FediSecfeeds

CVE	CVSS	EPSS	Posts	Repos	Nuclei	Updated	Description
CVE-2026-25131	8.8	0.00%	2	0		2026-02-25T02:16:22.967000	OpenEMR is a free and open source electronic health records and medical practice
CVE-2026-24849	9.9	0.00%	2	0		2026-02-25T02:16:22.197000	OpenEMR is a free and open source electronic health records and medical practice
CVE-2025-69231	8.7	0.00%	2	0		2026-02-25T02:16:21.707000	OpenEMR is a free and open source electronic health records and medical practice
CVE-2025-67752	8.1	0.00%	2	0		2026-02-25T02:16:21.377000	OpenEMR is a free and open source electronic health records and medical practice
CVE-2026-0797	7.8	0.06%	2	0		2026-02-25T00:31:22	GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerabi
CVE-2026-27593	9.3	0.00%	6	0		2026-02-24T22:39:03.967000	Statmatic is a Laravel and Git powered content management system (CMS). Prior to
CVE-2026-25899	7.5	0.00%	2	0		2026-02-24T22:39:03.967000	Fiber is an Express inspired web framework written in Go. In versions on the v3
CVE-2026-26222	0	0.00%	2	0		2026-02-24T21:52:01.367000	Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 exposes i
CVE-2026-26341	0	0.00%	2	0		2026-02-24T21:52:01.367000	Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and pr
CVE-2026-21410	9.8	0.00%	4	0		2026-02-24T21:52:01.367000	InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web in
CVE-2026-22553	9.8	0.00%	4	0		2026-02-24T21:52:01.367000	All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection
CVE-2025-33180	8.0	0.00%	6	0		2026-02-24T21:52:01.367000	NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE inter
CVE-2026-3105	7.6	0.00%	2	0		2026-02-24T21:52:01.367000	SummaryThis advisory addresses a SQL injection vulnerability in the API endpoint
CVE-2025-33179	8.0	0.00%	4	0		2026-02-24T21:52:01.367000	NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE inter
CVE-2026-24241	4.3	0.00%	2	0		2026-02-24T21:52:01.367000	NVIDIA Delegated Licensing Service for all appliance platforms contains a vulner
CVE-2026-27519	7.5	0.00%	2	0		2026-02-24T21:52:01.367000	Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior
CVE-2026-2769	8.8	0.00%	2	0		2026-02-24T21:52:01.367000	Use-after-free in the Storage: IndexedDB component. This vulnerability affects F
CVE-2026-27208	9.2	0.00%	2	0		2026-02-24T21:52:01.367000	bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0
CVE-2026-2038	9.8	0.42%	2	0		2026-02-24T21:43:04.817000	GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability
CVE-2026-2039	9.8	0.42%	2	0		2026-02-24T21:42:14.183000	GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerabilit
CVE-2026-2037	8.8	0.79%	1	0		2026-02-24T21:41:45.897000	GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution V
CVE-2026-2045	7.8	0.06%	1	0		2026-02-24T21:41:19.147000	GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. T
CVE-2026-3044	8.8	0.05%	3	0		2026-02-24T21:39:12.990000	A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the functi
CVE-2026-25108	8.8	0.33%	6	0		2026-02-24T21:38:18.607000	FileZen contains an OS command injection vulnerability. When FileZen Antivirus C
CVE-2026-22765	8.8	0.00%	2	0		2026-02-24T21:31:50	Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authori
CVE-2025-33181	7.3	0.00%	2	0		2026-02-24T21:31:50	NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE inter
CVE-2026-2798	8.8	0.00%	2	0		2026-02-24T21:31:46	Use-after-free in the DOM: Core & HTML component. This vulnerability affects Fir
CVE-2026-26746	8.8	0.21%	1	1		2026-02-24T20:42:28.327000	OpenSourcePOS 3.4.1 contains a Local File Inclusion (LFI) vulnerability in the S
CVE-2025-70329	8.0	0.43%	1	0		2026-02-24T20:38:09.483000	TOTOLink X5000R v9.1.0cu_2415_B20250515 contains an OS command injection vulnera
CVE-2026-27483	8.8	0.00%	2	0		2026-02-24T20:07:59	### Summary There is a path traversal vulnerability in Mindsdb's /api/files int
CVE-2026-2980	7.2	0.04%	1	0		2026-02-24T20:04:10.060000	A vulnerability has been found in UTT HiPER 810G up to 1.7.7-1711. Impacted is t
CVE-2026-23693	10.0	0.15%	3	0		2026-02-24T19:21:41.843000	ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor
CVE-2026-25989	7.5	0.04%	1	0		2026-02-24T18:43:16.560000	ImageMagick is free and open-source software used for editing and manipulating d
CVE-2025-15386	8.8	0.03%	2	0		2026-02-24T18:32:04	The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to
CVE-2026-27515	9.1	0.00%	2	0		2026-02-24T18:31:09	Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209
CVE-2026-23678	8.8	0.00%	2	0		2026-02-24T18:31:09	Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior
CVE-2026-27520	7.5	0.00%	2	0		2026-02-24T18:31:09	Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209
CVE-2026-27507	9.8	0.00%	2	1		2026-02-24T18:31:08	Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior
CVE-2026-27516	8.1	0.00%	2	0		2026-02-24T18:31:08	Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior
CVE-2026-2904	8.8	0.04%	2	0		2026-02-24T18:31:01	A vulnerability was determined in UTT HiPER 810G 1.7.7-171114. This affects the
CVE-2025-40541	9.1	0.04%	1	0		2026-02-24T17:56:16.030000	An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which
CVE-2026-25794	8.2	0.04%	1	0		2026-02-24T17:28:54.433000	ImageMagick is free and open-source software used for editing and manipulating d
CVE-2026-27211	10.0	0.05%	2	1		2026-02-24T17:08:14.463000	Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0
CVE-2026-25802	7.6	0.03%	2	0		2026-02-24T16:08:21	### Summary A potential unsafe operation occurs in component `MarkdownRenderer.
CVE-2026-25591	None	0.04%	2	0		2026-02-24T16:08:14	### Summary A SQL LIKE wildcard injection vulnerability in the `/api/token/searc
CVE-2026-27574	10.0	0.05%	1	1		2026-02-24T16:00:57	### Summary OneUptime lets project members write custom JavaScript that runs in
CVE-2026-25985	7.5	0.04%	1	0		2026-02-24T15:44:21	A crafted SVG file containing an malicious element causes ImageMagick to attempt
CVE-2026-24481	7.5	0.03%	1	0		2026-02-24T15:27:31	### Description A heap information disclosure vulnerability exists in ImageMagic
CVE-2026-27212	7.8	0.03%	3	0		2026-02-24T15:16:56.670000	Swiper is a free and mobile touch slider with hardware accelerated transitions a
CVE-2026-27471	9.1	0.04%	3	0		2026-02-24T14:52:50.073000	ERP is a free and open source Enterprise Resource Planning tool. In versions up
CVE-2026-27479	7.7	0.03%	1	0		2026-02-24T14:47:06.290000	Wallos is an open-source, self-hostable personal subscription tracker. Versions
CVE-2026-27127	0	0.01%	1	0		2026-02-24T14:13:49.320000	Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.1
CVE-2026-26198	9.8	0.04%	2	1		2026-02-24T14:13:49.320000	Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when per
CVE-2025-13943	8.8	0.32%	2	0		2026-02-24T14:13:49.320000	A post-authentication command injection vulnerability in the log file download f
CVE-2026-26331	8.8	0.12%	1	1		2026-02-24T14:13:49.320000	yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21
CVE-2026-25965	8.6	0.03%	1	0		2026-02-24T14:13:49.320000	ImageMagick is free and open-source software used for editing and manipulating d
CVE-2026-24485	7.5	0.04%	1	0		2026-02-24T14:13:49.320000	ImageMagick is free and open-source software used for editing and manipulating d
CVE-2026-25648	8.7	0.03%	1	0		2026-02-24T14:13:49.320000	Versions of the Traccar open-source GPS tracking system starting with 6.11.1 con
CVE-2026-21863	7.5	0.01%	2	0		2026-02-24T14:13:49.320000	Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.
CVE-2026-2041	8.8	1.25%	3	0		2026-02-24T13:18:09.610000	Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Executio
CVE-2026-27161	7.5	0.07%	2	0		2026-02-24T13:10:07.530000	GetSimple CMS is a content management system. All versions of GetSimple CMS rely
CVE-2025-40538	9.1	0.03%	4	0		2026-02-24T09:31:31	A broken access control vulnerability exists in Serv-U which when exploited, giv
CVE-2025-40539	9.1	0.04%	2	0		2026-02-24T09:31:31	A type confusion vulnerability exists in Serv-U which when exploited, gives a ma
CVE-2025-40540	9.1	0.04%	1	0		2026-02-24T09:31:31	A type confusion vulnerability exists in Serv-U which when exploited, gives a ma
CVE-2026-1459	7.2	0.10%	1	0		2026-02-24T03:30:30	A post-authentication command injection vulnerability in the TR-369 certificate
CVE-2025-13942	9.8	0.39%	1	0		2026-02-24T03:30:27	A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 fi
CVE-2026-27487	7.6	0.05%	1	0		2026-02-23T22:28:28	## Summary On macOS, the Claude CLI keychain credential refresh path constructed
CVE-2026-27198	8.8	0.04%	1	0		2026-02-23T22:27:31	### Summary The application fails to properly enforce role-based authorization
CVE-2026-27196	8.1	0.02%	1	0		2026-02-23T22:26:22	## Impact Stored XSS vulnerability in `html` fieldtypes allow authenticated use
CVE-2026-27203	8.3	0.04%	1	0		2026-02-23T22:23:46	The `ebay_set_user_tokens` tool allows updating the `.env` file with new tokens.
CVE-2025-69700	7.5	0.04%	1	0		2026-02-23T21:31:30	Tenda FH1203 V2.0.1.6 contains a stack-based buffer overflow vulnerability in th
CVE-2025-69380	7.5	0.04%	1	0		2026-02-23T21:31:28	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v
CVE-2026-26722	9.4	0.10%	1	0		2026-02-23T21:31:26	An issue in Key Systems Inc Global Facilities Management Software v.20230721a al
CVE-2026-26723	8.2	0.06%	1	0		2026-02-23T21:31:25	Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Manageme
CVE-2025-70833	9.4	0.08%	1	0		2026-02-23T21:31:25	An Authentication Bypass vulnerability in Smanga 3.2.7 allows an unauthenticated
CVE-2026-26747	9.1	0.04%	1	0		2026-02-23T21:19:12.023000	A Host Header Poisoning vulnerability exists in Monica 4.1.2 due to improper han
CVE-2026-26725	9.8	0.10%	1	0		2026-02-23T21:19:11.473000	An issue in edu Business Solutions Print Shop Pro WebDesk v.18.34 allows a remot
CVE-2026-26724	7.6	0.05%	1	0		2026-02-23T21:19:11.287000	Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Manageme
CVE-2025-70831	9.8	0.22%	1	0		2026-02-23T21:19:09.510000	A Remote Code Execution (RCE) vulnerability was found in Smanga 3.2.7 in the /ph
CVE-2025-69393	7.5	0.03%	1	0		2026-02-23T21:19:08.873000	Missing Authorization vulnerability in Jthemes Exzo exzo allows Exploiting Incor
CVE-2026-2886	8.8	0.08%	2	0		2026-02-23T21:00:35.513000	A weakness has been identified in Tenda A21 1.0.0.0. This affects the function s
CVE-2026-2871	8.8	0.03%	1	0		2026-02-23T20:59:13.240000	A weakness has been identified in Tenda A21 1.0.0.0. This affects the function f
CVE-2026-27169	8.9	0.05%	1	0		2026-02-23T20:50:36.870000	OpenSift is an AI study tool that sifts through large datasets using semantic se
CVE-2026-27194	9.8	0.29%	1	0		2026-02-23T20:47:29.423000	D-Tale is a visualizer for pandas data structures. Versions prior to 3.20.0 are
CVE-2026-27197	9.1	0.04%	2	0		2026-02-23T20:45:01.957000	Sentry is a developer-first error tracking and performance monitoring tool. Vers
CVE-2026-2876	8.8	0.07%	1	0		2026-02-23T20:33:02.043000	A vulnerability was determined in Tenda A18 15.13.07.13. This affects the functi
CVE-2026-2588	9.1	0.04%	1	0		2026-02-23T20:28:55.517000	Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw
CVE-2026-24956	9.3	0.03%	1	0		2026-02-23T20:28:54.140000	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-2856	8.8	0.03%	1	0		2026-02-23T20:27:19.517000	A vulnerability was found in D-Link DWR-M960 1.01.07. Affected by this vulnerabi
CVE-2026-2857	8.8	0.03%	1	0		2026-02-23T20:26:36.483000	A vulnerability was determined in D-Link DWR-M960 1.01.07. Affected by this issu
CVE-2026-2907	8.8	0.08%	1	0		2026-02-23T20:21:53.467000	A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerab
CVE-2026-2908	8.8	0.08%	1	0		2026-02-23T20:21:45.490000	A security vulnerability has been detected in Tenda HG9 300001138. Affected by t
CVE-2026-2911	8.8	0.08%	1	0		2026-02-23T20:21:22.323000	A vulnerability has been found in Tenda FH451 up to 1.0.0.9. This issue affects
CVE-2026-2874	8.8	0.08%	1	0		2026-02-23T20:09:11.397000	A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function form_fast_s
CVE-2026-2883	8.8	0.01%	1	0		2026-02-23T19:41:14.377000	A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the funct
CVE-2026-2929	8.8	0.03%	2	0		2026-02-23T19:39:25.350000	A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the funct
CVE-2026-2926	8.8	0.03%	2	0		2026-02-23T19:35:45.083000	A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub_
CVE-2026-2928	8.8	0.02%	2	0		2026-02-23T19:29:03.767000	A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the fun
CVE-2026-2959	8.8	0.03%	3	0		2026-02-23T19:28:20.650000	A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulner
CVE-2026-2960	8.8	0.03%	2	0		2026-02-23T19:24:49.953000	A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the
CVE-2026-23552	9.1	0.01%	2	1		2026-02-23T18:33:04	Cross-Realm Token Acceptance Bypass in KeycloakSecurityPolicy Apache Camel Keycl
CVE-2025-70043	9.1	0.02%	2	0		2026-02-23T18:32:09	An issue pertaining to CWE-295: Improper Certificate Validation was discovered i
CVE-2026-3016	8.8	0.04%	1	0		2026-02-23T18:32:05	A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. The affecte
CVE-2026-3015	8.8	0.04%	2	0		2026-02-23T18:32:04	A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Impacted is
CVE-2019-25441	9.8	2.65%	1	0		2026-02-23T18:14:13.887000	thesystem 1.0 contains a command injection vulnerability that allows unauthentic
CVE-2026-25896	9.3	0.03%	3	0		2026-02-23T18:14:13.887000	fast-xml-parser allows users to validate XML, parse XML to JS object, or build X
CVE-2026-24892	7.5	0.31%	1	0		2026-02-23T18:14:13.887000	openITCOCKPIT is an open source monitoring tool built for different monitoring e
CVE-2026-22567	7.6	0.04%	1	0		2026-02-23T18:13:53.397000	Improper validation of user-supplied input in the ZIA Admin UI could allow an au
CVE-2026-24494	9.8	0.05%	2	0		2026-02-23T18:13:53.397000	SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of
CVE-2026-27466	7.2	0.07%	1	0		2026-02-23T18:13:53.397000	BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below,
CVE-2026-27467	2.0	0.03%	1	0		2026-02-23T18:13:53.397000	BigBlueButton is an open-source virtual classroom. In versions 3.0.19 and below,
CVE-2026-27464	7.7	0.03%	1	0		2026-02-23T18:13:53.397000	Metabase is an open-source data analytics platform. In versions prior to 0.57.13
CVE-2026-27206	8.1	0.29%	1	0		2026-02-23T18:13:53.397000	Zumba Json Serializer is a library to serialize PHP variables in JSON format. In
CVE-2026-27192	0	0.02%	1	0		2026-02-23T18:13:53.397000	Feathersjs is a framework for creating web APIs and real-time applications with
CVE-2026-27134	8.1	0.03%	2	0		2026-02-23T18:13:53.397000	Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift
CVE-2026-2441	8.8	0.34%	9	6		2026-02-23T13:24:55.920000	Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote a
CVE-2025-49113	9.9	89.37%	1	22	template	2026-02-23T13:24:21.387000	Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execu
CVE-2025-68461	7.2	6.89%	1	2		2026-02-23T13:24:12.310000	Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-S
CVE-2026-2981	8.8	0.04%	2	0		2026-02-23T09:31:29	A vulnerability was found in UTT HiPER 810G up to 1.7.7-1711. The affected eleme
CVE-2026-1367	8.3	0.18%	1	0		2026-02-23T09:31:29	Zohocorp ManageEngine ADSelfService Plus versions 6522 and below are vulnerable
CVE-2026-2998	7.8	0.01%	2	0		2026-02-23T06:30:18	ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing au
CVE-2026-2962	8.8	0.03%	2	0		2026-02-23T03:30:27	A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects
CVE-2026-2961	8.8	0.03%	2	0		2026-02-23T03:30:22	A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the func
CVE-2026-2958	8.8	0.03%	2	0		2026-02-23T00:30:32	A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected
CVE-2026-2927	8.8	0.03%	2	0		2026-02-22T06:30:24	A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability af
CVE-2026-2925	8.8	0.03%	2	0		2026-02-22T06:30:24	A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this issue
CVE-2026-2910	8.8	0.08%	1	0		2026-02-22T06:30:24	A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown
CVE-2026-2906	8.8	0.08%	1	0		2026-02-22T03:30:34	A security flaw has been discovered in Tenda HG9 300001138. Affected is an unkno
CVE-2026-2909	8.8	0.08%	2	0		2026-02-22T03:30:33	A vulnerability was detected in Tenda HG9 300001138. This affects an unknown par
CVE-2026-2905	8.8	0.08%	1	0		2026-02-22T03:30:33	A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown f
CVE-2026-2884	8.8	0.03%	1	0		2026-02-21T21:30:33	A vulnerability was identified in D-Link DWR-M960 1.01.07. The affected element
CVE-2026-2885	8.8	0.03%	2	0		2026-02-21T21:30:32	A security flaw has been discovered in D-Link DWR-M960 1.01.07. The impacted ele
CVE-2026-2881	8.8	0.03%	1	0		2026-02-21T21:30:28	A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability af
CVE-2026-2882	8.8	0.03%	1	0		2026-02-21T21:30:27	A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the fun
CVE-2026-2877	8.8	0.07%	1	0		2026-02-21T21:30:27	A vulnerability has been found in Tenda A18 15.13.07.13. This affects the functi
CVE-2026-2873	8.8	0.08%	1	0		2026-02-21T18:31:22	A vulnerability was detected in Tenda A21 1.0.0.0. This issue affects the functi
CVE-2026-2872	8.8	0.08%	1	0		2026-02-21T18:31:22	A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerabil
CVE-2026-2870	8.8	0.08%	1	0		2026-02-21T15:31:37	A security flaw has been discovered in Tenda A21 1.0.0.0. Affected by this issue
CVE-2026-2635	9.8	1.17%	1	0		2026-02-21T00:31:55	MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnera
CVE-2026-2043	7.2	0.47%	2	0		2026-02-21T00:31:54	Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code E
CVE-2026-2033	8.1	10.53%	2	0		2026-02-21T00:31:54	MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Executio
CVE-2026-2036	8.8	0.79%	1	0		2026-02-21T00:31:54	GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution
CVE-2026-2034	7.8	0.04%	1	0		2026-02-21T00:31:54	Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vu
CVE-2026-0777	7.8	0.06%	2	0		2026-02-21T00:31:49	Xmind Attachment Insufficient UI Warning Remote Code Execution Vulnerability. Th
CVE-2026-2042	7.2	1.25%	3	0		2026-02-21T00:31:43	Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerabili
CVE-2026-27190	8.1	0.16%	1	0		2026-02-20T22:20:05	## Summary A command injection vulnerability exists in Deno's `node:child_proces
CVE-2026-22370	8.1	0.11%	1	0		2026-02-20T21:32:27	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-22383	7.5	0.04%	1	0		2026-02-20T21:31:23	Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes
CVE-2026-22380	8.1	0.11%	1	0		2026-02-20T21:31:23	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-22368	8.1	0.11%	1	0		2026-02-20T21:31:22	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-2329	9.8	0.19%	2	0		2026-02-20T20:57:50.360000	An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP
CVE-2026-22374	8.1	0.11%	1	0		2026-02-20T20:25:20.203000	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-22372	8.1	0.11%	1	0		2026-02-20T20:25:20.027000	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-22366	8.1	0.11%	1	0		2026-02-20T20:25:19.503000	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-22364	8.1	0.11%	1	0		2026-02-20T20:25:19.337000	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-22362	8.1	0.11%	1	0		2026-02-20T20:25:19.160000	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-22769	10.0	34.16%	1	0		2026-02-20T02:00:02.830000	Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a
CVE-2026-26030	10.0	0.08%	1	1		2026-02-19T19:34:15	### Impact: An RCE vulnerability has been identified in Microsoft Semantic Kerne
CVE-2026-0714	6.8	0.01%	1	0		2026-02-18T18:31:27	A physical attack vulnerability exists in certain Moxa industrial computers usin
CVE-2026-2533	7.3	2.14%	1	0		2026-02-18T17:52:22.253000	A flaw has been found in Tosei Self-service Washing Machine 4.02. Impacted is an
CVE-2026-2548	6.3	1.41%	1	0		2026-02-18T17:52:22.253000	A flaw has been found in WAYOS FBM-220G 24.10.19. This affects the function sub_
CVE-2026-2426	6.5	2.57%	1	0		2026-02-18T12:31:15	The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in a
CVE-2026-1731	9.8	52.96%	2	5	template	2026-02-17T15:31:33	BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote
CVE-2026-2544	7.3	2.14%	1	0		2026-02-16T09:30:36	A security flaw has been discovered in yued-fe LuLu UI up to 3.0.0. This issue a
CVE-2026-21513	8.8	4.12%	2	0		2026-02-10T21:31:29	Protection mechanism failure in MSHTML Framework allows an unauthorized attacker
CVE-2026-1281	9.8	57.41%	2	2		2026-01-30T13:28:18.610000	A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve
CVE-2026-1340	9.8	41.91%	2	2		2026-01-30T00:31:28	A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve
CVE-2025-12543	9.6	0.08%	1	0		2026-01-08T23:15:42.690000	A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBo
CVE-2025-67511	9.7	0.12%	2	0		2025-12-11T17:22:16	### Summary A command injection vulnerability is present in the function tool `
CVE-2023-46604	10.0	94.44%	2	33	template	2025-11-04T16:41:16.217000	The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. T
CVE-2025-59201	7.8	0.10%	2	0		2025-10-14T18:30:36	Improper access control in Network Connection Status Indicator (NCSI) allows an
CVE-2025-8277	3.1	0.05%	1	0		2025-09-09T12:30:49	A flaw was found in libssh's handling of key exchange (KEX) processes when a cli
CVE-2025-47943	6.3	0.05%	2	0		2025-07-30T17:45:41	### Summary A stored XSS is present in Gogs which allows client-side Javascript
CVE-2025-0037	6.6	0.03%	2	0		2025-06-10T00:30:36	In AMD Versal Adaptive SoC devices, the lack of address validation when executin
CVE-2025-47809	8.2	0.02%	1	0		2025-05-16T14:42:18.700000	Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately af
CVE-2025-25362	9.8	0.45%	2	0		2025-04-02T13:15:44.063000	A Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows
CVE-2023-31364	0	0.00%	2	0			N/A
CVE-2026-27202	0	0.06%	2	0			N/A
CVE-2025-67733	0	0.02%	2	1			N/A
CVE-2026-27623	0	0.06%	2	0			N/A
CVE-2026-27470	0	0.03%	1	1			N/A
CVE-2026-27452	0	0.04%	1	0			N/A
CVE-2026-27168	0	0.02%	3	0			N/A

CVE-2026-25131
(8.8 HIGH)

EPSS: 0.00%

updated 2026-02-25T02:16:22.967000

2 posts

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in the OpenEMR order types management system, allowing low-privilege users (such as Receptionist) to add and modify procedure types without proper authorization. This vulnerability is present in the /openemr/interface/orders/t

thehackerwire@mastodon.social at 2026-02-25T02:18:26.000Z ##

🟠 CVE-2026-25131 - High (8.8)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in the OpenEMR order types management system, allowing low-privilege user...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25131/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-25T02:18:26.000Z ##

🟠 CVE-2026-25131 - High (8.8)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in the OpenEMR order types management system, allowing low-privilege user...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25131/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24849
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-02-25T02:16:22.197000

2 posts

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the `disposeDocument()` method in `EtherFaxActions.php` allows authenticated users to read arbitrary files from the server filesystem. Any authenticated user (regardless of privilege level) can exploit this vulnerability to read sensitive files. Version 7.0.4 patches the

thehackerwire@mastodon.social at 2026-02-25T02:18:16.000Z ##

🔴 CVE-2026-24849 - Critical (9.9)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the `disposeDocument()` method in `EtherFaxActions.php` allows authenticated users to read arbitrary files from th...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24849/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-25T02:18:16.000Z ##

🔴 CVE-2026-24849 - Critical (9.9)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the `disposeDocument()` method in `EtherFaxActions.php` allows authenticated users to read arbitrary files from th...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24849/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69231
(8.7 HIGH)

EPSS: 0.00%

updated 2026-02-25T02:16:21.707000

2 posts

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript that executes when other users view the form. This enables session hijacking, account takeover, and privil

thehackerwire@mastodon.social at 2026-02-25T02:22:31.000Z ##

🟠 CVE-2025-69231 - High (8.7)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clini...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69231/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-25T02:22:31.000Z ##

🟠 CVE-2025-69231 - High (8.7)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clini...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69231/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-67752
(8.1 HIGH)

EPSS: 0.00%

updated 2026-02-25T02:16:21.377000

2 posts

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper (`oeHttp`/`oeHttpRequest`) disables SSL/TLS certificate verification by default (`verify: false`), making all external HTTPS connections vulnerable to man-in-the-middle (MITM) attacks. This affects communication with government healthcare AP

thehackerwire@mastodon.social at 2026-02-25T02:18:36.000Z ##

🟠 CVE-2025-67752 - High (8.1)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper (`oeHttp`/`oeHttpRequest`) disables SSL/TLS certificate verification by default (`verify...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67752/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-25T02:18:36.000Z ##

🟠 CVE-2025-67752 - High (8.1)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper (`oeHttp`/`oeHttpRequest`) disables SSL/TLS certificate verification by default (`verify...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67752/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0797
(7.8 HIGH)

EPSS: 0.06%

updated 2026-02-25T00:31:22

2 posts

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICO files. The issue results f

thehackerwire@mastodon.social at 2026-02-21T00:25:09.000Z ##

🟠 CVE-2026-0797 - High (7.8)

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerabilit...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0797/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-21T00:17:33.000Z ##

🟠 CVE-2026-0797 - High (7.8)

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerabilit...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0797/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27593
(9.3 CRITICAL)

EPSS: 0.00%

updated 2026-02-24T22:39:03.967000

6 posts

Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 6.3.3 and 5.73.10, an attacker may leverage a vulnerability in the password reset feature to capture a user's token and reset the password on their behalf. The attacker must know the email address of a valid account on the site, and the actual user must blindly click the link in their email even though they d

valorin@phpc.social at 2026-02-25T00:36:30.000Z ##

PSA for Statamic folks - update your sites ASAP! ⚠️

A CRITICAL vuln was discovered that allows full account takeover via password resets! 😱

All the details: https://cvereports.com/reports/CVE-2026-27593 #Laravel

##

offseq at 2026-02-24T23:00:29.531Z ##

🚨 Statamic CMS CRITICAL vuln (CVE-2026-27593): Weak password reset lets attackers hijack accounts if users click a malicious link. Patch to 6.3.3/5.73.10+, educate users, enable MFA. Details: https://radar.offseq.com/threat/cve-2026-27593-cwe-640-weak-password-recovery-mech-d0c0ac0e #OffSeq #Statamic #CVE202627593 #infosec

##

thehackerwire@mastodon.social at 2026-02-24T22:17:21.000Z ##

🔴 CVE-2026-27593 - Critical (9.3)

Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 6.3.3 and 5.73.10, an attacker may leverage a vulnerability in the password reset feature to capture a user's token and reset the password on their behalf. T...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27593/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

valorin@phpc.social at 2026-02-25T00:36:30.000Z ##

PSA for Statamic folks - update your sites ASAP! ⚠️

A CRITICAL vuln was discovered that allows full account takeover via password resets! 😱

All the details: https://cvereports.com/reports/CVE-2026-27593 #Laravel

##

offseq@infosec.exchange at 2026-02-24T23:00:29.000Z ##

🚨 Statamic CMS CRITICAL vuln (CVE-2026-27593): Weak password reset lets attackers hijack accounts if users click a malicious link. Patch to 6.3.3/5.73.10+, educate users, enable MFA. Details: https://radar.offseq.com/threat/cve-2026-27593-cwe-640-weak-password-recovery-mech-d0c0ac0e #OffSeq #Statamic #CVE202627593 #infosec

##

thehackerwire@mastodon.social at 2026-02-24T22:17:21.000Z ##

🔴 CVE-2026-27593 - Critical (9.3)

Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 6.3.3 and 5.73.10, an attacker may leverage a vulnerability in the password reset feature to capture a user's token and reset the password on their behalf. T...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27593/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25899
(7.5 HIGH)

EPSS: 0.00%

updated 2026-02-24T22:39:03.967000

2 posts

Fiber is an Express inspired web framework written in Go. In versions on the v3 branch prior to 3.1.0, the use of the `fiber_flash` cookie can force an unbounded allocation on any server. A crafted 10-character cookie value triggers an attempt to allocate up to 85GB of memory via unvalidated msgpack deserialization. No authentication is required. Every GoFiber v3 endpoint is affected regardless of

thehackerwire@mastodon.social at 2026-02-24T22:17:38.000Z ##

🟠 CVE-2026-25899 - High (7.5)

Fiber is an Express inspired web framework written in Go. In versions on the v3 branch prior to 3.1.0, the use of the `fiber_flash` cookie can force an unbounded allocation on any server. A crafted 10-character cookie value triggers an attempt to ...

updated 2026-02-24T21:52:01.367000

4 posts

InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.

offseq at 2026-02-25T00:00:42.090Z ##

🚨 CRITICAL SQL Injection (CVE-2026-21410) affects all InSAT MasterSCADA BUK-TS versions. Unauthenticated RCE possible — industrial ops at risk. Restrict access & monitor until patched. Details: https://radar.offseq.com/threat/cve-2026-21410-cwe-89-in-insat-masterscada-buk-ts-10cd43d6 #OffSeq #ICS #SCADA #Vulnerability

##

thehackerwire@mastodon.social at 2026-02-24T21:28:48.000Z ##

🔴 CVE-2026-21410 - Critical (9.8)

InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21410/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-02-25T00:00:42.000Z ##

🚨 CRITICAL SQL Injection (CVE-2026-21410) affects all InSAT MasterSCADA BUK-TS versions. Unauthenticated RCE possible — industrial ops at risk. Restrict access & monitor until patched. Details: https://radar.offseq.com/threat/cve-2026-21410-cwe-89-in-insat-masterscada-buk-ts-10cd43d6 #OffSeq #ICS #SCADA #Vulnerability

##

thehackerwire@mastodon.social at 2026-02-24T21:28:48.000Z ##

🔴 CVE-2026-21410 - Critical (9.8)

InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21410/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22553
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-02-24T21:52:01.367000

4 posts

All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in its MMadmServ web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.

offseq at 2026-02-24T21:30:31.796Z ##

🚨 CVE-2026-22553: CRITICAL OS command injection in InSAT MasterSCADA BUK-TS (all versions) via MMadmServ web interface. Unauthenticated RCE risk — no patch yet. Isolate, monitor, and apply WAF mitigations. https://radar.offseq.com/threat/cve-2026-22553-cwe-78-in-insat-masterscada-buk-ts-da2080e7 #OffSeq #ICS #SCADA #Infosec

##

thehackerwire@mastodon.social at 2026-02-24T21:28:39.000Z ##

🔴 CVE-2026-22553 - Critical (9.8)

All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in its MMadmServ web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22553/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-02-24T21:30:31.000Z ##

🚨 CVE-2026-22553: CRITICAL OS command injection in InSAT MasterSCADA BUK-TS (all versions) via MMadmServ web interface. Unauthenticated RCE risk — no patch yet. Isolate, monitor, and apply WAF mitigations. https://radar.offseq.com/threat/cve-2026-22553-cwe-78-in-insat-masterscada-buk-ts-da2080e7 #OffSeq #ICS #SCADA #Infosec

##

thehackerwire@mastodon.social at 2026-02-24T21:28:39.000Z ##

🔴 CVE-2026-22553 - Critical (9.8)

All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in its MMadmServ web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22553/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-33180
(8.0 HIGH)

EPSS: 0.00%

updated 2026-02-24T21:52:01.367000

6 posts

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A successful exploit of this vulnerability might lead to escalation of privileges.

thehackerwire@mastodon.social at 2026-02-24T20:29:12.000Z ##

🟠 CVE-2025-33180 - High (8)

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A successful exploit of this vulnerability might lead to escalation of privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-33180/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T20:28:52.000Z ##

🟠 CVE-2025-33180 - High (8)

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A successful exploit of this vulnerability might lead to escalation of privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-33180/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

AAKL at 2026-02-24T17:04:48.489Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

thehackerwire@mastodon.social at 2026-02-24T20:29:12.000Z ##

🟠 CVE-2025-33180 - High (8)

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A successful exploit of this vulnerability might lead to escalation of privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-33180/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T20:28:52.000Z ##

🟠 CVE-2025-33180 - High (8)

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A successful exploit of this vulnerability might lead to escalation of privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-33180/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

AAKL@infosec.exchange at 2026-02-24T17:04:48.000Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

CVE-2026-3105
(7.6 HIGH)

EPSS: 0.00%

updated 2026-02-24T21:52:01.367000

2 posts

SummaryThis advisory addresses a SQL injection vulnerability in the API endpoint used for retrieving contact activities. A vulnerability exists in the query construction for the Contact Activity timeline where the parameter responsible for determining the sort direction was not strictly validated against an allowlist, potentially allowing authenticated users to inject arbitrary SQL commands via th

thehackerwire@mastodon.social at 2026-02-24T20:29:04.000Z ##

🟠 CVE-2026-3105 - High (7.6)

SummaryThis advisory addresses a SQL injection vulnerability in the API endpoint used for retrieving contact activities. A vulnerability exists in the query construction for the Contact Activity timeline where the parameter responsible for determi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3105/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T20:29:04.000Z ##

🟠 CVE-2026-3105 - High (7.6)

SummaryThis advisory addresses a SQL injection vulnerability in the API endpoint used for retrieving contact activities. A vulnerability exists in the query construction for the Contact Activity timeline where the parameter responsible for determi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3105/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-33179
(8.0 HIGH)

EPSS: 0.00%

updated 2026-02-24T21:52:01.367000

4 posts

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could run an unauthorized command. A successful exploit of this vulnerability might lead to escalation of privileges.

thehackerwire@mastodon.social at 2026-02-24T20:28:42.000Z ##

🟠 CVE-2025-33179 - High (8)

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could run an unauthorized command. A successful exploit of this vulnerability might lead to escalation of privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-33179/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

AAKL at 2026-02-24T17:04:48.489Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

thehackerwire@mastodon.social at 2026-02-24T20:28:42.000Z ##

🟠 CVE-2025-33179 - High (8)

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could run an unauthorized command. A successful exploit of this vulnerability might lead to escalation of privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-33179/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

AAKL@infosec.exchange at 2026-02-24T17:04:48.000Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

CVE-2026-24241
(4.3 MEDIUM)

EPSS: 0.00%

updated 2026-02-24T21:52:01.367000

2 posts

NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker could exploit an improper authentication issue. A successful exploit of this vulnerability might lead to information disclosure.

AAKL at 2026-02-24T17:04:48.489Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

AAKL@infosec.exchange at 2026-02-24T17:04:48.000Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

CVE-2026-27519
(7.5 HIGH)

EPSS: 0.00%

updated 2026-02-24T21:52:01.367000

2 posts

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections.

thehackerwire@mastodon.social at 2026-02-24T16:31:51.000Z ##

🟠 CVE-2026-27519 - High (7.5)

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confident...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27519/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T16:31:51.000Z ##

🟠 CVE-2026-27519 - High (7.5)

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confident...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27519/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2769
(8.8 HIGH)

EPSS: 0.00%

updated 2026-02-24T21:52:01.367000

2 posts

Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

thehackerwire@mastodon.social at 2026-02-24T15:57:37.000Z ##

🟠 CVE-2026-2769 - High (8.8)

Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2769/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T15:57:37.000Z ##

🟠 CVE-2026-2769 - High (8.8)

Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, and Firefox ESR < 140.8.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2769/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27208
(9.2 CRITICAL)

EPSS: 0.00%

updated 2026-02-24T21:52:01.367000

2 posts

bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an attack chain involving OS Command Injection and Privilege Escalation. This allows an attacker to execute arbitrary commands with root privileges within the container, potentially leading to a container escape and unauthorized infrastructure modifications. This is fixed in version 1.0.1 by implementi

thehackerwire@mastodon.social at 2026-02-24T15:57:28.000Z ##

🔴 CVE-2026-27208 - Critical (9.2)

bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an attack chain involving OS Command Injection and Privilege Escalation. This allows an attacker to execute arbitrary commands with root privileges wi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27208/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T15:57:28.000Z ##

🔴 CVE-2026-27208 - Critical (9.2)

bleon-ethical/api-gateway-deploy provides API gateway deployment. Version 1.0.0 is vulnerable to an attack chain involving OS Command Injection and Privilege Escalation. This allows an attacker to execute arbitrary commands with root privileges wi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27208/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2038
(9.8 CRITICAL)

EPSS: 0.42%

updated 2026-02-24T21:43:04.817000

2 posts

GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MArc.Core.Remoting.exe process, which listens on port 8017. The issue results from the

thehackerwire@mastodon.social at 2026-02-24T22:02:17.000Z ##

🔴 CVE-2026-2038 - Critical (9.8)

GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this vulnera...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2038/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T22:02:17.000Z ##

🔴 CVE-2026-2038 - Critical (9.8)

GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this vulnera...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2038/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2039
(9.8 CRITICAL)

EPSS: 0.42%

updated 2026-02-24T21:42:14.183000

2 posts

GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the MArc.Store.Remoting.exe process, which listens on port 8018. The issue results from th

thehackerwire@mastodon.social at 2026-02-24T22:02:26.000Z ##

🔴 CVE-2026-2039 - Critical (9.8)

GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this vulner...

updated 2026-02-24T21:39:12.990000

3 posts

A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. The manipulation of the argument boundary leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

offseq at 2026-02-24T10:30:31.008Z ##

🚨 CVE-2026-3044: HIGH severity stack buffer overflow in Tenda AC8 (16.03.34.06) — remote exploit published! Restrict /cgi-bin/UploadCfg, monitor traffic, and disable remote mgmt. Await patches or consider device replacement. https://radar.offseq.com/threat/cve-2026-3044-stack-based-buffer-overflow-in-tenda-c3428cc0 #OffSeq #Vuln #Tenda

##

offseq@infosec.exchange at 2026-02-24T10:30:31.000Z ##

🚨 CVE-2026-3044: HIGH severity stack buffer overflow in Tenda AC8 (16.03.34.06) — remote exploit published! Restrict /cgi-bin/UploadCfg, monitor traffic, and disable remote mgmt. Await patches or consider device replacement. https://radar.offseq.com/threat/cve-2026-3044-stack-based-buffer-overflow-in-tenda-c3428cc0 #OffSeq #Vuln #Tenda

##

thehackerwire@mastodon.social at 2026-02-24T00:17:14.000Z ##

🟠 CVE-2026-3044 - High (8.8)

A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. The manipulation of the argument boundary leads to stack-based buffer overflow. I...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3044/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25108
(8.8 HIGH)

EPSS: 0.33%

updated 2026-02-24T21:38:18.607000

6 posts

FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command.

secdb at 2026-02-24T22:00:18.502Z ##

🚨 [CISA-2026:0224] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0224)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-25108 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- Name: Soliton Systems K.K FileZen OS Command Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Soliton Systems K.K
- Product: FileZen
- Notes: https://jvn.jp/en/jp/JVN84622767/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-25108

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260224 #cisa20260224 #cve_2026_25108 #cve202625108

##

cisakevtracker@mastodon.social at 2026-02-24T19:00:52.000Z ##

CVE ID: CVE-2026-25108
Vendor: Soliton Systems K.K
Product: FileZen
Date Added: 2026-02-24
Notes: https://jvn.jp/en/jp/JVN84622767/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-25108
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-25108

##

AAKL at 2026-02-24T18:20:53.042Z ##

CISA has updated the KEV catalogue.

- CVE-2026-25108: Soliton Systems K.K FileZen OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-25108

- Three industrial advisories: https://www.cisa.gov/ #CISA #infosec #vulnerability

##

secdb@infosec.exchange at 2026-02-24T22:00:18.000Z ##

🚨 [CISA-2026:0224] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0224)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-25108 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- Name: Soliton Systems K.K FileZen OS Command Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Soliton Systems K.K
- Product: FileZen
- Notes: https://jvn.jp/en/jp/JVN84622767/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-25108

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260224 #cisa20260224 #cve_2026_25108 #cve202625108

##

cisakevtracker@mastodon.social at 2026-02-24T19:00:52.000Z ##

CVE ID: CVE-2026-25108
Vendor: Soliton Systems K.K
Product: FileZen
Date Added: 2026-02-24
Notes: https://jvn.jp/en/jp/JVN84622767/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-25108
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-25108

##

AAKL@infosec.exchange at 2026-02-24T18:20:53.000Z ##

CISA has updated the KEV catalogue.

- CVE-2026-25108: Soliton Systems K.K FileZen OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-25108

- Three industrial advisories: https://www.cisa.gov/ #CISA #infosec #vulnerability

##

CVE-2026-22765
(8.8 HIGH)

EPSS: 0.00%

updated 2026-02-24T21:31:50

2 posts

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges.

thehackerwire@mastodon.social at 2026-02-24T20:28:32.000Z ##

🟠 CVE-2026-22765 - High (8.8)

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22765/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T20:28:32.000Z ##

🟠 CVE-2026-22765 - High (8.8)

Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22765/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-33181
(7.3 HIGH)

EPSS: 0.00%

updated 2026-02-24T21:31:50

2 posts

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A successful exploit of this vulnerability might lead to escalation of privileges.

AAKL at 2026-02-24T17:04:48.489Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

AAKL@infosec.exchange at 2026-02-24T17:04:48.000Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

CVE-2026-2798
(8.8 HIGH)

EPSS: 0.00%

updated 2026-02-24T21:31:46

2 posts

Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148.

thehackerwire@mastodon.social at 2026-02-24T20:10:22.000Z ##

🟠 CVE-2026-2798 - High (8.8)

updated 2026-02-24T20:07:59

2 posts

### Summary There is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote command execution. ### Details The vulnerability exists in the "Upload File" module, which corresponds to the API endpoint /api/files. The affected code is located at mindsdb/api/http/namespaces/file.py: ```python @ns_conf.route("/<name>") @ns_conf

thehackerwire@mastodon.social at 2026-02-24T15:57:18.000Z ##

🟠 CVE-2026-27483 - High (8.8)

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.9.1.1, there is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote co...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27483/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T15:57:18.000Z ##

🟠 CVE-2026-27483 - High (8.8)

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.9.1.1, there is a path traversal vulnerability in Mindsdb's /api/files interface, which an authenticated attacker can exploit to achieve remote co...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27483/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2980
(7.2 HIGH)

EPSS: 0.04%

updated 2026-02-24T20:04:10.060000

1 posts

A vulnerability has been found in UTT HiPER 810G up to 1.7.7-1711. Impacted is the function strcpy of the file /goform/setSysAdm. The manipulation of the argument passwd1 leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

offseq@infosec.exchange at 2026-02-23T09:00:30.000Z ##

⚠️ HIGH severity buffer overflow in UTT HiPER 810G (≤1.7.7-1711) — remote exploitation possible via passwd1 in /goform/setSysAdm. Exploit is public. Monitor devices & restrict access until patch available. CVE-2026-2980 https://radar.offseq.com/threat/cve-2026-2980-buffer-overflow-in-utt-hiper-810g-30621ae4 #OffSeq #Vuln #Infosec

##

CVE-2026-23693
(10.0 CRITICAL)

EPSS: 0.15%

updated 2026-02-24T19:21:41.843000

3 posts

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor (elementskit-lite) WordPress plugin versions prior to 3.7.9 expose the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe without authentication. The endpoint accepts client-supplied Mailchimp API credentials and insufficiently validates certain parameters, including the list parameter, when constructing

Matchbook3469@mastodon.social at 2026-02-24T11:05:46.000Z ##

🔴 New security advisory:

CVE-2026-23693 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
https://yazoul.net/advisory/cve/cve-2026-23693

#Cybersecurity #VulnerabilityManagement #CyberSec

##

offseq@infosec.exchange at 2026-02-24T01:30:31.000Z ##

⚠️ CVE-2026-23693 (CRITICAL, CVSS 9.3) in ElementsKit Lite <3.7.9 exposes a Mailchimp REST endpoint to unauth’d abuse — risking API quota exhaustion & data manipulation. Patch ASAP & block /wp-json/elementskit/v1/widget/mailchimp/subscribe. https://radar.offseq.com/threat/cve-2026-23693-cwe-306-missing-authentication-for--873ad830 #OffSeq #WordPress #Vuln

##

thehackerwire@mastodon.social at 2026-02-23T21:21:38.000Z ##

🔴 CVE-2026-23693 - Critical (10)

ElementsKit Lite (elementskit-lite) WordPress plugin versions prior to 3.7.9 expose the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe without authentication. The endpoint accepts client-supplied Mailchimp API credentials and ins...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23693/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25989
(7.5 HIGH)

EPSS: 0.04%

updated 2026-02-24T18:43:16.560000

1 posts

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one boundary check (`>` instead of `>=`) that allows bypass the guard and reach an undefined `(size_t)` cast. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

thehackerwire@mastodon.social at 2026-02-24T04:00:50.000Z ##

🟠 CVE-2026-25989 - High (7.5)

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one boundary check (`>` instead of `>=`) that allo...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25989/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15386
(8.8 HIGH)

EPSS: 0.03%

updated 2026-02-24T18:32:04

2 posts

The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved.

thehackerwire@mastodon.social at 2026-02-24T17:41:10.000Z ##

🟠 CVE-2025-15386 - High (8.8)

The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments ar...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15386/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T17:41:10.000Z ##

🟠 CVE-2025-15386 - High (8.8)

The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments ar...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15386/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27515
(9.1 CRITICAL)

EPSS: 0.00%

updated 2026-02-24T18:31:09

2 posts

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session IDs and hijack authenticated sessions.

thehackerwire@mastodon.social at 2026-02-24T16:37:43.000Z ##

🔴 CVE-2026-27515 - Critical (9.1)

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session IDs and hijack authenticated sessions.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27515/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T16:37:43.000Z ##

🔴 CVE-2026-27515 - Critical (9.1)

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session IDs and hijack authenticated sessions.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27515/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23678
(8.8 HIGH)

EPSS: 0.00%

updated 2026-02-24T18:31:09

2 posts

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerability in the traceroute diagnostic function of the affected device web management interface. By injecting the %1a character into the hostname parameter, an authenticated attacker with access to the web interface can execute arbitrary CLI commands on the device.

thehackerwire@mastodon.social at 2026-02-24T16:37:23.000Z ##

🟠 CVE-2026-23678 - High (8.8)

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerability in the traceroute diagnostic function of the affected device web management interface. By injecting the character into the ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23678/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T16:37:23.000Z ##

🟠 CVE-2026-23678 - High (8.8)

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerability in the traceroute diagnostic function of the affected device web management interface. By injecting the character into the ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23678/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27520
(7.5 HIGH)

EPSS: 0.00%

updated 2026-02-24T18:31:09

2 posts

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentiality, an attacker who can access the cookie value can recover the plaintext password.

thehackerwire@mastodon.social at 2026-02-24T16:32:02.000Z ##

🟠 CVE-2026-27520 - High (7.5)

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentialit...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27520/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T16:32:02.000Z ##

🟠 CVE-2026-27520 - High (7.5)

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentialit...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27520/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27507
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-02-24T18:31:08

2 posts

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device.

1 repos

https://github.com/RootAid/CVE-2026-27507

thehackerwire@mastodon.social at 2026-02-24T16:37:33.000Z ##

🔴 CVE-2026-27507 - Critical (9.8)

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27507/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T16:37:33.000Z ##

🔴 CVE-2026-27507 - Critical (9.8)

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27507/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27516
(8.1 HIGH)

EPSS: 0.00%

updated 2026-02-24T18:31:08

2 posts

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user passwords in plaintext within the administrative interface and HTTP responses, allowing recovery of valid credentials.

thehackerwire@mastodon.social at 2026-02-24T16:31:39.000Z ##

🟠 CVE-2026-27516 - High (8.1)

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user passwords in plaintext within the administrative interface and HTTP responses, allowing recovery of valid credentials.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27516/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T16:31:39.000Z ##

🟠 CVE-2026-27516 - High (8.1)

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user passwords in plaintext within the administrative interface and HTTP responses, allowing recovery of valid credentials.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27516/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2904
(8.8 HIGH)

EPSS: 0.04%

updated 2026-02-24T18:31:01

2 posts

A vulnerability was determined in UTT HiPER 810G 1.7.7-171114. This affects the function strcpy of the file /goform/ConfigExceptAli. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

offseq@infosec.exchange at 2026-02-22T01:30:28.000Z ##

⚠️ CVE-2026-2904 (HIGH): Buffer overflow in UTT HiPER 810G v1.7.7-171114 via /goform/ConfigExceptAli. Remote, unauthenticated RCE/DoS risk. Public exploit code available — restrict access & monitor. https://radar.offseq.com/threat/cve-2026-2904-buffer-overflow-in-utt-hiper-810g-b0bb6f4a #OffSeq #Vulnerability #NetworkSecurity

##

thehackerwire@mastodon.social at 2026-02-22T01:20:04.000Z ##

🟠 CVE-2026-2904 - High (8.8)

A vulnerability was determined in UTT HiPER 810G 1.7.7-171114. This affects the function strcpy of the file /goform/ConfigExceptAli. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been pu...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2904/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T17:41:21.000Z ##

🔴 CVE-2026-27211 - Critical (10)

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration (constrained by process privileges) when using virtio-block devices backed by raw images. A malicious g...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27211/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25802
(7.6 HIGH)

EPSS: 0.03%

updated 2026-02-24T16:08:21

2 posts

### Summary A potential unsafe operation occurs in component `MarkdownRenderer.jsx`, allowing for Cross-Site Scripting(XSS) when the model outputs items containing `<script>` tag. ### Details Line 212-231 of `MarkdownRenderer.jsx` is unsafe, it use dangerouslySetInnerHTML to preview html the model generates. This can trigger malcious scripts. ### PoC A simple way to exploit that is to ask the

offseq@infosec.exchange at 2026-02-24T03:00:29.000Z ##

🛡️ HIGH-severity XSS (CVE-2026-25802) in QuantumNous new-api (<0.10.8-alpha.9): Unsafe MarkdownRenderer.jsx allows script injection with user interaction. Upgrade ASAP & implement CSP! https://radar.offseq.com/threat/cve-2026-25802-cwe-79-improper-neutralization-of-i-48d25c61 #OffSeq #XSS #InfoSec #AIsecurity

##

thehackerwire@mastodon.social at 2026-02-24T01:19:11.000Z ##

🟠 CVE-2026-25802 - High (7.6)

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component `MarkdownRenderer.jsx`, allowing for Cross-Site Scripting(XS...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25802/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25591(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-02-24T16:08:14

2 posts

### Summary A SQL LIKE wildcard injection vulnerability in the `/api/token/search` endpoint allows authenticated users to cause Denial of Service through resource exhaustion by crafting malicious search patterns. ### Details The token search endpoint accepts user-supplied `keyword` and `token` parameters that are directly concatenated into SQL LIKE clauses without escaping wildcard characters (`%

offseq at 2026-02-24T09:00:28.169Z ##

🚨 CVE-2026-25591 (HIGH): QuantumNous new-api <0.10.8-alpha.10 vulnerable to SQL LIKE wildcard injection in /api/token/search. Auth users can cause DoS via crafted search patterns. Patch ASAP! https://radar.offseq.com/threat/cve-2026-25591-cwe-943-improper-neutralization-of--2ce4358a #OffSeq #Infosec #SQLInjection #Vulnerability

##

offseq@infosec.exchange at 2026-02-24T09:00:28.000Z ##

🚨 CVE-2026-25591 (HIGH): QuantumNous new-api <0.10.8-alpha.10 vulnerable to SQL LIKE wildcard injection in /api/token/search. Auth users can cause DoS via crafted search patterns. Patch ASAP! https://radar.offseq.com/threat/cve-2026-25591-cwe-943-improper-neutralization-of--2ce4358a #OffSeq #Infosec #SQLInjection #Vulnerability

##

CVE-2026-27574
(10.0 CRITICAL)

EPSS: 0.05%

updated 2026-02-24T16:00:57

1 posts

updated 2026-02-24T15:16:56.670000

3 posts

Swiper is a free and mobile touch slider with hardware accelerated transitions and native behavior. Versions 6.5.1 through 12.1.1 have a Prototype pollution vulnerability. The vulnerability resides in line 94 of shared/utils.mjs, where the indexOf() function is used to check whether user provided input contain forbidden strings. Despite a previous fix that attempted to mitigate prototype pollution

thehackerwire@mastodon.social at 2026-02-24T16:06:57.000Z ##

🟠 CVE-2026-27212 - High (7.8)

Swiper is a free and mobile touch slider with hardware accelerated transitions and native behavior. Versions 6.5.1 through 12.1.1 have a Prototype pollution vulnerability. The vulnerability resides in line 94 of shared/utils.mjs, where the indexOf...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27212/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T16:06:57.000Z ##

🟠 CVE-2026-27212 - High (7.8)

Swiper is a free and mobile touch slider with hardware accelerated transitions and native behavior. Versions 6.5.1 through 12.1.1 have a Prototype pollution vulnerability. The vulnerability resides in line 94 of shared/utils.mjs, where the indexOf...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27212/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-02-21T10:30:30.000Z ##

🚨 CRITICAL: CVE-2026-27212 in nolimits4web swiper (6.5.1 – 12.1.1) enables prototype pollution, risking auth bypass, DoS, & RCE. Affects Node & Bun, Windows & Linux. Upgrade to 12.1.2 now! https://radar.offseq.com/threat/cve-2026-27212-cwe-1321-improperly-controlled-modi-35374c82 #OffSeq #CVE202627212 #AppSec #JavaScript

##

CVE-2026-27471
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-02-24T14:52:50.073000

3 posts

ERP is a free and open source Enterprise Resource Planning tool. In versions up to 15.98.0 and 16.0.0-rc.1 and through 16.6.0, certain endpoints lacked access validation which allowed for unauthorized document access. This issue has been fixed in versions 15.98.1 and 16.6.1.

thehackerwire@mastodon.social at 2026-02-24T16:06:47.000Z ##

🔴 CVE-2026-27471 - Critical (9.1)

ERP is a free and open source Enterprise Resource Planning tool. In versions up to 15.98.0 and 16.0.0-rc.1 and through 16.6.0, certain endpoints lacked access validation which allowed for unauthorized document access. This issue has been fixed in ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27471/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T16:06:47.000Z ##

🔴 CVE-2026-27471 - Critical (9.1)

ERP is a free and open source Enterprise Resource Planning tool. In versions up to 15.98.0 and 16.0.0-rc.1 and through 16.6.0, certain endpoints lacked access validation which allowed for unauthorized document access. This issue has been fixed in ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27471/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-02-21T09:00:27.000Z ##

🚨 CRITICAL: CVE-2026-27471 in ERPNext (≤15.98.0, 16.0.0-rc.1 – 16.6.0) lets unauth attackers access sensitive docs via missing API auth. Upgrade to 15.98.1/16.6.1+ & restrict access now. https://radar.offseq.com/threat/cve-2026-27471-cwe-862-missing-authorization-in-fr-0d95cb60 #OffSeq #ERPNext #CVE202627471 #Infosec

##

CVE-2026-27479
(7.7 HIGH)

EPSS: 0.03%

updated 2026-02-24T14:47:06.290000

1 posts

Wallos is an open-source, self-hostable personal subscription tracker. Versions 4.6.0 and below contain a Server-Side Request Forgery (SSRF) vulnerability in the subscription and payment logo/icon upload functionality. The application validates the IP address of the provided URL before making the request, but allows HTTP redirects (CURLOPT_FOLLOWLOCATION = true), enabling an attacker to bypass the

thehackerwire@mastodon.social at 2026-02-21T09:16:50.000Z ##

🟠 CVE-2026-27479 - High (7.7)

Wallos is an open-source, self-hostable personal subscription tracker. Versions 4.6.0 and below contain a Server-Side Request Forgery (SSRF) vulnerability in the subscription and payment logo/icon upload functionality. The application validates th...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27479/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27127
(0 None)

EPSS: 0.01%

updated 2026-02-24T14:13:49.320000

1 posts

Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation performs DNS resolution separately from the HTTP request. This Time-of-Check-Time-of-Use (TOCTOU) vulnerability enables DNS rebinding attacks, where an attacker’s DNS server returns different IP addresses for validation compared t

offseq@infosec.exchange at 2026-02-24T07:30:32.000Z ##

🔍 HIGH severity: CVE-2026-27127 in Craft CMS (4.5.0-RC1 – 4.16.18, 5.0.0-RC1 – 5.8.22) enables DNS rebinding via TOCTOU in GraphQL Asset mutation. Patch to 4.16.19/5.8.23+ & review GraphQL permissions. https://radar.offseq.com/threat/cve-2026-27127-cwe-367-time-of-check-time-of-use-t-5842a733 #OffSeq #CraftCMS #SSRF #Vuln

##

CVE-2026-26198
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-02-24T14:13:49.320000

2 posts

Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when performing aggregate queries, Ormar ORM constructs SQL expressions by passing user-supplied column names directly into `sqlalchemy.text()` without any validation or sanitization. The `min()` and `max()` methods in the `QuerySet` class accept arbitrary string input as the column parameter. While `sum()` and `avg()` are par

1 repos

https://github.com/blackhatlegend/CVE-2026-26198

offseq@infosec.exchange at 2026-02-24T04:30:28.000Z ##

🛡️ CVE-2026-26198: CRITICAL SQLi in Ormar Python ORM (0.9.9 – 0.22.0). min() & max() allow injection — no auth needed! Patch with v0.23.0+. Audit & monitor now. Details: https://radar.offseq.com/threat/cve-2026-26198-cwe-89-improper-neutralization-of-s-7460e41f #OffSeq #SQLInjection #Python

##

thehackerwire@mastodon.social at 2026-02-24T04:00:03.000Z ##

🔴 CVE-2026-26198 - Critical (9.8)

Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when performing aggregate queries, Ormar ORM constructs SQL expressions by passing user-supplied column names directly into `sqlalchemy.text()` without any validation or sanit...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26198/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-13943
(8.8 HIGH)

EPSS: 0.32%

updated 2026-02-24T14:13:49.320000

2 posts

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

thehackerwire@mastodon.social at 2026-02-24T04:09:35.000Z ##

🟠 CVE-2025-13943 - High (8.8)

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13943/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T04:00:46.000Z ##

🟠 CVE-2025-13943 - High (8.8)

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13943/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26331
(8.8 HIGH)

EPSS: 0.12%

updated 2026-02-24T14:13:49.320000

1 posts

updated 2026-02-24T14:13:49.320000

2 posts

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus port can send an invalid packet that may cause an out bound read, which might result in the system crashing. The Valkey clusterbus packet processing code does not validate that a clusterbus ping extension packet is located within buffer of the cluste

thehackerwire@mastodon.social at 2026-02-23T20:32:44.000Z ##

🟠 CVE-2026-21863 - High (7.5)

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus port can send an invalid packet that may cause an out bound read, which might result in the syste...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21863/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-23T20:30:46.000Z ##

🟠 CVE-2026-21863 - High (7.5)

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus port can send an invalid packet that may cause an out bound read, which might result in the syste...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21863/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2041
(8.8 HIGH)

EPSS: 1.25%

updated 2026-02-24T13:18:09.610000

3 posts

Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists within the zabbixagent_configwizard_func method. The issue results from the lack of proper validation of a u

thehackerwire@mastodon.social at 2026-02-24T18:13:28.000Z ##

🟠 CVE-2026-2041 - High (8.8)

Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit t...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2041/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T18:13:28.000Z ##

🟠 CVE-2026-2041 - High (8.8)

Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit t...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2041/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

secdb@infosec.exchange at 2026-02-23T00:00:58.000Z ##

📈 CVE Published in last 7 days (2026-02-16 - 2026-02-23)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1338

Severity:
- Critical: 74
- High: 301
- Medium: 602
- Low: 33
- None: 328

Status:
- : 9
- Analyzed: 277
- Awaiting Analysis: 747
- Modified: 3
- Received: 170
- Rejected: 40
- Undergoing Analysis: 92

Top CNAs:
- Patchstack: 334
- GitHub, Inc.: 170
- VulDB: 164
- Wordfence: 148
- VulnCheck: 145
- MITRE: 53
- kernel.org: 33
- IBM Corporation: 33
- Fortinet, Inc.: 25
- Zero Day Initiative: 20

Top Affected Products:
- UNKNOWN: 1037
- Comodo Dome Firewall: 29
- Gfi Mailessentials: 18
- Smoothwall Express: 17
- Openclaw: 16
- Invoiceplane: 11
- Spip: 10
- Nvidia Nemo: 10
- Mjdm Majordomo: 8
- Ibm Concert: 7

##

CVE-2026-27161
(7.5 HIGH)

EPSS: 0.07%

updated 2026-02-24T13:10:07.530000

2 posts

GetSimple CMS is a content management system. All versions of GetSimple CMS rely on .htaccess files to restrict access to sensitive directories such as /data/ and /backups/. If Apache AllowOverride is disabled (common in hardened or shared hosting environments), these protections are silently ignored, allowing unauthenticated attackers to list and download sensitive files including authorization.x

thehackerwire@mastodon.social at 2026-02-24T17:41:31.000Z ##

🟠 CVE-2026-27161 - High (7.5)

GetSimple CMS is a content management system. All versions of GetSimple CMS rely on .htaccess files to restrict access to sensitive directories such as /data/ and /backups/. If Apache AllowOverride is disabled (common in hardened or shared hosting...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27161/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T17:41:31.000Z ##

🟠 CVE-2026-27161 - High (7.5)

GetSimple CMS is a content management system. All versions of GetSimple CMS rely on .htaccess files to restrict access to sensitive directories such as /data/ and /backups/. If Apache AllowOverride is disabled (common in hardened or shared hosting...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27161/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-40538
(9.1 CRITICAL)

EPSS: 0.03%

updated 2026-02-24T09:31:31

4 posts

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privile

jbhall56 at 2026-02-24T13:30:54.214Z ##

The most severe of the four security flaws patched by SolarWinds today in Serv-U 15.5.4 is tracked as CVE-2025-40538, and it allows attackers with high privileges to gain root or admin permissions on vulnerable servers. https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/

##

thehackerwire@mastodon.social at 2026-02-24T08:19:32.000Z ##

🔴 CVE-2025-40538 - Critical (9.1)

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges.

This iss...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40538/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

jbhall56@infosec.exchange at 2026-02-24T13:30:54.000Z ##

The most severe of the four security flaws patched by SolarWinds today in Serv-U 15.5.4 is tracked as CVE-2025-40538, and it allows attackers with high privileges to gain root or admin permissions on vulnerable servers. https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/

##

thehackerwire@mastodon.social at 2026-02-24T08:19:32.000Z ##

🔴 CVE-2025-40538 - Critical (9.1)

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges.

This iss...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40538/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-40539
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-02-24T09:31:31

2 posts

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.

thehackerwire@mastodon.social at 2026-02-24T08:20:11.000Z ##

🔴 CVE-2025-40539 - Critical (9.1)

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.

This issue requires administrative privileges to abuse. On Windows deployments, the ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40539/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T08:20:11.000Z ##

🔴 CVE-2025-40539 - Critical (9.1)

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.

This issue requires administrative privileges to abuse. On Windows deployments, the ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40539/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-40540
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-02-24T09:31:31

1 posts

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.

thehackerwire@mastodon.social at 2026-02-24T08:19:11.000Z ##

🔴 CVE-2025-40540 - Critical (9.1)

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account.

This issue requires administrative privileges to abuse. On Windows deployments, the ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40540/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1459
(7.2 HIGH)

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function set_device_name of the file /goform/SetOnlineDevName. This manipulation of the argument devName causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.

thehackerwire@mastodon.social at 2026-02-21T21:19:05.000Z ##

🟠 CVE-2026-2886 - High (8.8)

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function set_device_name of the file /goform/SetOnlineDevName. This manipulation of the argument devName causes stack-based buffer overflow. It is possible to initiate the attac...

updated 2026-02-23T20:45:01.957000

2 posts

Sentry is a developer-first error tracking and performance monitoring tool. Versions 21.12.0 through 26.1.0 have a critical vulnerability in its SAML SSO implementation which allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on the same Sentry instance. Self-hosted users are only at risk if the following criteria is met: ore than

updated 2026-02-23T19:28:20.650000

3 posts

A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used.

thehackerwire@mastodon.social at 2026-02-23T01:00:35.000Z ##

🟠 CVE-2026-2959 - High (8.8)

A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote ex...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2959/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-23T01:00:23.000Z ##

🟠 CVE-2026-2959 - High (8.8)

A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote ex...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2959/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-02-23T00:00:38.000Z ##

⚠️ HIGH severity: D-Link DWR-M960 v1.01.07 hit by stack-based buffer overflow (CVE-2026-2959) via /boafrm/formNewSchedule. Remote exploitation possible — public exploit available! Assess & monitor. https://radar.offseq.com/threat/cve-2026-2959-stack-based-buffer-overflow-in-d-lin-54cc012d #OffSeq #DLink #CVE20262959 #Security

##

CVE-2026-2960
(8.8 HIGH)

EPSS: 0.03%

updated 2026-02-23T19:24:49.953000

2 posts

A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_468D64 of the file /boafrm/formDhcpv6s. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used.

offseq@infosec.exchange at 2026-02-23T07:30:27.000Z ##

🛡️ CVE-2026-2960: HIGH severity stack-based buffer overflow in D-Link DWR-M960 (fw 1.01.07). Remote, unauthenticated RCE possible; PoC exploit published. Patch or restrict access now! https://radar.offseq.com/threat/cve-2026-2960-stack-based-buffer-overflow-in-d-lin-29b3b35d #OffSeq #DLink #Infosec #Vulnerability

##

thehackerwire@mastodon.social at 2026-02-23T01:18:13.000Z ##

🟠 CVE-2026-2960 - High (8.8)

A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_468D64 of the file /boafrm/formDhcpv6s. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be exe...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2960/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23552
(9.1 CRITICAL)

EPSS: 0.01%

updated 2026-02-23T18:33:04

2 posts

Cross-Realm Token Acceptance Bypass in KeycloakSecurityPolicy Apache Camel Keycloak component. The Camel-Keycloak KeycloakSecurityPolicy does not validate the iss (issuer) claim of JWT tokens against the configured realm. A token issued by one Keycloak realm is silently accepted by a policy configured for a completely different realm, breaking tenant isolation. This issue affects Apache Camel: f

1 repos

https://github.com/oscerd/CVE-2026-23552

offseq@infosec.exchange at 2026-02-24T00:00:39.000Z ##

🚨 CRITICAL: CVE-2026-23552 in Apache Camel 4.15.0 – 4.17.x breaks tenant isolation — JWT tokens from any Keycloak realm may be accepted! Upgrade to 4.18.0 ASAP to secure multi-tenant systems. https://radar.offseq.com/threat/cve-2026-23552-cwe-346-origin-validation-error-in--099c72c7 #OffSeq #ApacheCamel #Vuln #Keycloak

##

thehackerwire@mastodon.social at 2026-02-23T17:09:44.000Z ##

🔴 CVE-2026-23552 - Critical (9.1)

Cross-Realm Token Acceptance Bypass in KeycloakSecurityPolicy Apache Camel Keycloak component.

The Camel-Keycloak KeycloakSecurityPolicy does not validate the iss (issuer) claim of JWT tokens against the configured realm. A token issued by one ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23552/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70043
(9.1 CRITICAL)

EPSS: 0.02%

updated 2026-02-23T18:32:09

2 posts

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in TLS socket options

Matchbook3469@mastodon.social at 2026-02-24T18:10:25.000Z ##

🔴 New security advisory:

CVE-2025-70043 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
https://yazoul.net/advisory/cve/cve-2025-70043

#Cybersecurity #ZeroDay #ThreatIntel

##

thehackerwire@mastodon.social at 2026-02-23T17:55:24.000Z ##

🔴 CVE-2025-70043 - Critical (9.1)

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in TLS socket options

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-70043/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3016
(8.8 HIGH)

EPSS: 0.04%

updated 2026-02-23T18:32:05

1 posts

A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. The affected element is the function strcpy of the file /goform/formP2PLimitConfig. The manipulation of the argument except leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

thehackerwire@mastodon.social at 2026-02-23T17:09:35.000Z ##

🟠 CVE-2026-3016 - High (8.8)

A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. The affected element is the function strcpy of the file /goform/formP2PLimitConfig. The manipulation of the argument except leads to buffer overflow. Remote exploitation of the a...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3016/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3015
(8.8 HIGH)

EPSS: 0.04%

updated 2026-02-23T18:32:04

2 posts

A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Impacted is the function strcpy of the file /goform/formPolicyRouteConf. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

thehackerwire@mastodon.social at 2026-02-23T17:10:39.000Z ##

🟠 CVE-2026-3015 - High (8.8)

A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Impacted is the function strcpy of the file /goform/formPolicyRouteConf. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack may be launche...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3015/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-23T17:09:39.000Z ##

🟠 CVE-2026-3015 - High (8.8)

A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Impacted is the function strcpy of the file /goform/formPolicyRouteConf. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack may be launche...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3015/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2019-25441
(9.8 CRITICAL)

EPSS: 2.65%

updated 2026-02-23T18:14:13.887000

1 posts

thesystem 1.0 contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious input to the run_command endpoint. Attackers can send POST requests with shell commands in the command parameter to execute arbitrary code on the server without authentication.

secdb@infosec.exchange at 2026-02-23T00:00:58.000Z ##

📈 CVE Published in last 7 days (2026-02-16 - 2026-02-23)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1338

Severity:
- Critical: 74
- High: 301
- Medium: 602
- Low: 33
- None: 328

Status:
- : 9
- Analyzed: 277
- Awaiting Analysis: 747
- Modified: 3
- Received: 170
- Rejected: 40
- Undergoing Analysis: 92

Top CNAs:
- Patchstack: 334
- GitHub, Inc.: 170
- VulDB: 164
- Wordfence: 148
- VulnCheck: 145
- MITRE: 53
- kernel.org: 33
- IBM Corporation: 33
- Fortinet, Inc.: 25
- Zero Day Initiative: 20

Top Affected Products:
- UNKNOWN: 1037
- Comodo Dome Firewall: 29
- Gfi Mailessentials: 18
- Smoothwall Express: 17
- Openclaw: 16
- Invoiceplane: 11
- Spip: 10
- Nvidia Nemo: 10
- Mjdm Majordomo: 8
- Ibm Concert: 7

##

CVE-2026-25896
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-02-23T18:14:13.887000

3 posts

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. From 4.1.3to before 5.3.5, a dot (.) in a DOCTYPE entity name is treated as a regex wildcard during entity replacement, allowing an attacker to shadow built-in XML entities (<, >, &, ", ') with arbitrary values. This bypasses entity en

endorlabs@mastodon.social at 2026-02-21T17:53:48.000Z ##

CVE-2026-25896 (CVSS 9.3) disclosed in fast-xml-parser

A critical entity encoding bypass affects fast-xml-parser (40M+ weekly npm downloads).
-Allows attackers to shadow built-in XML entities (<, >, &, ", ')
-Can lead to XSS or injection when parsing untrusted XML and rendering the output
-Exploitable with default settings (processEntities: true)
-Impacts >= 4.1.3 and < 5.3.5, including transitive dependencies

Fix: upgrade to v5.3.5+
Advisory: GHSA-m7jm-9gc2-mpf2

https://www.endorlabs.com/learn/cve-2026-25896-fast-xml-parser

##

updated 2026-02-23T18:13:53.397000

2 posts

SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted store_id parameter in a POST request.

updated 2026-02-23T18:13:53.397000

1 posts

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In versions 5.0.39 and below, origin validation uses startsWith() for comparison, allowing attackers to bypass the check by registering a domain that shares a common prefix with an allowed origin.The getAllowedOrigin() function checks if the Referer header starts with any allowed origin, and t

offseq@infosec.exchange at 2026-02-21T04:30:27.000Z ##

⚠️ CVE-2026-27192: Feathersjs (<5.0.40) suffers a HIGH-severity origin validation error (CWE-346). Prefix-based checks let attackers steal OAuth tokens, risking account takeover. Upgrade to 5.0.40+! https://radar.offseq.com/threat/cve-2026-27192-cwe-346-origin-validation-error-in--17700ad4 #OffSeq #Feathersjs #OAuth #CVE202627192

##

CVE-2026-27134
(8.1 HIGH)

EPSS: 0.03%

updated 2026-02-23T18:13:53.397000

2 posts

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. In versions 0.49.0 through 0.50.0, when using a custom Cluster or Clients CA with a multistage CA chain consisting of multiple CAs, Strimzi incorrectly configures the trusted certificates for mTLS authentication on the internal as well as user-configured listeners. All CAs from t

thehackerwire@mastodon.social at 2026-02-21T00:20:07.000Z ##

🟠 CVE-2026-27134 - High (8.1)

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. In versions 0.49.0 through 0.50.0, when using a custom Cluster or Clients CA with a multistage CA chain consisting of multiple ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27134/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-21T00:17:24.000Z ##

🟠 CVE-2026-27134 - High (8.1)

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. In versions 0.49.0 through 0.50.0, when using a custom Cluster or Clients CA with a multistage CA chain consisting of multiple ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27134/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2441
(8.8 HIGH)

EPSS: 0.34%

updated 2026-02-23T13:24:55.920000

9 posts

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

6 repos

https://github.com/atiilla/CVE-2026-2441_PoC

https://github.com/washingtonmaister/CVE-2026-2441

https://github.com/NetVanguard-cmd/CVE-2026-2441

https://github.com/b1gchoi/CVE-2026-2441_POC

https://github.com/huseyinstif/CVE-2026-2441-PoC

https://github.com/theemperorspath/CVE-2026-2441-PoC

Andy_Thompson at 2026-02-24T23:06:37.582Z ##

BREAKING: 25M+ US Breach + Chrome Zero-Day + AI Malware (Feb 24,2026)

🚨 Conduent Breach Now Largest in US History - 25+ Million Affected 🚨
🌐 Chrome Zero-Day CVE-2026-2441 Actively Exploited 🌐
🤖 AI Prompts Are The New Malware 🤖

🔗 https://youtu.be/p4Ky1l4X_c4

##

_r_netsec at 2026-02-24T22:43:05.103Z ##

Chrome CVE made me go digging and I found a container image in prod that hasn't been updated since 2023 https://www.cve.org/CVERecord?id=CVE-2026-2441

##

siltaer@piaille.fr at 2026-02-24T10:38:55.000Z ##

Une vulnérabilité Chromium en pure CSS qui permet de récupérer des données sensibles comme le token CSRF (CVE-2026-2441)
https://www.sitepoint.com/zero-day-css-cve-2026-2441-security-vulnerability/

Zero-Day CSS: Deconstructing CVE-2026-2441

#Chrome #Chromium #CSS #CSRF #CVE

##

Andy_Thompson@infosec.exchange at 2026-02-24T23:06:37.000Z ##

BREAKING: 25M+ US Breach + Chrome Zero-Day + AI Malware (Feb 24,2026)

🚨 Conduent Breach Now Largest in US History - 25+ Million Affected 🚨
🌐 Chrome Zero-Day CVE-2026-2441 Actively Exploited 🌐
🤖 AI Prompts Are The New Malware 🤖

🔗 https://youtu.be/p4Ky1l4X_c4

##

_r_netsec@infosec.exchange at 2026-02-24T22:43:05.000Z ##

Chrome CVE made me go digging and I found a container image in prod that hasn't been updated since 2023 https://www.cve.org/CVERecord?id=CVE-2026-2441

##

siltaer@piaille.fr at 2026-02-24T10:38:55.000Z ##

Une vulnérabilité Chromium en pure CSS qui permet de récupérer des données sensibles comme le token CSRF (CVE-2026-2441)
https://www.sitepoint.com/zero-day-css-cve-2026-2441-security-vulnerability/

Zero-Day CSS: Deconstructing CVE-2026-2441

#Chrome #Chromium #CSS #CSRF #CVE

##

youranonnewsirc@nerdculture.de at 2026-02-24T07:44:38.000Z ##

Recent reports highlight significant activity across global sectors.

**Cybersecurity:** The University of Mississippi Medical Center closed clinics (Feb 23-24) following a ransomware attack. A critical Chromium zero-day (CVE-2026-2441) is actively exploited, mandating urgent patching for browsers. Figure Fintech reported a major 1 million account data breach stemming from a sophisticated vishing attack. The U.S. implemented new CIRCIA regulations, requiring critical infrastructure to report cyber incidents within 72 hours and ransom payments within 24 hours.

**Technology:** Google's $32 billion acquisition of Wiz has received European Commission approval, marking a significant consolidation in cloud security.

**Geopolitics:** U.S.-China competition continues to be a driving force, alongside new U.S. tariffs, contributing to global market volatility.

#Cybersecurity #Geopolitics #TechNews

##

hackmag@infosec.exchange at 2026-02-23T19:00:15.000Z ##

⚪ Google Chrome patches first zero‑day vulnerability of the year

🗨️ This week, Google developers released an emergency update for the Chrome browser, patching the first zero-day vulnerability of the year, CVE-2026-2441, which hackers were already exploiting. The company has confirmed the existence of a working exploit for this bug.

🔗 https://hackmag.com/news/chrome-fisrt-0day?utm_source=mastodon&utm_medium=social&utm_campaign=repost_hackmag_to_socials

#news

##

nu11secur1ty@infosec.exchange at 2026-02-23T12:39:29.000Z ##

https://www.patreon.com/posts/cve-2026-2441-151454779

##

CVE-2025-49113
(9.9 CRITICAL)

EPSS: 89.37%

updated 2026-02-23T13:24:21.387000

1 posts

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.

Nuclei template

22 repos

https://github.com/Zwique/CVE-2025-49113

https://github.com/rxerium/CVE-2025-49113

https://github.com/ankitpandey383/roundcube-cve-2025-49113-lab

https://github.com/hackmelocal/CVE-2025-49113-Simulation

https://github.com/AC8999/CVE-2025-49113

https://github.com/punitdarji/roundcube-cve-2025-49113

https://github.com/Joelp03/CVE-2025-49113

https://github.com/fearsoff-org/CVE-2025-49113

https://github.com/Yuri08loveElaina/CVE-2025-49113

https://github.com/LeakForge/CVE-2025-49113

https://github.com/l4f2s4/CVE-2025-49113_exploit_cookies

https://github.com/BiiTts/Roundcube-CVE-2025-49113

https://github.com/00xCanelo/CVE-2025-49113

https://github.com/SyFi/CVE-2025-49113

https://github.com/Evillm/CVE-2025-49113-PoC

https://github.com/rasool13x/exploit-CVE-2025-49113

A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub_457C5C of the file /boafrm/formWsc. Such manipulation of the argument save_apply leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

updated 2026-02-22T03:30:33

2 posts

A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.

updated 2026-02-21T21:30:32

2 posts

A security flaw has been discovered in D-Link DWR-M960 1.01.07. The impacted element is the function sub_469104 of the file /boafrm/formIpv6Setup. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.

thehackerwire@mastodon.social at 2026-02-21T21:19:16.000Z ##

🟠 CVE-2026-2885 - High (8.8)

A security flaw has been discovered in D-Link DWR-M960 1.01.07. The impacted element is the function sub_469104 of the file /boafrm/formIpv6Setup. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may b...

updated 2026-02-21T00:31:55

1 posts

MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the basic_auth.ini file. The file contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass aut

secdb@infosec.exchange at 2026-02-23T00:00:58.000Z ##

📈 CVE Published in last 7 days (2026-02-16 - 2026-02-23)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1338

Severity:
- Critical: 74
- High: 301
- Medium: 602
- Low: 33
- None: 328

Status:
- : 9
- Analyzed: 277
- Awaiting Analysis: 747
- Modified: 3
- Received: 170
- Rejected: 40
- Undergoing Analysis: 92

Top CNAs:
- Patchstack: 334
- GitHub, Inc.: 170
- VulDB: 164
- Wordfence: 148
- VulnCheck: 145
- MITRE: 53
- kernel.org: 33
- IBM Corporation: 33
- Fortinet, Inc.: 25
- Zero Day Initiative: 20

Top Affected Products:
- UNKNOWN: 1037
- Comodo Dome Firewall: 29
- Gfi Mailessentials: 18
- Smoothwall Express: 17
- Openclaw: 16
- Invoiceplane: 11
- Spip: 10
- Nvidia Nemo: 10
- Mjdm Majordomo: 8
- Ibm Concert: 7

##

CVE-2026-2043
(7.2 HIGH)

EPSS: 0.47%

updated 2026-02-21T00:31:54

2 posts

Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists within the esensors_websensor_configwizard_func method. The issue results from the lack of proper val

thehackerwire@mastodon.social at 2026-02-24T18:13:46.000Z ##

🟠 CVE-2026-2043 - High (8.8)

Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to ex...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2043/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T18:13:46.000Z ##

🟠 CVE-2026-2043 - High (8.8)

Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to ex...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2043/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2033
(8.1 HIGH)

EPSS: 10.53%

updated 2026-02-21T00:31:54

2 posts

MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of artifact file paths. The issue results from the lack of proper validat

secdb@infosec.exchange at 2026-02-23T00:00:58.000Z ##

📈 CVE Published in last 7 days (2026-02-16 - 2026-02-23)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1338

Severity:
- Critical: 74
- High: 301
- Medium: 602
- Low: 33
- None: 328

Status:
- : 9
- Analyzed: 277
- Awaiting Analysis: 747
- Modified: 3
- Received: 170
- Rejected: 40
- Undergoing Analysis: 92

updated 2026-02-21T00:31:49

2 posts

Xmind Attachment Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xmind. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of attachments. When opening an attachm

thehackerwire@mastodon.social at 2026-02-21T00:20:19.000Z ##

🟠 CVE-2026-0777 - High (7.8)

Xmind Attachment Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xmind. User interaction is required to exploit this vulnerability in th...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0777/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-21T00:17:24.000Z ##

🟠 CVE-2026-0777 - High (7.8)

Xmind Attachment Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xmind. User interaction is required to exploit this vulnerability in th...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0777/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2042
(7.2 HIGH)

EPSS: 1.25%

updated 2026-02-21T00:31:43

3 posts

Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists within the monitoringwizard module. The issue results from the lack of proper validation of a user-supplied string before

thehackerwire@mastodon.social at 2026-02-24T18:13:37.000Z ##

🟠 CVE-2026-2042 - High (8.8)

Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerabi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2042/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T18:13:37.000Z ##

🟠 CVE-2026-2042 - High (8.8)

Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerabi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2042/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

updated 2026-02-20T20:57:50.360000

2 posts

An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. The vulnerability affects all six device models in the series: GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630.

technadu@infosec.exchange at 2026-02-23T16:24:21.000Z ##

CVE-2026-2329 — Critical VoIP RCE
Affects: Grandstream GXP1600
Type: Stack-based buffer overflow
Impact: Unauthenticated RCE (root)

Attack Path:
• Extract SIP credentials
• Modify SIP proxy settings
• Transparent call interception

Operational risk:
• SMB exposure
• Flat networks
• Insufficient VoIP monitoring

updated 2026-02-20T02:00:02.830000

1 posts

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgr

secdb@infosec.exchange at 2026-02-23T00:00:58.000Z ##

updated 2026-02-17T15:31:33

2 posts

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Nuclei template

5 repos

https://github.com/win3zz/CVE-2026-1731

https://github.com/hexissam/CVE-2026-1731

https://github.com/richardpaimu34/CVE-2026-1731

https://github.com/jakubie07/CVE-2026-1731

https://github.com/cybrdude/cve-2026-1731-scanner

youranonnewsirc@nerdculture.de at 2026-02-23T13:44:39.000Z ##

Geopolitical tensions heighten as US-Iran nuclear talks near. Technology advances with Tesla's Cybercab launch and Uber's significant investment in autonomous EV charging. Cybersecurity faces active exploitation of CVE-2026-1731 in BeyondTrust products, AI-powered FortiGate breaches, and AI-assisted malware from MuddyWater.

#Cybersecurity #TechNews #Geopolitics

EPSS: 41.91%

updated 2026-01-30T00:31:28

2 posts

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

2 repos

https://github.com/YunfeiGE18/CVE-2026-1281-CVE-2026-1340-Ivanti-EPMM-RCE

https://github.com/MehdiLeDeaut/CVE-2026-1281-Ivanti-EPMM-RCE

christopherkunz@chaos.social at 2026-02-24T12:42:14.000Z ##

@kantorkel Mit den Lücken, die u.a. für den Einbruch in den Niederlanden, Finnland und womöglich auch bei der EU genutzt wurden, kann man auf jeden Fall viel Spaß haben - und sei es beim Lesen des großartigen WatchTowr-Blogs https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/ (oder Hören unserer Passwort-Episode dazu, ab 17:08 https://cku.gt/2SFCN).

##

christopherkunz@chaos.social at 2026-02-24T12:42:14.000Z ##

@kantorkel Mit den Lücken, die u.a. für den Einbruch in den Niederlanden, Finnland und womöglich auch bei der EU genutzt wurden, kann man auf jeden Fall viel Spaß haben - und sei es beim Lesen des großartigen WatchTowr-Blogs https://labs.watchtowr.com/someone-knows-bash-far-too-well-and-we-love-it-ivanti-epmm-pre-auth-rces-cve-2026-1281-cve-2026-1340/ (oder Hören unserer Passwort-Episode dazu, ab 17:08 https://cku.gt/2SFCN).

##

CVE-2025-12543
(9.6 CRITICAL)

EPSS: 0.08%

updated 2026-01-08T23:15:42.690000

1 posts

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user session

beyondmachines1@infosec.exchange at 2026-02-24T08:01:19.000Z ##

HPE Patches Critical Access Bypass in Telco Service Activator

HPE patched a critical access bypass vulnerability (CVE-2025-12543) in its Telco Service Activator that allows unauthenticated attackers to hijack sessions or disrupt telecom services by exploiting improper Host header validation.

**If you are using Telco Service Activator, make sure it's isolated from the internet and accessible from trusted networks only. Then plan an update to version 10.5.0 ASAP. Coordinate the patch window with your support teams to manage any potential service disruptions that could impact your customers' experience.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hpe-patches-critical-access-bypass-in-telco-service-activator-o-p-l-x-7/gD2P6Ple2L

##

CVE-2025-67511
(9.7 CRITICAL)

EPSS: 0.12%

updated 2025-12-11T17:22:16

2 posts

### Summary A command injection vulnerability is present in the function tool `run_ssh_command_with_credentials()` available to AI agents. ### Details This is the source code of the function tool `run_ssh_command_with_credentials()` ([code](https://github.com/aliasrobotics/cai/blob/0.5.9/src/cai/tools/command_and_control/sshpass.py#L20)): ```python @function_tool def run_ssh_command_with_crede

oversecurity@mastodon.social at 2026-02-24T17:53:39.000Z ##

CVE-2025-67511: Tricking a Security AI Agent Into Pwning Itself

Hacktive Security - Advanced Cyber Security Services

🔗️ [Hacktivesecurity] https://link.is.it/PaW4AT

##

oversecurity@mastodon.social at 2026-02-24T17:53:39.000Z ##

CVE-2025-67511: Tricking a Security AI Agent Into Pwning Itself

Hacktive Security - Advanced Cyber Security Services

🔗️ [Hacktivesecurity] https://link.is.it/PaW4AT

##

CVE-2023-46604
(10.0 CRITICAL)

EPSS: 94.44%

updated 2025-11-04T16:41:16.217000

2 posts

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users

Nuclei template

33 repos

https://github.com/CCIEVoice2009/CVE-2023-46604

https://github.com/infokek/activemq-honeypot

https://github.com/fiza-naeem0902/Vulnerability-Assessment

https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ

https://github.com/tomasmussi/activemq-cve-2023-46604

https://github.com/thinkycx/activemq-rce-cve-2023-46604

https://github.com/stegano5/ExploitScript-CVE-2023-46604

https://github.com/cuanh2333/CVE-2023-46604

https://github.com/vjayant93/CVE-2023-46604-POC

https://github.com/trganda/ActiveMQ-RCE

https://github.com/minhangxiaohui/ActiveMQ_CVE-2023-46604

https://github.com/vaishnavucv/Project-Vuln-Detection-N-Mitigation_101

https://github.com/Anekant-Singhai/Exploits

https://github.com/evkl1d/CVE-2023-46604

https://github.com/duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell

https://github.com/justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp

https://github.com/dcm2406/CVE-Lab

https://github.com/skrkcb2/CVE-2023-46604

https://github.com/pulentoski/CVE-2023-46604

https://github.com/nitzanoligo/CVE-2023-46604-demo

https://github.com/mranv/honeypot.rs

https://github.com/NKeshawarz/CVE-2023-46604-RCE

https://github.com/Arlenhiack/ActiveMQ-RCE-Exploit

https://github.com/ImuSpirit/ActiveMQ_RCE_Pro_Max

https://github.com/pavanaa4k/CVE-2023-46604-LAB

https://github.com/Mudoleto/Broker_ApacheMQ

https://github.com/dcm2406/CVE-2023-46604

https://github.com/vulncheck-oss/cve-2023-46604

https://github.com/mrpentst/CVE-2023-46604

https://github.com/hh-hunter/cve-2023-46604

https://github.com/LiritoShawshark/CVE-2023-46604_ActiveMQ_RCE_Recurrence

https://github.com/h3x3h0g/ActiveMQ-RCE-CVE-2023-46604-Write-up

https://github.com/RockyDesigne/SSP-Assignment-3-RCEYouLater

VirusBulletin at 2026-02-24T11:11:59.582Z ##

The DFIR Report documents the exploitation of an unpatched ActiveMQ server by CVE-2023-46604. The threat actor used Metasploit tooling for privilege escalation, LSASS access and lateral movement, before LockBit was deployed via RDP using stolen credentials. https://thedfirreport.com/2026/02/23/apache-activemq-exploit-leads-to-lockbit-ransomware/

##

VirusBulletin@infosec.exchange at 2026-02-24T11:11:59.000Z ##

The DFIR Report documents the exploitation of an unpatched ActiveMQ server by CVE-2023-46604. The threat actor used Metasploit tooling for privilege escalation, LSASS access and lateral movement, before LockBit was deployed via RDP using stolen credentials. https://thedfirreport.com/2026/02/23/apache-activemq-exploit-leads-to-lockbit-ransomware/

##

CVE-2025-59201
(7.8 HIGH)

EPSS: 0.10%

updated 2025-10-14T18:30:36

2 posts

Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally.

itm4n at 2026-02-24T20:12:05.679Z ##

It's a blog post I should have published months ago, but here we finally are.

"CVE-2025-59201 - Network Connection Status Indicator (NCSI) EoP"

Credit goes to t0zhang (on X) for the discovery.

👉 https://itm4n.github.io/cve-2025-59201-ncsi-eop/

I'd like to write more of those but it's so time-consuming. 😔

#cve #windows

##

itm4n@infosec.exchange at 2026-02-24T20:12:05.000Z ##

It's a blog post I should have published months ago, but here we finally are.

"CVE-2025-59201 - Network Connection Status Indicator (NCSI) EoP"

Credit goes to t0zhang (on X) for the discovery.

👉 https://itm4n.github.io/cve-2025-59201-ncsi-eop/

I'd like to write more of those but it's so time-consuming. 😔

#cve #windows

##

CVE-2025-8277
(3.1 LOW)

EPSS: 0.05%

updated 2025-09-09T12:30:49

1 posts

A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when using libgcrypt, which impacts application stability and availability.

linux@activitypub.awakari.com at 2026-02-23T20:21:54.000Z ## Ubuntu 20.04 LTS libssh Important DDoS Risks USN-8051-2 CVE-2025-8277 Several security issues were fixed in libssh.

#Ubuntu #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2025-47943
(6.3 MEDIUM)

EPSS: 0.05%

updated 2025-07-30T17:45:41

2 posts

### Summary A stored XSS is present in Gogs which allows client-side Javascript code execution. ### Details Gogs Version: ``` docker images REPOSITORY TAG IMAGE ID CREATED SIZE gogs/gogs latest fe92583bc4fe 10 hours ago 99.3MB ``` Application version: `0.14.0+dev` Local setup using: ```bash # Pull image from Docker Hub. docker pull gogs/gogs # Create local dire

oversecurity@mastodon.social at 2026-02-24T17:52:18.000Z ##

CVE-2025-47943: Stored XSS in Gogs via PDF

Hacktive Security - Advanced Cyber Security Services

🔗️ [Hacktivesecurity] https://link.is.it/5Dz9cj

##

oversecurity@mastodon.social at 2026-02-24T17:52:18.000Z ##

CVE-2025-47943: Stored XSS in Gogs via PDF

Hacktive Security - Advanced Cyber Security Services

🔗️ [Hacktivesecurity] https://link.is.it/5Dz9cj

##

CVE-2025-0037
(6.6 MEDIUM)

EPSS: 0.03%

updated 2025-06-10T00:30:36

2 posts

In AMD Versal Adaptive SoC devices, the lack of address validation when executing PLM runtime services through the PLM firmware can allow access to isolated or protected memory spaces, resulting in the loss of integrity and confidentiality.

AAKL at 2026-02-24T17:04:48.489Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

AAKL@infosec.exchange at 2026-02-24T17:04:48.000Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

CVE-2025-47809
(8.2 HIGH)

EPSS: 0.02%

updated 2025-05-16T14:42:18.700000

1 posts

Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately after installation (before a logoff or reboot). For exploitation, there must have been an unprivileged installation with UAC, and the CodeMeter Control Center component must be installed, and the CodeMeter Control Center component must not have been restarted. In this scenario, the local user can navigate from Import Lic

certvde@infosec.exchange at 2026-02-23T07:36:39.000Z ##

#OT #Advisory VDE-2026-007
TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability

The TRUMPF product versions listed below include a Wibu CodeMeter component that is vulnerable to a privilege escalation vulnerability through the CodeMeter installer on Windows.
#CVE CVE-2025-47809

https://certvde.com/en/advisories/vde-2026-007/

#CSAF https://trumpf.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-007.json

##

CVE-2025-25362
(9.8 CRITICAL)

EPSS: 0.45%

updated 2025-04-02T13:15:44.063000

2 posts

A Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows attackers to execute arbitrary code via injecting a crafted payload into the template field.

oversecurity@mastodon.social at 2026-02-24T17:51:13.000Z ##

CVE-2025-25362: Old Vulnerabilities, New Victims – Breaking LLM Prompts with SSTI

Hacktive Security - Advanced Cyber Security Services

🔗️ [Hacktivesecurity] https://link.is.it/4bUqcZ

##

oversecurity@mastodon.social at 2026-02-24T17:51:13.000Z ##

CVE-2025-25362: Old Vulnerabilities, New Victims – Breaking LLM Prompts with SSTI

Hacktive Security - Advanced Cyber Security Services

🔗️ [Hacktivesecurity] https://link.is.it/4bUqcZ

##

CVE-2023-31364
(0 None)

EPSS: 0.00%

2 posts

N/A

AAKL at 2026-02-24T17:04:48.489Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

AAKL@infosec.exchange at 2026-02-24T17:04:48.000Z ##

Two advisories from AMD, one new, one updated:

-  CVE-2025-0037: Versal Adaptive SoC –Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html

- CVE-2023-31364: Guest Initiated Machine Check Errors https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7059.html

Two new ones from NVIDIA:

- CVE-2025-33179, CVE-2025-33180, and CVE-2025-33181: NVIDIA Cumulus Linux and NVOS - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5722

- CVE-2026-24241: NVIDIA License System - February 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5789 #Nvidia #infosec #AMD #vulnerability #Linux

##

CVE-2026-27202
(0 None)

EPSS: 0.06%

2 posts

N/A

thehackerwire@mastodon.social at 2026-02-24T16:07:07.000Z ##

🟠 CVE-2026-27202 - High (7.5)

GetSimple CMS is a content management system. All versions of GetSimple CMS have a flaw in the Uploaded Files feature that allows for arbitrary file reads. This issue has not been fixed at the time of publication.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27202/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-24T16:07:07.000Z ##

🟠 CVE-2026-27202 - High (7.5)

GetSimple CMS is a content management system. All versions of GetSimple CMS have a flaw in the Uploaded Files feature that allows for arbitrary file reads. This issue has not been fixed at the time of publication.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27202/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-67733
(0 None)

EPSS: 0.02%

2 posts

N/A

1 repos

https://github.com/JYlab/CVE-2025-67733

thehackerwire@mastodon.social at 2026-02-23T20:32:34.000Z ##

🟠 CVE-2025-67733 - High (8.5)

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or ret...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67733/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-23T20:30:36.000Z ##

🟠 CVE-2025-67733 - High (8.5)

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or ret...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67733/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27623
(0 None)

EPSS: 0.06%

2 posts

N/A

thehackerwire@mastodon.social at 2026-02-23T20:32:24.000Z ##

🟠 CVE-2026-27623 - High (7.5)

Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can cause the system to abort by triggering an assertion. When processing incoming requests, the Valk...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27623/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-23T20:30:26.000Z ##

🟠 CVE-2026-27623 - High (7.5)

Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can cause the system to abort by triggering an assertion. When processing incoming requests, the Valk...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27623/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27470
(0 None)

EPSS: 0.03%

1 posts

N/A

1 repos

https://github.com/kocaemre/CVE-2026-27470

thehackerwire@mastodon.social at 2026-02-21T08:17:17.000Z ##

🟠 CVE-2026-27470 - High (8.8)

ZoneMinder is a free, open source closed-circuit television software application. In versions 1.36.37 and below and 1.37.61 through 1.38.0, there is a second-order SQL Injection vulnerability in the web/ajax/status.php file within the getNearEvent...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27470/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27452
(0 None)

EPSS: 0.04%

1 posts

N/A

offseq@infosec.exchange at 2026-02-21T07:30:34.000Z ##

🛡️ CRITICAL: CVE-2026-27452 in JonathanWilbur asn1-ts (<=11.0.5) — Decoding INTEGERs may leak ArrayBuffer, exposing sensitive data. Upgrade to 11.0.6 urgently. Details: https://radar.offseq.com/threat/cve-2026-27452-cwe-200-exposure-of-sensitive-infor-d39700d7 #OffSeq #Vulnerability #Security #CVE202627452

##

CVE-2026-27168
(0 None)

EPSS: 0.02%

3 posts

N/A

offseq@infosec.exchange at 2026-02-21T03:00:28.000Z ##

⚠️ CVE-2026-27168: HIGH severity heap overflow in HappySeaFox sail (≤0.9.10). Remote code execution possible via crafted XWD files — no patch yet. Audit, block untrusted XWDs, and monitor! https://radar.offseq.com/threat/cve-2026-27168-cwe-122-heap-based-buffer-overflow--338e400d #OffSeq #Vulnerability #HappySeaFox #CyberAlert

##

thehackerwire@mastodon.social at 2026-02-21T00:19:57.000Z ##

🟠 CVE-2026-27168 - High (8.8)

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. All versions are vulnerable to Heap-based Buffer Overflow through the XWD parser's use of the bytes_per_line value. The value os...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27168/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-02-21T00:17:14.000Z ##

🟠 CVE-2026-27168 - High (8.8)

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. All versions are vulnerable to Heap-based Buffer Overflow through the XWD parser's use of the bytes_per_line value. The value os...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27168/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25131(8.8 HIGH)

EPSS: 0.00%

CVE-2026-24849(9.9 CRITICAL)

EPSS: 0.00%

CVE-2025-69231(8.7 HIGH)

EPSS: 0.00%

CVE-2025-67752(8.1 HIGH)

EPSS: 0.00%

CVE-2026-0797(7.8 HIGH)

EPSS: 0.06%

CVE-2026-27593(9.3 CRITICAL)

EPSS: 0.00%

CVE-2026-25899(7.5 HIGH)

EPSS: 0.00%

CVE-2026-26222(0 None)

EPSS: 0.00%

CVE-2026-26341(0 None)

EPSS: 0.00%

CVE-2026-21410(9.8 CRITICAL)

EPSS: 0.00%

CVE-2026-22553(9.8 CRITICAL)

EPSS: 0.00%

CVE-2025-33180(8.0 HIGH)

EPSS: 0.00%

CVE-2026-3105(7.6 HIGH)

EPSS: 0.00%

CVE-2025-33179(8.0 HIGH)

EPSS: 0.00%

CVE-2026-24241(4.3 MEDIUM)

EPSS: 0.00%

CVE-2026-27519(7.5 HIGH)

EPSS: 0.00%

CVE-2026-2769(8.8 HIGH)

EPSS: 0.00%

CVE-2026-27208(9.2 CRITICAL)

EPSS: 0.00%

CVE-2026-2038(9.8 CRITICAL)

EPSS: 0.42%

CVE-2026-2039(9.8 CRITICAL)

EPSS: 0.42%

CVE-2026-2037(8.8 HIGH)

EPSS: 0.79%

CVE-2026-2045(7.8 HIGH)

EPSS: 0.06%

CVE-2026-3044(8.8 HIGH)

EPSS: 0.05%

CVE-2026-25108(8.8 HIGH)

EPSS: 0.33%

CVE-2026-22765(8.8 HIGH)

EPSS: 0.00%

CVE-2025-33181(7.3 HIGH)

EPSS: 0.00%

CVE-2026-2798(8.8 HIGH)

EPSS: 0.00%

CVE-2026-26746(8.8 HIGH)

EPSS: 0.21%

CVE-2025-70329(8.0 HIGH)

EPSS: 0.43%

CVE-2026-27483(8.8 HIGH)

EPSS: 0.00%

CVE-2026-2980(7.2 HIGH)

EPSS: 0.04%

CVE-2026-23693(10.0 CRITICAL)

EPSS: 0.15%

CVE-2026-25989(7.5 HIGH)

EPSS: 0.04%

CVE-2025-15386(8.8 HIGH)

EPSS: 0.03%

CVE-2026-27515(9.1 CRITICAL)

EPSS: 0.00%

CVE-2026-23678(8.8 HIGH)

EPSS: 0.00%

CVE-2026-27520(7.5 HIGH)

EPSS: 0.00%

CVE-2026-27507(9.8 CRITICAL)

EPSS: 0.00%

CVE-2026-27516(8.1 HIGH)

EPSS: 0.00%

CVE-2026-2904(8.8 HIGH)

EPSS: 0.04%

CVE-2026-25131
(8.8 HIGH)

CVE-2026-24849
(9.9 CRITICAL)

CVE-2025-69231
(8.7 HIGH)

CVE-2025-67752
(8.1 HIGH)

CVE-2026-0797
(7.8 HIGH)

CVE-2026-27593
(9.3 CRITICAL)

CVE-2026-25899
(7.5 HIGH)

CVE-2026-26222
(0 None)

CVE-2026-26341
(0 None)

CVE-2026-21410
(9.8 CRITICAL)

CVE-2026-22553
(9.8 CRITICAL)

CVE-2025-33180
(8.0 HIGH)

CVE-2026-3105
(7.6 HIGH)

CVE-2025-33179
(8.0 HIGH)

CVE-2026-24241
(4.3 MEDIUM)

CVE-2026-27519
(7.5 HIGH)

CVE-2026-2769
(8.8 HIGH)

CVE-2026-27208
(9.2 CRITICAL)

CVE-2026-2038
(9.8 CRITICAL)

CVE-2026-2039
(9.8 CRITICAL)

CVE-2026-2037
(8.8 HIGH)

CVE-2026-2045
(7.8 HIGH)

CVE-2026-3044
(8.8 HIGH)

CVE-2026-25108
(8.8 HIGH)

CVE-2026-22765
(8.8 HIGH)

CVE-2025-33181
(7.3 HIGH)

CVE-2026-2798
(8.8 HIGH)

CVE-2026-26746
(8.8 HIGH)

CVE-2025-70329
(8.0 HIGH)

CVE-2026-27483
(8.8 HIGH)

CVE-2026-2980
(7.2 HIGH)

CVE-2026-23693
(10.0 CRITICAL)

CVE-2026-25989
(7.5 HIGH)

CVE-2025-15386
(8.8 HIGH)

CVE-2026-27515
(9.1 CRITICAL)

CVE-2026-23678
(8.8 HIGH)

CVE-2026-27520
(7.5 HIGH)

CVE-2026-27507
(9.8 CRITICAL)

CVE-2026-27516
(8.1 HIGH)

CVE-2026-2904
(8.8 HIGH)

CVE-2025-40541
(9.1 CRITICAL)

CVE-2026-25794
(8.2 HIGH)

CVE-2026-27211
(10.0 CRITICAL)

CVE-2026-25802
(7.6 HIGH)

CVE-2026-27574
(10.0 CRITICAL)

CVE-2026-25985
(7.5 HIGH)

CVE-2026-24481
(7.5 HIGH)

CVE-2026-27212
(7.8 HIGH)

CVE-2026-27471
(9.1 CRITICAL)

CVE-2026-27479
(7.7 HIGH)

CVE-2026-27127
(0 None)

CVE-2026-26198
(9.8 CRITICAL)

CVE-2025-13943
(8.8 HIGH)

CVE-2026-26331
(8.8 HIGH)

CVE-2026-25965
(8.6 HIGH)

CVE-2026-24485
(7.5 HIGH)

CVE-2026-25648
(8.7 HIGH)

CVE-2026-21863
(7.5 HIGH)

CVE-2026-2041
(8.8 HIGH)

CVE-2026-27161
(7.5 HIGH)

CVE-2025-40538
(9.1 CRITICAL)

CVE-2025-40539
(9.1 CRITICAL)

CVE-2025-40540
(9.1 CRITICAL)

CVE-2026-1459
(7.2 HIGH)

CVE-2025-13942
(9.8 CRITICAL)

CVE-2026-27487
(7.6 HIGH)

CVE-2026-27198
(8.8 HIGH)

CVE-2026-27196
(8.1 HIGH)

CVE-2026-27203
(8.3 HIGH)

CVE-2025-69700
(7.5 HIGH)

CVE-2025-69380
(7.5 HIGH)

CVE-2026-26722
(9.4 CRITICAL)

CVE-2026-26723
(8.2 HIGH)

CVE-2025-70833
(9.4 CRITICAL)