CVE

Zero Day Initiative CVE Microsoft Feb 19

ZDI-26-117: RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of RustDesk Client for Windows. An attacker must first ...

1 IOC

Zero Day Initiative →

Zero Day Initiative CVE F5 Feb 19

ZDI-26-116: TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execut...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Fortinet Feb 19

ZDI-26-115: Fortinet FortiClient VPN FCConfig Utility Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Fortinet FortiClient VPN. An attacker must first obtain the abi...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-114: Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-113: Dassault Systèmes eDrawings Viewer EPRT File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-112: Dassault Systèmes eDrawings Viewer EPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-111: MLflow Use of Default Password Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulne...

T1556 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-110: Bosch Rexroth IndraWorks Print Settings File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bosch Rexroth IndraWorks. User interaction is required to e...

T1190 2 IOCs

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-109: Bosch Rexroth IndraWorks OPC.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bosch Rexroth IndraWorks. User interaction is required to e...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-108: Bosch Rexroth IndraWorks UA.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bosch Rexroth IndraWorks. User interaction is required to e...

T1190 1 IOC

Zero Day Initiative →

Fortinet Blog CVE Microsoft Feb 10

Deep Dive into New XWorm Campaign Utilizing Multiple-Themed Phishing Emails

FortiGuard Labs details a new XWorm RAT campaign using multi-language phishing emails, Excel exploits (CVE-2018-0802), HTA execution, and fileless .

T1566 1 IOC

Fortinet Blog →

Google Project Zero CVE Apple Jan 29

Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529

In the first part of this series, I detailed my journey into macOS security research, which led to the discovery of a type confusion vulnerability (CVE-2024-...

2 IOCs

Google Project Zero →

Fortinet Blog CVE Jan 28

Unveiling the Weaponized Web Shell EncystPHP

FortiGuard Labs analyzes EncystPHP, a stealthy web shell exploiting CVE-2025-64328 in FreePBX environments to enable remote command execution, persistence, a...

T1190 1 IOC

Fortinet Blog →

Mandiant Blog CVE Microsoft Google Intel Jan 27

Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088

Introduction The Google Threat Intelligence Group (GTIG) has identified widespread, active exploitation of the critical vulnerability CVE-2025-8088 in WinRAR...

1 IOC

Mandiant Blog →

Fortinet Blog CVE Jan 14

New Remcos Campaign Distributed Through Fake Shipping Document

FortiGuard Labs analyzes a phishing campaign delivering a fileless Remcos RAT via malicious Word templates, CVE-2017-11882 exploitation, and in-memory execut...

T1566 1 IOC

Fortinet Blog →

Recorded Future CVE Amazon Jan 13

December 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat Activity

December 2025 saw a 120% surge in critical CVEs, with 22 exploited flaws and React2Shell (CVE-2025-55182) dominating threat activity across Meta’s React fram...

1 IOC

Recorded Future →

ESET Research CVE Microsoft Dec 22

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

A comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of mass exploitation

1 IOC

ESET Research →

Google Project Zero CVE Linux Dec 16

Thinking Outside The Box [dusted off draft from 2017]

Preface Hello from the future! This is a blogpost I originally drafted in early 2017.

1 IOC

Google Project Zero →

Mandiant Blog CVE Nov 10

No Place Like Localhost: Unauthenticated Remote Access via Triofox Vulnerability CVE-2025-12480

Written by: Stallone D'Souza, Praveeth DSouza, Bill Glynn, Kevin O'Flynn, Yash Gupta Welcome to the Frontline Bulletin Series Straight from Mandiant Threat D...

1 IOC

Mandiant Blog →