| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-25253 | 8.8 | 0.04% | 8 | 1 | 2026-02-03T16:44:36.630000 | OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value f | |
| CVE-2026-20402 | 7.5 | 0.21% | 2 | 0 | 2026-02-03T16:44:36.630000 | In Modem, there is a possible system crash due to improper input validation. Thi | |
| CVE-2026-20409 | 7.8 | 0.01% | 2 | 0 | 2026-02-03T16:44:36.630000 | In imgsys, there is a possible out of bounds write due to a missing bounds check | |
| CVE-2026-20404 | 7.5 | 0.21% | 4 | 0 | 2026-02-03T16:44:36.630000 | In Modem, there is a possible system crash due to improper input validation. Thi | |
| CVE-2026-20422 | 7.5 | 0.21% | 2 | 0 | 2026-02-03T16:44:36.630000 | In Modem, there is a possible system crash due to improper input validation. Thi | |
| CVE-2026-24071 | 7.8 | 0.01% | 4 | 0 | 2026-02-03T16:44:36.630000 | It was found that the XPC service offered by the privileged helper of Native Acc | |
| CVE-2025-9974 | 8.0 | 0.02% | 4 | 0 | 2026-02-03T16:44:36.630000 | The unified WEBUI application of the ONT/Beacon device contains an input handlin | |
| CVE-2025-15030 | 9.8 | 0.01% | 2 | 0 | 2026-02-03T16:44:36.630000 | The User Profile Builder WordPress plugin before 3.15.2 does not have a proper | |
| CVE-2025-47358 | 7.8 | 0.01% | 2 | 0 | 2026-02-03T16:44:36.630000 | Memory Corruption when user space address is modified and passed to mem_free API | |
| CVE-2025-47399 | 7.8 | 0.01% | 2 | 0 | 2026-02-03T16:44:36.630000 | Memory Corruption while processing IOCTL call to update sensor property settings | |
| CVE-2026-20408 | 8.8 | 0.02% | 2 | 0 | 2026-02-03T16:44:36.630000 | In wlan, there is a possible out of bounds write due to a heap buffer overflow. | |
| CVE-2026-20419 | 7.5 | 0.07% | 2 | 0 | 2026-02-03T16:44:36.630000 | In wlan AP/STA firmware, there is a possible system becoming irresponsive due to | |
| CVE-2026-1117 | 8.2 | 0.03% | 2 | 0 | 2026-02-03T16:44:36.630000 | A vulnerability in the `lollms_generation_events.py` component of parisneo/lollm | |
| CVE-2026-1531 | 8.1 | 0.02% | 2 | 0 | 2026-02-03T16:44:36.630000 | A flaw was found in foreman_kubevirt. When configuring the connection to OpenShi | |
| CVE-2026-24788 | 8.8 | 0.23% | 2 | 0 | 2026-02-03T16:44:36.630000 | RaspAP raspap-webgui versions prior to 3.3.6 contain an OS command injection vul | |
| CVE-2026-25201 | 8.8 | 0.07% | 2 | 0 | 2026-02-03T16:44:36.630000 | An unauthenticated user can upload arbitrary files to execute remote code, leadi | |
| CVE-2025-5319 | 9.8 | 0.00% | 2 | 1 | 2026-02-03T16:44:03.343000 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-25022 | 8.5 | 0.00% | 2 | 0 | 2026-02-03T16:44:03.343000 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2025-6397 | 8.6 | 0.00% | 2 | 0 | 2026-02-03T16:44:03.343000 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2025-7760 | 7.6 | 0.00% | 2 | 0 | 2026-02-03T16:44:03.343000 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2025-67848 | 8.1 | 0.06% | 2 | 0 | 2026-02-03T16:44:03.343000 | A flaw was found in Moodle. This authentication bypass vulnerability allows susp | |
| CVE-2025-67853 | 7.5 | 0.04% | 2 | 0 | 2026-02-03T16:44:03.343000 | A flaw was found in Moodle. A remote attacker could exploit a lack of proper rat | |
| CVE-2025-8461 | 7.6 | 0.03% | 2 | 0 | 2026-02-03T16:44:03.343000 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2026-25142 | 10.0 | 0.10% | 3 | 0 | 2026-02-03T16:44:03.343000 | SandboxJS is a JavaScript sandboxing library. Prior to 0.8.27, SanboxJS does not | |
| CVE-2026-24694 | 7.8 | 0.02% | 2 | 0 | 2026-02-03T16:44:03.343000 | The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dyn | |
| CVE-2025-66480 | 9.8 | 0.43% | 2 | 0 | 2026-02-03T16:44:03.343000 | Wildfire IM is an instant messaging and real-time audio/video solution. Prior to | |
| CVE-2026-23997 | 8.0 | 0.01% | 2 | 0 | 2026-02-03T16:44:03.343000 | FacturaScripts is open-source enterprise resource planning and accounting softwa | |
| CVE-2026-25059 | 8.8 | 0.02% | 2 | 0 | 2026-02-03T16:44:03.343000 | OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, the applicati | |
| CVE-2026-25137 | 9.1 | 0.03% | 3 | 0 | 2026-02-03T16:44:03.343000 | The NixOs Odoo package is an open source ERP and CRM system. From 21.11 to befor | |
| CVE-2025-64328 | 0 | 0.46% | 5 | 1 | 2026-02-03T16:16:10.400000 | FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX | |
| CVE-2021-39935 | 6.8 | 28.25% | 4 | 0 | 2026-02-03T16:16:09.467000 | An issue has been discovered in GitLab CE/EE affecting all versions starting fro | |
| CVE-2019-19006 | 9.8 | 2.14% | 4 | 0 | 2026-02-03T16:16:08.457000 | Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and bel | |
| CVE-2026-25060 | 8.1 | 0.01% | 2 | 0 | 2026-02-03T16:13:27 | ### Summary The application disables TLS certificate verification by default for | |
| CVE-2026-24763 | 8.8 | 0.07% | 4 | 0 | 2026-02-03T16:13:07 | ### Summary A Command Injection vulnerability existed in Clawdbot’s Docker sandb | |
| CVE-2026-24737 | 8.1 | 0.01% | 4 | 0 | 2026-02-03T16:13:02 | ### Impact User control of properties and methods of the Acroform module allows | |
| CVE-2026-23515 | 10.0 | 0.91% | 2 | 0 | 2026-02-03T16:12:17 | ### Summary A Command Injection vulnerability allows authenticated users with wr | |
| CVE-2026-22778 | 9.8 | 0.06% | 2 | 0 | 2026-02-03T16:12:13 | ## Summary **A chain of vulnerabilities in vLLM allow Remote Code Execution (RC | |
| CVE-2026-1375 | 8.1 | 0.04% | 2 | 0 | 2026-02-03T09:30:34 | The Tutor LMS – eLearning and online course solution plugin for WordPress is vul | |
| CVE-2026-24465 | 9.8 | 0.02% | 2 | 0 | 2026-02-03T09:30:34 | Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access p | |
| CVE-2025-8456 | 7.6 | 0.03% | 2 | 0 | 2026-02-03T09:30:28 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2026-1730 | 8.8 | 0.22% | 3 | 0 | 2026-02-03T09:30:28 | The OS DataHub Maps plugin for WordPress is vulnerable to arbitrary file uploads | |
| CVE-2025-8590 | 7.5 | 0.03% | 2 | 0 | 2026-02-03T09:30:28 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE | |
| CVE-2025-8589 | 7.6 | 0.03% | 2 | 0 | 2026-02-03T09:30:28 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2026-20407 | 8.8 | 0.01% | 2 | 0 | 2026-02-03T00:31:23 | In wlan STA driver, there is a possible escalation of privilege due to a missing | |
| CVE-2026-20406 | 7.5 | 0.21% | 2 | 0 | 2026-02-03T00:31:23 | In Modem, there is a possible system crash due to an uncaught exception. This co | |
| CVE-2026-20421 | 7.5 | 0.21% | 2 | 0 | 2026-02-03T00:31:23 | In Modem, there is a possible system crash due to improper input validation. Thi | |
| CVE-2026-20420 | 7.5 | 0.21% | 2 | 0 | 2026-02-03T00:31:23 | In Modem, there is a possible system crash due to incorrect error handling. This | |
| CVE-2025-63649 | 7.5 | 0.04% | 2 | 0 | 2026-02-03T00:31:22 | An out-of-bounds read in the http_parser_transfer_encoding_chunked function (mk_ | |
| CVE-2026-20403 | 7.5 | 0.21% | 2 | 0 | 2026-02-03T00:31:22 | In Modem, there is a possible system crash due to a missing bounds check. This c | |
| CVE-2026-20405 | 7.5 | 0.21% | 2 | 0 | 2026-02-03T00:31:22 | In Modem, there is a possible system crash due to a missing bounds check. This c | |
| CVE-2025-71007 | 7.5 | 0.05% | 3 | 0 | 2026-02-03T00:30:18 | An input validation vulnerability in the oneflow.index_add component of OneFlow | |
| CVE-2026-0599 | 7.5 | 0.08% | 2 | 0 | 2026-02-02T22:07:42 | A vulnerability in huggingface/text-generation-inference version 3.3.6 allows un | |
| CVE-2026-20411 | 7.8 | 0.01% | 2 | 0 | 2026-02-02T21:31:27 | In cameraisp, there is a possible escalation of privilege due to use after free. | |
| CVE-2026-1530 | 8.1 | 0.02% | 2 | 0 | 2026-02-02T21:02:04 | A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to | |
| CVE-2026-22796 | 5.3 | 0.07% | 1 | 0 | 2026-02-02T18:40:27.467000 | Issue summary: A type confusion vulnerability exists in the signature verificati | |
| CVE-2025-11187 | 6.1 | 0.01% | 1 | 0 | 2026-02-02T18:39:21.740000 | Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation which c | |
| CVE-2025-15468 | 5.9 | 0.05% | 1 | 0 | 2026-02-02T18:38:00.947000 | Issue summary: If an application using the SSL_CIPHER_find() function in a QUIC | |
| CVE-2025-68160 | 4.7 | 0.01% | 1 | 0 | 2026-02-02T18:36:57.727000 | Issue summary: Writing large, newline-free data into a BIO chain using the line- | |
| CVE-2025-69418 | 4.0 | 0.01% | 1 | 0 | 2026-02-02T18:36:03.557000 | Issue summary: When using the low-level OCB API directly with AES-NI or<br>other | |
| CVE-2026-20412 | 7.8 | 0.01% | 2 | 0 | 2026-02-02T18:32:35 | In cameraisp, there is a possible out of bounds write due to a missing bounds ch | |
| CVE-2026-24070 | 8.8 | 0.00% | 2 | 0 | 2026-02-02T18:32:35 | During the installation of the Native Access application, a privileged helper `c | |
| CVE-2025-69421 | 7.5 | 0.06% | 1 | 0 | 2026-02-02T18:32:35 | Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer de | |
| CVE-2025-47359 | 7.8 | 0.01% | 2 | 0 | 2026-02-02T18:31:39 | Memory Corruption when multiple threads simultaneously access a memory free API. | |
| CVE-2025-47398 | 7.8 | 0.01% | 2 | 0 | 2026-02-02T18:31:39 | Memory Corruption while deallocating graphics processing unit memory buffers due | |
| CVE-2025-47397 | 7.8 | 0.01% | 2 | 0 | 2026-02-02T18:31:39 | Memory Corruption when initiating GPU memory mapping using scatter-gather lists | |
| CVE-2025-14914 | 7.7 | 0.04% | 2 | 0 | 2026-02-02T18:31:38 | IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a | |
| CVE-2025-13986 | 4.2 | 0.04% | 1 | 0 | 2026-02-02T18:16:11.883000 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal | |
| CVE-2026-1637 | 8.8 | 0.02% | 1 | 0 | 2026-02-02T17:16:17.223000 | A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element i | |
| CVE-2026-1761 | 8.6 | 0.14% | 2 | 0 | 2026-02-02T15:30:44 | A flaw was found in libsoup. This stack-based buffer overflow vulnerability occu | |
| CVE-2026-20418 | 8.8 | 0.21% | 4 | 0 | 2026-02-02T15:30:34 | In Thread, there is a possible out of bounds write due to a missing bounds check | |
| CVE-2025-8587 | 8.6 | 0.01% | 2 | 0 | 2026-02-02T15:30:34 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2025-61140 | None | 0.06% | 1 | 0 | 2026-02-02T14:09:07 | The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pol | |
| CVE-2025-46691 | 7.8 | 0.01% | 1 | 0 | 2026-02-02T09:31:33 | Dell PremierColor Panel Driver, versions prior to 1.0.0.1 A01, contains an Impro | |
| CVE-2026-25200 | 9.8 | 0.07% | 2 | 0 | 2026-02-02T06:30:53 | A vulnerability in MagicInfo9 Server allows authorized users to upload HTML file | |
| CVE-2026-25202 | 9.8 | 0.04% | 2 | 0 | 2026-02-02T06:30:53 | The database account and password are hardcoded, allowing login with the account | |
| CVE-2025-69662 | 8.6 | 0.03% | 1 | 0 | 2026-02-01T18:09:11 | SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to ob | |
| CVE-2025-62348 | 7.8 | 0.01% | 1 | 0 | 2026-02-01T18:07:49 | Salt's junos execution module contained an unsafe YAML decode/load usage. A spec | |
| CVE-2026-25130 | 9.7 | 0.08% | 1 | 0 | 2026-01-31T03:53:47 | ## Summary The CAI (Cybersecurity AI) framework contains multiple argument inje | |
| CVE-2026-25153 | 7.7 | 0.05% | 1 | 0 | 2026-01-30T22:15:56.343000 | Backstage is an open framework for building developer portals, and @backstage/pl | |
| CVE-2026-1723 | None | 1.18% | 1 | 0 | 2026-01-30T21:30:28 | Improper Neutralization of Special Elements used in an OS Command ('OS Command I | |
| CVE-2025-68662 | 7.6 | 0.04% | 1 | 0 | 2026-01-30T20:44:48.133000 | Discourse is an open source discussion platform. In versions prior to 3.5.4, 202 | |
| CVE-2025-51958 | 9.8 | 0.07% | 1 | 0 | 2026-01-30T19:16:10.557000 | aelsantex runcommand 2014-04-01, a plugin for DokuWiki, allows unauthenticated a | |
| CVE-2026-1687 | 7.3 | 1.93% | 1 | 0 | 2026-01-30T18:31:21 | A weakness has been identified in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon | |
| CVE-2026-1686 | 8.8 | 0.14% | 2 | 0 | 2026-01-30T18:31:21 | A security flaw has been discovered in Totolink A3600R 5.9c.4959. This issue aff | |
| CVE-2026-1689 | 7.3 | 1.93% | 1 | 0 | 2026-01-30T17:16:13.783000 | A vulnerability was detected in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. | |
| CVE-2026-25128 | 7.5 | 0.07% | 1 | 0 | 2026-01-30T16:16:14.123000 | fast-xml-parser allows users to validate XML, parse XML to JS object, or build X | |
| CVE-2025-4686 | 8.6 | 0.03% | 2 | 1 | 2026-01-30T16:16:11.007000 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-24061 | 9.8 | 29.55% | 5 | 55 | template | 2026-01-30T13:28:59.293000 | telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a " |
| CVE-2026-0709 | 7.2 | 0.01% | 1 | 0 | 2026-01-30T12:31:26 | Some Hikvision Wireless Access Points are vulnerable to authenticated command ex | |
| CVE-2026-1699 | 10.0 | 0.03% | 1 | 0 | 2026-01-30T12:31:26 | In the Eclipse Theia Website repository, the GitHub Actions workflow .github/wor | |
| CVE-2026-22277 | 7.8 | 0.06% | 1 | 0 | 2026-01-30T09:31:01 | Dell UnityVSA, version(s) 5.4 and prior, contain(s) an Improper Neutralization o | |
| CVE-2025-1395 | 8.2 | 0.03% | 1 | 0 | 2026-01-30T09:31:00 | Generation of Error Message Containing Sensitive Information vulnerability in Co | |
| CVE-2026-0805 | 8.2 | 0.11% | 1 | 0 | 2026-01-30T09:30:54 | An input neutralization vulnerability in the Backup Configuration component of C | |
| CVE-2026-0963 | 9.9 | 0.31% | 1 | 0 | 2026-01-30T09:30:54 | An input neutralization vulnerability in the File Operations API Endpoint compon | |
| CVE-2026-21418 | 7.8 | 0.06% | 1 | 0 | 2026-01-30T09:15:50.920000 | Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of | |
| CVE-2026-24714 | 7.5 | 0.07% | 1 | 0 | 2026-01-30T06:30:22 | Some end of service NETGEAR products provide "TelnetEnable" functionality, which | |
| CVE-2026-1281 | 9.8 | 13.12% | 16 | 0 | 2026-01-30T00:31:29 | A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve | |
| CVE-2026-1340 | 9.8 | 0.14% | 14 | 0 | 2026-01-30T00:31:28 | A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve | |
| CVE-2026-25116 | 7.6 | 0.20% | 1 | 0 | 2026-01-29T22:15:56.110000 | Runtipi is a personal homeserver orchestrator. Starting in version 4.5.0 and pri | |
| CVE-2025-69516 | 8.8 | 0.22% | 1 | 0 | 2026-01-29T22:15:52.577000 | A Server-Side Template Injection (SSTI) vulnerability in the /reporting/template | |
| CVE-2025-69602 | 9.1 | 0.04% | 1 | 0 | 2026-01-29T21:31:33 | A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, wher | |
| CVE-2025-71003 | 7.5 | 0.05% | 1 | 0 | 2026-01-29T21:31:32 | An input validation vulnerability in the flow.arange() component of OneFlow v0.9 | |
| CVE-2025-14472 | 8.1 | 0.02% | 1 | 0 | 2026-01-29T21:31:32 | Cross-Site Request Forgery (CSRF) vulnerability in Drupal Acquia Content Hub all | |
| CVE-2026-1601 | 6.3 | 3.17% | 1 | 0 | 2026-01-29T21:30:37 | A weakness has been identified in Totolink A7000R 4.1cu.4154. The impacted eleme | |
| CVE-2026-1610 | 8.1 | 0.01% | 1 | 0 | 2026-01-29T21:30:37 | A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24_cn. Affected by this | |
| CVE-2026-22795 | 5.5 | 0.01% | 1 | 0 | 2026-01-29T21:30:29 | Issue summary: An invalid or NULL pointer dereference can happen in an applicati | |
| CVE-2026-1453 | 9.8 | 0.06% | 2 | 0 | 2026-01-29T19:16:18.987000 | A missing authentication for critical function vulnerability in KiloView Encoder | |
| CVE-2025-61726 | 7.5 | 0.03% | 1 | 0 | 2026-01-29T19:16:16.243000 | The net/url package does not set a limit on the number of query parameters in a | |
| CVE-2025-13982 | 8.1 | 0.02% | 1 | 0 | 2026-01-29T19:16:10.530000 | Cross-Site Request Forgery (CSRF) vulnerability in Drupal Login Time Restriction | |
| CVE-2025-61731 | 7.8 | 0.01% | 1 | 0 | 2026-01-29T18:32:50 | Building a malicious file with cmd/go can cause can cause a write to an attacker | |
| CVE-2025-65889 | 7.5 | 0.05% | 2 | 0 | 2026-01-29T18:32:49 | A type validation flaw in the flow.dstack() component of OneFlow v0.9.0 allows a | |
| CVE-2025-71000 | 7.5 | 0.05% | 1 | 0 | 2026-01-29T18:32:49 | An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attacker | |
| CVE-2025-69517 | 9.8 | 0.05% | 1 | 0 | 2026-01-29T18:32:49 | An issue in Amidaware Inc Tactical RMM v1.3.1 and before allows a remote attacke | |
| CVE-2025-66199 | 5.9 | 0.06% | 1 | 0 | 2026-01-29T18:32:44 | Issue summary: A TLS 1.3 connection using certificate compression can be forced | |
| CVE-2025-69419 | 7.4 | 0.06% | 1 | 0 | 2026-01-29T18:32:43 | Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously craft | |
| CVE-2025-14975 | 8.1 | 0.01% | 1 | 0 | 2026-01-29T18:31:44 | The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a p | |
| CVE-2025-65886 | 7.5 | 0.05% | 2 | 0 | 2026-01-29T18:31:42 | A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Den | |
| CVE-2025-70999 | 7.5 | 0.05% | 1 | 0 | 2026-01-29T17:16:22.420000 | A GPU device-ID validation flaw in the flow.cuda.get_device_capability() compone | |
| CVE-2025-65891 | 7.5 | 0.06% | 1 | 0 | 2026-01-29T17:16:20.240000 | A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a | |
| CVE-2025-65890 | 7.5 | 0.05% | 1 | 0 | 2026-01-29T17:16:20.053000 | A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial | |
| CVE-2025-14840 | 7.5 | 0.05% | 1 | 0 | 2026-01-29T17:16:15.243000 | Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTT | |
| CVE-2025-40551 | 9.8 | 1.03% | 5 | 0 | 2026-01-29T16:31:35.700000 | SolarWinds Web Help Desk was found to be susceptible to an untrusted data deseri | |
| CVE-2025-40554 | 9.8 | 0.04% | 3 | 2 | 2026-01-29T16:31:35.700000 | SolarWinds Web Help Desk was found to be susceptible to an authentication bypass | |
| CVE-2025-65888 | 7.5 | 0.05% | 2 | 0 | 2026-01-29T16:31:00.867000 | A dimension validation flaw in the flow.empty() component of OneFlow 0.9.0 allow | |
| CVE-2025-57283 | 7.8 | 0.07% | 1 | 0 | 2026-01-29T16:31:00.867000 | The Node.js package browserstack-local 1.5.8 contains a command injection vulner | |
| CVE-2025-7713 | 7.5 | 0.04% | 1 | 0 | 2026-01-29T16:31:00.867000 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2025-33218 | 7.8 | 0.01% | 1 | 0 | 2026-01-29T16:31:00.867000 | NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mod | |
| CVE-2025-33217 | 7.8 | 0.01% | 1 | 0 | 2026-01-29T16:31:00.867000 | NVIDIA Display Driver for Windows contains a vulnerability where an attacker cou | |
| CVE-2025-15467 | 9.8 | 0.66% | 7 | 4 | 2026-01-29T15:31:31 | Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AE | |
| CVE-2025-15469 | 5.5 | 0.01% | 1 | 0 | 2026-01-29T15:31:31 | Issue summary: The 'openssl dgst' command-line tool silently truncates input dat | |
| CVE-2025-7714 | 7.5 | 0.05% | 1 | 0 | 2026-01-29T15:30:35 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-1616 | 7.5 | 0.01% | 1 | 0 | 2026-01-29T15:30:34 | The $uri$args concatenation in nginx configuration file present in Open Security | |
| CVE-2026-24429 | 9.8 | 0.08% | 1 | 0 | 2026-01-29T15:30:27 | Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) s | |
| CVE-2026-23864 | 7.5 | 0.79% | 1 | 0 | 2026-01-29T15:00:31 | ## Impact It was found that the fixes to address DoS in React Server Components | |
| CVE-2026-24428 | 8.8 | 0.04% | 1 | 0 | 2026-01-29T13:02:04.990000 | Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) c | |
| CVE-2025-7016 | 8.0 | 0.06% | 1 | 0 | 2026-01-29T12:30:26 | Improper Access Control vulnerability in Akın Software Computer Import Export In | |
| CVE-2026-1547 | 6.3 | 4.18% | 1 | 0 | 2026-01-29T00:31:17 | A vulnerability was detected in Totolink A7000R 4.1cu.4154. This affects the fun | |
| CVE-2025-57795 | 10.0 | 0.26% | 1 | 0 | 2026-01-28T21:32:26 | Explorance Blue versions prior to 8.14.13 contain an authenticated remote file d | |
| CVE-2025-69420 | 7.5 | 0.07% | 2 | 0 | 2026-01-28T21:32:25 | Issue summary: A type confusion vulnerability exists in the TimeStamp Response v | |
| CVE-2026-24868 | 7.5 | 0.05% | 1 | 0 | 2026-01-28T21:31:21 | Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability af | |
| CVE-2026-24436 | 9.8 | 0.03% | 1 | 0 | 2026-01-28T21:31:19 | Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) d | |
| CVE-2026-24430 | 7.5 | 0.04% | 1 | 0 | 2026-01-28T20:16:51.880000 | Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) d | |
| CVE-2026-24440 | 8.8 | 0.04% | 1 | 0 | 2026-01-28T19:20:05.660000 | Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) a | |
| CVE-2025-33219 | 7.8 | 0.01% | 1 | 0 | 2026-01-28T18:30:54 | NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel mo | |
| CVE-2026-24477 | 7.5 | 0.03% | 1 | 0 | 2026-01-28T15:59:06.483000 | AnythingLLM is an application that turns pieces of content into context that any | |
| CVE-2026-1056 | 9.8 | 0.18% | 1 | 1 | 2026-01-28T15:31:37 | The Snow Monkey Forms plugin for WordPress is vulnerable to arbitrary file delet | |
| CVE-2025-40552 | 9.8 | 0.06% | 3 | 0 | 2026-01-28T09:30:35 | SolarWinds Web Help Desk was found to be susceptible to an authentication bypass | |
| CVE-2025-40553 | 9.8 | 0.78% | 3 | 0 | 2026-01-28T09:30:35 | SolarWinds Web Help Desk was found to be susceptible to an untrusted data deseri | |
| CVE-2026-24858 | 9.8 | 3.71% | 7 | 5 | 2026-01-28T00:31:41 | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-2 | |
| CVE-2016-15057 | 9.9 | 32.98% | 1 | 0 | 2026-01-27T20:29:50.263000 | ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used | |
| CVE-2026-21509 | 7.8 | 2.91% | 20 | 6 | 2026-01-27T16:19:42.330000 | Reliance on untrusted inputs in a security decision in Microsoft Office allows a | |
| CVE-2026-1470 | 9.9 | 0.35% | 2 | 0 | 2026-01-27T16:06:45.160000 | n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflo | |
| CVE-2025-52691 | 10.0 | 79.97% | 1 | 11 | template | 2026-01-26T21:31:34 | Successful exploitation of the vulnerability could allow an unauthenticated atta |
| CVE-2026-0863 | 8.5 | 0.06% | 2 | 0 | 2026-01-26T15:05:39.840000 | Using string formatting and exception handling, an attacker may bypass n8n's pyt | |
| CVE-2026-0920 | 9.8 | 0.03% | 1 | 3 | 2026-01-26T15:04:59.737000 | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Ad | |
| CVE-2025-15059 | 7.8 | 0.06% | 1 | 0 | 2026-01-26T15:04:14.850000 | GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerabi | |
| CVE-2026-0755 | 9.8 | 1.27% | 1 | 0 | 2026-01-23T06:31:32 | gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. | |
| CVE-2026-20045 | 8.2 | 1.10% | 1 | 1 | 2026-01-22T14:28:35.883000 | A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unif | |
| CVE-2025-12383 | 7.4 | 0.06% | 1 | 0 | 2026-01-16T20:09:26.027000 | In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignori | |
| CVE-2026-21858 | 10.0 | 5.37% | 1 | 9 | template | 2026-01-13T15:05:00 | ### Impact A vulnerability in n8n allows an attacker to access files on the unde |
| CVE-2025-61729 | 7.5 | 0.02% | 1 | 0 | 2025-12-03T00:31:35 | Within HostnameError.Error(), when constructing an error string, there is no lim | |
| CVE-2025-61795 | None | 0.12% | 1 | 0 | 2025-11-21T15:19:20 | If an error occurred (including exceeding limits) during the processing of a mul | |
| CVE-2025-11001 | 7.0 | 0.37% | 1 | 6 | 2025-11-20T00:31:21 | 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. | |
| CVE-2025-11953 | 9.8 | 0.40% | 6 | 4 | 2025-11-11T17:15:38.977000 | The Metro Development Server, which is opened by the React Native Community CLI, | |
| CVE-2024-10460 | 5.3 | 0.42% | 1 | 0 | 2025-11-04T00:31:55 | The origin of an external protocol handler prompt could have been obscured using | |
| CVE-2025-31650 | None | 3.28% | 1 | 7 | 2025-11-03T22:55:50 | Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handli | |
| CVE-2025-48988 | 7.5 | 0.12% | 1 | 2 | 2025-11-03T21:34:01 | Allocation of Resources Without Limits or Throttling vulnerability in Apache Tom | |
| CVE-2025-8088 | 8.8 | 4.61% | 1 | 26 | 2025-10-30T15:50:59.680000 | A path traversal vulnerability affecting the Windows version of WinRAR allows th | |
| CVE-2025-0282 | 9.0 | 94.11% | 1 | 10 | template | 2025-10-24T13:54:58.783000 | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, |
| CVE-2025-10666 | 8.8 | 5.09% | 1 | 0 | 2025-09-19T21:32:20 | A security flaw has been discovered in D-Link DIR-825 up to 2.10. Affected by th | |
| CVE-2025-49825 | 9.8 | 7.60% | 2 | 0 | template | 2025-06-18T14:15:12 | ### Impact A full technical disclosure and open-source patch will be published |
| CVE-2022-48986 | 5.5 | 0.10% | 1 | 0 | 2024-11-01T15:32:52 | In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix | |
| CVE-2023-38346 | 8.8 | 1.23% | 2 | 0 | 2024-04-04T07:48:27 | An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtra | |
| CVE-2022-37393 | 7.8 | 5.12% | 1 | 0 | 2023-01-30T05:06:18 | Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binar | |
| CVE-2019-15006 | None | 0.67% | 2 | 0 | 2023-01-29T05:00:49 | There was a man-in-the-middle (MITM) vulnerability present in the Confluence Pre | |
| CVE-2026-24513 | 0 | 0.00% | 2 | 0 | N/A | ||
| CVE-2026-24514 | 0 | 0.00% | 2 | 0 | N/A | ||
| CVE-2026-23743 | 0 | 0.04% | 1 | 0 | N/A | ||
| CVE-2026-24854 | 0 | 0.03% | 1 | 0 | N/A | ||
| CVE-2025-63261 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-22806 | 0 | 0.01% | 1 | 0 | N/A | ||
| CVE-2025-62514 | 0 | 0.03% | 1 | 0 | N/A | ||
| CVE-2026-2150 | 0 | 0.00% | 1 | 4 | N/A | ||
| CVE-2026-24897 | 0 | 0.58% | 1 | 0 | N/A | ||
| CVE-2026-24856 | 0 | 0.02% | 1 | 0 | N/A |
updated 2026-02-03T16:44:36.630000
8 posts
1 repos
OpenClaw – CVE-2026-25253 : un lien malveillant suffit à exécuter du code à distance en 1-clic https://www.it-connect.fr/openclaw-cve-2026-25253-un-lien-malveillant-suffit-a-executer-du-code-a-distance-en-1-clic/ #ActuCybersécurité #Cybersécurité #IA
##depthfirst | 1-Click RCE To Steal Your Moltbot Data and Keys (CVE-2026-25253)
https://depthfirst.com/post/1-click-rce-to-steal-your-moltbot-data-and-keys
##Here's a summary of the latest global, technology, and cybersecurity news from the last 24-48 hours:
**Global:** US-Iran talks on a nuclear deal are progressing, though Iran warned of regional war if attacked (Feb 1-2). A Russian drone strike killed 15 mineworkers in Dnipro, Ukraine (Feb 1).
**Tech/Cybersecurity:** ETSI launched a new, globally applicable cybersecurity standard for AI models (ETSI EN 304 223, Feb 2). A critical remote code execution (RCE) flaw in the OpenClaw AI assistant (CVE-2026-25253) was disclosed (Feb 2). AI-driven cyber threats are escalating, and Microsoft's extensive AI infrastructure spending is raising Wall Street concerns (Jan 30 - Feb 2).
##🟠 CVE-2026-25253 - High (8.8)
OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25253/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##OpenClaw – CVE-2026-25253 : un lien malveillant suffit à exécuter du code à distance en 1-clic https://www.it-connect.fr/openclaw-cve-2026-25253-un-lien-malveillant-suffit-a-executer-du-code-a-distance-en-1-clic/ #ActuCybersécurité #Cybersécurité #IA
##depthfirst | 1-Click RCE To Steal Your Moltbot Data and Keys (CVE-2026-25253)
https://depthfirst.com/post/1-click-rce-to-steal-your-moltbot-data-and-keys
##Here's a summary of the latest global, technology, and cybersecurity news from the last 24-48 hours:
**Global:** US-Iran talks on a nuclear deal are progressing, though Iran warned of regional war if attacked (Feb 1-2). A Russian drone strike killed 15 mineworkers in Dnipro, Ukraine (Feb 1).
**Tech/Cybersecurity:** ETSI launched a new, globally applicable cybersecurity standard for AI models (ETSI EN 304 223, Feb 2). A critical remote code execution (RCE) flaw in the OpenClaw AI assistant (CVE-2026-25253) was disclosed (Feb 2). AI-driven cyber threats are escalating, and Microsoft's extensive AI infrastructure spending is raising Wall Street concerns (Jan 30 - Feb 2).
##🟠 CVE-2026-25253 - High (8.8)
OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25253/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🟠 CVE-2026-20402 - High (7.5)
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. Use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20402/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20402 - High (7.5)
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. Use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20402/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🟠 CVE-2026-20409 - High (7.8)
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Pat...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20409/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20409 - High (7.8)
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Pat...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20409/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
4 posts
🟠 CVE-2026-20404 - High (7.5)
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. Use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20404/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20404 - High (7.5)
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. Use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20404/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20404 - High (7.5)
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. Use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20404/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20404 - High (7.5)
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. Use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20404/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🟠 CVE-2026-20422 - High (7.5)
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. Use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20422/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20422 - High (7.5)
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. Use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20422/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
4 posts
🔴 CVE-2026-24071 - Critical (9.3)
It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24071/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-24071 - Critical (9.3)
It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24071/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-24071 - Critical (9.3)
It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24071/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-24071 - Critical (9.3)
It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24071/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
4 posts
🟠 CVE-2025-9974 - High (8.8)
The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validation of user-supplied data, a low-privileged aut...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-9974/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-9974 - High (8.8)
The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validation of user-supplied data, a low-privileged aut...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-9974/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-9974 - High (8.8)
The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validation of user-supplied data, a low-privileged aut...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-9974/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-9974 - High (8.8)
The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validation of user-supplied data, a low-privileged aut...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-9974/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🔴 CVE-2025-15030 - Critical (9.8)
The User Profile Builder WordPress plugin before 3.15.2 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15030/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-15030 - Critical (9.8)
The User Profile Builder WordPress plugin before 3.15.2 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15030/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🟠 CVE-2025-47358 - High (7.8)
Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47358/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-47358 - High (7.8)
Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47358/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🟠 CVE-2025-47399 - High (7.8)
Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47399/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-47399 - High (7.8)
Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47399/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🟠 CVE-2026-20408 - High (8)
In wlan, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20408/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20408 - High (8)
In wlan, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20408/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🟠 CVE-2026-20419 - High (7.5)
In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20419/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20419 - High (7.5)
In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20419/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🟠 CVE-2026-1117 - High (8.2)
A vulnerability in the `lollms_generation_events.py` component of parisneo/lollms version 5.9.0 allows unauthenticated access to sensitive Socket.IO events. The `add_events` function registers event handlers such as `generate_text`, `cancel_genera...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1117/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-1117 - High (8.2)
A vulnerability in the `lollms_generation_events.py` component of parisneo/lollms version 5.9.0 allows unauthenticated access to sensitive Socket.IO events. The `add_events` function registers event handlers such as `generate_text`, `cancel_genera...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1117/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🟠 CVE-2026-1531 - High (8.1)
A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1531/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-1531 - High (8.1)
A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1531/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🟠 CVE-2026-24788 - High (8.8)
RaspAP raspap-webgui versions prior to 3.3.6 contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed by a user who can log in to the product.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24788/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24788 - High (8.8)
RaspAP raspap-webgui versions prior to 3.3.6 contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed by a user who can log in to the product.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24788/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:36.630000
2 posts
🟠 CVE-2026-25201 - High (8.8)
An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server.
This issue affects MagicINFO 9 Server: less than 21.1090.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25201/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25201 - High (8.8)
An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server.
This issue affects MagicINFO 9 Server: less than 21.1090.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25201/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
2 posts
1 repos
🔴 CVE-2025-5319 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Emit Information and Communication Technologies Industry and Trade Ltd. Co. Efficiency Management System allows SQL Injection.This issue affects ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-5319/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-5319 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Emit Information and Communication Technologies Industry and Trade Ltd. Co. Efficiency Management System allows SQL Injection.This issue affects ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-5319/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
2 posts
🟠 CVE-2026-25022 - High (8.5)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Blind SQL Injection.This issue affects KiviCare: from n/a through <= 3.6.16.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25022/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25022 - High (8.5)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Blind SQL Injection.This issue affects KiviCare: from n/a through <= 3.6.16.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25022/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
2 posts
🟠 CVE-2025-6397 - High (8.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS.This issue affects Website Software: through 03022026.
NOTE: The ve...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-6397/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-6397 - High (8.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS.This issue affects Website Software: through 03022026.
NOTE: The ve...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-6397/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
2 posts
🟠 CVE-2025-7760 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ofisimo Web-Based Software Technologies Association Web Package Flora allows XSS Through HTTP Headers.This issue affects Association Web P...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-7760/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-7760 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ofisimo Web-Based Software Technologies Association Web Package Flora allows XSS Through HTTP Headers.This issue affects Association Web P...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-7760/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
2 posts
🟠 CVE-2025-67848 - High (8.1)
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI authentication handlers failing to enforce the us...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67848/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-67848 - High (8.1)
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI authentication handlers failing to enforce the us...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67848/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
2 posts
🟠 CVE-2025-67853 - High (7.5)
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67853/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-67853 - High (7.5)
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67853/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
2 posts
🟠 CVE-2025-8461 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Seres Software syWEB allows Reflected XSS.This issue affects syWEB: through 03022026.
NOTE: The vendor was contacted early about this d...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8461/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-8461 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Seres Software syWEB allows Reflected XSS.This issue affects syWEB: through 03022026.
NOTE: The vendor was contacted early about this d...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8461/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
3 posts
Blip blop, I'm a #mastobot.
Here is a summary (in beta) of the latest posts in #programmingAtKukei https://masto.kukei.eu/browse/programming category:
- Claude Code at Microsoft and the rise of AI coding assistants; OpenAI Codex app for macOS.
- OpenClaw/Moltbot vulnerabilities and security concerns around AI agents.
- Ingress-Nginx deprecation and multiple Kubernetes security exploits.
- CVE-2026-25142: SandboxJS JavaScript sandboxing library high-severity flaw.
- CVE-2026-1730: [1/2]
🔴 CVE-2026-25142 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.27, SanboxJS does not properly restrict __lookupGetter__ which can be used to obtain prototypes, which can be used for escaping the sandbox / remote code execution. This vulnerability is f...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25142/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25142 - Critical (10)
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.27, SanboxJS does not properly restrict __lookupGetter__ which can be used to obtain prototypes, which can be used for escaping the sandbox / remote code execution. This vulnerability is f...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25142/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
2 posts
🟠 CVE-2026-24694 - High (7.8)
The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link Libraries (DLLs), which could allow an attacker to execute arbitrary code with the privileges of the application.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24694/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24694 - High (7.8)
The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link Libraries (DLLs), which could allow an attacker to execute arbitrary code with the privileges of the application.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24694/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
2 posts
🔴 CVE-2025-66480 - Critical (9.8)
Wildfire IM is an instant messaging and real-time audio/video solution. Prior to 1.4.3, a critical vulnerability exists in the im-server component related to the file upload functionality found in com.xiaoleilu.loServer.action.UploadFileAction. Th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-66480/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-66480 - Critical (9.8)
Wildfire IM is an instant messaging and real-time audio/video solution. Prior to 1.4.3, a critical vulnerability exists in the im-server component related to the file upload functionality found in com.xiaoleilu.loServer.action.UploadFileAction. Th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-66480/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
2 posts
🟠 CVE-2026-23997 - High (8)
FacturaScripts is open-source enterprise resource planning and accounting software. In 2025.71 and earlier, a Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Observations field. The flaw occurs in the History view, where hist...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23997/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-23997 - High (8)
FacturaScripts is open-source enterprise resource planning and accounting software. In 2025.71 and earlier, a Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Observations field. The flaw occurs in the History view, where hist...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23997/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
2 posts
🟠 CVE-2026-25059 - High (8.8)
OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, the application contains path traversal vulnerability in multiple file operation handlers in server/handles/fsmanage.go. Filename components in req.Names are directly concatenated ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25059/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25059 - High (8.8)
OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, the application contains path traversal vulnerability in multiple file operation handlers in server/handles/fsmanage.go. Filename components in req.Names are directly concatenated ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25059/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:44:03.343000
3 posts
🔴 CVE-2026-25137 - Critical (9.1)
The NixOs Odoo package is an open source ERP and CRM system. From 21.11 to before 25.11 and 26.05, every NixOS based Odoo setup publicly exposes the database manager without any authentication. This allows unauthorized actors to delete and downloa...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25137/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25137 - Critical (9.1)
The NixOs Odoo package is an open source ERP and CRM system. From 21.11 to before 25.11 and 26.05, every NixOS based Odoo setup publicly exposes the database manager without any authentication. This allows unauthorized actors to delete and downloa...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25137/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Security Advisory: Database and filestore publicly accessible with default Odoo configuration (CVE-2026-25137)
##updated 2026-02-03T16:16:10.400000
5 posts
1 repos
https://github.com/mcorybillington/CVE-2025-64328_FreePBX-framework-Command-Injection
CISA has updated the KEV catalogue.
- CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability https://www.cve.org/CVERecord?id=CVE-2019-19006
- CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-64328
- CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability https://www.cve.org/CVERecord?id=CVE-2021-39935 #CISA #infosec #GitLab #vulnerability
##CVE ID: CVE-2025-64328
Vendor: Sangoma
Product: FreePBX
Date Added: 2026-02-03
Notes: https://github.com/FreePBX/security-reporting/security/advisories/GHSA-vm9p-46mv-5xvw ; https://nvd.nist.gov/vuln/detail/CVE-2025-64328
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-64328
CISA has updated the KEV catalogue.
- CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability https://www.cve.org/CVERecord?id=CVE-2019-19006
- CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-64328
- CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability https://www.cve.org/CVERecord?id=CVE-2021-39935 #CISA #infosec #GitLab #vulnerability
##CVE ID: CVE-2025-64328
Vendor: Sangoma
Product: FreePBX
Date Added: 2026-02-03
Notes: https://github.com/FreePBX/security-reporting/security/advisories/GHSA-vm9p-46mv-5xvw ; https://nvd.nist.gov/vuln/detail/CVE-2025-64328
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-64328
FortiGuard Labs analyses EncystPHP, a weaponized web shell delivering remote command execution, persistence and further web shell deployment. It spreads by exploiting FreePBX vulnerability CVE-2025-64328 and is linked to the INJ3CTOR3 actor. https://www.fortinet.com/blog/threat-research/unveiling-the-weaponized-web-shell-encystphp
##updated 2026-02-03T16:16:09.467000
4 posts
CISA has updated the KEV catalogue.
- CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability https://www.cve.org/CVERecord?id=CVE-2019-19006
- CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-64328
- CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability https://www.cve.org/CVERecord?id=CVE-2021-39935 #CISA #infosec #GitLab #vulnerability
##CVE ID: CVE-2021-39935
Vendor: GitLab
Product: Community and Enterprise Editions
Date Added: 2026-02-03
Notes: https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/ ; https://nvd.nist.gov/vuln/detail/CVE-2021-39935
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2021-39935
CISA has updated the KEV catalogue.
- CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability https://www.cve.org/CVERecord?id=CVE-2019-19006
- CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-64328
- CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability https://www.cve.org/CVERecord?id=CVE-2021-39935 #CISA #infosec #GitLab #vulnerability
##CVE ID: CVE-2021-39935
Vendor: GitLab
Product: Community and Enterprise Editions
Date Added: 2026-02-03
Notes: https://about.gitlab.com/releases/2021/12/06/security-release-gitlab-14-5-2-released/ ; https://nvd.nist.gov/vuln/detail/CVE-2021-39935
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2021-39935
updated 2026-02-03T16:16:08.457000
4 posts
CISA has updated the KEV catalogue.
- CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability https://www.cve.org/CVERecord?id=CVE-2019-19006
- CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-64328
- CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability https://www.cve.org/CVERecord?id=CVE-2021-39935 #CISA #infosec #GitLab #vulnerability
##CVE ID: CVE-2019-19006
Vendor: Sangoma
Product: FreePBX
Date Added: 2026-02-03
Notes: https://wiki.freepbx.org/display/FOP/2019-11-20%2BRemote%2BAdmin%2BAuthentication%2BBypass ; https://nvd.nist.gov/vuln/detail/CVE-2019-19006
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2019-19006
CISA has updated the KEV catalogue.
- CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability https://www.cve.org/CVERecord?id=CVE-2019-19006
- CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-64328
- CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability https://www.cve.org/CVERecord?id=CVE-2021-39935 #CISA #infosec #GitLab #vulnerability
##CVE ID: CVE-2019-19006
Vendor: Sangoma
Product: FreePBX
Date Added: 2026-02-03
Notes: https://wiki.freepbx.org/display/FOP/2019-11-20%2BRemote%2BAdmin%2BAuthentication%2BBypass ; https://nvd.nist.gov/vuln/detail/CVE-2019-19006
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2019-19006
updated 2026-02-03T16:13:27
2 posts
🟠 CVE-2026-25060 - High (8.1)
OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, certificate verification is disabled by default for all storage driver communications. The TlsInsecureSkipVerify setting is default to true in the DefaultConfig() function in inter...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25060/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25060 - High (8.1)
OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, certificate verification is disabled by default for all storage driver communications. The TlsInsecureSkipVerify setting is default to true in the DefaultConfig() function in inter...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25060/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:13:07
4 posts
🟠 CVE-2026-24763 - High (8.8)
OpenClaw (formerly Clawdbot) is a personal AI assistant you run on your own devices. Prior to 2026.1.29, a command injection vulnerability existed in OpenClaw’s Docker sandbox execution mechanism due to unsafe handling of the PATH environment v...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24763/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24763 - High (8.8)
OpenClaw (formerly Clawdbot) is a personal AI assistant you run on your own devices. Prior to 2026.1.29, a command injection vulnerability existed in OpenClaw’s Docker sandbox execution mechanism due to unsafe handling of the PATH environment v...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24763/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24763 - High (8.8)
OpenClaw (formerly Clawdbot) is a personal AI assistant you run on your own devices. Prior to 2026.1.29, a command injection vulnerability existed in OpenClaw’s Docker sandbox execution mechanism due to unsafe handling of the PATH environment v...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24763/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24763 - High (8.8)
OpenClaw (formerly Clawdbot) is a personal AI assistant you run on your own devices. Prior to 2026.1.29, a command injection vulnerability existed in OpenClaw’s Docker sandbox execution mechanism due to unsafe handling of the PATH environment v...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24763/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:13:02
4 posts
🟠 CVE-2026-24737 - High (8.1)
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24737/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24737 - High (8.1)
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24737/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24737 - High (8.1)
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24737/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24737 - High (8.1)
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24737/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:12:17
2 posts
🔴 CVE-2026-23515 - Critical (9.9)
Signal K Server is a server application that runs on a central hub in a boat. Prior to 1.5.0, a command injection vulnerability allows authenticated users with write permissions to execute arbitrary shell commands on the Signal K server when the s...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23515/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-23515 - Critical (9.9)
Signal K Server is a server application that runs on a central hub in a boat. Prior to 1.5.0, a command injection vulnerability allows authenticated users with write permissions to execute arbitrary shell commands on the Signal K server when the s...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23515/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T16:12:13
2 posts
🔴 CVE-2026-22778 - Critical (9.8)
vLLM is an inference and serving engine for large language models (LLMs). From 0.8.3 to before 0.14.1, when an invalid image is sent to vLLM's multimodal endpoint, PIL throws an error. vLLM returns this error to the client, leaking a heap address....
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22778/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-22778 - Critical (9.8)
vLLM is an inference and serving engine for large language models (LLMs). From 0.8.3 to before 0.14.1, when an invalid image is sent to vLLM's multimodal endpoint, PIL throws an error. vLLM returns this error to the client, leaking a heap address....
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22778/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T09:30:34
2 posts
🟠 CVE-2026-1375 - High (8.1)
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object References (IDOR) in all versions up to, and including, 3.9.5. This is due to missing object-level authorization checks in the `cou...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1375/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-1375 - High (8.1)
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object References (IDOR) in all versions up to, and including, 3.9.5. This is due to missing object-level authorization checks in the `cou...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1375/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T09:30:34
2 posts
🔴 CVE-2026-24465 - Critical (9.8)
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24465/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-24465 - Critical (9.8)
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24465/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T09:30:28
2 posts
🟠 CVE-2025-8456 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kod8 Software Technologies Trade Ltd. Co. Kod8 Individual and SME Website allows Reflected XSS.This issue affects Kod8 Individual and SME ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8456/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-8456 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kod8 Software Technologies Trade Ltd. Co. Kod8 Individual and SME Website allows Reflected XSS.This issue affects Kod8 Individual and SME ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8456/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T09:30:28
3 posts
Blip blop, I'm a #mastobot.
Here is a summary (in beta) of the latest posts in #programmingAtKukei https://masto.kukei.eu/browse/programming category:
- Claude Code at Microsoft and the rise of AI coding assistants; OpenAI Codex app for macOS.
- OpenClaw/Moltbot vulnerabilities and security concerns around AI agents.
- Ingress-Nginx deprecation and multiple Kubernetes security exploits.
- CVE-2026-25142: SandboxJS JavaScript sandboxing library high-severity flaw.
- CVE-2026-1730: [1/2]
🟠 CVE-2026-1730 - High (8.8)
The OS DataHub Maps plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'OS_DataHub_Maps_Admin::add_file_and_ext' function in all versions up to, and including, 1.8.3. This makes it possible fo...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1730/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-1730 - High (8.8)
The OS DataHub Maps plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'OS_DataHub_Maps_Admin::add_file_and_ext' function in all versions up to, and including, 1.8.3. This makes it possible fo...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1730/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T09:30:28
2 posts
🟠 CVE-2025-8590 - High (7.5)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Directory Indexing.This issue affects SKSPro: through 07012026.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8590/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-8590 - High (7.5)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Directory Indexing.This issue affects SKSPro: through 07012026.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8590/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T09:30:28
2 posts
🟠 CVE-2025-8589 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Reflected XSS.This issue affects SKSPro: through 07012026.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8589/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-8589 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows Reflected XSS.This issue affects SKSPro: through 07012026.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8589/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T00:31:23
2 posts
🟠 CVE-2026-20407 - High (8.8)
In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20407/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20407 - High (8.8)
In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20407/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T00:31:23
2 posts
🟠 CVE-2026-20406 - High (7.5)
In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User in...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20406/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20406 - High (7.5)
In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User in...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20406/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T00:31:23
2 posts
🟠 CVE-2026-20421 - High (7.5)
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. Use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20421/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20421 - High (7.5)
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. Use...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20421/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T00:31:23
2 posts
🟠 CVE-2026-20420 - High (7.5)
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20420/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20420 - High (7.5)
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20420/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T00:31:22
2 posts
🟠 CVE-2025-63649 - High (7.5)
An out-of-bounds read in the http_parser_transfer_encoding_chunked function (mk_server/mk_http_parser.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted POST request to the server.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-63649/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-63649 - High (7.5)
An out-of-bounds read in the http_parser_transfer_encoding_chunked function (mk_server/mk_http_parser.c) of monkey commit f37e984 allows attackers to cause a Denial of Service (DoS) via sending a crafted POST request to the server.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-63649/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T00:31:22
2 posts
🟠 CVE-2026-20403 - High (7.5)
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20403/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20403 - High (7.5)
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20403/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T00:31:22
2 posts
🟠 CVE-2026-20405 - High (7.5)
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20405/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20405 - High (7.5)
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20405/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-03T00:30:18
3 posts
🟠 CVE-2025-71007 - High (7.5)
An input validation vulnerability in the oneflow.index_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71007/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-71007 - High (7.5)
An input validation vulnerability in the oneflow.index_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71007/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-71007 - High (7.5)
An input validation vulnerability in the oneflow.index_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71007/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T22:07:42
2 posts
🟠 CVE-2026-0599 - High (7.5)
A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Mark...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0599/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-0599 - High (7.5)
A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Mark...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0599/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T21:31:27
2 posts
🟠 CVE-2026-20411 - High (7.8)
In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20411/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20411 - High (7.8)
In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20411/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T21:02:04
2 posts
🟠 CVE-2026-1530 - High (8.1)
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communication...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1530/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-1530 - High (8.1)
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communication...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1530/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T18:40:27.467000
1 posts
‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-02-02T18:39:21.740000
1 posts
‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-02-02T18:38:00.947000
1 posts
‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-02-02T18:36:57.727000
1 posts
‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-02-02T18:36:03.557000
1 posts
‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-02-02T18:32:35
2 posts
🟠 CVE-2026-20412 - High (7.8)
In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20412/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20412 - High (7.8)
In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20412/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T18:32:35
2 posts
🟠 CVE-2026-24070 - High (8.8)
During the installation of the Native Access application, a privileged helper `com.native-instruments.NativeAccess.Helper2`, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is de...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24070/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24070 - High (8.8)
During the installation of the Native Access application, a privileged helper `com.native-instruments.NativeAccess.Helper2`, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is de...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24070/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T18:32:35
1 posts
‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-02-02T18:31:39
2 posts
🟠 CVE-2025-47359 - High (7.8)
Memory Corruption when multiple threads simultaneously access a memory free API.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47359/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-47359 - High (7.8)
Memory Corruption when multiple threads simultaneously access a memory free API.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47359/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T18:31:39
2 posts
🟠 CVE-2025-47398 - High (7.8)
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47398/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-47398 - High (7.8)
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47398/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T18:31:39
2 posts
🟠 CVE-2025-47397 - High (7.8)
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47397/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-47397 - High (7.8)
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-47397/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T18:31:38
2 posts
🟠 CVE-2025-14914 - High (7.6)
IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14914/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-14914 - High (7.6)
IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14914/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T18:16:11.883000
1 posts
🟠 CVE-2025-13986 - High (7.5)
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Disable Login Page allows Functionality Bypass.This issue affects Disable Login Page: from 0.0.0 before 1.1.3.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13986/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T17:16:17.223000
1 posts
🟠 CVE-2026-1637 - High (8.8)
A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element is the function fromAdvSetMacMtuWan of the file /goform/AdvSetMacMtuWan. The manipulation leads to stack-based buffer overflow. Remote exploitation of the attack is pos...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1637/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T15:30:44
2 posts
🟠 CVE-2026-1761 - High (8.6)
A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart H...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1761/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-1761 - High (8.6)
A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart H...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1761/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T15:30:34
4 posts
🟠 CVE-2026-20418 - High (8.8)
In Thread, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR004...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20418/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20418 - High (8.8)
In Thread, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR004...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20418/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20418 - High (8.8)
In Thread, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR004...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20418/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-20418 - High (8.8)
In Thread, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR004...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20418/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T15:30:34
2 posts
🟠 CVE-2025-8587 - High (8.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows SQL Injection.This issue affects SKSPro: through 07012026.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8587/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-8587 - High (8.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSPro allows SQL Injection.This issue affects SKSPro: through 07012026.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8587/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T14:09:07
1 posts
🔴 CVE-2025-61140 - Critical (9.8)
The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61140/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T09:31:33
1 posts
🟠 CVE-2025-46691 - High (7.8)
Dell PremierColor Panel Driver, versions prior to 1.0.0.1 A01, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-46691/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T06:30:53
2 posts
🔴 CVE-2026-25200 - Critical (9.8)
A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover
This issue affects MagicINFO 9 Server: less than 21.1090.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25200/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25200 - Critical (9.8)
A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover
This issue affects MagicINFO 9 Server: less than 21.1090.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25200/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-02T06:30:53
2 posts
🔴 CVE-2026-25202 - Critical (9.8)
The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25202/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25202 - Critical (9.8)
The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25202/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-01T18:09:11
1 posts
🟠 CVE-2025-69662 - High (8.6)
SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the to_postgis()` function being used to write GeoDataFrames to a PostgreSQL database.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69662/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-01T18:07:49
1 posts
🟠 CVE-2025-62348 - High (7.8)
Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-62348/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-31T03:53:47
1 posts
🔴 CVE-2026-25130 - Critical (9.6)
Cybersecurity AI (CAI) is a framework for AI Security. In versions up to and including 0.5.10, the CAI (Cybersecurity AI) framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directl...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25130/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T22:15:56.343000
1 posts
🟠 CVE-2026-25153 - High (7.7)
Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25153/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T21:30:28
1 posts
📈 CVE Published in last 7 days (2026-01-26 - 2026-02-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 860
Severity:
- Critical: 96
- High: 295
- Medium: 375
- Low: 18
- None: 76
Status:
- : 6
- Analyzed: 70
- Awaiting Analysis: 299
- Modified: 1
- Received: 245
- Rejected: 18
- Undergoing Analysis: 221
Top CNAs:
- VulnCheck: 171
- GitHub, Inc.: 128
- VulDB: 74
- MITRE: 61
- Government Technology Agency of Singapore Cyber Security Group (GovTech CSG): 48
- Wordfence: 43
- kernel.org: 38
- Spanish National Cybersecurity Institute, S.A. (INCIBE): 28
- SEC Consult Vulnerability Lab: 20
- IBM Corporation: 18
Top Affected Products:
- UNKNOWN: 771
- Discourse: 13
- Flexense Disk Pulse Enterprise: 11
- Flexense Sync Breeze Enterprise Server: 11
- Tenda W30e Firmware: 10
- Oisf Suricata: 7
- Pnpm: 5
- Gpac: 4
- Fabian Online Examination System: 3
- Sangfor Operation And Maintenance Security Management System: 3
Top EPSS Score:
- CVE-2016-15057 - 32.46 % (https://secdb.nttzen.cloud/cve/detail/CVE-2016-15057)
- CVE-2026-1281 - 14.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1281)
- CVE-2026-24858 - 3.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24858)
- CVE-2026-21509 - 2.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21509)
- CVE-2026-1547 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1547)
- CVE-2026-1601 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1601)
- CVE-2026-1687 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2026-1689 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1689)
- CVE-2026-1723 - 0.94 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1723)
- CVE-2025-40551 - 0.87 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-40551)
updated 2026-01-30T20:44:48.133000
1 posts
🟠 CVE-2025-68662 - High (7.6)
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, a hostname validation issue in FinalDestination could allow bypassing SSRF protections under certain conditions. This issue is patched...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68662/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T19:16:10.557000
1 posts
🔴 CVE-2025-51958 - Critical (9.8)
aelsantex runcommand 2014-04-01, a plugin for DokuWiki, allows unauthenticated attackers to execute arbitrary system commands via lib/plugins/runcommand/postaction.php.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-51958/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T18:31:21
1 posts
📈 CVE Published in last 7 days (2026-01-26 - 2026-02-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 860
Severity:
- Critical: 96
- High: 295
- Medium: 375
- Low: 18
- None: 76
Status:
- : 6
- Analyzed: 70
- Awaiting Analysis: 299
- Modified: 1
- Received: 245
- Rejected: 18
- Undergoing Analysis: 221
Top CNAs:
- VulnCheck: 171
- GitHub, Inc.: 128
- VulDB: 74
- MITRE: 61
- Government Technology Agency of Singapore Cyber Security Group (GovTech CSG): 48
- Wordfence: 43
- kernel.org: 38
- Spanish National Cybersecurity Institute, S.A. (INCIBE): 28
- SEC Consult Vulnerability Lab: 20
- IBM Corporation: 18
Top Affected Products:
- UNKNOWN: 771
- Discourse: 13
- Flexense Disk Pulse Enterprise: 11
- Flexense Sync Breeze Enterprise Server: 11
- Tenda W30e Firmware: 10
- Oisf Suricata: 7
- Pnpm: 5
- Gpac: 4
- Fabian Online Examination System: 3
- Sangfor Operation And Maintenance Security Management System: 3
Top EPSS Score:
- CVE-2016-15057 - 32.46 % (https://secdb.nttzen.cloud/cve/detail/CVE-2016-15057)
- CVE-2026-1281 - 14.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1281)
- CVE-2026-24858 - 3.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24858)
- CVE-2026-21509 - 2.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21509)
- CVE-2026-1547 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1547)
- CVE-2026-1601 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1601)
- CVE-2026-1687 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2026-1689 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1689)
- CVE-2026-1723 - 0.94 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1723)
- CVE-2025-40551 - 0.87 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-40551)
updated 2026-01-30T18:31:21
2 posts
🟠 CVE-2026-1686 - High (8.8)
A security flaw has been discovered in Totolink A3600R 5.9c.4959. This issue affects the function setAppEasyWizardConfig in the library /lib/cste_modules/app.so. Performing a manipulation of the argument apcliSsid results in buffer overflow. It is...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1686/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-1686 - High (8.8)
A security flaw has been discovered in Totolink A3600R 5.9c.4959. This issue affects the function setAppEasyWizardConfig in the library /lib/cste_modules/app.so. Performing a manipulation of the argument apcliSsid results in buffer overflow. It is...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1686/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T17:16:13.783000
1 posts
📈 CVE Published in last 7 days (2026-01-26 - 2026-02-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 860
Severity:
- Critical: 96
- High: 295
- Medium: 375
- Low: 18
- None: 76
Status:
- : 6
- Analyzed: 70
- Awaiting Analysis: 299
- Modified: 1
- Received: 245
- Rejected: 18
- Undergoing Analysis: 221
Top CNAs:
- VulnCheck: 171
- GitHub, Inc.: 128
- VulDB: 74
- MITRE: 61
- Government Technology Agency of Singapore Cyber Security Group (GovTech CSG): 48
- Wordfence: 43
- kernel.org: 38
- Spanish National Cybersecurity Institute, S.A. (INCIBE): 28
- SEC Consult Vulnerability Lab: 20
- IBM Corporation: 18
Top Affected Products:
- UNKNOWN: 771
- Discourse: 13
- Flexense Disk Pulse Enterprise: 11
- Flexense Sync Breeze Enterprise Server: 11
- Tenda W30e Firmware: 10
- Oisf Suricata: 7
- Pnpm: 5
- Gpac: 4
- Fabian Online Examination System: 3
- Sangfor Operation And Maintenance Security Management System: 3
Top EPSS Score:
- CVE-2016-15057 - 32.46 % (https://secdb.nttzen.cloud/cve/detail/CVE-2016-15057)
- CVE-2026-1281 - 14.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1281)
- CVE-2026-24858 - 3.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24858)
- CVE-2026-21509 - 2.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21509)
- CVE-2026-1547 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1547)
- CVE-2026-1601 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1601)
- CVE-2026-1687 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2026-1689 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1689)
- CVE-2026-1723 - 0.94 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1723)
- CVE-2025-40551 - 0.87 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-40551)
updated 2026-01-30T16:16:14.123000
1 posts
🟠 CVE-2026-25128 - High (7.5)
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 4.3.6 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25128/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T16:16:11.007000
2 posts
1 repos
🟠 CVE-2025-4686 - High (8.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co. Online Exam and Assessment allows SQL Injection.This issue affects On...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-4686/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-4686 - High (8.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co. Online Exam and Assessment allows SQL Injection.This issue affects On...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-4686/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T13:28:59.293000
5 posts
55 repos
https://github.com/Lingzesec/CVE-2026-24061-GUI
https://github.com/monstertsl/CVE-2026-24061
https://github.com/Good123321-bot/CVE-2026-24061-POC
https://github.com/leonjza/inetutils-telnetd-auth-bypass
https://github.com/TryA9ain/CVE-2026-24061
https://github.com/franckferman/CVE_2026_24061_PoC
https://github.com/yanxinwu946/CVE-2026-24061--telnetd
https://github.com/BrainBob/CVE-2026-24061
https://github.com/balgan/CVE-2026-24061
https://github.com/xuemian168/CVE-2026-24061
https://github.com/dotelpenguin/telnetd_CVE-2026-24061_tester
https://github.com/cyberpoul/CVE-2026-24061-POC
https://github.com/cumakurt/tscan
https://github.com/JayGLXR/CVE-2026-24061-POC
https://github.com/androidteacher/CVE-2026-24061-PoC-Telnetd
https://github.com/Mefhika120/Ashwesker-CVE-2026-24061
https://github.com/SeptembersEND/CVE--2026-24061
https://github.com/punitdarji/telnetd-cve-2026-24061
https://github.com/ms0x08-dev/CVE-2026-24061-POC
https://github.com/infat0x/CVE-2026-24061
https://github.com/Moxxic1/Tell-Me-Root
https://github.com/Chocapikk/CVE-2026-24061
https://github.com/midox008/CVE-2026-24061
https://github.com/FurkanKAYAPINAR/CVE-2026-24061-telnet2root
https://github.com/0xXyc/telnet-inetutils-auth-bypass-CVE-2026-24061
https://github.com/Gabs-hub/CVE-2026-24061_Lab
https://github.com/novitahk/Exploit-CVE-2026-24061
https://github.com/duy-31/CVE-2026-24061---telnetd
https://github.com/z3n70/CVE-2026-24061
https://github.com/hackingyseguridad/root
https://github.com/Good123321-bot/good123321-bot.github.io
https://github.com/DeadlyHollows/CVE-2026-24061-setup
https://github.com/Mr-Zapi/CVE-2026-24061
https://github.com/0x7556/CVE-2026-24061
https://github.com/Alter-N0X/CVE-2026-24061-POC
https://github.com/Parad0x7e/CVE-2026-24061
https://github.com/X-croot/CVE-2026-24061_POC
https://github.com/Moxxic1/moxxic1.github.io
https://github.com/ridpath/Terrminus-CVE-2026-2406
https://github.com/h3athen/CVE-2026-24061
https://github.com/SystemVll/CVE-2026-24061
https://github.com/hilwa24/CVE-2026-24061
https://github.com/m3ngx1ng/cve_2026_24061_cli
https://github.com/typeconfused/CVE-2026-24061
https://github.com/madfxr/Twenty-Three-Scanner
https://github.com/XsanFlip/CVE-2026-24061-Scanner
https://github.com/SafeBreach-Labs/CVE-2026-24061
https://github.com/ibrahmsql/CVE-2026-24061-PoC
https://github.com/LucasPDiniz/CVE-2026-24061
https://github.com/BrainBob/Telnet-TestVuln-CVE-2026-24061
https://github.com/Ali-brarou/telnest
https://github.com/MY0723/GNU-Inetutils-telnet-CVE-2026-24061-
https://github.com/r00tuser111/CVE-2026-24061
#infosec #linux #vulnerability
Un fallo de seguridad (exploit) encontrado recientemente expuso casi 800.000 servicios a Telnet a nivel mundial.
Según la Base de Datos de Vulnerabilidad Nacional (NVD) el exploit CVE-2026-24061 afecta a las versiones 1.9.3 a 2.7.
Estás versiones permiten al cliente pasar un valor de la variable de entorno USER al servidor e iniciar sesión como usuario root omitiendo la autenticación.
1/2
##New #synology #DSM Version: 7.3.2-86009 Update 1 is out.
This is a security patch:
Fixed Issues
- Fixed a security vulnerability regarding telnetd (CVE-2026-24061).
Un accès root en une seule commande : cette faille dans GNU InetUtils menace les accès Telnet https://www.it-connect.fr/faille-cve-2026-24061-inetutils-telnet/ #ActuCybersécurité #Cybersécurité #Vulnérabilité
##⚪ 800,000 Telnet servers are vulnerable to remote attacks
🗨️ Shadowserver Foundation analysts are tracking nearly 800,000 IP addresses amid the active exploitation of a critical vulnerability, CVE-2026-24061, in the GNU InetUtils telnetd server component.
##Nearly 800,000 #Telnet servers exposed to remote attacks
The security flaw (CVE-2026-24061) already has a proof-of-concept exploit, impacts GNU InetUtils versions 1.9.3 (released in 2015) through 2.7, and was patched in version 2.8 (released on January 20).
##updated 2026-01-30T12:31:26
1 posts
Hikvision Wireless Access Points Vulnerability Exposes Networks to Remote Command Execution
Hikvision has recently revealed a critical security flaw affecting several models of its wireless access points, putting organizations at risk of remote command execution attacks. The vulnerability, officially tracked as CVE-2026-0709, allows authenticated attackers to send malicious commands to compromised devices, potentially gaining full control over the network…
##updated 2026-01-30T12:31:26
1 posts
🔴 CVE-2026-1699 - Critical (10)
In the Eclipse Theia Website repository, the GitHub Actions workflow .github/workflows/preview.yml used pull_request_target trigger while checking out and executing untrusted pull request code. This allowed any GitHub user to execute arbitrary cod...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1699/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T09:31:01
1 posts
🟠 CVE-2026-22277 - High (7.8)
Dell UnityVSA, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerabili...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22277/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T09:31:00
1 posts
🟠 CVE-2025-1395 - High (8.2)
Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026.
NOTE: The vendor was...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-1395/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T09:30:54
1 posts
🟠 CVE-2026-0805 - High (8.2)
An input neutralization vulnerability in the Backup Configuration component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0805/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T09:30:54
1 posts
🔴 CVE-2026-0963 - Critical (9.9)
An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0963/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T09:15:50.920000
1 posts
🟠 CVE-2026-21418 - High (7.8)
Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerabilit...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21418/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T06:30:22
1 posts
🟠 CVE-2026-24714 - High (7.5)
Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24714/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-30T00:31:29
16 posts
Ivanti: Notfall-Update gegen Zero-Days
Wieder einmal fällt der US-Hersteller Ivanti mit gefährlichen (9,8 von 10) Sicherheitslücken auf, die zum Zeitpunkt der Updates bereits angegriffen werden. Sagte ich wieder einmal? Ja, einige vergangene Meldungen: hier, hier, hier oder hier. Die beiden Sicherheitslücken CVE-2026-1281 und CVE-2026-1340 wurden mit Notfall-Updates geschlossen. Angeblich kann der Hersteller nicht sagen, welche Schwäche genau angegriffen wird, da zu wenige bekannte Angriffe vorlägen. Ach ja, aber flicken konnte man die unbekannten Schwächen? Glaubwürdigkeit gleich null. Da drängt
https://www.pc-fluesterer.info/wordpress/2026/02/02/ivanti-notfall-update-gegen-zero-days/
#Allgemein #Empfehlung #Hintergrund #Warnung #0day #closedsource #cybercrime #exploits #foss #hintertür #politik #UnplugTrump #usa #vorbeugen #vorfälle #wissen #zeroday
##New Episode: SANS Stormcast Monday, February 2nd, 2026: Google Presentation Abuse; Ivanti Vuln Exploited; Microsoft NTLM Strategy
Shownotes:
Google Presentation Abuse
https://isc.sans.edu/diary/Google+Presentations+Abused+for+Phishing/32668/
Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340)
https://forums.ivanti.com/s/article/Security-A
AntennaPod | Anytime Player | Apple Podcasts | Castamatic | CurioCaster | Fountain | gPodder | Overcast | Pocket Casts | Podcast Addict | Podcast Guru | Podnews | Podverse | Truefans
Or Listen right here.
##Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.
##📈 CVE Published in last 7 days (2026-01-26 - 2026-02-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 860
Severity:
- Critical: 96
- High: 295
- Medium: 375
- Low: 18
- None: 76
Status:
- : 6
- Analyzed: 70
- Awaiting Analysis: 299
- Modified: 1
- Received: 245
- Rejected: 18
- Undergoing Analysis: 221
Top CNAs:
- VulnCheck: 171
- GitHub, Inc.: 128
- VulDB: 74
- MITRE: 61
- Government Technology Agency of Singapore Cyber Security Group (GovTech CSG): 48
- Wordfence: 43
- kernel.org: 38
- Spanish National Cybersecurity Institute, S.A. (INCIBE): 28
- SEC Consult Vulnerability Lab: 20
- IBM Corporation: 18
Top Affected Products:
- UNKNOWN: 771
- Discourse: 13
- Flexense Disk Pulse Enterprise: 11
- Flexense Sync Breeze Enterprise Server: 11
- Tenda W30e Firmware: 10
- Oisf Suricata: 7
- Pnpm: 5
- Gpac: 4
- Fabian Online Examination System: 3
- Sangfor Operation And Maintenance Security Management System: 3
Top EPSS Score:
- CVE-2016-15057 - 32.46 % (https://secdb.nttzen.cloud/cve/detail/CVE-2016-15057)
- CVE-2026-1281 - 14.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1281)
- CVE-2026-24858 - 3.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24858)
- CVE-2026-21509 - 2.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21509)
- CVE-2026-1547 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1547)
- CVE-2026-1601 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1601)
- CVE-2026-1687 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2026-1689 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1689)
- CVE-2026-1723 - 0.94 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1723)
- CVE-2025-40551 - 0.87 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-40551)
Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.
##‼️ CVE-2026-1281: Safe indicator check for Ivanti EPMM & CVE-2026-1340 related paths
GitHub: https://github.com/Ashwesker/Ashwesker-CVE-2026-1281
##Latest News (Jan 29-30, 2026):
Tech: Apple plans "Apple Intelligence" with Google Gemini integration, coinciding with Google's Chrome "auto browse" launch. China approved Nvidia H200 chip sales to its tech giants.
Cybersecurity: The FBI launched "Operation Winter SHIELD" to protect critical infrastructure. A major ShinyHunters phishing campaign targets Okta SSO accounts, and Ivanti EPMM (CVE-2026-1281) is a newly exploited vulnerability.
##‼️ CVE-2026-1281 & CVE-2026-1340: A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
Zero-Day: Yes
CVSS: Both 9.8
CVE Published: January 29th, 2026
KEV Catalog: January 29th, 2026
Affected Vendor: Ivanti
Vulnerability Type: Remote Code Execution (RCE)
New. No escape for Ivanti (which issued patches yesterday.)
WatchTower: Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/ #Ivanti #vulnerability #infosec
##@cR0w Didn't you wish for Ivanti?
Ivanti, posted yesterday: Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
Analysis Guidance Ivanti Endpoint Manager Mobile (EPMM) CVE-2026-1281 & CVE-2026-1340 https://forums.ivanti.com/s/article/Analysis-Guidance-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
Security Week: Ivanti Patches Exploited EPMM Zero-Days https://www.securityweek.com/ivanti-patches-exploited-epmm-zero-days/ @SecurityWeek #Ivanti #infosec #vulnerability #zeroday
##Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) - watchTowr Labs https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/
##Ivanti confirms active exploitation of EPMM zero-day RCE flaws (CVE-2026-1281, CVE-2026-1340).
Emergency patches released—apply immediately.
Ivanti Patches Critical Zero-Day RCE Flaws in EPMM
Ivanti released emergency patches for two critical zero-day vulnerabilities in Endpoint Manager Mobile (EPMM) (CVE-2026-1281 and CVE-2026-1340) that allow unauthenticated remote code execution. Attackers are actively exploiting these flaws to gain full system control and access sensitive mobile device management data.
**If you are using Ivanti Endpoint Manager Mobile on premises, this is an URGENT advisory. Update your EPMM because it's already actively hacked. Apply the RPM patches immediately and remember to re-apply them if you upgrade the software version before the permanent fix in version 12.8.0.0 is released. And make sure to check the logs, because your EPMM may have already been compromised.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/ivanti-patches-critical-zero-day-rce-flaws-in-epmm-g-y-i-b-j/gD2P6Ple2L
⚠️ Alerte CERT-FR ⚠️
Les vulnérabilités critiques CVE-2026-1281 et CVE-2026-1340 affectant Ivanti Endpoint Manager Mobile sont activement exploitées dans le cadre d'attaques ciblées.
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-001/
🔴 CVE-2026-1281 - Critical (9.8)
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1281/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Ivanti warns of two EPMM flaws exploited in zero-day attacks
Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were...
🔗️ [Bleepingcomputer] https://link.is.it/teik2H
##updated 2026-01-30T00:31:28
14 posts
Ivanti: Notfall-Update gegen Zero-Days
Wieder einmal fällt der US-Hersteller Ivanti mit gefährlichen (9,8 von 10) Sicherheitslücken auf, die zum Zeitpunkt der Updates bereits angegriffen werden. Sagte ich wieder einmal? Ja, einige vergangene Meldungen: hier, hier, hier oder hier. Die beiden Sicherheitslücken CVE-2026-1281 und CVE-2026-1340 wurden mit Notfall-Updates geschlossen. Angeblich kann der Hersteller nicht sagen, welche Schwäche genau angegriffen wird, da zu wenige bekannte Angriffe vorlägen. Ach ja, aber flicken konnte man die unbekannten Schwächen? Glaubwürdigkeit gleich null. Da drängt
https://www.pc-fluesterer.info/wordpress/2026/02/02/ivanti-notfall-update-gegen-zero-days/
#Allgemein #Empfehlung #Hintergrund #Warnung #0day #closedsource #cybercrime #exploits #foss #hintertür #politik #UnplugTrump #usa #vorbeugen #vorfälle #wissen #zeroday
##New Episode: SANS Stormcast Monday, February 2nd, 2026: Google Presentation Abuse; Ivanti Vuln Exploited; Microsoft NTLM Strategy
Shownotes:
Google Presentation Abuse
https://isc.sans.edu/diary/Google+Presentations+Abused+for+Phishing/32668/
Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340)
https://forums.ivanti.com/s/article/Security-A
AntennaPod | Anytime Player | Apple Podcasts | Castamatic | CurioCaster | Fountain | gPodder | Overcast | Pocket Casts | Podcast Addict | Podcast Guru | Podnews | Podverse | Truefans
Or Listen right here.
##Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.
##Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.
##‼️ CVE-2026-1281: Safe indicator check for Ivanti EPMM & CVE-2026-1340 related paths
GitHub: https://github.com/Ashwesker/Ashwesker-CVE-2026-1281
##‼️ CVE-2026-1281 & CVE-2026-1340: A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
Zero-Day: Yes
CVSS: Both 9.8
CVE Published: January 29th, 2026
KEV Catalog: January 29th, 2026
Affected Vendor: Ivanti
Vulnerability Type: Remote Code Execution (RCE)
New. No escape for Ivanti (which issued patches yesterday.)
WatchTower: Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/ #Ivanti #vulnerability #infosec
##@cR0w Didn't you wish for Ivanti?
Ivanti, posted yesterday: Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
Analysis Guidance Ivanti Endpoint Manager Mobile (EPMM) CVE-2026-1281 & CVE-2026-1340 https://forums.ivanti.com/s/article/Analysis-Guidance-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
Security Week: Ivanti Patches Exploited EPMM Zero-Days https://www.securityweek.com/ivanti-patches-exploited-epmm-zero-days/ @SecurityWeek #Ivanti #infosec #vulnerability #zeroday
##Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) - watchTowr Labs https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/
##Ivanti confirms active exploitation of EPMM zero-day RCE flaws (CVE-2026-1281, CVE-2026-1340).
Emergency patches released—apply immediately.
Ivanti Patches Critical Zero-Day RCE Flaws in EPMM
Ivanti released emergency patches for two critical zero-day vulnerabilities in Endpoint Manager Mobile (EPMM) (CVE-2026-1281 and CVE-2026-1340) that allow unauthenticated remote code execution. Attackers are actively exploiting these flaws to gain full system control and access sensitive mobile device management data.
**If you are using Ivanti Endpoint Manager Mobile on premises, this is an URGENT advisory. Update your EPMM because it's already actively hacked. Apply the RPM patches immediately and remember to re-apply them if you upgrade the software version before the permanent fix in version 12.8.0.0 is released. And make sure to check the logs, because your EPMM may have already been compromised.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/ivanti-patches-critical-zero-day-rce-flaws-in-epmm-g-y-i-b-j/gD2P6Ple2L
⚠️ Alerte CERT-FR ⚠️
Les vulnérabilités critiques CVE-2026-1281 et CVE-2026-1340 affectant Ivanti Endpoint Manager Mobile sont activement exploitées dans le cadre d'attaques ciblées.
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-001/
🔴 CVE-2026-1340 - Critical (9.8)
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1340/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Ivanti warns of two EPMM flaws exploited in zero-day attacks
Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were...
🔗️ [Bleepingcomputer] https://link.is.it/teik2H
##updated 2026-01-29T22:15:56.110000
1 posts
🟠 CVE-2026-25116 - High (7.6)
Runtipi is a personal homeserver orchestrator. Starting in version 4.5.0 and prior to version 4.7.2, an unauthenticated Path Traversal vulnerability in the `UserConfigController` allows any remote user to overwrite the system's `docker-compose.yml...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25116/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T22:15:52.577000
1 posts
🟠 CVE-2025-69516 - High (8.8)
A Server-Side Template Injection (SSTI) vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager per...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69516/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T21:31:33
1 posts
🔴 CVE-2025-69602 - Critical (9.1)
A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69602/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T21:31:32
1 posts
🟠 CVE-2025-71003 - High (7.5)
An input validation vulnerability in the flow.arange() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71003/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T21:31:32
1 posts
🟠 CVE-2025-14472 - High (8.1)
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Acquia Content Hub allows Cross Site Request Forgery.This issue affects Acquia Content Hub: from 0.0.0 before 3.6.4, from 3.7.0 before 3.7.3.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14472/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T21:30:37
1 posts
📈 CVE Published in last 7 days (2026-01-26 - 2026-02-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 860
Severity:
- Critical: 96
- High: 295
- Medium: 375
- Low: 18
- None: 76
Status:
- : 6
- Analyzed: 70
- Awaiting Analysis: 299
- Modified: 1
- Received: 245
- Rejected: 18
- Undergoing Analysis: 221
Top CNAs:
- VulnCheck: 171
- GitHub, Inc.: 128
- VulDB: 74
- MITRE: 61
- Government Technology Agency of Singapore Cyber Security Group (GovTech CSG): 48
- Wordfence: 43
- kernel.org: 38
- Spanish National Cybersecurity Institute, S.A. (INCIBE): 28
- SEC Consult Vulnerability Lab: 20
- IBM Corporation: 18
Top Affected Products:
- UNKNOWN: 771
- Discourse: 13
- Flexense Disk Pulse Enterprise: 11
- Flexense Sync Breeze Enterprise Server: 11
- Tenda W30e Firmware: 10
- Oisf Suricata: 7
- Pnpm: 5
- Gpac: 4
- Fabian Online Examination System: 3
- Sangfor Operation And Maintenance Security Management System: 3
Top EPSS Score:
- CVE-2016-15057 - 32.46 % (https://secdb.nttzen.cloud/cve/detail/CVE-2016-15057)
- CVE-2026-1281 - 14.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1281)
- CVE-2026-24858 - 3.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24858)
- CVE-2026-21509 - 2.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21509)
- CVE-2026-1547 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1547)
- CVE-2026-1601 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1601)
- CVE-2026-1687 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2026-1689 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1689)
- CVE-2026-1723 - 0.94 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1723)
- CVE-2025-40551 - 0.87 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-40551)
updated 2026-01-29T21:30:37
1 posts
🟠 CVE-2026-1610 - High (8.1)
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24_cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1610/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T21:30:29
1 posts
‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-01-29T19:16:18.987000
2 posts
KiloView Encoder Account Takeover Vulnerability
KiloView video encoders contain a critical vulnerability (CVE-2026-1453) that allows unauthenticated attackers to create administrator accounts and take full control of the devices. The vendor has not yet released a public patch.
**Make sure all KiloView devices are isolated from the internet and accessible from trusted networks only. Then reach out to the vendor to get information of any upcoming patches. At the moment, there is no patch available.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/kiloview-encoder-account-takeover-vulnerability-g-t-5-9-l/gD2P6Ple2L
🔴 CVE-2026-1453 - Critical (9.8)
A missing authentication for critical function vulnerability in KiloView Encoder Series could allow an unauthenticated attacker to create or delete administrator accounts. This vulnerability can grant the attacker full administrative control over ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1453/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T19:16:16.243000
1 posts
🟠 CVE-2025-61726 - High (7.5)
The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse larg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61726/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T19:16:10.530000
1 posts
🟠 CVE-2025-13982 - High (8.1)
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Login Time Restriction allows Cross Site Request Forgery.This issue affects Login Time Restriction: from 0.0.0 before 1.0.3.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13982/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T18:32:50
1 posts
🟠 CVE-2025-61731 - High (7.8)
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "#cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pk...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61731/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T18:32:49
2 posts
🟠 CVE-2025-65889 - High (7.5)
A type validation flaw in the flow.dstack() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-65889/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-65889 - High (7.5)
A type validation flaw in the flow.dstack() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-65889/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T18:32:49
1 posts
🟠 CVE-2025-71000 - High (7.5)
An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71000/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T18:32:49
1 posts
🔴 CVE-2025-69517 - Critical (9.8)
An issue in Amidaware Inc Tactical RMM v1.3.1 and before allows a remote attacker to execute arbitrary code via the /api/tacticalrmm/apiv3/views.py component
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69517/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T18:32:44
1 posts
‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-01-29T18:32:43
1 posts
‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-01-29T18:31:44
1 posts
🟠 CVE-2025-14975 - High (8.1)
The Custom Login Page Customizer WordPress plugin before 2.5.4 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and ther...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14975/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T18:31:42
2 posts
🟠 CVE-2025-65886 - High (7.5)
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted tensor shapes.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-65886/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-65886 - High (7.5)
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted tensor shapes.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-65886/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T17:16:22.420000
1 posts
🟠 CVE-2025-70999 - High (7.5)
A GPU device-ID validation flaw in the flow.cuda.get_device_capability() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted device ID.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70999/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T17:16:20.240000
1 posts
🟠 CVE-2025-65891 - High (7.5)
A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice (DoS) by invoking flow.cuda.get_device_properties() with an invalid or negative device index.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-65891/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T17:16:20.053000
1 posts
🟠 CVE-2025-65890 - High (7.5)
A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) by calling flow.cuda.synchronize() with an invalid or out-of-range GPU device index.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-65890/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T17:16:15.243000
1 posts
🟠 CVE-2025-14840 - High (7.5)
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14840/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T16:31:35.700000
5 posts
📈 CVE Published in last 7 days (2026-01-26 - 2026-02-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 860
Severity:
- Critical: 96
- High: 295
- Medium: 375
- Low: 18
- None: 76
Status:
- : 6
- Analyzed: 70
- Awaiting Analysis: 299
- Modified: 1
- Received: 245
- Rejected: 18
- Undergoing Analysis: 221
Top CNAs:
- VulnCheck: 171
- GitHub, Inc.: 128
- VulDB: 74
- MITRE: 61
- Government Technology Agency of Singapore Cyber Security Group (GovTech CSG): 48
- Wordfence: 43
- kernel.org: 38
- Spanish National Cybersecurity Institute, S.A. (INCIBE): 28
- SEC Consult Vulnerability Lab: 20
- IBM Corporation: 18
Top Affected Products:
- UNKNOWN: 771
- Discourse: 13
- Flexense Disk Pulse Enterprise: 11
- Flexense Sync Breeze Enterprise Server: 11
- Tenda W30e Firmware: 10
- Oisf Suricata: 7
- Pnpm: 5
- Gpac: 4
- Fabian Online Examination System: 3
- Sangfor Operation And Maintenance Security Management System: 3
Top EPSS Score:
- CVE-2016-15057 - 32.46 % (https://secdb.nttzen.cloud/cve/detail/CVE-2016-15057)
- CVE-2026-1281 - 14.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1281)
- CVE-2026-24858 - 3.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24858)
- CVE-2026-21509 - 2.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21509)
- CVE-2026-1547 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1547)
- CVE-2026-1601 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1601)
- CVE-2026-1687 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2026-1689 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1689)
- CVE-2026-1723 - 0.94 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1723)
- CVE-2025-40551 - 0.87 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-40551)
⚠️ Critical Solarwinds Web Vulnerability Allows Remote Code Execution and Security Bypass
「 Multiple critical vulnerabilities in SolarWinds Web Help Desk (WHD), culminating in unauthenticated remote code execution (RCE) via Java deserialization in CVE-2025-40551, were uncovered by https://Horizon3.ai researchers.
These flaws chain static credentials, security bypasses, and deserialization weaknesses, affecting versions prior to 2026.1 」
‼️ SolarWinds Web Help Desk RCE Hit by Multiple Critical Security Flaws; CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554
CVSS: All 9.8
CVEs Published: January 28th, 2026
CVE-2025-40551: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
CVE-2025-40552: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.
CVE-2025-40553: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
CVE-2025-40554: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk.
Advisories:
https://nvd.nist.gov/vuln/detail/CVE-2025-40551
https://nvd.nist.gov/vuln/detail/CVE-2025-40552
https://nvd.nist.gov/vuln/detail/CVE-2025-40553
https://nvd.nist.gov/vuln/detail/CVE-2025-40554
📦 That WinRAR "Free Trial" You Never Paid For? Hackers Are Exploiting It Right Now 🚨
A WinRAR vulnerability patched last July (CVE-2025-8088) is still being actively exploited by Russian APTs, Chinese threat actors, and cybercrime gangs six months later. The path traversal flaw lets attackers slip malicious files into your system when you extract seemingly innocent archives. If you're still using WinRAR, update immediately or switch to 7-Zip.
Sources:
- https://www.bleepingcomputer.com/news/security/winrar-path-traversal-flaw-still-exploited-by-numerous-hackers/
- https://cloud.google.com/blog/topics/threat-intelligence/exploiting-critical-winrar-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2025-8088
- https://www.helpnetsecurity.com/2026/01/28/winrar-vulnerability-exploited-cve-2025-8088/
---
🔓 Critical OpenSSL Flaw Could Let Hackers Take Over Your Computer Via Email 💀
CVE-2025-15467 is a critical 9.8 CVSS remote code execution vulnerability in OpenSSL's CMS and S/MIME message processing. OpenSSL powers encrypted communications across the entire internet, and this flaw allows unauthenticated attackers to execute arbitrary code remotely without any credentials. A working proof-of-concept already exists in the wild, meaning both defenders and attackers have access to it.
Sources:
- https://nvd.nist.gov/vuln/detail/CVE-2025-15467
https://www.infosecurity-magazine.com/news/12-openssl-flaws/
- https://openssl-library.org/news/vulnerabilities/
- https://twitter.com/IntCyberDigest/status/2016288593547833778
---
🤦 SolarWinds Ships Critical Vulnerabilities In Their Own Software (Yes, THAT SolarWinds) 🤡
SolarWinds, the company that became the poster child for supply chain attacks after their 2020 breach, just disclosed four critical vulnerabilities in their Web Help Desk product. The flaws include unauthenticated remote code execution and authentication bypass that can be chained together to completely compromise systems without logging in. Five years after congressional hearings and intense security scrutiny, they still shipped this mess.
Sources:
- https://www.bleepingcomputer.com/news/security/solarwinds-warns-of-critical-web-help-desk-rce-auth-bypass-flaws/
- https://www.helpnetsecurity.com/2026/01/29/solarwinds-web-help-desk-rce-vulnerabilities/
- https://www.rapid7.com/blog/post/etr-multiple-critical-solarwinds-web-help-desk-vulnerabilities-cve-2025-40551-40552-40553-40554/
- https://nvd.nist.gov/vuln/detail/CVE-2025-40552
- https://nvd.nist.gov/vuln/detail/CVE-2025-40553
- https://nvd.nist.gov/vuln/detail/CVE-2025-40554
- https://nvd.nist.gov/vuln/detail/CVE-2025-40551
SolarWinds has just announced four high-severity vulnerabilities in its Web Help Desk (WHD) software that could lead to full system takeover.
These flaws include unauthenticated Remote Code Execution (RCE) via insecure deserialization and multiple Authentication Bypasses, allowing attackers to execute protected methods without any credentials.
CVE-2025-40551 & CVE-2025-40553 (Unauthenticated RCE)
CVE-2025-40552 & CVE-2025-40554 (Auth Bypass)
updated 2026-01-29T16:31:35.700000
3 posts
2 repos
‼️ SolarWinds Web Help Desk RCE Hit by Multiple Critical Security Flaws; CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554
CVSS: All 9.8
CVEs Published: January 28th, 2026
CVE-2025-40551: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
CVE-2025-40552: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.
CVE-2025-40553: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
CVE-2025-40554: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk.
Advisories:
https://nvd.nist.gov/vuln/detail/CVE-2025-40551
https://nvd.nist.gov/vuln/detail/CVE-2025-40552
https://nvd.nist.gov/vuln/detail/CVE-2025-40553
https://nvd.nist.gov/vuln/detail/CVE-2025-40554
📦 That WinRAR "Free Trial" You Never Paid For? Hackers Are Exploiting It Right Now 🚨
A WinRAR vulnerability patched last July (CVE-2025-8088) is still being actively exploited by Russian APTs, Chinese threat actors, and cybercrime gangs six months later. The path traversal flaw lets attackers slip malicious files into your system when you extract seemingly innocent archives. If you're still using WinRAR, update immediately or switch to 7-Zip.
Sources:
- https://www.bleepingcomputer.com/news/security/winrar-path-traversal-flaw-still-exploited-by-numerous-hackers/
- https://cloud.google.com/blog/topics/threat-intelligence/exploiting-critical-winrar-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2025-8088
- https://www.helpnetsecurity.com/2026/01/28/winrar-vulnerability-exploited-cve-2025-8088/
---
🔓 Critical OpenSSL Flaw Could Let Hackers Take Over Your Computer Via Email 💀
CVE-2025-15467 is a critical 9.8 CVSS remote code execution vulnerability in OpenSSL's CMS and S/MIME message processing. OpenSSL powers encrypted communications across the entire internet, and this flaw allows unauthenticated attackers to execute arbitrary code remotely without any credentials. A working proof-of-concept already exists in the wild, meaning both defenders and attackers have access to it.
Sources:
- https://nvd.nist.gov/vuln/detail/CVE-2025-15467
https://www.infosecurity-magazine.com/news/12-openssl-flaws/
- https://openssl-library.org/news/vulnerabilities/
- https://twitter.com/IntCyberDigest/status/2016288593547833778
---
🤦 SolarWinds Ships Critical Vulnerabilities In Their Own Software (Yes, THAT SolarWinds) 🤡
SolarWinds, the company that became the poster child for supply chain attacks after their 2020 breach, just disclosed four critical vulnerabilities in their Web Help Desk product. The flaws include unauthenticated remote code execution and authentication bypass that can be chained together to completely compromise systems without logging in. Five years after congressional hearings and intense security scrutiny, they still shipped this mess.
Sources:
- https://www.bleepingcomputer.com/news/security/solarwinds-warns-of-critical-web-help-desk-rce-auth-bypass-flaws/
- https://www.helpnetsecurity.com/2026/01/29/solarwinds-web-help-desk-rce-vulnerabilities/
- https://www.rapid7.com/blog/post/etr-multiple-critical-solarwinds-web-help-desk-vulnerabilities-cve-2025-40551-40552-40553-40554/
- https://nvd.nist.gov/vuln/detail/CVE-2025-40552
- https://nvd.nist.gov/vuln/detail/CVE-2025-40553
- https://nvd.nist.gov/vuln/detail/CVE-2025-40554
- https://nvd.nist.gov/vuln/detail/CVE-2025-40551
SolarWinds has just announced four high-severity vulnerabilities in its Web Help Desk (WHD) software that could lead to full system takeover.
These flaws include unauthenticated Remote Code Execution (RCE) via insecure deserialization and multiple Authentication Bypasses, allowing attackers to execute protected methods without any credentials.
CVE-2025-40551 & CVE-2025-40553 (Unauthenticated RCE)
CVE-2025-40552 & CVE-2025-40554 (Auth Bypass)
updated 2026-01-29T16:31:00.867000
2 posts
🟠 CVE-2025-65888 - High (7.5)
A dimension validation flaw in the flow.empty() component of OneFlow 0.9.0 allows attackers to cause a Denial of Service (DoS) via a negative or excessively large dimension value.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-65888/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-65888 - High (7.5)
A dimension validation flaw in the flow.empty() component of OneFlow 0.9.0 allows attackers to cause a Denial of Service (DoS) via a negative or excessively large dimension value.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-65888/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T16:31:00.867000
1 posts
🟠 CVE-2025-57283 - High (7.8)
The Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs because the logfile variable is not properly sanitized in lib/Local.js.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-57283/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T16:31:00.867000
1 posts
🟠 CVE-2025-7713 - High (7.5)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) allows XSS Through HTTP Headers.This issue affects Content M...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-7713/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T16:31:00.867000
1 posts
New.
NVIDIA GPU Display Drivers - January 2026 vulnerabilities: CVE-2025-33217, CVE-2025-33218, and CVE-2025-33219 https://nvidia.custhelp.com/app/answers/detail/a_id/5747 #Nvidia #infosec #vulnerability
##updated 2026-01-29T16:31:00.867000
1 posts
New.
NVIDIA GPU Display Drivers - January 2026 vulnerabilities: CVE-2025-33217, CVE-2025-33218, and CVE-2025-33219 https://nvidia.custhelp.com/app/answers/detail/a_id/5747 #Nvidia #infosec #vulnerability
##updated 2026-01-29T15:31:31
7 posts
4 repos
https://github.com/balgan/CVE-2025-15467
https://github.com/mr-r3b00t/CVE-2025-15467
OpenSSL Patches 12 Vulnerabilities Including One Critical RCE
OpenSSL has patched 12 vulnerabilities, including a critical stack buffer overflow (CVE-2025-15467) that allows unauthenticated remote code execution via crafted CMS messages.
**Review your OpenSSL libraries, and start planning a patch. Prioritize 3.x versions since they are exposed to the critical flaw.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/openssl-patches-12-vulnerabilities-including-one-critical-rce-m-6-5-1-y/gD2P6Ple2L
📢 OpenSSL: débordement de pile CVE-2025-15467 exposant à une exécution de code (RCE)
📝 Selon JFrog Security Research (research.jfrog.com), une nouvelle vulnérabilité OpenSSL, **CVE-2025-15467**, a été d...
📖 cyberveille : https://cyberveille.ch/posts/2026-02-02-openssl-debordement-de-pile-cve-2025-15467-exposant-a-une-execution-de-code-rce/
🌐 source : https://research.jfrog.com/post/potential-rce-vulnerabilityin-openssl-cve-2025-15467/
#CMS_PKCS_7 #CVE_2025_15467 #Cyberveille
OpenSSL Patches 12 Vulnerabilities Including One Critical RCE
OpenSSL has patched 12 vulnerabilities, including a critical stack buffer overflow (CVE-2025-15467) that allows unauthenticated remote code execution via crafted CMS messages.
**Review your OpenSSL libraries, and start planning a patch. Prioritize 3.x versions since they are exposed to the critical flaw.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/openssl-patches-12-vulnerabilities-including-one-critical-rce-m-6-5-1-y/gD2P6Ple2L
Potentially Critical RCE Vulnerability in OpenSSL
https://research.jfrog.com/post/potential-rce-vulnerabilityin-openssl-cve-2025-15467/
#ycombinator
🔴 CVE-2025-15467 - Critical (9.8)
Issue summary: Parsing CMS AuthEnvelopedData message with maliciously
crafted AEAD parameters can trigger a stack buffer overflow.
Impact summary: A stack buffer overflow may lead to a crash, causing Denial
of Service, or potentially remote code ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15467/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##📦 That WinRAR "Free Trial" You Never Paid For? Hackers Are Exploiting It Right Now 🚨
A WinRAR vulnerability patched last July (CVE-2025-8088) is still being actively exploited by Russian APTs, Chinese threat actors, and cybercrime gangs six months later. The path traversal flaw lets attackers slip malicious files into your system when you extract seemingly innocent archives. If you're still using WinRAR, update immediately or switch to 7-Zip.
Sources:
- https://www.bleepingcomputer.com/news/security/winrar-path-traversal-flaw-still-exploited-by-numerous-hackers/
- https://cloud.google.com/blog/topics/threat-intelligence/exploiting-critical-winrar-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2025-8088
- https://www.helpnetsecurity.com/2026/01/28/winrar-vulnerability-exploited-cve-2025-8088/
---
🔓 Critical OpenSSL Flaw Could Let Hackers Take Over Your Computer Via Email 💀
CVE-2025-15467 is a critical 9.8 CVSS remote code execution vulnerability in OpenSSL's CMS and S/MIME message processing. OpenSSL powers encrypted communications across the entire internet, and this flaw allows unauthenticated attackers to execute arbitrary code remotely without any credentials. A working proof-of-concept already exists in the wild, meaning both defenders and attackers have access to it.
Sources:
- https://nvd.nist.gov/vuln/detail/CVE-2025-15467
https://www.infosecurity-magazine.com/news/12-openssl-flaws/
- https://openssl-library.org/news/vulnerabilities/
- https://twitter.com/IntCyberDigest/status/2016288593547833778
---
🤦 SolarWinds Ships Critical Vulnerabilities In Their Own Software (Yes, THAT SolarWinds) 🤡
SolarWinds, the company that became the poster child for supply chain attacks after their 2020 breach, just disclosed four critical vulnerabilities in their Web Help Desk product. The flaws include unauthenticated remote code execution and authentication bypass that can be chained together to completely compromise systems without logging in. Five years after congressional hearings and intense security scrutiny, they still shipped this mess.
Sources:
- https://www.bleepingcomputer.com/news/security/solarwinds-warns-of-critical-web-help-desk-rce-auth-bypass-flaws/
- https://www.helpnetsecurity.com/2026/01/29/solarwinds-web-help-desk-rce-vulnerabilities/
- https://www.rapid7.com/blog/post/etr-multiple-critical-solarwinds-web-help-desk-vulnerabilities-cve-2025-40551-40552-40553-40554/
- https://nvd.nist.gov/vuln/detail/CVE-2025-40552
- https://nvd.nist.gov/vuln/detail/CVE-2025-40553
- https://nvd.nist.gov/vuln/detail/CVE-2025-40554
- https://nvd.nist.gov/vuln/detail/CVE-2025-40551
‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-01-29T15:31:31
1 posts
‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-01-29T15:30:35
1 posts
🟠 CVE-2025-7714 - High (7.5)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) allows Command Line Execution through SQL Injection.This issue affe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-7714/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T15:30:34
1 posts
🟠 CVE-2026-1616 - High (7.5)
The $uri$args concatenation in nginx configuration file present in Open Security Issue Management (OSIM) prior v2025.9.0 allows path traversal attacks via query parameters.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1616/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T15:30:27
1 posts
🔴 CVE-2026-24429 - Critical (9.8)
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24429/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T15:00:31
1 posts
New.
AhnLab: React Server Component Security Update Advisory (CVE-2026-23864) https://asec.ahnlab.com/en/92377/ #vulnerability #infosec
##updated 2026-01-29T13:02:04.990000
1 posts
🟠 CVE-2026-24428 - High (8.8)
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) contain an authorization flaw in the user management API that allows a low-privileged authenticated user to change the administrator account password. By sending a craf...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24428/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T12:30:26
1 posts
🟠 CVE-2025-7016 - High (8)
Improper Access Control vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Authentication Abuse.This issue affects QR Menu: before s1.05.12.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-7016/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-29T00:31:17
1 posts
📈 CVE Published in last 7 days (2026-01-26 - 2026-02-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 860
Severity:
- Critical: 96
- High: 295
- Medium: 375
- Low: 18
- None: 76
Status:
- : 6
- Analyzed: 70
- Awaiting Analysis: 299
- Modified: 1
- Received: 245
- Rejected: 18
- Undergoing Analysis: 221
Top CNAs:
- VulnCheck: 171
- GitHub, Inc.: 128
- VulDB: 74
- MITRE: 61
- Government Technology Agency of Singapore Cyber Security Group (GovTech CSG): 48
- Wordfence: 43
- kernel.org: 38
- Spanish National Cybersecurity Institute, S.A. (INCIBE): 28
- SEC Consult Vulnerability Lab: 20
- IBM Corporation: 18
Top Affected Products:
- UNKNOWN: 771
- Discourse: 13
- Flexense Disk Pulse Enterprise: 11
- Flexense Sync Breeze Enterprise Server: 11
- Tenda W30e Firmware: 10
- Oisf Suricata: 7
- Pnpm: 5
- Gpac: 4
- Fabian Online Examination System: 3
- Sangfor Operation And Maintenance Security Management System: 3
Top EPSS Score:
- CVE-2016-15057 - 32.46 % (https://secdb.nttzen.cloud/cve/detail/CVE-2016-15057)
- CVE-2026-1281 - 14.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1281)
- CVE-2026-24858 - 3.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24858)
- CVE-2026-21509 - 2.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21509)
- CVE-2026-1547 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1547)
- CVE-2026-1601 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1601)
- CVE-2026-1687 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2026-1689 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1689)
- CVE-2026-1723 - 0.94 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1723)
- CVE-2025-40551 - 0.87 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-40551)
updated 2026-01-28T21:32:26
1 posts
🔴 CVE-2025-57795 - Critical (9.9)
Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service component. In default configurations, this flaw can be leveraged to achieve remote code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-57795/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-28T21:32:25
2 posts
🟠 CVE-2025-69420 - High (7.5)
Issue summary: A type confusion vulnerability exists in the TimeStamp Response
verification code where an ASN1_TYPE union member is accessed without first
validating the type, causing an invalid or NULL pointer dereference when
processing a malfor...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69420/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection
CVEs Published: January 27th, 2026
High and Moderate Severity Flaws:
▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions
▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow
Low Severity Flaws:
▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)
"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.
Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."
Writeup: https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
##updated 2026-01-28T21:31:21
1 posts
🟠 CVE-2026-24868 - High (7.5)
Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability affects Firefox < 147.0.2.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24868/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-28T21:31:19
1 posts
🔴 CVE-2026-24436 - Critical (9.8)
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) do not enforce rate limiting or account lockout mechanisms on authentication endpoints. This allows attackers to perform unrestricted brute-force attempts against admin...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24436/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-28T20:16:51.880000
1 posts
🟠 CVE-2026-24430 - High (7.5)
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) disclose sensitive account credentials in cleartext within HTTP responses generated by the maintenance interface. Because the management interface is accessible over un...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24430/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-28T19:20:05.660000
1 posts
🟠 CVE-2026-24440 - High (8.8)
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) allow account passwords to be changed through the maintenance interface without requiring verification of the existing password. This enables unauthorized password chan...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24440/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-28T18:30:54
1 posts
New.
NVIDIA GPU Display Drivers - January 2026 vulnerabilities: CVE-2025-33217, CVE-2025-33218, and CVE-2025-33219 https://nvidia.custhelp.com/app/answers/detail/a_id/5747 #Nvidia #infosec #vulnerability
##updated 2026-01-28T15:59:06.483000
1 posts
🟠 CVE-2026-24477 - High (7.5)
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. If AnythingLLM prior to version 1.10.0 is configured to use Qdrant as the vector database with an API key, this QdrantApiKe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24477/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-01-28T15:31:37
1 posts
1 repos
‼️ CVE-2026-1056: Snow Monkey Forms <= 12.0.3 - Unauthenticated Arbitrary File Deletion via Path Traversal
PoC/Exploit: https://github.com/ch4r0nn/CVE-2026-1056-POC
CVSS: 9.8
CVE Published: January 28th, 2026
Advisory: https://github.com/advisories/GHSA-g5p3-f4cq-94v5
Details: The Snow Monkey Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'generate_user_dirpath' function in all versions up to, and including, 12.0.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
##updated 2026-01-28T09:30:35
3 posts
‼️ SolarWinds Web Help Desk RCE Hit by Multiple Critical Security Flaws; CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554
CVSS: All 9.8
CVEs Published: January 28th, 2026
CVE-2025-40551: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
CVE-2025-40552: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.
CVE-2025-40553: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
CVE-2025-40554: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk.
Advisories:
https://nvd.nist.gov/vuln/detail/CVE-2025-40551
https://nvd.nist.gov/vuln/detail/CVE-2025-40552
https://nvd.nist.gov/vuln/detail/CVE-2025-40553
https://nvd.nist.gov/vuln/detail/CVE-2025-40554
📦 That WinRAR "Free Trial" You Never Paid For? Hackers Are Exploiting It Right Now 🚨
A WinRAR vulnerability patched last July (CVE-2025-8088) is still being actively exploited by Russian APTs, Chinese threat actors, and cybercrime gangs six months later. The path traversal flaw lets attackers slip malicious files into your system when you extract seemingly innocent archives. If you're still using WinRAR, update immediately or switch to 7-Zip.
Sources:
- https://www.bleepingcomputer.com/news/security/winrar-path-traversal-flaw-still-exploited-by-numerous-hackers/
- https://cloud.google.com/blog/topics/threat-intelligence/exploiting-critical-winrar-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2025-8088
- https://www.helpnetsecurity.com/2026/01/28/winrar-vulnerability-exploited-cve-2025-8088/
---
🔓 Critical OpenSSL Flaw Could Let Hackers Take Over Your Computer Via Email 💀
CVE-2025-15467 is a critical 9.8 CVSS remote code execution vulnerability in OpenSSL's CMS and S/MIME message processing. OpenSSL powers encrypted communications across the entire internet, and this flaw allows unauthenticated attackers to execute arbitrary code remotely without any credentials. A working proof-of-concept already exists in the wild, meaning both defenders and attackers have access to it.
Sources:
- https://nvd.nist.gov/vuln/detail/CVE-2025-15467
https://www.infosecurity-magazine.com/news/12-openssl-flaws/
- https://openssl-library.org/news/vulnerabilities/
- https://twitter.com/IntCyberDigest/status/2016288593547833778
---
🤦 SolarWinds Ships Critical Vulnerabilities In Their Own Software (Yes, THAT SolarWinds) 🤡
SolarWinds, the company that became the poster child for supply chain attacks after their 2020 breach, just disclosed four critical vulnerabilities in their Web Help Desk product. The flaws include unauthenticated remote code execution and authentication bypass that can be chained together to completely compromise systems without logging in. Five years after congressional hearings and intense security scrutiny, they still shipped this mess.
Sources:
- https://www.bleepingcomputer.com/news/security/solarwinds-warns-of-critical-web-help-desk-rce-auth-bypass-flaws/
- https://www.helpnetsecurity.com/2026/01/29/solarwinds-web-help-desk-rce-vulnerabilities/
- https://www.rapid7.com/blog/post/etr-multiple-critical-solarwinds-web-help-desk-vulnerabilities-cve-2025-40551-40552-40553-40554/
- https://nvd.nist.gov/vuln/detail/CVE-2025-40552
- https://nvd.nist.gov/vuln/detail/CVE-2025-40553
- https://nvd.nist.gov/vuln/detail/CVE-2025-40554
- https://nvd.nist.gov/vuln/detail/CVE-2025-40551
SolarWinds has just announced four high-severity vulnerabilities in its Web Help Desk (WHD) software that could lead to full system takeover.
These flaws include unauthenticated Remote Code Execution (RCE) via insecure deserialization and multiple Authentication Bypasses, allowing attackers to execute protected methods without any credentials.
CVE-2025-40551 & CVE-2025-40553 (Unauthenticated RCE)
CVE-2025-40552 & CVE-2025-40554 (Auth Bypass)
updated 2026-01-28T09:30:35
3 posts
‼️ SolarWinds Web Help Desk RCE Hit by Multiple Critical Security Flaws; CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554
CVSS: All 9.8
CVEs Published: January 28th, 2026
CVE-2025-40551: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
CVE-2025-40552: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.
CVE-2025-40553: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
CVE-2025-40554: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk.
Advisories:
https://nvd.nist.gov/vuln/detail/CVE-2025-40551
https://nvd.nist.gov/vuln/detail/CVE-2025-40552
https://nvd.nist.gov/vuln/detail/CVE-2025-40553
https://nvd.nist.gov/vuln/detail/CVE-2025-40554
📦 That WinRAR "Free Trial" You Never Paid For? Hackers Are Exploiting It Right Now 🚨
A WinRAR vulnerability patched last July (CVE-2025-8088) is still being actively exploited by Russian APTs, Chinese threat actors, and cybercrime gangs six months later. The path traversal flaw lets attackers slip malicious files into your system when you extract seemingly innocent archives. If you're still using WinRAR, update immediately or switch to 7-Zip.
Sources:
- https://www.bleepingcomputer.com/news/security/winrar-path-traversal-flaw-still-exploited-by-numerous-hackers/
- https://cloud.google.com/blog/topics/threat-intelligence/exploiting-critical-winrar-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2025-8088
- https://www.helpnetsecurity.com/2026/01/28/winrar-vulnerability-exploited-cve-2025-8088/
---
🔓 Critical OpenSSL Flaw Could Let Hackers Take Over Your Computer Via Email 💀
CVE-2025-15467 is a critical 9.8 CVSS remote code execution vulnerability in OpenSSL's CMS and S/MIME message processing. OpenSSL powers encrypted communications across the entire internet, and this flaw allows unauthenticated attackers to execute arbitrary code remotely without any credentials. A working proof-of-concept already exists in the wild, meaning both defenders and attackers have access to it.
Sources:
- https://nvd.nist.gov/vuln/detail/CVE-2025-15467
https://www.infosecurity-magazine.com/news/12-openssl-flaws/
- https://openssl-library.org/news/vulnerabilities/
- https://twitter.com/IntCyberDigest/status/2016288593547833778
---
🤦 SolarWinds Ships Critical Vulnerabilities In Their Own Software (Yes, THAT SolarWinds) 🤡
SolarWinds, the company that became the poster child for supply chain attacks after their 2020 breach, just disclosed four critical vulnerabilities in their Web Help Desk product. The flaws include unauthenticated remote code execution and authentication bypass that can be chained together to completely compromise systems without logging in. Five years after congressional hearings and intense security scrutiny, they still shipped this mess.
Sources:
- https://www.bleepingcomputer.com/news/security/solarwinds-warns-of-critical-web-help-desk-rce-auth-bypass-flaws/
- https://www.helpnetsecurity.com/2026/01/29/solarwinds-web-help-desk-rce-vulnerabilities/
- https://www.rapid7.com/blog/post/etr-multiple-critical-solarwinds-web-help-desk-vulnerabilities-cve-2025-40551-40552-40553-40554/
- https://nvd.nist.gov/vuln/detail/CVE-2025-40552
- https://nvd.nist.gov/vuln/detail/CVE-2025-40553
- https://nvd.nist.gov/vuln/detail/CVE-2025-40554
- https://nvd.nist.gov/vuln/detail/CVE-2025-40551
SolarWinds has just announced four high-severity vulnerabilities in its Web Help Desk (WHD) software that could lead to full system takeover.
These flaws include unauthenticated Remote Code Execution (RCE) via insecure deserialization and multiple Authentication Bypasses, allowing attackers to execute protected methods without any credentials.
CVE-2025-40551 & CVE-2025-40553 (Unauthenticated RCE)
CVE-2025-40552 & CVE-2025-40554 (Auth Bypass)
updated 2026-01-28T00:31:41
7 posts
5 repos
https://github.com/SimoesCTT/SCTT-2026-33-0004-FortiCloud-SSO-Identity-Singularity
https://github.com/b1gchoi/CVE-2026-24858
https://github.com/m0d0ri205/CVE-2026-24858
https://github.com/absholi7ly/CVE-2026-24858-FortiCloud-SSO-Authentication-Bypass
Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.
##📈 CVE Published in last 7 days (2026-01-26 - 2026-02-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 860
Severity:
- Critical: 96
- High: 295
- Medium: 375
- Low: 18
- None: 76
Status:
- : 6
- Analyzed: 70
- Awaiting Analysis: 299
- Modified: 1
- Received: 245
- Rejected: 18
- Undergoing Analysis: 221
Top CNAs:
- VulnCheck: 171
- GitHub, Inc.: 128
- VulDB: 74
- MITRE: 61
- Government Technology Agency of Singapore Cyber Security Group (GovTech CSG): 48
- Wordfence: 43
- kernel.org: 38
- Spanish National Cybersecurity Institute, S.A. (INCIBE): 28
- SEC Consult Vulnerability Lab: 20
- IBM Corporation: 18
Top Affected Products:
- UNKNOWN: 771
- Discourse: 13
- Flexense Disk Pulse Enterprise: 11
- Flexense Sync Breeze Enterprise Server: 11
- Tenda W30e Firmware: 10
- Oisf Suricata: 7
- Pnpm: 5
- Gpac: 4
- Fabian Online Examination System: 3
- Sangfor Operation And Maintenance Security Management System: 3
Top EPSS Score:
- CVE-2016-15057 - 32.46 % (https://secdb.nttzen.cloud/cve/detail/CVE-2016-15057)
- CVE-2026-1281 - 14.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1281)
- CVE-2026-24858 - 3.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24858)
- CVE-2026-21509 - 2.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21509)
- CVE-2026-1547 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1547)
- CVE-2026-1601 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1601)
- CVE-2026-1687 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2026-1689 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1689)
- CVE-2026-1723 - 0.94 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1723)
- CVE-2025-40551 - 0.87 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-40551)
Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.
##Another day and, well . . .
##Fortinet SSO Is A Burning Trash Fire While Prague Bureaucrats Wait For Their Morning Fax
PANIC 88% | Lag 18.75h | Fortinet has released an emergency patch for CVE-2026-24858, a critical vulnerability in FortiOS Sin
#AfterShockIndex
Here's a summary of the latest in global technology and cybersecurity from the last 24 hours:
Global tech giants are streamlining: Amazon announced 16,000 job cuts (Jan 28, 2026). Meanwhile, AI investment surges, with SoftBank nearing a $30B OpenAI investment (Jan 28, 2026). In cybersecurity, Fortinet addressed active exploitation of CVE-2026-24858 (Jan 28, 2026), and OpenSSL patched 12 flaws, including RCE (Jan 29, 2026). The Illinois Department of Human Services suffered a data breach impacting ~700,000 individuals (Jan 28, 2026).
##updated 2026-01-27T20:29:50.263000
1 posts
📈 CVE Published in last 7 days (2026-01-26 - 2026-02-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 860
Severity:
- Critical: 96
- High: 295
- Medium: 375
- Low: 18
- None: 76
Status:
- : 6
- Analyzed: 70
- Awaiting Analysis: 299
- Modified: 1
- Received: 245
- Rejected: 18
- Undergoing Analysis: 221
Top CNAs:
- VulnCheck: 171
- GitHub, Inc.: 128
- VulDB: 74
- MITRE: 61
- Government Technology Agency of Singapore Cyber Security Group (GovTech CSG): 48
- Wordfence: 43
- kernel.org: 38
- Spanish National Cybersecurity Institute, S.A. (INCIBE): 28
- SEC Consult Vulnerability Lab: 20
- IBM Corporation: 18
Top Affected Products:
- UNKNOWN: 771
- Discourse: 13
- Flexense Disk Pulse Enterprise: 11
- Flexense Sync Breeze Enterprise Server: 11
- Tenda W30e Firmware: 10
- Oisf Suricata: 7
- Pnpm: 5
- Gpac: 4
- Fabian Online Examination System: 3
- Sangfor Operation And Maintenance Security Management System: 3
Top EPSS Score:
- CVE-2016-15057 - 32.46 % (https://secdb.nttzen.cloud/cve/detail/CVE-2016-15057)
- CVE-2026-1281 - 14.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1281)
- CVE-2026-24858 - 3.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24858)
- CVE-2026-21509 - 2.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21509)
- CVE-2026-1547 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1547)
- CVE-2026-1601 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1601)
- CVE-2026-1687 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2026-1689 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1689)
- CVE-2026-1723 - 0.94 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1723)
- CVE-2025-40551 - 0.87 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-40551)
updated 2026-01-27T16:19:42.330000
20 posts
6 repos
https://github.com/SimoesCTT/SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-
https://github.com/SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509
https://github.com/gavz/CVE-2026-21509-PoC
https://github.com/ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation
Russian state hackers exploit new Microsoft Office flaw in attacks on Ukraine, EU
Ukraine’s computer emergency response team, CERT-UA, said attackers began abusing the flaw — tracked as CVE-2026-21509 — shortly after Microsoft...
🔗️ [Therecord] https://link.is.it/ZQMXsZ
##Russian APT28 Exploits Microsoft Office Vulnerability to Target EU COREPER Discussions
In a recent escalation of cyber espionage activity, the Russian-linked Advanced Persistent Threat group APT28 has been observed exploiting a critical Microsoft Office vulnerability, CVE-2026-21509, to target sensitive EU operations. Security researchers report that the group is distributing malicious DOC files disguised as documents related to EU COREPER (Committee of Permanent…
##RE: https://mastodon.social/@campuscodi/116006284031729445
More on this campaign from Zscaler: https://www.zscaler.com/blogs/security-research/apt28-leverages-cve-2026-21509-operation-neusploit
Other targets also include Romania and Slovakia
##Latest News (Feb 2-3, 2026):
Global: India and the US have finalized a trade deal. Pakistani forces killed 145 militants in Balochistan after coordinated attacks.
Tech: SpaceX merged with xAI, announcing plans for space-based AI data centers. Oracle plans a $50B expansion for AI cloud infrastructure.
Cybersecurity: A Russian hacker alliance, "Russian Legion," threatens a major cyberattack on Denmark. Russia-linked APT28 exploits a new Microsoft Office flaw (CVE-2026-21509) in attacks across Ukraine and the EU.
##Zscaler ThreatLabz reports on Operation Neusploit, a January 2026 campaign targeting Central and Eastern Europe. Weaponised Microsoft RTF files exploit CVE-2026-21509 to deliver multi-stage backdoors. The campaign is attributed to APT28 with high confidence. https://www.zscaler.com/blogs/security-research/apt28-leverages-cve-2026-21509-operation-neusploit
##"Microsoft Office zero-day actively exploited" 🕵️ 🙄
(CVSS 7.8)
https://hackingpassion.com/office-zero-day-cve-2026-21509
#cve202621509 #cybersec #cybersecurity #infosec #microsoft #office #microsoftoffice #ole
##Russian hackers exploit recently patched Microsoft Office bug in attacks
Ukraine's Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in...
🔗️ [Bleepingcomputer] https://link.is.it/iMsHDY
##UAC-0001 (APT28) Attack Detection: russia-Backed Actor Actively Exploits CVE-2026-21509 Targeting Ukraine and the EU
#APT28 #CVE_2026_21509
https://socprime.com/blog/detect-uac-0001-attacks-exploiting-cve-2026-21509/
Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.
##📈 CVE Published in last 7 days (2026-01-26 - 2026-02-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 860
Severity:
- Critical: 96
- High: 295
- Medium: 375
- Low: 18
- None: 76
Status:
- : 6
- Analyzed: 70
- Awaiting Analysis: 299
- Modified: 1
- Received: 245
- Rejected: 18
- Undergoing Analysis: 221
Top CNAs:
- VulnCheck: 171
- GitHub, Inc.: 128
- VulDB: 74
- MITRE: 61
- Government Technology Agency of Singapore Cyber Security Group (GovTech CSG): 48
- Wordfence: 43
- kernel.org: 38
- Spanish National Cybersecurity Institute, S.A. (INCIBE): 28
- SEC Consult Vulnerability Lab: 20
- IBM Corporation: 18
Top Affected Products:
- UNKNOWN: 771
- Discourse: 13
- Flexense Disk Pulse Enterprise: 11
- Flexense Sync Breeze Enterprise Server: 11
- Tenda W30e Firmware: 10
- Oisf Suricata: 7
- Pnpm: 5
- Gpac: 4
- Fabian Online Examination System: 3
- Sangfor Operation And Maintenance Security Management System: 3
Top EPSS Score:
- CVE-2016-15057 - 32.46 % (https://secdb.nttzen.cloud/cve/detail/CVE-2016-15057)
- CVE-2026-1281 - 14.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1281)
- CVE-2026-24858 - 3.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24858)
- CVE-2026-21509 - 2.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21509)
- CVE-2026-1547 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1547)
- CVE-2026-1601 - 2.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1601)
- CVE-2026-1687 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2026-1689 - 1.54 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1689)
- CVE-2026-1723 - 0.94 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1723)
- CVE-2025-40551 - 0.87 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-40551)
Russian state hackers exploit new Microsoft Office flaw in attacks on Ukraine, EU
Ukraine’s computer emergency response team, CERT-UA, said attackers began abusing the flaw — tracked as CVE-2026-21509 — shortly after Microsoft...
🔗️ [Therecord] https://link.is.it/ZQMXsZ
##RE: https://mastodon.social/@campuscodi/116006284031729445
More on this campaign from Zscaler: https://www.zscaler.com/blogs/security-research/apt28-leverages-cve-2026-21509-operation-neusploit
Other targets also include Romania and Slovakia
##Latest News (Feb 2-3, 2026):
Global: India and the US have finalized a trade deal. Pakistani forces killed 145 militants in Balochistan after coordinated attacks.
Tech: SpaceX merged with xAI, announcing plans for space-based AI data centers. Oracle plans a $50B expansion for AI cloud infrastructure.
Cybersecurity: A Russian hacker alliance, "Russian Legion," threatens a major cyberattack on Denmark. Russia-linked APT28 exploits a new Microsoft Office flaw (CVE-2026-21509) in attacks across Ukraine and the EU.
##Zscaler ThreatLabz reports on Operation Neusploit, a January 2026 campaign targeting Central and Eastern Europe. Weaponised Microsoft RTF files exploit CVE-2026-21509 to deliver multi-stage backdoors. The campaign is attributed to APT28 with high confidence. https://www.zscaler.com/blogs/security-research/apt28-leverages-cve-2026-21509-operation-neusploit
##Russian hackers exploit recently patched Microsoft Office bug in attacks
Ukraine’s Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple…
#NewsBeep #News #US #USA #UnitedStates #UnitedStatesOfAmerica #Technology
https://www.newsbeep.com/us/445936/
"Microsoft Office zero-day actively exploited" 🕵️ 🙄
(CVSS 7.8)
https://hackingpassion.com/office-zero-day-cve-2026-21509
#cve202621509 #cybersec #cybersecurity #infosec #microsoft #office #microsoftoffice #ole
##Russian hackers exploit recently patched Microsoft Office bug in attacks
Ukraine's Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in...
🔗️ [Bleepingcomputer] https://link.is.it/iMsHDY
##Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).
In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.
##⚪ Microsoft rushes to fix Office 0-day vulnerability actively exploited by hackers
🗨️ Microsoft developers have released out-of-band patches for a critical Office vulnerability that is already being actively exploited in attacks. The issue affects almost all versions of the product—from Office 2016 to Microsoft 365 Apps for Enterprise.
##updated 2026-01-27T16:06:45.160000
2 posts
Critical n8n Sandbox Escapes Enable Remote Code Execution
n8n reports two sandbox escape vulnerabilities, CVE-2026-1470 and CVE-2026-0863, that allow authenticated users to execute arbitrary code and take over self-hosted servers. These flaws bypass JavaScript and Python security filters by exploiting deprecated language features and specific interpreter behaviors.
**If you are using n8n, make sure it's isolated from the internet and accessible from trusted users only. Then patch n8n to version 1.123.17, 2.4.5 for CVE-2026-1470, and 1.123.14, 2.3.5 for CVE-2026-0863 or later. The CVE-2026-1470 patch is higher priority. Also configure Python nodes to run in 'External' mode for better process isolation.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-n8n-sandbox-escapes-enable-remote-code-execution-7-0-w-q-b/gD2P6Ple2L
n8n – CVE-2026-1470 et CVE-2026-0863 : deux nouvelles failles patchées, comment se protéger ? https://www.it-connect.fr/n8n-cve-2026-1470-et-cve-2026-0863-patchs-de-securite/ #ActuCybersécurité #Cybersécurité #Vulnérabilité
##updated 2026-01-26T21:31:34
1 posts
11 repos
https://github.com/mohammadzarnian1357/Ashwesker-CVE-2025-52691
https://github.com/nxgn-kd01/smartermail-cve-scanner
https://github.com/DeathShotXD/CVE-2025-52691-APT-PoC
https://github.com/rxerium/CVE-2025-52691
https://github.com/hilwa24/CVE-2025-52691
https://github.com/yt2w/CVE-2025-52691
https://github.com/watchtowrlabs/watchTowr-vs-SmarterMail-CVE-2025-52691
https://github.com/rimbadirgantara/CVE-2025-52691-poc
https://github.com/you-ssef9/CVE-2025-52691
https://github.com/SuJing-cy/CVE-2025-2025-52691-SmarterMail-Exp
❗️CVE-2025-52691: SmarterMail Authentication Bypass and RCE PoC
https://darkwebinformer.com/cve-2025-52691-smartermail-authentication-bypass-and-rce-poc/
##updated 2026-01-26T15:05:39.840000
2 posts
Critical n8n Sandbox Escapes Enable Remote Code Execution
n8n reports two sandbox escape vulnerabilities, CVE-2026-1470 and CVE-2026-0863, that allow authenticated users to execute arbitrary code and take over self-hosted servers. These flaws bypass JavaScript and Python security filters by exploiting deprecated language features and specific interpreter behaviors.
**If you are using n8n, make sure it's isolated from the internet and accessible from trusted users only. Then patch n8n to version 1.123.17, 2.4.5 for CVE-2026-1470, and 1.123.14, 2.3.5 for CVE-2026-0863 or later. The CVE-2026-1470 patch is higher priority. Also configure Python nodes to run in 'External' mode for better process isolation.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-n8n-sandbox-escapes-enable-remote-code-execution-7-0-w-q-b/gD2P6Ple2L
n8n – CVE-2026-1470 et CVE-2026-0863 : deux nouvelles failles patchées, comment se protéger ? https://www.it-connect.fr/n8n-cve-2026-1470-et-cve-2026-0863-patchs-de-securite/ #ActuCybersécurité #Cybersécurité #Vulnérabilité
##updated 2026-01-26T15:04:59.737000
1 posts
3 repos
https://github.com/John-doe-code-a11/CVE-2026-0920
https://github.com/Galaxy-sc/CVE-2026-0920-WordPress-LA-Studio-Exploit
‼️ CVE-2026-0920: Explanation and payload of the recent vulnerability in the LA-Studio Element WordPress plugin.
PoC/Exploit: https://github.com/John-doe-code-a11/CVE-2026-0920
CVSS: 9.8
CVE Published: January 22nd, 2026
Advisory: https://github.com/advisories/GHSA-m3h4-65j5-6j8c
Technical Analysis: https://www.wordfence.com/blog/2026/01/20000-wordpress-sites-affected-by-backdoor-vulnerability-in-la-studio-element-kit-for-elementor-wordpress-plugin/
##updated 2026-01-26T15:04:14.850000
1 posts
updated 2026-01-23T06:31:32
1 posts
‼️ CVE-2026-0755: Reported Zero-Day in Gemini MCP Tool Could Allow Remote Code Execution
Zero-Day: Yes
CVSS: 9.8
CVE Published: January 23rd, 2026
Affected Vendor: Gemini MCP Tool
Vulnerability Type: Remote Code Execution (RCE)
updated 2026-01-22T14:28:35.883000
1 posts
1 repos
🍩 & #threatintel - Since its disclosure 11 days ago, 95% of the exploitation attempts of CVE-2026-20045, a critical vulnerability in Cisco Unified Communications Manager, have used a distinctive user-agent: Mozilla/5.0 (compatible; CiscoExploit/1.0) and are heavily targeted against our Cisco Unified Communications Manager (UCM) sensors.
We're tracking it here: https://viz.greynoise.io/tags/cisco-unified-communications-manager-input-validation-cve-2026-20045-rce-attempt?days=10
Appears to be from https://github.com/Ashwesker/Ashwesker-CVE-2026-20045
##updated 2026-01-16T20:09:26.027000
1 posts
#OT #Advisory VDE-2026-006
Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service
The PIT User Authentication Service is affected by multiple vulnerabilities in included third-party components.
#CVE CVE-2025-31650, CVE-2025-48988, CVE-2025-12383, CVE-2025-61795
https://certvde.com/en/advisories/vde-2026-006/
#CSAF https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2026/ppsa-2026-001.json
##updated 2026-01-13T15:05:00
1 posts
9 repos
https://github.com/SystemVll/CVE-2026-21858
https://github.com/Chocapikk/CVE-2026-21858
https://github.com/Alhakim88/CVE-2026-21858
https://github.com/MOGMUNI/CVE-2026-21858
https://github.com/sec-dojo-com/CVE-2026-21858
https://github.com/cropnet/ni8mare-scanner
RCE Threat in Workflow Automation
⚠️ CVE-2026-21858 — Critical unauthenticated remote code execution in n8n self-hosted instances can allow complete takeover if left unpatched.
Check remediation guidance here:
👉 https://cvedatabase.com/cve/CVE-2026-21858 #CyberSecurity #DevOps
updated 2025-12-03T00:31:35
1 posts
updated 2025-11-21T15:19:20
1 posts
#OT #Advisory VDE-2026-006
Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service
The PIT User Authentication Service is affected by multiple vulnerabilities in included third-party components.
#CVE CVE-2025-31650, CVE-2025-48988, CVE-2025-12383, CVE-2025-61795
https://certvde.com/en/advisories/vde-2026-006/
#CSAF https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2026/ppsa-2026-001.json
##updated 2025-11-20T00:31:21
1 posts
6 repos
https://github.com/lastvocher/7zip-CVE-2025-11001
https://github.com/I3r1h0n/7Ziprowler
https://github.com/mbanyamer/CVE-2025-11001---7-Zip
https://github.com/ranasen-rat/CVE-2025-11001
@TeddyTheBest Yes it is open source but it is a little tough to claim the moral high ground here when 7-Zip also frequently has security issues and like WinRAR offers no autoupdate
##updated 2025-11-11T17:15:38.977000
6 posts
4 repos
https://github.com/N3k0t-dev/PoC-CVE-collection
https://github.com/SaidBenaissa/cve-2025-11953-vulnerability-demo
Metro4Shell Exploit Targets React Native Developers, Delivering Cross-Platform Malware
A critical vulnerability in the Metro server for React Native, tracked as CVE-2025-11953, is actively being exploited by hackers to deliver malicious payloads to both Windows and Linux systems. This flaw exposes developers and organizations relying on React Native to severe risk, especially during the application development phase. Metro, the default JavaScript bundler for React…
##Hackers exploit critical React Native Metro bug to breach dev systems
Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious...
🔗️ [Bleepingcomputer] https://link.is.it/9a1Dng
##A single overlooked feature in a popular React Native tool let hackers run code on thousands of developer machines worldwide. Curious how one tiny flaw exposed the whole supply chain?
##Hackers exploit critical React Native Metro bug to breach dev systems
Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious...
🔗️ [Bleepingcomputer] https://link.is.it/w9Y7HI
##Hackers exploit critical React Native Metro bug to breach dev systems
Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious...
🔗️ [Bleepingcomputer] https://link.is.it/9a1Dng
##Hackers exploit critical React Native Metro bug to breach dev systems
Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious...
🔗️ [Bleepingcomputer] https://link.is.it/w9Y7HI
##updated 2025-11-04T00:31:55
1 posts
updated 2025-11-03T22:55:50
1 posts
7 repos
https://github.com/sattarbug/Analysis-of-TomcatKiller---CVE-2025-31650-Exploit-Tool
https://github.com/B1gN0Se/Tomcat-CVE-2025-31650
https://github.com/assad12341/Dos-exploit-
https://github.com/tunahantekeoglu/CVE-2025-31650
https://github.com/absholi7ly/TomcatKiller-CVE-2025-31650
#OT #Advisory VDE-2026-006
Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service
The PIT User Authentication Service is affected by multiple vulnerabilities in included third-party components.
#CVE CVE-2025-31650, CVE-2025-48988, CVE-2025-12383, CVE-2025-61795
https://certvde.com/en/advisories/vde-2026-006/
#CSAF https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2026/ppsa-2026-001.json
##updated 2025-11-03T21:34:01
1 posts
2 repos
https://github.com/Samb102/POC-CVE-2025-48988-CVE-2025-48976
#OT #Advisory VDE-2026-006
Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service
The PIT User Authentication Service is affected by multiple vulnerabilities in included third-party components.
#CVE CVE-2025-31650, CVE-2025-48988, CVE-2025-12383, CVE-2025-61795
https://certvde.com/en/advisories/vde-2026-006/
#CSAF https://pilz.csaf-tp.certvde.com/.well-known/csaf/white/2026/ppsa-2026-001.json
##updated 2025-10-30T15:50:59.680000
1 posts
26 repos
https://github.com/jordan922/CVE-2025-8088
https://github.com/Shinkirou789/Cve-2025-8088-WinRar-vulnerability
https://github.com/techcorp/CVE-2025-8088-Exploit
https://github.com/papcaii2004/CVE-2025-8088-WinRAR-builder
https://github.com/pexlexity/WinRAR-CVE-2025-8088-Path-Traversal-PoC
https://github.com/0xAbolfazl/CVE-2025-8088-WinRAR-PathTraversal-PoC
https://github.com/ilhamrzr/RAR-Anomaly-Inspector
https://github.com/hexsecteam/CVE-2025-8088-Winrar-Tool
https://github.com/AdityaBhatt3010/CVE-2025-8088-WinRAR-Zero-Day-Path-Traversal
https://github.com/knight0x07/WinRAR-CVE-2025-8088-PoC-RAR
https://github.com/travisbgreen/cve-2025-8088
https://github.com/pentestfunctions/best-CVE-2025-8088
https://github.com/nhattanhh/CVE-2025-8088
https://github.com/xi0onamdev/WinRAR-CVE-2025-8088-Exploitation-Toolkit
https://github.com/pescada-dev/-CVE-2025-8088
https://github.com/lucyna77/winrar-exploit
https://github.com/ghostn4444/CVE-2025-8088
https://github.com/hbesljx/CVE-2025-8088-EXP
https://github.com/onlytoxi/CVE-2025-8088-Winrar-Tool
https://github.com/pentestfunctions/CVE-2025-8088-Multi-Document
https://github.com/kitsuneshade/WinRAR-Exploit-Tool---Rust-Edition
https://github.com/walidpyh/CVE-2025-8088
https://github.com/DeepBlue-dot/CVE-2025-8088-WinRAR-Startup-PoC
https://github.com/sxyrxyy/CVE-2025-8088-WinRAR-Proof-of-Concept-PoC-Exploit-
📦 That WinRAR "Free Trial" You Never Paid For? Hackers Are Exploiting It Right Now 🚨
A WinRAR vulnerability patched last July (CVE-2025-8088) is still being actively exploited by Russian APTs, Chinese threat actors, and cybercrime gangs six months later. The path traversal flaw lets attackers slip malicious files into your system when you extract seemingly innocent archives. If you're still using WinRAR, update immediately or switch to 7-Zip.
Sources:
- https://www.bleepingcomputer.com/news/security/winrar-path-traversal-flaw-still-exploited-by-numerous-hackers/
- https://cloud.google.com/blog/topics/threat-intelligence/exploiting-critical-winrar-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2025-8088
- https://www.helpnetsecurity.com/2026/01/28/winrar-vulnerability-exploited-cve-2025-8088/
---
🔓 Critical OpenSSL Flaw Could Let Hackers Take Over Your Computer Via Email 💀
CVE-2025-15467 is a critical 9.8 CVSS remote code execution vulnerability in OpenSSL's CMS and S/MIME message processing. OpenSSL powers encrypted communications across the entire internet, and this flaw allows unauthenticated attackers to execute arbitrary code remotely without any credentials. A working proof-of-concept already exists in the wild, meaning both defenders and attackers have access to it.
Sources:
- https://nvd.nist.gov/vuln/detail/CVE-2025-15467
https://www.infosecurity-magazine.com/news/12-openssl-flaws/
- https://openssl-library.org/news/vulnerabilities/
- https://twitter.com/IntCyberDigest/status/2016288593547833778
---
🤦 SolarWinds Ships Critical Vulnerabilities In Their Own Software (Yes, THAT SolarWinds) 🤡
SolarWinds, the company that became the poster child for supply chain attacks after their 2020 breach, just disclosed four critical vulnerabilities in their Web Help Desk product. The flaws include unauthenticated remote code execution and authentication bypass that can be chained together to completely compromise systems without logging in. Five years after congressional hearings and intense security scrutiny, they still shipped this mess.
Sources:
- https://www.bleepingcomputer.com/news/security/solarwinds-warns-of-critical-web-help-desk-rce-auth-bypass-flaws/
- https://www.helpnetsecurity.com/2026/01/29/solarwinds-web-help-desk-rce-vulnerabilities/
- https://www.rapid7.com/blog/post/etr-multiple-critical-solarwinds-web-help-desk-vulnerabilities-cve-2025-40551-40552-40553-40554/
- https://nvd.nist.gov/vuln/detail/CVE-2025-40552
- https://nvd.nist.gov/vuln/detail/CVE-2025-40553
- https://nvd.nist.gov/vuln/detail/CVE-2025-40554
- https://nvd.nist.gov/vuln/detail/CVE-2025-40551
updated 2025-10-24T13:54:58.783000
1 posts
10 repos
https://github.com/Hexastrike/Ivanti-Connect-Secure-Logs-Parser
https://github.com/gmh5225/Blackash-CVE-2025-0282
https://github.com/sfewer-r7/CVE-2025-0282
https://github.com/AdaniKamal/CVE-2025-0282
https://github.com/watchtowrlabs/CVE-2025-0282
https://github.com/punitdarji/Ivanti-CVE-2025-0282
https://github.com/absholi7ly/CVE-2025-0282-Ivanti-exploit
https://github.com/rxwx/pulse-meter
☕ & #threatintel - Two campaigns (100x spike!) are hitting Ivanti Connect Secure; one loud (34K sessions from Romania/Moldova), one stealthy (~6K distributed IPs). Both target a pre-exploitation endpoint for CVE-2025-0282. https://www.labs.greynoise.io/grimoire/2026-01-29-inside-the-infrastructure-whos-scanning-for-ivanti-connect-secure/
##updated 2025-09-19T21:32:20
1 posts
🚨 New Exploit: D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)
📋 CVE: CVE-2025-10666
👤 Author: Beatriz Fresno Naumova
🔗 https://www.exploit-db.com/exploits/52469
#ExploitDB #InfoSec #CyberSecurity #CVE-2025-10666
##updated 2025-06-18T14:15:12
2 posts
Exploiting CVE-2025-49825 (authentication bypass vulnerability in Teleport) https://blog.offensive.af/posts/exploiting-cve-2025-49825/
##Exploiting CVE-2025-49825 (authentication bypass vulnerability in Teleport) https://blog.offensive.af/posts/exploiting-cve-2025-49825/
##updated 2024-11-01T15:32:52
1 posts
updated 2024-04-04T07:48:27
2 posts
RE: https://mastodon.social/@bagder/116001950411560304
My CVEs are still at 0 medals, but thanks to VxWorks I was able to achieve a CVE on Mars (#Curiosity rover, CVE-2023-38346) 😉
Btw. if anyone from #NASA could confirm curiosity was/is really affected (but probably without attack vector so no impact I guess), that would mean a lot to me
##RE: https://mastodon.social/@bagder/116001950411560304
My CVEs are still at 0 medals, but thanks to VxWorks I was able to achieve a CVE on Mars (#Curiosity rover, CVE-2023-38346) 😉
Btw. if anyone from #NASA could confirm curiosity was/is really affected (but probably without attack vector so no impact I guess), that would mean a lot to me
##updated 2023-01-30T05:06:18
1 posts
@Weld When I was at Rapid7, we were firm that we wouldn't sign anything preventing us from disclosing. Sometimes that made it real difficult to talk to the company
Sadly the link to the disclosure is dead now, but this was my favourite: https://attackerkb.com/topics/92AeLOE1M1/cve-2022-37393/rapid7-analysis
##updated 2023-01-29T05:00:49
2 posts
@rk @hrbrmstr
Are you forgetting CVE-2019-15006 by Taylor Swift on Security?
@rk @hrbrmstr
Are you forgetting CVE-2019-15006 by Taylor Swift on Security?
CVE-2026-24513 #devopsish #kubernetes #cve https://github.com/kubernetes/kubernetes/issues/136679
##CVE-2026-24513 #devopsish #kubernetes #cve https://github.com/kubernetes/kubernetes/issues/136679
##CVE-2026-24514 #devopsish #kubernetes #cve https://github.com/kubernetes/kubernetes/issues/136680
##CVE-2026-24514 #devopsish #kubernetes #cve https://github.com/kubernetes/kubernetes/issues/136680
##🟠 CVE-2026-23743 - High (7.5)
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, permalinks pointing to access-restricted resources (private topics, categories, posts, or hidden tags) were redirecting users to URLs ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23743/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24854 - High (8.8)
ChurchCRM is an open-source church management system. A SQL Injection vulnerability exists in endpoint `/PaddleNumEditor.php` in ChurchCRM prior to version 6.7.2. Any authenticated user, including one with zero assigned permissions, can exploit SQ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24854/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔥 A vulnerability in AWStats sitting in a cPanel tree... H I D I N G?
We discovered it.
CVE-2025-63261 (or as we call it: PTT-2025-021) is what happens when "legacy meets lazy":
A single "|" in an HTTP GET param leads straight to RCE via Perl’s unsafe open() call.
And yes, this was sitting in AWStats.
Why it matters:
🔹 It’s already 2026, and we’re still finding bugs from 2000s-era web tools
🔹 Attack surface doesn’t disappear, it just ages quietly
🔹 RCE doesn’t need zero-days when it has zero hygiene
📝 We have a very comprehensive Part 1 article, written by Matei Badanoiu, who walks us through:
✅ How we found the bug
✅ How we turned it into a working exploit
✅ Why these “boring” vulns still matter
Read the article here: https://pentest-tools.com/blog/cpanel-cve-ptt-2025-021-part-1
##🔴 CVE-2026-22806 - Critical (9.1)
vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to versions 4.6.0, 4.5.4, 4.4.2, and 4.3.10, when an access key is created with a limited scope, the scope can be bypassed to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22806/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-62514 - High (8.3)
Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, `libparsec_crypto`, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-62514/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##1 posts
4 repos
https://github.com/ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation
https://github.com/kimstars/Ashwesker-CVE-2026-21509
https://github.com/gavz/CVE-2026-21509-PoC
https://github.com/SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509
⚪ Microsoft rushes to fix Office 0-day vulnerability actively exploited by hackers
🗨️ Microsoft developers have released out-of-band patches for a critical Office vulnerability that is already being actively exploited in attacks. The issue affects almost all versions of the product—from Office 2016 to Microsoft 365 Apps for Enterprise.
##🔴 CVE-2026-24897 - Critical (10)
Erugo is a self-hosted file-sharing platform. In versions up to and including 0.2.14, an authenticated low-privileged user can upload arbitrary files to any specified location due to insufficient validation of user‑supplied paths when creating s...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24897/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-24856 - High (7.8)
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Versions prior to 2.3.1.2 have an undefined behavior issue when floating-point NaN values are converted to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24856/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##