.807000
1 posts
🔴 CVE-2026-25240 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains() when role filters are provided as an array and interpolated into an IN (...) clause. Thi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25240/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T17:55:10.430000
1 posts
🔴 CVE-2026-25241 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, an unauthenticated SQL injection in the /get// endpoint allows remote attackers to execute arbitrary SQL via a crafted package version. This issue ha...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25241/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T17:27:26.890000
1 posts
🟠 CVE-2025-59439 - High (7.5)
An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123. Incorrect handling of NAS Registration messages leads to a Denial of Service because of Improper ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-59439/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T15:34:59
2 posts
1 repos
https://github.com/mbanyamer/CVE-2026-25546-godot-mcp-0.1.1-OS-Command-Injection
🟠 CVE-2026-25546 - High (7.8)
Godot MCP is a Model Context Protocol (MCP) server for interacting with the Godot game engine. Prior to version 0.1.1, a command injection vulnerability in godot-mcp allows remote code execution. The executeOperation function passed user-controlle...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25546/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25546 - High (7.8)
Godot MCP is a Model Context Protocol (MCP) server for interacting with the Godot game engine. Prior to version 0.1.1, a command injection vulnerability in godot-mcp allows remote code execution. The executeOperation function passed user-controlle...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25546/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T15:32:15
2 posts
🟠 CVE-2025-61732 - High (8.6)
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61732/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-61732 - High (8.6)
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61732/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T15:32:10
1 posts
🔴 CVE-2025-67189 - Critical (9.8)
A buffer overflow vulnerability exists in the setParentalRules interface of TOTOLINK A950RG V4.1.2cu.5204_B20210112. The urlKeyword parameter is not properly validated, and the function concatenates multiple user-controlled fields into a fixed-siz...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67189/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T15:16:08.583000
1 posts
🟠 CVE-2025-71031 - High (7.5)
Water-Melon Melon commit 9df9292 and below is vulnerable to Denial of Service. The HTTP component doesn't have any maximum length. As a result, an excessive request header could cause a denial of service by consuming RAM memory.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71031/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T15:16:07.170000
1 posts
🔴 CVE-2025-67188 - Critical (9.8)
A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The issue resides in the setRadvdCfg interface of the /lib/cste_modules/ipv6.so module. The function fails to properly validate the length of the user-controlled ra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67188/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:34.297000
1 posts
🟠 CVE-2025-61917 - High (7.7)
n8n is an open source workflow automation platform. From version 1.65.0 to before 1.114.3, the use of Buffer.allocUnsafe() and Buffer.allocUnsafeSlow() in the task runner allowed untrusted code to allocate uninitialized memory. Such uninitialized ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61917/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:34.297000
2 posts
🟠 CVE-2026-20098 - High (8.8)
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system.
This vu...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20098/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20098 - High (8.8)
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system.
This vu...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20098/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2025-13379 - High (8.6)
IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13379/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2026-25585 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a vulnerability IccCmm.cpp:5793 when reading through index during ICC p...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25585/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🔴 CVE-2026-25526 - Critical (9.8)
JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Prior to versions 2.7.6 and 2.8.3, JinJava is vulnerable to arbitrary Java execution via bypass through ForTag. This allows arbitrary Java ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25526/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2026-25583 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow vulnerability in CIccFileIO::Read8() when proces...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25583/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2026-25582 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow (read) vulnerability in CIccIO::WriteUInt16Float...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25582/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
2 posts
🟠 CVE-2026-25519 - High (8.1)
OpenSlides is a free, web based presentation and assembly system for managing and projecting agenda, motions and elections of an assembly. Prior to version 4.2.29, OpenSlides supports local logins with username and password or an optionally config...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25519/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25519 - High (8.1)
OpenSlides is a free, web based presentation and assembly system for managing and projecting agenda, motions and elections of an assembly. Prior to version 4.2.29, OpenSlides supports local logins with username and password or an optionally config...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25519/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2026-24844 - High (7.9)
melange allows users to build apk packages using declarative pipelines. From version 0.3.0 to before 0.40.3, an attacker who can provide build input values, but not modify pipeline definitions, could execute arbitrary shell commands if the pipelin...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24844/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
2 posts
🔴 CVE-2026-25160 - Critical (9.1)
Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the application disables TLS certificate verification by default for all outgoing storage driver communications, making the system v...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25160/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25160 - Critical (9.1)
Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the application disables TLS certificate verification by default for all outgoing storage driver communications, making the system v...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25160/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2026-24843 - High (8.2)
melange allows users to build apk packages using declarative pipelines. In version 0.11.3 to before 0.40.3, an attacker who can influence the tar stream from a QEMU guest VM could write files outside the intended workspace directory on the host. T...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24843/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T14:57:20.563000
1 posts
🟠 CVE-2026-25121 - High (7.5)
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25121/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T03:30:23
2 posts
I’ve published a technical analysis of CVE-2025-11730, a Remote Code Execution vulnerability affecting ZYXEL ATP/USG Series devices running firmware 5.41.
The issue is caused by improper input sanitization in the DDNS profile configuration.
A crafted public-ip-url value allows arbitrary command execution as root during DDNS updates.
Technical details and PoC:
https://rainpwn.blog/blog/cve-2025-11730/
Affected: ZYXEL ATP/USG Series (fw 5.41)
##CVE-2025-11730: Remote Code Execution via DDNS configuration in ZYXEL ATP/USG Series (V5.41) https://rainpwn.blog/blog/cve-2025-11730/
##updated 2026-02-05T03:30:23
1 posts
🟠 CVE-2025-10314 - High (8.8)
Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2 allows a local attacker to execute arbitrary code with system privileges by replacing service executable files (EXE) o...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-10314/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T00:36:45
1 posts
🔴 CVE-2026-25539 - Critical (9.1)
SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25539/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-05T00:31:08
1 posts
🟠 CVE-2025-13192 - High (8.2)
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to generic SQL Injection via the multiple REST API endpoints in all versions up to, and including, 2.2.0 due ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13192/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:57:36
1 posts
🟠 CVE-2026-24735 - High (7.5)
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer.
This issue affects Apache Answer: through 1.7.1.
An unauthenticated API endpoint incorrectly exposes full revision history for deleted content. Thi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24735/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:56:57
1 posts
🟠 CVE-2026-25161 - High (8.8)
Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the application contains path traversal vulnerability in multiple file operation handlers. An authenticated attacker can bypass dire...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25161/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:56:26
2 posts
🟠 CVE-2026-25157 - High (7.7)
OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25157/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25157 - High (7.7)
OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25157/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:56:11
2 posts
🟠 CVE-2026-25143 - High (7.8)
melange allows users to build apk packages using declarative pipelines. From version 0.10.0 to before 0.40.3, an attacker who can influence inputs to the patch pipeline could execute arbitrary shell commands on the build host. The patch pipeline i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25143/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25143 - High (7.8)
melange allows users to build apk packages using declarative pipelines. From version 0.10.0 to before 0.40.3, an attacker who can influence inputs to the patch pipeline could execute arbitrary shell commands on the build host. The patch pipeline i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25143/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:56:01
1 posts
🟠 CVE-2026-25140 - High (7.5)
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, an attacker who controls or compromises an APK repository used by apko could cause resource exhaustion on the build host. The...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25140/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:55:36
1 posts
🟠 CVE-2026-24884 - High (8.4)
Compressing is a compressing and uncompressing lib for node. In version 2.0.0 and 1.10.3 and prior, Compressing extracts TAR archives while restoring symbolic links without validating their targets. By embedding symlinks that resolve outside the i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24884/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:55:12
1 posts
🟠 CVE-2026-23897 - High (7.5)
Apollo Server is an open-source, spec-compliant GraphQL server that's compatible with any GraphQL client, including Apollo Client. In versions from 2.0.0 to 3.13.0, 4.2.0 to before 4.13.0, and 5.0.0 to before 5.4.0, the default configuration of st...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23897/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:30:43
1 posts
🔴 CVE-2025-13375 - Critical (9.8)
IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13375/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:30:32
1 posts
🟠 CVE-2025-69620 - High (7.5)
A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69620/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T21:30:32
1 posts
🟠 CVE-2025-69875 - High (7.8)
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into p...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69875/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T20:16:05.863000
1 posts
🟠 CVE-2026-25027 - High (7.5)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Unicamp unicamp allows PHP Local File Inclusion.This issue affects Unicamp: from n/a through <= 2.7.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25027/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T20:04:50
2 posts
💡 CVE-2026-24512: la vulnerabilità di ingress-NGINX che minaccia i cluster Kubernetes
##🟠 CVE-2026-24512 - High (8.8)
A security issue was discovered in ingress-nginx cthe `rules.http.paths.path` Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24512/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T19:53:39
1 posts
🔴 CVE-2026-25052 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n hos...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25052/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T19:53:06
1 posts
🔴 CVE-2025-64712 - Critical (9.8)
The unstructured library provides open-source components for ingesting and pre-processing images and text documents, such as PDFs, HTML, Word docs, and many more. Prior to version 0.18.18, a path traversal vulnerability in the partition_msg functi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-64712/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T19:42:05
1 posts
🔴 CVE-2026-25115 - Critical (9.9)
n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25115/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T19:34:42
1 posts
🔴 CVE-2025-69970 - Critical (9.3)
FUXA v1.2.7 contains an insecure default configuration vulnerability in server/settings.default.js. The 'secureEnabled' flag is commented out by default, causing the application to initialize with authentication disabled. This allows unauthenticat...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69970/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:31:36
1 posts
🔴 CVE-2025-46651 - Critical (9.1)
Tiny File Manager through 2.6 contains a server-side request forgery (SSRF) vulnerability in the URL upload feature. Due to insufficient validation of user-supplied URLs, an attacker can send crafted requests to localhost by using http://www.127.0...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-46651/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:31:36
1 posts
🟠 CVE-2025-60865 - High (7.8)
Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174 allows a local attacker to escalate privileges via the Driver Updater Service windows component.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-60865/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:31:36
1 posts
🔴 CVE-2025-67186 - Critical (9.8)
TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability in the setUrlFilterRules interface of /lib/cste_modules/firewall.so. The vulnerability occurs because the `url` parameter is not properly validated for length, allowi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67186/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:31:36
1 posts
1 repos
🔴 CVE-2025-57529 - Critical (9.8)
YouDataSum CPAS Audit Management System <=v4.9 is vulnerable to SQL Injection in /cpasList/findArchiveReportByDah due to insufficient input validation. This allows remote unauthenticated attackers to execute arbitrary SQL commands via crafted i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-57529/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:31:36
1 posts
🟠 CVE-2025-66374 - High (7.8)
CyberArk Endpoint Privilege Manager Agent through 25.10.0 allows a local user to achieve privilege escalation through policy elevation of an Administration task.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-66374/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:51
1 posts
🟠 CVE-2026-0660 - High (7.8)
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0660/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:51
2 posts
🟠 CVE-2026-20119 - High (7.5)
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20119/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20119 - High (7.5)
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20119/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:51
1 posts
🟠 CVE-2026-0659 - High (7.8)
A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the cur...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0659/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:51
1 posts
🟠 CVE-2026-0662 - High (7.8)
A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current process due to an Untrusted Search Path being utilized.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0662/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:50
2 posts
🟠 CVE-2026-0537 - High (7.8)
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0537/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-0537 - High (7.8)
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0537/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:31
1 posts
🔴 CVE-2025-63624 - Critical (9.8)
SQL Injection vulnerability in Shandong Kede Electronics Co., Ltd IoT smart water meter monitoring platform v.1.0 allows a remote attacker to execute arbitrary code via the imei_list.aspx file.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-63624/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T18:30:31
1 posts
🟠 CVE-2025-63372 - High (7.5)
Articentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing component, specifically in the functionality responsible for extracting and handling ZIP archive contents.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-63372/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T17:46:00
2 posts
🔴 CVE-2026-25510 - Critical (9.9)
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote Code Exe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25510/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25510 - Critical (9.9)
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote Code Exe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25510/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T17:45:45
1 posts
🔴 CVE-2026-25150 - Critical (9.3)
Qwik is a performance focused javascript framework. Prior to version 1.19.0, a prototype pollution vulnerability exists in the formToObj() function within @builder.io/qwik-city middleware. The function processes form field names with dot notation ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25150/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T17:16:10.167000
1 posts
🔴 CVE-2025-67187 - Critical (9.8)
A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The flaw exists in the setIpQosRules interface of /lib/cste_modules/firewall.so where the comment parameter is not properly validated for length.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67187/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T17:16:08.663000
1 posts
1 repos
🔴 CVE-2025-61506 - Critical (9.8)
An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61506/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:34:21.763000
4 posts
1 repos
https://github.com/MehdiLeDeaut/CVE-2026-1281-Ivanti-EPMM-RCE
If you have Ivanti EPMM, please follow these instructions.
“Technical Analysis updated with reliable Indicators of Compromise (IoC’s). Both in partnership with NCSC-NL.”
The Dutchies are at it again!🤘🇳🇱
#EPMM #CVE20261281 #CVE20261340 #Ivanti #Cybersecurity #infosec #ioc
##If you have Ivanti EPMM, please follow these instructions.
“Technical Analysis updated with reliable Indicators of Compromise (IoC’s). Both in partnership with NCSC-NL.”
The Dutchies are at it again!🤘🇳🇱
#EPMM #CVE20261281 #CVE20261340 #Ivanti #Cybersecurity #infosec #ioc
##This Ivanti Endpoint Manager Mobile (IPMM) security advisory seems to fit the timeline of the incident: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
##Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 and CVE-2026-1340) https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/
##updated 2026-02-04T16:34:21.763000
1 posts
🟠 CVE-2025-70560 - High (8.4)
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickl...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70560/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
3 posts
CVE-2026-1633 Missing Authentication for Critical Function (CWE-306) https://feedly.com/cve/CVE-2026-1633
##Critical Authentication Bypass in End-of-Life Synectix LAN 232 TRIO Adapters
Synectix LAN 232 TRIO adapters contain a critical vulnerability (CVE-2026-1633) that allows unauthenticated remote attackers to take full control of the device. Because the manufacturer is out of business, no patches will be released.
**If you use these Synectix adapters, isolate them from the internet immediately because they have no password protection and will never be patched. Since the company is out of business, plan a replacement of the devices.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-end-of-life-synectix-lan-232-trio-adapters-j-r-d-l-z/gD2P6Ple2L
🔴 CVE-2026-1633 - Critical (10)
The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes its web management interface without requiring authentication, allowing unauthenticated users to modify critical device settings or factory reset the device.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1633/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
1 posts
Critical Authentication Bypass in Avation Light Engine Pro Allows Full Device Takeover
Avation Light Engine Pro contains a critical vulnerability (CVE-2026-1341) that allows unauthenticated remote attackers to take full control of the device due to a complete lack of authentication.
**Isolate your Avation Light Engine Pro from the internet and make them accessible only from trusted networks. There is no patch, and the vendor is unresponsive. Use a VPN and firewalls to ensure only authorized internal staff can reach the control interface, and start planning for a replacement.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-avation-light-engine-pro-allows-full-device-takeover-r-o-s-n-n/gD2P6Ple2L
updated 2026-02-04T16:33:44.537000
1 posts
🔴 CVE-2025-59818 - Critical (10)
This vulnerability allows authenticated attackers to execute arbitrary commands on the underlying system using the file name of an uploaded file.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-59818/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
1 posts
🟠 CVE-2025-15268 - High (7.5)
The Infility Global plugin for WordPress is vulnerable to unauthenticated SQL Injection via the 'infility_get_data' API action in all versions up to, and including, 2.14.46. This is due to insufficient escaping on the user supplied parameter and l...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15268/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
1 posts
🟠 CVE-2026-1580 - High (8.8)
A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-method` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1580/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
1 posts
🟠 CVE-2026-1862 - High (8.8)
Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1862/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T16:33:44.537000
2 posts
🟠 CVE-2026-25223 - High (7.5)
Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.2, a validation bypass vulnerability exists in Fastify where request body validation schemas specified by Content-Type can be completely circumvented. By appending...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25223/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25223 - High (7.5)
Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.2, a validation bypass vulnerability exists in Fastify where request body validation schemas specified by Content-Type can be completely circumvented. By appending...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25223/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T15:30:35
1 posts
🟠 CVE-2025-15368 - High (8.8)
The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'template_name' attribute. This makes it possible for authenticated attackers, with contributor-level and above ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15368/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T15:30:29
1 posts
1 repos
🔴 CVE-2025-5329 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Martcode Software Inc. Delta Course Automation allows SQL Injection.This issue affects Delta Course Automation: through 04022026.
NOTE: The vend...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-5329/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T10:16:04.550000
1 posts
updated 2026-02-04T09:30:36
1 posts
🟠 CVE-2025-15285 - High (7.5)
The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication() and checkCategoryAuthentication() functions in all versions up to, and including,...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15285/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T09:30:35
1 posts
🟠 CVE-2026-1819 - High (8.8)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Karel Electronics Industry and Trade Inc. ViPort allows Stored XSS.This issue affects ViPort: through 23012026.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1819/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T09:30:30
1 posts
🟠 CVE-2026-1756 - High (8.8)
The WP FOFT Loader plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'WP_FOFT_Loader_Mimes::file_and_ext' function in all versions up to, and including, 2.1.39. This makes it possible for aut...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1756/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T00:31:33
1 posts
🟠 CVE-2026-1861 - High (8.8)
Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1861/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-04T00:30:41
2 posts
Critical Authentication Bypass Reported in RISS SRL MOMA Seismic Stations
RISS SRL MOMA Seismic Station versions <=v2.4.2520 contain a critical vulnerability (CVE-2026-1632) that allows unauthenticated attackers to take full control of the device via its web interface.
**If you use MOMA Seismic Station seismic stations, isolate them off the public internet immediately and put them behind a firewall or VPN. Since the vendor hasn't responded with a patch, your only real defense is strict network isolation. And consider if it's feasible to replace these devices, especially if they are networked or connected to public systems.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-riss-srl-moma-seismic-stations-exposes-infrastructure-5-4-4-r-f/gD2P6Ple2L
🔴 CVE-2026-1632 - Critical (9.1)
MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1632/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T21:31:58
1 posts
🟠 CVE-2026-1803 - High (8.1)
A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear SSH Service. This manipulation causes use of default credentials. Remote exploitation of the attack is possible. The complexity...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1803/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T21:31:50
6 posts
Here's a summary of the latest important global, technology, and cybersecurity news from the last 24 hours:
**Global:** The US and Russia's New START treaty expired February 5, raising nuclear stability concerns. Israeli airstrikes killed at least 21 Palestinians in Gaza on February 4.
**Technology:** Intel launched new AI chips to challenge Nvidia, and Microsoft/Apple expanded AI tools. SpaceX acquired xAI to advance orbital data centers on February 5. AI is now central to business, drawing half of global startup funding.
**Cybersecurity:** A ransomware group allegedly hit a US airport on February 4. CISA added an actively exploited SolarWinds RCE vulnerability (CVE-2025-40551) to its KEV catalog. Gartner outlined top 2026 cyber trends, including Agentic AI oversight and post-quantum computing.
##The vulnerability under attack, CVE-2025-40551, is an untrusted deserialization flaw that can lead to remote code execution, allowing a remote, unauthenticated attacker to execute OS commands on the affected system. https://www.theregister.com/2026/02/04/critical_solarwinds_web_help_desk/
##Looks like CISA added SolarWinds to the KEV catalogue yesterday:
Critical: CVE-2025-40551: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability #infosec #CISA #SolarWinds #vulnerability
##CISA Mandates Immediate Patching for Actively Exploited SolarWinds Web Help Desk RCE Flaw
CISA reports active exploitation of a critical flaw in SolarWinds Web Help Desk software (CVE-2025-40551). CISA has mandated that federal agencies apply the update within three days.
**If you are using Web Help Desk, this is urgent and important. Your Solar Web Help Desk is under attack. If your process allows for it, isolate Web Help Desk from the internet, then plan a quick update. If you can't isolate from the internet, patch now!**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-mandates-immediate-patching-for-actively-exploited-solarwinds-web-help-desk-rce-flaw-q-e-8-a-2/gD2P6Ple2L
CISA has added CVE-2025-40551, a critical SolarWinds Web Help Desk deserialization vulnerability, to the KEV catalog after confirming active exploitation.
The flaw enables unauthenticated remote code execution and has already been patched, though exploitation details remain undisclosed. Additional KEV inclusions span Sangoma FreePBX and GitLab, reflecting continued abuse of both enterprise and open-source platforms.
This reinforces the importance of KEV-driven prioritization and continuous monitoring beyond initial disclosure.
Source: https://thehackernews.com/2026/02/cisa-adds-actively-exploited-solarwinds.html
Community insight welcome.
Follow TechNadu for ongoing vulnerability and threat intelligence updates.
#Infosec #KEV #CISA #VulnerabilityResearch #SolarWinds #ThreatLandscape #CyberDefense
##CISA orders federal agencies to patch exploited SolarWinds bug by Friday
CVE-2025-40551 carries a critical severity score of 9.8 out of 10 and impacts SolarWinds Web Help Desk (WHD) — an IT service management platform...
🔗️ [Therecord] https://link.is.it/Ir7OlU
##updated 2026-02-03T19:32:57
1 posts
Django SQL Injection in RasterField lookup (CVE-2026-1207) https://vulnerabletarget.com/VT-2026-1207
##updated 2026-01-30T13:28:18.610000
5 posts
1 repos
https://github.com/MehdiLeDeaut/CVE-2026-1281-Ivanti-EPMM-RCE
If you have Ivanti EPMM, please follow these instructions.
“Technical Analysis updated with reliable Indicators of Compromise (IoC’s). Both in partnership with NCSC-NL.”
The Dutchies are at it again!🤘🇳🇱
#EPMM #CVE20261281 #CVE20261340 #Ivanti #Cybersecurity #infosec #ioc
##If you have Ivanti EPMM, please follow these instructions.
“Technical Analysis updated with reliable Indicators of Compromise (IoC’s). Both in partnership with NCSC-NL.”
The Dutchies are at it again!🤘🇳🇱
#EPMM #CVE20261281 #CVE20261340 #Ivanti #Cybersecurity #infosec #ioc
##This Ivanti Endpoint Manager Mobile (IPMM) security advisory seems to fit the timeline of the incident: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
##📢 NCSC NL alerte: exploitation active de la zero‑day Ivanti EPMM (CVE‑2026‑1281), assume‑breach requis
📝 Selon le NCSC (Pays-Bas), une mise à jour de son av...
📖 cyberveille : https://cyberveille.ch/posts/2026-02-05-ncsc-nl-alerte-exploitation-active-de-la-zero-day-ivanti-epmm-cve-2026-1281-assume-breach-requis/
🌐 source : https://www.ncsc.nl/waarschuwing/ncsc-roept-organisaties-op-zich-te-melden-bij-gebruik-van-ivanti-endpoint-manager
#CVE_2026_1281 #Ivanti_EPMM #Cyberveille
Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 and CVE-2026-1340) https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/
##updated 2026-01-29T21:30:27
2 posts
62 repos
https://github.com/shivam-bathla/CVE-2026-24061-setup
https://github.com/yanxinwu946/CVE-2026-24061--telnetd
https://github.com/Gabs-hub/CVE-2026-24061_Lab
https://github.com/Good123321-bot/CVE-2026-24061-POC
https://github.com/BrainBob/CVE-2026-24061
https://github.com/SystemVll/CVE-2026-24061
https://github.com/LucasPDiniz/CVE-2026-24061
https://github.com/franckferman/CVE_2026_24061_PoC
https://github.com/FurkanKAYAPINAR/CVE-2026-24061-telnet2root
https://github.com/duy-31/CVE-2026-24061---telnetd
https://github.com/hilwa24/CVE-2026-24061
https://github.com/Chocapikk/CVE-2026-24061
https://github.com/Good123321-bot/good123321-bot.github.io
https://github.com/xuemian168/CVE-2026-24061
https://github.com/infat0x/CVE-2026-24061
https://github.com/z3n70/CVE-2026-24061
https://github.com/obrunolima1910/CVE-2026-24061
https://github.com/dotelpenguin/telnetd_CVE-2026-24061_tester
https://github.com/scumfrog/cve-2026-24061
https://github.com/Moxxic1/moxxic1.github.io
https://github.com/Lingzesec/CVE-2026-24061-GUI
https://github.com/buzz075/CVE-2026-24061
https://github.com/parameciumzhang/Tell-Me-Root
https://github.com/Parad0x7e/CVE-2026-24061
https://github.com/lavabyte/telnet-CVE-2026-24061
https://github.com/XsanFlip/CVE-2026-24061-Scanner
https://github.com/r00tuser111/CVE-2026-24061
https://github.com/punitdarji/telnetd-cve-2026-24061
https://github.com/monstertsl/CVE-2026-24061
https://github.com/X-croot/CVE-2026-24061_POC
https://github.com/cyberpoul/CVE-2026-24061-POC
https://github.com/balgan/CVE-2026-24061
https://github.com/0x7556/CVE-2026-24061
https://github.com/canpilayda/inetutils-telnetd-cve-2026-24061
https://github.com/madfxr/Twenty-Three-Scanner
https://github.com/midox008/CVE-2026-24061
https://github.com/cumakurt/tscan
https://github.com/androidteacher/CVE-2026-24061-PoC-Telnetd
https://github.com/nrnw/CVE-2026-24061-GNU-inetutils-Telnet-Detector
https://github.com/killsystema/scan-cve-2026-24061
https://github.com/novitahk/Exploit-CVE-2026-24061
https://github.com/Mr-Zapi/CVE-2026-24061
https://github.com/ridpath/Terrminus-CVE-2026-2406
https://github.com/leonjza/inetutils-telnetd-auth-bypass
https://github.com/h3athen/CVE-2026-24061
https://github.com/SeptembersEND/CVE--2026-24061
https://github.com/TryA9ain/CVE-2026-24061
https://github.com/ms0x08-dev/CVE-2026-24061-POC
https://github.com/MY0723/GNU-Inetutils-telnet-CVE-2026-24061-
https://github.com/hackingyseguridad/root
https://github.com/0xXyc/telnet-inetutils-auth-bypass-CVE-2026-24061
https://github.com/Ali-brarou/telnest
https://github.com/JayGLXR/CVE-2026-24061-POC
https://github.com/typeconfused/CVE-2026-24061
https://github.com/Alter-N0X/CVE-2026-24061-POC
https://github.com/obrunolima1910/obrunolima1910.github.io
https://github.com/m3ngx1ng/cve_2026_24061_cli
https://github.com/BrainBob/Telnet-TestVuln-CVE-2026-24061
https://github.com/SafeBreach-Labs/CVE-2026-24061
https://github.com/Mefhika120/Ashwesker-CVE-2026-24061
Here are the release notes from Synology, the CVE and some lay reporting on just how incredibly bad this bug is and how long it has lingered providing backdoor root level access to a really long list of devices running Telnet. So many routing/networking devices have Telnet access at least as an option which can be enabled to this day, despite this being an absolutely terrible idea.
https://www.synology.com/en-us/releaseNote/DSM?model=DS1821%2B#ver_86009-1
##🚨 Active exploitation confirmed: CVE-2026-24061.
This isn't just theoretical, it's a massive exposure. With nearly 800,000 Telnet instances exposed globally across legacy IoT and outdated servers, the risk of a root-level compromise is real and immediate.
We have updated Pentest-Tools.com to help you validate your exposure:
📡 Network Scanner - detects exposed Telnet services across your internal and external perimeters, identifying potentially vulnerable GNU Inetutils daemons.
🎯 Sniper Auto-Exploiter - safely executes a proof-of-concept to confirm if the authentication bypass is actually exploitable on your systems, providing the evidence needed to prioritize an immediate fix.
⚠️ Crucial detail: This critical vulnerability exists because telnetd fails to sanitize the USER environment variable. An attacker can simply supply -f root to bypass the login prompt entirely and gain instant, unauthenticated root shell access.
Attacks are happening in real-time. Validate your risk before it becomes a root-level compromise.
#offensivesecurity #ethicalhacking #infosec #cybersecurity
Check out more details about this critical vulnerability: https://pentest-tools.com/vulnerabilities-exploits/telnet-inetutils-authentication-bypass_28759
Detect with Network Scanner: https://pentest-tools.com/network-vulnerability-scanning/network-security-scanner-online
Validate with Sniper Auto-Exploiter: https://pentest-tools.com/exploit-helpers/sniper
##updated 2026-01-26T21:31:39
7 posts
8 repos
https://github.com/kaizensecurity/CVE-2026-21509
https://github.com/gavz/CVE-2026-21509-PoC
https://github.com/SimoesCTT/CTT-NFS-Vortex-RCE
https://github.com/decalage2/detect_CVE-2026-21509
https://github.com/kimstars/Ashwesker-CVE-2026-21509
https://github.com/SimoesCTT/SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-
https://github.com/SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509
https://github.com/ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation
Russian APT28 Launches Swift Cyberattack on European Maritime and Transport Sectors
In a chilling display of cyber aggression, the notorious Russian-linked hacking group APT28 has launched a concentrated 72-hour attack targeting Europe’s maritime and transport infrastructure. Exploiting the recently disclosed Microsoft Office vulnerability CVE-2026-21509, the campaign leveraged sophisticated malware payloads including MiniDoor, PixyNetLoader, and the Covenant backdoor,…
##How can we detect malicious documents exploiting CVE-2026-21509, the recent 0-day vulnerability in MS Office ?
=> I designed a YARA rule for this, which detects all the malicious files that have been reported.
I also improved oletools to analyze those files and see the suspicious URLs.
You can find the YARA rule and all the explanations about that vulnerability on my website https://decalage.info/CVE-2026-21509/
How can we detect malicious documents exploiting CVE-2026-21509, the recent 0-day vulnerability in MS Office ?
=> I designed a YARA rule for this, which detects all the malicious files that have been reported.
I also improved oletools to analyze those files and see the suspicious URLs.
You can find the YARA rule and all the explanations about that vulnerability on my website https://decalage.info/CVE-2026-21509/
⚪ APT28 group exploits new vulnerability in Microsoft Office
🗨️ Just three days after Microsoft released an out-of-band patch for Office, the APT28 group began exploiting the CVE-2026-21509 vulnerability in attacks against Ukrainian and European organizations.
##APT28’s Stealthy Multi-Stage Campaign Leveraging CVE‑2026‑21509 and Cloud C2 Infrastructure
Attack exploited a 1-day vuln within 24 hours of the patch release
https://www.trellix.com/blogs/research/apt28-stealthy-campaign-leveraging-cve-2026-21509-cloud-c2/
New. You'd think it's Tuesday, based on today's prolific output.
Picus: CVE-2026-21509: APT28 Exploits Microsoft Office Zero-day Vulnerability https://www.picussecurity.com/resource/blog/cve-2026-21509-apt28-exploits-microsoft-office-zero-day-vulnerability
Securonix: Analyzing Dead#Vax: Analyzing Multi-Stage VHD Delivery and Self-Parsing Batch Scripts to Deploy In-Memory Shellcode https://www.securonix.com/blog/deadvax-threat-research-security-advisory/
Silent Push Identifies More Than 10,000 Infected IPs as Part of SystemBC Botnet Malware Family https://www.silentpush.com/blog/systembc/
Sophos: Malicious use of virtual machine infrastructure https://www.sophos.com/en-us/blog/malicious-use-of-virtual-machine-infrastructure @sophos
Tenable: LookOut: Discovering RCE and Internal Access on Looker (Google Cloud & On-Prem) https://www.tenable.com/blog/google-looker-vulnerabilities-rce-internal-access-lookout @tenable #infosec #Google #Microsoft #threatresearch #zeroday #vulnerability #malware #botnet
##Robin Dost details how APT28 uses CVE-2026-21509 in practice, relying on crafted RTF files that trigger OLE parsing without macros. The blog post walks through efficient IOC extraction from weaponised documents. https://blog.synapticsystems.de/apt28-geofencing-as-a-targeting-signal-cve-2026-21509/
##updated 2026-01-23T09:15:47.823000
2 posts
Aw man, someone had to go and ruin all our fun with https://www.cve.org/CVERecord?id=CVE-2026-21441 😩
##Aw man, someone had to go and ruin all our fun with https://www.cve.org/CVERecord?id=CVE-2026-21441 😩
##updated 2026-01-20T15:31:21
1 posts
updated 2025-12-10T21:31:32
2 posts
Critical Authentication Bypass in D-Link, Securus, and Sparsh CCTV Cameras
A critical vulnerability (CVE-2025-13607) in D-Link, Securus, and Sparsh Securitech CCTV cameras allows unauthenticated remote attackers to steal account credentials and configuration data.
**As a general rule, make sure your CCTV cameras are not accessible from the internet. Check your CCTV inventory immediately for these models and apply the available firmware updates from D-Link and Securus. If you use Sparsh cameras or cannot patch, isolate these devices, and place them behind a VPN and consider replacement**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-d-link-securus-and-sparsh-cctv-cameras-a-g-i-n-p/gD2P6Ple2L
Critical Authentication Bypass in D-Link, Securus, and Sparsh CCTV Cameras
A critical vulnerability (CVE-2025-13607) in D-Link, Securus, and Sparsh Securitech CCTV cameras allows unauthenticated remote attackers to steal account credentials and configuration data.
**As a general rule, make sure your CCTV cameras are not accessible from the internet. Check your CCTV inventory immediately for these models and apply the available firmware updates from D-Link and Securus. If you use Sparsh cameras or cannot patch, isolate these devices, and place them behind a VPN and consider replacement**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-d-link-securus-and-sparsh-cctv-cameras-a-g-i-n-p/gD2P6Ple2L
updated 2025-11-04T18:31:08
4 posts
1 repos
Hitachi Energy Patches a Blast-RADIUS Flaw in FOX61x
Hitachi Energy patched the Blast-RADIUS vulnerability (CVE-2024-3596) in FOX61x industrial communication devices that allows attackers to bypass RADIUS authentication using MD5 forgery.
**First, make sure your industrial network is isolated from the internet and accessible only from trusted networks. Then plan a patch for your Hitachi FOX61x devices and your RADIUS servers.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hitachi-energy-patches-a-blast-radius-flaw-in-fox61x-e-l-1-s-p/gD2P6Ple2L
Hitachi Energy Patches Critical Blast-RADIUS Vulnerability in XMC20 Industrial Platforms
Hitachi Energy patched the Blast-RADIUS vulnerability (CVE-2024-3596) in XMC20 industrial communication devices that allows attackers to bypass RADIUS authentication using MD5 forgery.
**First, make sure your industrial network is isolated from the internet and accessible only from trusted networks. Then plan a patch for your Hitachi XMC20 devices and your RADIUS servers.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hitachi-energy-addresses-critical-blast-radius-vulnerability-in-xmc20-industrial-platforms-p-b-u-t-a/gD2P6Ple2L
Hitachi Energy Patches a Blast-RADIUS Flaw in FOX61x
Hitachi Energy patched the Blast-RADIUS vulnerability (CVE-2024-3596) in FOX61x industrial communication devices that allows attackers to bypass RADIUS authentication using MD5 forgery.
**First, make sure your industrial network is isolated from the internet and accessible only from trusted networks. Then plan a patch for your Hitachi FOX61x devices and your RADIUS servers.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hitachi-energy-patches-a-blast-radius-flaw-in-fox61x-e-l-1-s-p/gD2P6Ple2L
Hitachi Energy Patches Critical Blast-RADIUS Vulnerability in XMC20 Industrial Platforms
Hitachi Energy patched the Blast-RADIUS vulnerability (CVE-2024-3596) in XMC20 industrial communication devices that allows attackers to bypass RADIUS authentication using MD5 forgery.
**First, make sure your industrial network is isolated from the internet and accessible only from trusted networks. Then plan a patch for your Hitachi XMC20 devices and your RADIUS servers.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hitachi-energy-addresses-critical-blast-radius-vulnerability-in-xmc20-industrial-platforms-p-b-u-t-a/gD2P6Ple2L
updated 2025-11-04T00:31:15
1 posts
To compare #sydbox and #gvisor, take 2 CVEs: CVE-2018-19333, gvisor proc2proc arbitrary-memory-write which wasn't classified as sandbox break. Vuln is there because gvisor uses the seccomp-trap API to run all in a single process ignoring ASLR.. CVE-2024-42318 aka Houdini is a #landlock break where a keyrings(7) call would unlock the sandbox. Syd wasn't affected: 1. keyrings is def disabled 2. open call happens in a syd emulator thread confined by same landlock sandbox. #exherbo #linux #security
##updated 2025-10-30T15:50:59.680000
4 posts
27 repos
https://github.com/hexsecteam/CVE-2025-8088-Winrar-Tool
https://github.com/papcaii2004/CVE-2025-8088-WinRAR-builder
https://github.com/AdityaBhatt3010/CVE-2025-8088-WinRAR-Zero-Day-Path-Traversal
https://github.com/0xAbolfazl/CVE-2025-8088-WinRAR-PathTraversal-PoC
https://github.com/Shinkirou789/Cve-2025-8088-WinRar-vulnerability
https://github.com/travisbgreen/cve-2025-8088
https://github.com/jordan922/CVE-2025-8088
https://github.com/nhattanhh/CVE-2025-8088
https://github.com/pescada-dev/-CVE-2025-8088
https://github.com/ghostn4444/CVE-2025-8088
https://github.com/lucyna77/winrar-exploit
https://github.com/Syrins/CVE-2025-8088-Winrar-Tool-Gui
https://github.com/knight0x07/WinRAR-CVE-2025-8088-PoC-RAR
https://github.com/sxyrxyy/CVE-2025-8088-WinRAR-Proof-of-Concept-PoC-Exploit-
https://github.com/pexlexity/WinRAR-CVE-2025-8088-Path-Traversal-PoC
https://github.com/kitsuneshade/WinRAR-Exploit-Tool---Rust-Edition
https://github.com/ilhamrzr/RAR-Anomaly-Inspector
https://github.com/DeepBlue-dot/CVE-2025-8088-WinRAR-Startup-PoC
https://github.com/hbesljx/CVE-2025-8088-EXP
https://github.com/pentestfunctions/CVE-2025-8088-Multi-Document
https://github.com/walidpyh/CVE-2025-8088
https://github.com/onlytoxi/CVE-2025-8088-Winrar-Tool
https://github.com/xi0onamdev/WinRAR-CVE-2025-8088-Exploitation-Toolkit
https://github.com/techcorp/CVE-2025-8088-Exploit
https://github.com/nuky-alt/CVE-2025-8088
Amaranth-Dragon Exploits WinRAR Flaw to Target Southeast Asian Governments and Law Enforcement
A new wave of cyberattacks has emerged in Southeast Asia, revealing a sophisticated campaign orchestrated by the threat actor known as Amaranth-Dragon. Leveraging a recently discovered WinRAR vulnerability (CVE-2025-8088), attackers managed to deploy malicious RAR archives within just ten days of the flaw being publicly reported. These attacks specifically targeted government…
##Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia - Check Point Research
##New.
Check Point: Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia https://research.checkpoint.com/2026/amaranth-dragon-weaponizes-cve-2025-8088-for-targeted-espionage/
More:
The Hacker News: China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns https://thehackernews.com/2026/02/china-linked-amaranth-dragon-exploits.html #Windows #infosec #vulnerability
##New Amaranth Dragon cyberespionage group exploits WinRAR flaw
A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 vulnerability in WinRAR...
🔗️ [Bleepingcomputer] https://link.is.it/vE4Qlj
##updated 2025-10-23T21:31:50
1 posts
CVE-2025-6978: Arbitrary Code Execution in the #Arista NG Firewall - our researchers took a deep dive into this recently patched RCE to provide root cause and detection guidance. Read all the details at https://www.zerodayinitiative.com/blog/2026/2/4/cve-2025-6978-arbitrary-code-execution-in-the-arista-ng-firewall
##updated 2025-10-22T00:34:17
1 posts
Broadcom patched this ESXi arbitrary-write vulnerability (tracked as CVE-2025-22225) almost one year ago, in March 2025, alongside a memory leak (CVE-2025-22226) and a TOCTOU flaw (CVE-2025-22224), and tagged them all as actively exploited zero-days. https://www.bleepingcomputer.com/news/security/cisa-vmware-esxi-flaw-now-exploited-in-ransomware-attacks/
##updated 2025-10-22T00:33:13
3 posts
CISA Reports Actively Exploited VMware ESXi Flaw in Ransomware Campaigns
CISA reports active exploitation of VMware ESXi flaw (CVE-2025-22225) after reports of ransomware gangs using sandbox escape techniques to compromise hypervisors and encrypt virtual disks.
**If you are using VMware ESXi, Fusion, Workstation, Cloud Foundation or Telco Cloud, and have not patched them since March 2025, this is now URGENT. Not only you are actively hacked, now regulators mandate urgent patching. So start patching.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-reports-actively-exploited-vmware-esxi-flaw-in-ransomware-campaigns-9-6-2-3-k/gD2P6Ple2L
CISA Reports Actively Exploited VMware ESXi Flaw in Ransomware Campaigns
CISA reports active exploitation of VMware ESXi flaw (CVE-2025-22225) after reports of ransomware gangs using sandbox escape techniques to compromise hypervisors and encrypt virtual disks.
**If you are using VMware ESXi, Fusion, Workstation, Cloud Foundation or Telco Cloud, and have not patched them since March 2025, this is now URGENT. Not only you are actively hacked, now regulators mandate urgent patching. So start patching.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-reports-actively-exploited-vmware-esxi-flaw-in-ransomware-campaigns-9-6-2-3-k/gD2P6Ple2L
Broadcom patched this ESXi arbitrary-write vulnerability (tracked as CVE-2025-22225) almost one year ago, in March 2025, alongside a memory leak (CVE-2025-22226) and a TOCTOU flaw (CVE-2025-22224), and tagged them all as actively exploited zero-days. https://www.bleepingcomputer.com/news/security/cisa-vmware-esxi-flaw-now-exploited-in-ransomware-attacks/
##updated 2025-10-22T00:33:13
1 posts
Broadcom patched this ESXi arbitrary-write vulnerability (tracked as CVE-2025-22225) almost one year ago, in March 2025, alongside a memory leak (CVE-2025-22226) and a TOCTOU flaw (CVE-2025-22224), and tagged them all as actively exploited zero-days. https://www.bleepingcomputer.com/news/security/cisa-vmware-esxi-flaw-now-exploited-in-ransomware-attacks/
##updated 2025-10-22T00:16:04.407000
2 posts
13 repos
https://github.com/jptr218/tc_hack
https://github.com/zi0Black/POC-CVE-2017-12615-or-CVE-2017-12717
https://github.com/TheRealCiscoo/Tomcat_CVE201712617
https://github.com/ygouzerh/CVE-2017-12617
https://github.com/qiantu88/CVE-2017-12617
https://github.com/scirusvulgaris/CVE-2017-12617
https://github.com/cyberheartmi9/CVE-2017-12617
https://github.com/tyranteye666/tomcat-cve-2017-12617
https://github.com/K3ysTr0K3R/CVE-2017-12617-EXPLOIT
https://github.com/LongWayHomie/CVE-2017-12617
https://github.com/devcoinfet/CVE-2017-12617
Apache Tomcat is far and away the most likely intended target given port 8080 and the Java exception body content. The DefaultServlet with readonly=false in web.xml is the textbook case (CVE-2017-12615, CVE-2017-12617). Eclipse Jetty can also expose similar behavior if its DefaultServlet or WebDAV module is configured to allow PUT writes. Apache TomEE, being Tomcat-based with Jakarta EE extensions, inherits all of the same misconfigurations. (5/15)
##Apache Tomcat is far and away the most likely intended target given port 8080 and the Java exception body content. The DefaultServlet with readonly=false in web.xml is the textbook case (CVE-2017-12615, CVE-2017-12617). Eclipse Jetty can also expose similar behavior if its DefaultServlet or WebDAV module is configured to allow PUT writes. Apache TomEE, being Tomcat-based with Jakarta EE extensions, inherits all of the same misconfigurations. (5/15)
##updated 2025-10-22T00:16:04.227000
2 posts
18 repos
https://github.com/wudidwo/CVE-2017-12615-poc
https://github.com/tpt11fb/AttackTomcat
https://github.com/edyekomu/CVE-2017-12615-PoC
https://github.com/xiaokp7/Tomcat_PUT_GUI_EXP
https://github.com/zi0Black/POC-CVE-2017-12615-or-CVE-2017-12717
https://github.com/w0x68y/CVE-2017-12615-EXP
https://github.com/ianxtianxt/CVE-2017-12615
https://github.com/netw0rk7/CVE-2017-12615-Home-Lab
https://github.com/mefulton/cve-2017-12615
https://github.com/Fa1c0n35/CVE-2017-12615
https://github.com/lizhianyuguangming/TomcatScanPro
https://github.com/wsg00d/cve-2017-12615
https://github.com/cved-sources/cve-2017-12615
https://github.com/breaktoprotect/CVE-2017-12615
https://github.com/BeyondCy/CVE-2017-12615
https://github.com/1337g/CVE-2017-12615
Apache Tomcat is far and away the most likely intended target given port 8080 and the Java exception body content. The DefaultServlet with readonly=false in web.xml is the textbook case (CVE-2017-12615, CVE-2017-12617). Eclipse Jetty can also expose similar behavior if its DefaultServlet or WebDAV module is configured to allow PUT writes. Apache TomEE, being Tomcat-based with Jakarta EE extensions, inherits all of the same misconfigurations. (5/15)
##Apache Tomcat is far and away the most likely intended target given port 8080 and the Java exception body content. The DefaultServlet with readonly=false in web.xml is the textbook case (CVE-2017-12615, CVE-2017-12617). Eclipse Jetty can also expose similar behavior if its DefaultServlet or WebDAV module is configured to allow PUT writes. Apache TomEE, being Tomcat-based with Jakarta EE extensions, inherits all of the same misconfigurations. (5/15)
##updated 2025-10-17T20:15:40.663000
1 posts
depthfirst | Casting a Net(ty) for Bugs, and Catching a Big One (CVE-2025-59419)
https://depthfirst.com/post/casting-a-net-ty-for-bugs-and-catching-a-big-one-cve-2025-59419?utm_source=tldrinfosec&utm_medium=newsletter&utm_campaign=2026Q1_newsletter_TLDRInfoSec&utm_content=secondary_placement&utm_term=blog_post
updated 2025-06-18T13:46:52.973000
1 posts
Exploiting CVE-2025-49825 - authentication bypass vulnerability in Teleport https://blog.offensive.af/posts/exploiting-cve-2025-49825/
##updated 2025-04-07T18:54:46.053000
1 posts
updated 2023-02-01T05:05:52
1 posts
To compare #sydbox and #gvisor, take 2 CVEs: CVE-2018-19333, gvisor proc2proc arbitrary-memory-write which wasn't classified as sandbox break. Vuln is there because gvisor uses the seccomp-trap API to run all in a single process ignoring ASLR.. CVE-2024-42318 aka Houdini is a #landlock break where a keyrings(7) call would unlock the sandbox. Syd wasn't affected: 1. keyrings is def disabled 2. open call happens in a syd emulator thread confined by same landlock sandbox. #exherbo #linux #security
##🟠 CVE-2026-25644 - High (7.5)
DataHub is an open-source metadata platform. Prior to version 1.3.1.8, the LDAP ingestion source is vulnerable to MITM attack through TLS downgrade. This issue has been patched in version 1.3.1.8.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25644/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25644 - High (7.5)
DataHub is an open-source metadata platform. Prior to version 1.3.1.8, the LDAP ingestion source is vulnerable to MITM attack through TLS downgrade. This issue has been patched in version 1.3.1.8.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25644/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25636 - High (8.2)
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves C...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25636/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25636 - High (8.2)
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves C...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25636/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25636 - High (8.2)
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves C...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25636/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25636 - High (8.2)
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves C...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25636/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25636 - High (8.2)
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves C...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25636/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25636 - High (8.2)
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves C...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25636/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25634 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to 2.3.1.4, SrcPixel and DestPixel stack buffers overlap in CIccTagMultiProcessElement::Apply() int ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25634/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25634 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to 2.3.1.4, SrcPixel and DestPixel stack buffers overlap in CIccTagMultiProcessElement::Apply() int ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25634/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25634 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to 2.3.1.4, SrcPixel and DestPixel stack buffers overlap in CIccTagMultiProcessElement::Apply() int ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25634/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25634 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to 2.3.1.4, SrcPixel and DestPixel stack buffers overlap in CIccTagMultiProcessElement::Apply() int ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25634/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25634 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to 2.3.1.4, SrcPixel and DestPixel stack buffers overlap in CIccTagMultiProcessElement::Apply() int ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25634/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25634 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to 2.3.1.4, SrcPixel and DestPixel stack buffers overlap in CIccTagMultiProcessElement::Apply() int ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25634/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25731 - High (7.8)
calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection (SSTI) vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an ebook using a malicious custom template file via th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25731/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25731 - High (7.8)
calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection (SSTI) vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an ebook using a malicious custom template file via th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25731/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25731 - High (7.8)
calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection (SSTI) vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an ebook using a malicious custom template file via th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25731/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25731 - High (7.8)
calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection (SSTI) vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an ebook using a malicious custom template file via th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25731/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25643 - Critical (9.1)
Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to 0.16.4, a critical Remote Command Execution (RCE) vulnerability has been identified in the Frigate integration with go2rtc. The application doe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25643/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25643 - Critical (9.1)
Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to 0.16.4, a critical Remote Command Execution (RCE) vulnerability has been identified in the Frigate integration with go2rtc. The application doe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25643/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25643 - Critical (9.1)
Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to 0.16.4, a critical Remote Command Execution (RCE) vulnerability has been identified in the Frigate integration with go2rtc. The application doe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25643/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25643 - Critical (9.1)
Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to 0.16.4, a critical Remote Command Execution (RCE) vulnerability has been identified in the Frigate integration with go2rtc. The application doe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25643/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25233 - Critical (9.1)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, logic bug in the roadmap role check allows non-lead maintainers to create, update, or delete roadmaps. This issue has been patched in version 1.33.0.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25233/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25233 - Critical (9.1)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, logic bug in the roadmap role check allows non-lead maintainers to create, update, or delete roadmaps. This issue has been patched in version 1.33.0.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25233/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25237 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of preg_replace() with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the eval...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25237/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25237 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, use of preg_replace() with the /e modifier in bug update email handling can enable PHP code execution if attacker-controlled content reaches the eval...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25237/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25236 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN (...) list. This issue has been patched in version 1.33.0.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25236/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25236 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection risk exists in karma queries due to unsafe literal substitution for an IN (...) list. This issue has been patched in version 1.33.0.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25236/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25238 - Critical (9.8)
PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability in bug subscription deletion may allow attackers to inject SQL via a crafted email value. This issue has been patched i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25238/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##1 posts
6 repos
https://github.com/kaizensecurity/CVE-2026-21509
https://github.com/gavz/CVE-2026-21509-PoC
https://github.com/decalage2/detect_CVE-2026-21509
https://github.com/kimstars/Ashwesker-CVE-2026-21509
https://github.com/SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509
https://github.com/ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation
⚪ APT28 group exploits new vulnerability in Microsoft Office
🗨️ Just three days after Microsoft released an out-of-band patch for Office, the APT28 group began exploiting the CVE-2026-21509 vulnerability in attacks against Ukrainian and European organizations.
##🟠 CVE-2026-22038 - High (8.1)
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.46, the AutoGPT platform's Stagehand integration blocks log API ke...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22038/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25584 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a stack-buffer-overflow vulnerability in CIccTagFloatNum::GetValues(). ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25584/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##SQL Injection Vulnerability Reported in Quiz and Survey Master WordPress Plugin
A SQL injection vulnerability (CVE-2025-67987) in the Quiz and Survey Master WordPress plugin affects over 40,000 sites, allowing authenticated users with Subscriber-level access to extract sensitive database information.
**If you are using the Quiz and Survey Master plugin, plan a quick update to version 10.3.2. Even low-level user accounts can exploit this flaw, so do not assume your site is safe just because you trust your registered users.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/sql-injection-vulnerability-reported-in-quiz-and-survey-master-wordpress-plugin-k-x-8-0-b/gD2P6Ple2L