{"exported_at":"2026-06-09T23:31:39.951Z","count":759,"iocs":[{"type":"cve","value":"CVE-2026-44963","source":"SC Media","article_title":"Veeam releases security update for critical backup server vulnerability","article_url":"https://www.scworld.com/brief/veeam-releases-security-update-for-critical-backup-server-vulnerability","published_at":"2026-06-09T22:48:27.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-49160","source":"Tenable Blog","article_title":"Microsoft’s June 2026 Patch Tuesday Addresses 198 CVEs ( CVE-2026-49160, CVE-2026-50507)","article_url":"https://www.tenable.com/blog/microsofts-june-2026-patch-tuesday-addresses-198-cves-cve-2026-49160-cve-2026-50507","published_at":"2026-06-09T18:19:42.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-50507","source":"Tenable Blog","article_title":"Microsoft’s June 2026 Patch Tuesday Addresses 198 CVEs ( CVE-2026-49160, CVE-2026-50507)","article_url":"https://www.tenable.com/blog/microsofts-june-2026-patch-tuesday-addresses-198-cves-cve-2026-49160-cve-2026-50507","published_at":"2026-06-09T18:19:42.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-10263","source":"Tenable Blog","article_title":"Microsoft’s June 2026 Patch Tuesday Addresses 198 CVEs ( CVE-2026-49160, CVE-2026-50507)","article_url":"https://www.tenable.com/blog/microsofts-june-2026-patch-tuesday-addresses-198-cves-cve-2026-49160-cve-2026-50507","published_at":"2026-06-09T18:19:42.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8863","source":"Tenable Blog","article_title":"Microsoft’s June 2026 Patch Tuesday Addresses 198 CVEs ( CVE-2026-49160, CVE-2026-50507)","article_url":"https://www.tenable.com/blog/microsofts-june-2026-patch-tuesday-addresses-198-cves-cve-2026-49160-cve-2026-50507","published_at":"2026-06-09T18:19:42.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-44963","source":"Security Affairs","article_title":"Critical Veeam RCE Flaw Lets Low-Privilege Users Take Over Backup Servers","article_url":"https://securityaffairs.com/193385/uncategorized/critical-veeam-rce-flaw-lets-low-privilege-users-take-over-backup-servers.html","published_at":"2026-06-09T16:51:20.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-44963","source":"The Hacker News","article_title":"Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code","article_url":"https://thehackernews.com/2026/06/veeam-backup-replication-rce-flaw-lets.html","published_at":"2026-06-09T16:39:47.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-8088","source":"The Hacker News","article_title":"WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine","article_url":"https://thehackernews.com/2026/06/winrar-flaw-exploited-by-russia-aligned.html","published_at":"2026-06-09T12:26:10.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42271","source":"GBHackers","article_title":"LiteLLM Vulnerability Allows Attackers to Execute Arbitrary Commands on Servers","article_url":"https://gbhackers.com/litellm-vulnerability/","published_at":"2026-06-09T12:10:52.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48710","source":"GBHackers","article_title":"LiteLLM Vulnerability Allows Attackers to Execute Arbitrary Commands on Servers","article_url":"https://gbhackers.com/litellm-vulnerability/","published_at":"2026-06-09T12:10:52.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-7473","source":"CISA Advisories","article_title":"CISA Adds Three Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/06/09/cisa-adds-three-known-exploited-vulnerabilities-catalog","published_at":"2026-06-09T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-11645","source":"CISA Advisories","article_title":"CISA Adds Three Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/06/09/cisa-adds-three-known-exploited-vulnerabilities-catalog","published_at":"2026-06-09T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20245","source":"CISA Advisories","article_title":"CISA Adds Three Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/06/09/cisa-adds-three-known-exploited-vulnerabilities-catalog","published_at":"2026-06-09T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-11645","source":"The Hacker News","article_title":"Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now","article_url":"https://thehackernews.com/2026/06/chrome-v8-zero-day-cve-2026-11645.html","published_at":"2026-06-09T11:58:49.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42271","source":"Help Net Security","article_title":"LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)","article_url":"https://www.helpnetsecurity.com/2026/06/09/litellm-vulnerability-under-active-attack-cisa-warns-cve-2026-42271/","published_at":"2026-06-09T11:37:31.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-11645","source":"Help Net Security","article_title":"Google patches Chrome zero-day exploited in the wild (CVE-2026-11645)","article_url":"https://www.helpnetsecurity.com/2026/06/09/google-chrome-zero-day-cve-2026-11645/","published_at":"2026-06-09T11:24:41.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-11645","source":"Security Affairs","article_title":"Google fixes the fifth actively exploited Chrome zero-day of 2026","article_url":"https://securityaffairs.com/193371/hacking/google-fixes-fifth-actively-exploited-chrome-zero-day-of-2026.html","published_at":"2026-06-09T10:38:32.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-11645","source":"Infosecurity Magazine","article_title":"Google Releases Patch for Chrome Vulnerability Exploited in the Wild","article_url":"https://www.infosecurity-magazine.com/news/google-patch-chrome-vulnerability/","published_at":"2026-06-09T10:15:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42271","source":"Security Affairs","article_title":"U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/193343/security/u-s-cisa-adds-berriai-litellm-and-check-point-security-gateway-flaws-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-06-09T08:11:40.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23111","source":"GBHackers","article_title":"Linux Kernel Flaw Allows Local Attackers to Gain Root Privileges","article_url":"https://gbhackers.com/linux-kernel-flaw-allows-local-attackers-to-gain-privileges/","published_at":"2026-06-09T07:58:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23111","source":"Security Affairs","article_title":"CVE-2026-23111: Linux nf_tables Flaw Enables Root Exploits","article_url":"https://securityaffairs.com/193352/hacking/cve-2026-23111-linux-nf_tables-flaw-enables-root-exploits.html","published_at":"2026-06-09T07:27:39.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42271","source":"The Hacker News","article_title":"LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE","article_url":"https://thehackernews.com/2026/06/litellm-flaw-cve-2026-42271-exploited.html","published_at":"2026-06-09T06:26:14.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-11645","source":"SecurityWeek","article_title":"Google Patches 5th Chrome Zero-Day Exploited in 2026","article_url":"https://www.securityweek.com/google-patches-5th-chrome-zero-day-exploited-in-2026/","published_at":"2026-06-09T05:57:40.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-50751","source":"GBHackers","article_title":"Check Point VPN Zero-Day Under Active Exploitation by Ransomware Operators","article_url":"https://gbhackers.com/check-point-vpn-zero-day/","published_at":"2026-06-09T05:22:41.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3886","source":"Zero Day Initiative","article_title":"ZDI-26-332: QEMU calc_image_hostmem Integer Overflow Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-332/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"domain","value":"x.org","source":"Zero Day Initiative","article_title":"ZDI-26-337: X.Org Server CheckKeyTypes Buffer Overflow Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-337/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34003","source":"Zero Day Initiative","article_title":"ZDI-26-337: X.Org Server CheckKeyTypes Buffer Overflow Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-337/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"domain","value":"x.org","source":"Zero Day Initiative","article_title":"ZDI-26-336: X.Org Server CheckKeyActions Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-336/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34002","source":"Zero Day Initiative","article_title":"ZDI-26-336: X.Org Server CheckKeyActions Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-336/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"domain","value":"x.org","source":"Zero Day Initiative","article_title":"ZDI-26-335: X.Org Server SyncAwaitFence Use-After-Free Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-335/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34001","source":"Zero Day Initiative","article_title":"ZDI-26-335: X.Org Server SyncAwaitFence Use-After-Free Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-335/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"domain","value":"x.org","source":"Zero Day Initiative","article_title":"ZDI-26-334: X.Org Server CheckSetGeom Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-334/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34000","source":"Zero Day Initiative","article_title":"ZDI-26-334: X.Org Server CheckSetGeom Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-334/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"domain","value":"x.org","source":"Zero Day Initiative","article_title":"ZDI-26-333: X.Org Server XkbSetCompatMap Integer Underflow Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-333/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33999","source":"Zero Day Initiative","article_title":"ZDI-26-333: X.Org Server XkbSetCompatMap Integer Underflow Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-333/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8037","source":"Zero Day Initiative","article_title":"ZDI-26-342: Progress Software Kemp LoadMaster apiuser Uninitialized Memory Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-342/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8037","source":"Zero Day Initiative","article_title":"ZDI-26-341: Progress Software Kemp LoadMaster dolistapikeys Uninitialized Memory Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-341/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8037","source":"Zero Day Initiative","article_title":"ZDI-26-340: Progress Software Kemp LoadMaster dodelapikey Uninitialized Memory Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-340/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48565","source":"Zero Day Initiative","article_title":"ZDI-26-339: Microsoft Windows Narrator Braille Support brlapi Exposed Dangerous Function Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-339/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-24162","source":"Zero Day Initiative","article_title":"ZDI-26-338: NVIDIA Transformers4Rec Model.load Deserialization of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-338/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-47924","source":"Zero Day Initiative","article_title":"ZDI-26-346: Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-346/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-47912","source":"Zero Day Initiative","article_title":"ZDI-26-345: Adobe Acrobat Reader DC Font Handling Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-345/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-47923","source":"Zero Day Initiative","article_title":"ZDI-26-344: Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-344/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-47911","source":"Zero Day Initiative","article_title":"ZDI-26-343: Adobe Acrobat Reader DC TIF File Parsing Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-343/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-47919","source":"Zero Day Initiative","article_title":"ZDI-26-354: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-354/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-47918","source":"Zero Day Initiative","article_title":"ZDI-26-353: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-353/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-47917","source":"Zero Day Initiative","article_title":"ZDI-26-352: Adobe Acrobat Pro DC AcroForm Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-352/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48292","source":"Zero Day Initiative","article_title":"ZDI-26-351: Adobe USD-Fileformat-plugins Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-351/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48291","source":"Zero Day Initiative","article_title":"ZDI-26-350: Adobe USD-Fileformat-plugins Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-350/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-47915","source":"Zero Day Initiative","article_title":"ZDI-26-349: Adobe Acrobat Pro DC Annots.api Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-349/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-47914","source":"Zero Day Initiative","article_title":"ZDI-26-348: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-348/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-47913","source":"Zero Day Initiative","article_title":"ZDI-26-347: Adobe Acrobat Reader DC Multimedia Rendition Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-347/","published_at":"2026-06-09T05:00:00.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9964,","source":"SANS ISC","article_title":"ISC Stormcast For Tuesday, June 9th, 2026 https://isc.sans.edu/podcastdetail/9964, (Tue, Jun 9th)","article_url":"https://isc.sans.edu/diary/rss/33062","published_at":"2026-06-09T02:00:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34908","source":"SC Media","article_title":"Ubiquiti UniFi OS server vulnerabilities allow unauthenticated remote code execution","article_url":"https://www.scworld.com/brief/ubiquiti-unifi-os-server-vulnerabilities-allow-unauthenticated-remote-code-execution","published_at":"2026-06-08T22:41:53.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34909","source":"SC Media","article_title":"Ubiquiti UniFi OS server vulnerabilities allow unauthenticated remote code execution","article_url":"https://www.scworld.com/brief/ubiquiti-unifi-os-server-vulnerabilities-allow-unauthenticated-remote-code-execution","published_at":"2026-06-08T22:41:53.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34910","source":"SC Media","article_title":"Ubiquiti UniFi OS server vulnerabilities allow unauthenticated remote code execution","article_url":"https://www.scworld.com/brief/ubiquiti-unifi-os-server-vulnerabilities-allow-unauthenticated-remote-code-execution","published_at":"2026-06-08T22:41:53.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20245","source":"CSO Online","article_title":"Attackers exploiting unpatched Cisco SD-WAN flaw","article_url":"https://www.csoonline.com/article/4182571/attackers-exploiting-unpatched-cisco-sd-wan-flaw.html","published_at":"2026-06-08T21:48:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23111","source":"The Hacker News","article_title":"One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public","article_url":"https://thehackernews.com/2026/06/one-character-linux-kernel-flaw-enables.html","published_at":"2026-06-08T20:17:39.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-50751","source":"Rapid7 Blog","article_title":"Critical Check Point VPN Zero-Day Exploited in the Wild (CVE-2026-50751)","article_url":"https://www.rapid7.com/blog/post/etr-critical-check-point-vpn-zero-day-exploited-in-the-wild-cve-2026-50751","published_at":"2026-06-08T17:05:16.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-50751","source":"The Hacker News","article_title":"Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups","article_url":"https://thehackernews.com/2026/06/critical-check-point-vpn-flaw-exploited.html","published_at":"2026-06-08T14:17:39.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3300","source":"Security Affairs","article_title":"Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access","article_url":"https://securityaffairs.com/193325/security/everest-forms-pro-wordpress-flaw-is-handing-attackers-admin-access.html","published_at":"2026-06-08T14:11:44.000Z","origin":"rss"},{"type":"domain","value":"polyfill.io","source":"SC Media","article_title":"Toshiba and Muji warn of fake login screens from polyfill.io","article_url":"https://www.scworld.com/brief/toshiba-and-muji-warn-of-fake-login-screens-from-polyfill-io","published_at":"2026-06-08T13:04:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-50751","source":"Help Net Security","article_title":"Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)","article_url":"https://www.helpnetsecurity.com/2026/06/08/check-point-cve-2026-50751-qilin-ransomware/","published_at":"2026-06-08T12:23:16.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41722","source":"GBHackers","article_title":"Multiple VMware Stored XSS Flaw Enable Attackers to Inject Malicious Scripts","article_url":"https://gbhackers.com/multiple-vmware-stored-xss-flaw/","published_at":"2026-06-08T12:09:17.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41723","source":"GBHackers","article_title":"Multiple VMware Stored XSS Flaw Enable Attackers to Inject Malicious Scripts","article_url":"https://gbhackers.com/multiple-vmware-stored-xss-flaw/","published_at":"2026-06-08T12:09:17.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41724","source":"GBHackers","article_title":"Multiple VMware Stored XSS Flaw Enable Attackers to Inject Malicious Scripts","article_url":"https://gbhackers.com/multiple-vmware-stored-xss-flaw/","published_at":"2026-06-08T12:09:17.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42271","source":"CISA Advisories","article_title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/06/08/cisa-adds-two-known-exploited-vulnerabilities-catalog","published_at":"2026-06-08T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-50751","source":"CISA Advisories","article_title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/06/08/cisa-adds-two-known-exploited-vulnerabilities-catalog","published_at":"2026-06-08T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28318","source":"Help Net Security","article_title":"CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)","article_url":"https://www.helpnetsecurity.com/2026/06/08/cisa-patch-actively-exploited-solarwinds-serv-u-dos-vulnerability-cve-2026-28318/","published_at":"2026-06-08T10:26:34.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23631","source":"GBHackers","article_title":"Critical Redis Vulnerability Could Let Attackers Execute Code and Hijack Servers","article_url":"https://gbhackers.com/critical-redis-vulnerability/","published_at":"2026-06-08T08:25:25.000Z","origin":"rss"},{"type":"cve","value":"CVE-2021-27137","source":"Security Affairs","article_title":"IoT Botnet C0XMO Adds Competitor-Killing Capability","article_url":"https://securityaffairs.com/193290/uncategorized/iot-botnet-c0xmo-adds-competitor-killing-capability.html","published_at":"2026-06-08T07:03:30.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9962,","source":"SANS ISC","article_title":"ISC Stormcast For Monday, June 8th, 2026 https://isc.sans.edu/podcastdetail/9962, (Mon, Jun 8th)","article_url":"https://isc.sans.edu/diary/rss/33058","published_at":"2026-06-08T02:00:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28318","source":"Security Affairs","article_title":"U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/193245/security/u-s-cisa-adds-solarwinds-serv-u-flaw-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-06-06T21:44:53.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3300","source":"BleepingComputer","article_title":"Critical Everest Forms Pro flaw exploited to take over WordPress sites","article_url":"https://www.bleepingcomputer.com/news/security/critical-everest-forms-pro-flaw-exploited-to-take-over-wordpress-sites/","published_at":"2026-06-06T14:09:26.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34908","source":"GBHackers","article_title":"Critical UniFi OS Auth Bypass Flaws Lead to Unauthenticated Root RCE","article_url":"https://gbhackers.com/critical-unifi-os-auth-bypass-flaws/","published_at":"2026-06-06T10:28:07.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34909","source":"GBHackers","article_title":"Critical UniFi OS Auth Bypass Flaws Lead to Unauthenticated Root RCE","article_url":"https://gbhackers.com/critical-unifi-os-auth-bypass-flaws/","published_at":"2026-06-06T10:28:07.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34910","source":"GBHackers","article_title":"Critical UniFi OS Auth Bypass Flaws Lead to Unauthenticated Root RCE","article_url":"https://gbhackers.com/critical-unifi-os-auth-bypass-flaws/","published_at":"2026-06-06T10:28:07.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28318","source":"GBHackers","article_title":"CISA Alerts on Actively Exploited SolarWinds Serv-U Denial-of-Service Flaw","article_url":"https://gbhackers.com/cisa-exploited-solarwinds-serv-u-flaw/","published_at":"2026-06-06T10:01:35.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28318","source":"The Hacker News","article_title":"CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog","article_url":"https://thehackernews.com/2026/06/cisa-adds-actively-exploited-solarwinds.html","published_at":"2026-06-06T08:14:31.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20245","source":"The Hacker News","article_title":"Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available","article_url":"https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-manager-cve-2026.html","published_at":"2026-06-06T04:19:28.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28318","source":"SC Media","article_title":"Hackers actively exploit SolarWinds Serv-U flaw to crash servers, CISA warns","article_url":"https://www.scworld.com/brief/hackers-actively-exploit-solarwinds-serv-u-flaw-to-crash-servers-cisa-warns","published_at":"2026-06-05T22:00:23.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"Unit 42","article_title":"Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257","article_url":"https://unit42.paloaltonetworks.com/active-exploitation-of-pan-os-cve-2026-0257/","published_at":"2026-06-05T14:05:42.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20245","source":"Security Affairs","article_title":"Cisco SD-WAN Has a New Root-Level Problem, and There’s No Fix Yet","article_url":"https://securityaffairs.com/193203/security/cisco-sd-wan-has-a-new-root-level-problem-and-theres-no-fix-yet.html","published_at":"2026-06-05T13:35:46.000Z","origin":"rss"},{"type":"domain","value":"googletagmanager.com","source":"GBHackers","article_title":"New Magecart Attack Abuses Stripe as Malware C2","article_url":"https://gbhackers.com/magecart-abuses-stripe-c2/","published_at":"2026-06-05T12:54:01.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28318","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/06/05/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-06-05T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4372","source":"GBHackers","article_title":"Hugging Face Transformers Security Flaw Allows Remote Code Execution","article_url":"https://gbhackers.com/hugging-face-transformers-security-flaw/","published_at":"2026-06-05T10:57:31.000Z","origin":"rss"},{"type":"domain","value":"hunt.io","source":"Security Affairs","article_title":"PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network","article_url":"https://securityaffairs.com/193189/cyber-crime/pcpjack-exposed-researchers-uncover-230-node-cloud-email-relay-network.html","published_at":"2026-06-05T10:19:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2021-27137","source":"GBHackers","article_title":"New Gafgyt Variant Targets Linux Systems With Modular Spread Tactics","article_url":"https://gbhackers.com/gafgyt-variant-targets-linux/","published_at":"2026-06-05T10:06:15.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20245","source":"Help Net Security","article_title":"Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)","article_url":"https://www.helpnetsecurity.com/2026/06/05/cisco-sd-wan-cve-2026-20245-0-day-exploited/","published_at":"2026-06-05T08:44:37.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"Help Net Security","article_title":"Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)","article_url":"https://www.helpnetsecurity.com/2026/06/05/cisco-sd-wan-cve-2026-20245-0-day-exploited/","published_at":"2026-06-05T08:44:37.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20127","source":"Help Net Security","article_title":"Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)","article_url":"https://www.helpnetsecurity.com/2026/06/05/cisco-sd-wan-cve-2026-20245-0-day-exploited/","published_at":"2026-06-05T08:44:37.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3300","source":"The Hacker News","article_title":"Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites","article_url":"https://thehackernews.com/2026/06/hackers-exploit-critical-everest-forms.html","published_at":"2026-06-05T08:38:59.000Z","origin":"rss"},{"type":"cve","value":"CVE-2022-0492","source":"GBHackers","article_title":"CISA Issues Alert on Actively Exploited Linux Kernel Security Flaw","article_url":"https://gbhackers.com/cisa-issues-alert-on-linux-kernel-security-flaw/","published_at":"2026-06-05T07:26:19.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20245","source":"GBHackers","article_title":"Cisco SD-WAN Security Flaw Actively Exploited for Root-Level Command Execution","article_url":"https://gbhackers.com/cisco-sd-wan-security-flaw/","published_at":"2026-06-05T06:47:35.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20245","source":"BleepingComputer","article_title":"Cisco warns of unpatched SD-WAN zero-day exploited in attacks","article_url":"https://www.bleepingcomputer.com/news/security/new-cisco-sd-wan-flaw-exploited-in-zero-day-attacks-to-gain-root/","published_at":"2026-06-05T06:24:20.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20245","source":"SecurityWeek","article_title":"Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026","article_url":"https://www.securityweek.com/cisco-warns-of-7th-sd-wan-zero-day-exploited-in-2026/","published_at":"2026-06-05T05:47:09.000Z","origin":"rss"},{"type":"domain","value":"hunt.io","source":"The Hacker News","article_title":"PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network","article_url":"https://thehackernews.com/2026/06/pcpjack-hijacks-230-aws-google-cloud.html","published_at":"2026-06-05T05:34:19.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45492","source":"GBHackers","article_title":"Microsoft Edge Vulnerability Lets Remote Attackers Execute Arbitrary Code","article_url":"https://gbhackers.com/microsoft-edge-vulnerability/","published_at":"2026-06-05T05:24:56.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45494","source":"GBHackers","article_title":"Microsoft Edge Vulnerability Lets Remote Attackers Execute Arbitrary Code","article_url":"https://gbhackers.com/microsoft-edge-vulnerability/","published_at":"2026-06-05T05:24:56.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45495","source":"GBHackers","article_title":"Microsoft Edge Vulnerability Lets Remote Attackers Execute Arbitrary Code","article_url":"https://gbhackers.com/microsoft-edge-vulnerability/","published_at":"2026-06-05T05:24:56.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9960,","source":"SANS ISC","article_title":"ISC Stormcast For Friday, June 5th, 2026 https://isc.sans.edu/podcastdetail/9960, (Fri, Jun 5th)","article_url":"https://isc.sans.edu/diary/rss/33050","published_at":"2026-06-05T02:00:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23479","source":"SC Media","article_title":"Critical Redis vulnerability CVE-2026-23479 allows remote code execution","article_url":"https://www.scworld.com/brief/critical-redis-vulnerability-cve-2026-23479-allows-remote-code-execution","published_at":"2026-06-04T22:58:46.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4372","source":"SC Media","article_title":"Critical vulnerability in Hugging Face Transformers library allowed arbitrary code execution","article_url":"https://www.scworld.com/brief/critical-vulnerability-in-hugging-face-transformers-library-allowed-arbitrary-code-execution","published_at":"2026-06-04T22:50:13.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45247","source":"Security Affairs","article_title":"U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/193156/security/u-s-cisa-adds-mirasvit-full-page-cache-warmer-flaw-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-06-04T17:10:17.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20230","source":"The Hacker News","article_title":"Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public","article_url":"https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html","published_at":"2026-06-04T16:55:51.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20230","source":"Security Affairs","article_title":"Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges","article_url":"https://securityaffairs.com/193142/hacking/critical-cisco-unified-cm-bug-patched-as-public-exploit-code-emerges.html","published_at":"2026-06-04T13:10:12.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-11482","source":"CISA Advisories","article_title":"B&R PPT30 Operating System","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-155-03","published_at":"2026-06-04T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20230","source":"GBHackers","article_title":"PoC Exploit Released for Cisco Unified Communications Manager Security Vulnerability","article_url":"https://gbhackers.com/poc-exploit-released-for-cisco/","published_at":"2026-06-04T09:28:58.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45247","source":"The Hacker News","article_title":"CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog","article_url":"https://thehackernews.com/2026/06/cisa-adds-exploited-magento-rce-flaw.html","published_at":"2026-06-04T07:19:33.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-48595","source":"GBHackers","article_title":"CISA Alerts Users to Actively Exploited Android Framework Security Vulnerability","article_url":"https://gbhackers.com/cisa-alerts-android-framework-security-vulnerability/","published_at":"2026-06-04T06:07:26.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-7480","source":"Zero Day Initiative","article_title":"ZDI-26-328: ASUS Business Manager Service Client-Side Authentication Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-328/","published_at":"2026-06-04T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45495","source":"Zero Day Initiative","article_title":"ZDI-26-331: (Pwn2Own) Microsoft Edge Feedback Log File Handling Directory Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-331/","published_at":"2026-06-04T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45494","source":"Zero Day Initiative","article_title":"ZDI-26-330: (Pwn2Own) Microsoft Edge Navigation Handling Universal Cross-Site Scripting Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-330/","published_at":"2026-06-04T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45492","source":"Zero Day Initiative","article_title":"ZDI-26-329: (Pwn2Own) Microsoft Edge Origin Validation Error Security Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-329/","published_at":"2026-06-04T05:00:00.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9958,","source":"SANS ISC","article_title":"ISC Stormcast For Thursday, June 4th, 2026 https://isc.sans.edu/podcastdetail/9958, (Thu, Jun 4th)","article_url":"https://isc.sans.edu/diary/rss/33046","published_at":"2026-06-04T02:00:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33829","source":"SC Media","article_title":"Unpatched Windows search URI handler issue leaks NTLMv2 hashes","article_url":"https://www.scworld.com/brief/unpatched-windows-search-uri-handler-vulnerability-leaks-ntlmv2-hashes","published_at":"2026-06-03T22:23:36.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-49200","source":"SC Media","article_title":"Acer addresses critical zero-day vulnerabilities in Wave 7 routers","article_url":"https://www.scworld.com/brief/acer-addresses-critical-zero-day-vulnerabilities-in-wave-7-routers","published_at":"2026-06-03T22:16:14.000Z","origin":"rss"},{"type":"cve","value":"CVE-2022-0492","source":"SC Media","article_title":"CISA adds Android and Linux kernel flaws to exploited vulnerabilities catalog","article_url":"https://www.scworld.com/brief/cisa-adds-android-and-linux-kernel-flaws-to-exploited-vulnerabilities-catalog","published_at":"2026-06-03T21:44:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-48595","source":"SC Media","article_title":"CISA adds Android and Linux kernel flaws to exploited vulnerabilities catalog","article_url":"https://www.scworld.com/brief/cisa-adds-android-and-linux-kernel-flaws-to-exploited-vulnerabilities-catalog","published_at":"2026-06-03T21:44:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23479","source":"The Hacker News","article_title":"Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)","article_url":"https://thehackernews.com/2026/06/autonomous-ai-tool-finds-2-year-old-rce.html","published_at":"2026-06-03T13:47:09.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8206","source":"GBHackers","article_title":"WordPress Plugin Flaw Opens Door to Privilege Escalation Attacks Across 500,000+ Sites","article_url":"https://gbhackers.com/wordpress-plugin-flaw-4/","published_at":"2026-06-03T12:29:01.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42253","source":"GBHackers","article_title":"Critical Apache ActiveMQ Vulnerability Exposes Systems to Security Header Injection Attacks","article_url":"https://gbhackers.com/critical-activemq-vulnerability/","published_at":"2026-06-03T12:01:49.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45247","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/06/03/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-06-03T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9614","source":"GBHackers","article_title":"Ivanti ITSM Flaw Could Allow Attackers to Escalate to Admin Access","article_url":"https://gbhackers.com/ivanti-itsm-flaw/","published_at":"2026-06-03T10:50:39.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33829","source":"The Hacker News","article_title":"Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes","article_url":"https://thehackernews.com/2026/06/unpatched-windows-search-uri.html","published_at":"2026-06-03T10:18:52.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-48595","source":"Security Affairs","article_title":"Google Patches Actively Exploited Android Flaw Affecting Millions of Devices","article_url":"https://securityaffairs.com/193057/breaking-news/google-patches-actively-exploited-android-flaw-affecting-millions-of-devices.html","published_at":"2026-06-03T09:44:47.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33829","source":"GBHackers","article_title":"Windows Search URI Handler Vulnerability Exposes NTLMv2 Hashes to Remote Attackers","article_url":"https://gbhackers.com/windows-search-uri-handler-vulnerability/","published_at":"2026-06-03T08:56:29.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48019","source":"GBHackers","article_title":"Laravel CRLF Injection Flaw Could Disrupt Outbound Email Handling","article_url":"https://gbhackers.com/laravel-crlf-injection-flaw/","published_at":"2026-06-03T07:18:55.000Z","origin":"rss"},{"type":"domain","value":"portal.azure.com","source":"GBHackers","article_title":"Microsoft MSRC Allegedly Declines Action on Dependency Confusion Vulnerability","article_url":"https://gbhackers.com/microsoft-msrc-declines-action-on-dependency-confusion-vulnerability/","published_at":"2026-06-03T05:25:30.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0826","source":"Security Affairs","article_title":"Why an HP Poly VoIP Phones Bug Could Become an Enterprise Foothold","article_url":"https://securityaffairs.com/193045/security/why-an-hp-poly-voip-phones-bug-could-become-an-enterprise-foothold.html","published_at":"2026-06-03T05:03:30.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8936","source":"Zero Day Initiative","article_title":"ZDI-26-327: Docker Desktop grpcfuse Kernel Module Uncontrolled Recursion Denial-of-Service Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-327/","published_at":"2026-06-03T05:00:00.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9956,","source":"SANS ISC","article_title":"ISC Stormcast For Wednesday, June 3rd, 2026 https://isc.sans.edu/podcastdetail/9956, (Wed, Jun 3rd)","article_url":"https://isc.sans.edu/diary/rss/33042","published_at":"2026-06-03T02:00:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-21182","source":"CSO Online","article_title":"Two-year old Oracle WebLogic Server vulnerability is being exploited","article_url":"https://www.csoonline.com/article/4180218/two-year-old-oracle-weblogic-server-vulnerability-is-being-exploited.html","published_at":"2026-06-02T23:34:40.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8206","source":"BleepingComputer","article_title":"Critical Kirki flaw exploited to hijack WordPress admin accounts","article_url":"https://www.bleepingcomputer.com/news/security/critical-kirki-flaw-exploited-to-hijack-wordpress-admin-accounts/","published_at":"2026-06-02T22:12:57.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-48595","source":"SC Media","article_title":"Google releases June Android security patches addressing 124 vulnerabilities, including 1 zero-day","article_url":"https://www.scworld.com/brief/google-releases-june-android-security-patches-addressing-124-vulnerabilities-including-one-zero-day","published_at":"2026-06-02T22:07:40.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-21182","source":"SC Media","article_title":"CISA orders agencies to patch critical Oracle WebLogic Server vulnerability","article_url":"https://www.scworld.com/brief/cisa-orders-agencies-to-patch-critical-oracle-weblogic-server-vulnerability","published_at":"2026-06-02T21:45:27.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0826","source":"CSO Online","article_title":"HP Poly VoIP vulnerability sets the stage for executive voice deepfakes","article_url":"https://www.csoonline.com/article/4180223/hp-poly-voip-vulnerability-sets-the-stage-for-executive-voice-deepfakes.html","published_at":"2026-06-02T20:58:20.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-48595","source":"The Hacker News","article_title":"Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited","article_url":"https://thehackernews.com/2026/06/google-june-2026-android-update-patches.html","published_at":"2026-06-02T18:46:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-8088","source":"The Hacker News","article_title":"Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine","article_url":"https://thehackernews.com/2026/06/gamaredon-exploits-winrar-to-deliver.html","published_at":"2026-06-02T18:21:49.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-21182","source":"The Hacker News","article_title":"Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation","article_url":"https://thehackernews.com/2026/06/oracle-weblogic-cve-2024-21182-added-to.html","published_at":"2026-06-02T18:14:42.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-21182","source":"Security Affairs","article_title":"U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/193027/security/u-s-cisa-adds-oracle-weblogic-flaw-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-06-02T15:18:52.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-48595","source":"SecurityWeek","article_title":"Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities","article_url":"https://www.securityweek.com/android-update-patches-exploited-zero-day-123-other-vulnerabilities/","published_at":"2026-06-02T14:36:33.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-48595","source":"Help Net Security","article_title":"Google fixes actively exploited Android vulnerability (CVE-2025-48595)","article_url":"https://www.helpnetsecurity.com/2026/06/02/android-vulnerability-exploited-cve-2025-48595/","published_at":"2026-06-02T12:17:26.000Z","origin":"rss"},{"type":"cve","value":"CVE-2022-0492","source":"CISA Advisories","article_title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/06/02/cisa-adds-two-known-exploited-vulnerabilities-catalog","published_at":"2026-06-02T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-48595","source":"CISA Advisories","article_title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/06/02/cisa-adds-two-known-exploited-vulnerabilities-catalog","published_at":"2026-06-02T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5386","source":"GBHackers","article_title":"Critical KMW CCTV Flaw Allows Unauthorised Access to Surveillance Feeds","article_url":"https://gbhackers.com/critical-kmw-cctv-flaw/","published_at":"2026-06-02T11:58:32.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-21182","source":"SecurityWeek","article_title":"Oracle WebLogic Vulnerability Exploited in the Wild","article_url":"https://www.securityweek.com/oracle-weblogic-vulnerability-exploited-in-the-wild/","published_at":"2026-06-02T11:39:04.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"GBHackers","article_title":"CISA Warns of Active Exploitation of Palo Alto Networks PAN-OS Vulnerability","article_url":"https://gbhackers.com/cisa-warns-palo-alto-networks-pan-os-vulnerability/","published_at":"2026-06-02T10:24:19.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"Information Security Buzz","article_title":"Palo Alto warns of active exploitation of GlobalProtect authentication bypass flaw","article_url":"https://informationsecuritybuzz.com/palo-alto-warns-active-exploit-globalprotect/","published_at":"2026-06-02T09:49:38.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-21182","source":"GBHackers","article_title":"CISA Issues Alert on Oracle WebLogic Server Flaw Under Active Exploitation","article_url":"https://gbhackers.com/cisa-issues-alert-on-oracle-weblogic-server-flaw/","published_at":"2026-06-02T08:29:50.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-48595","source":"GBHackers","article_title":"Android Zero-Day Vulnerability Actively Exploited in Device Takeover Attacks","article_url":"https://gbhackers.com/android-zero-day-vulnerability-actively-exploited/","published_at":"2026-06-02T08:08:19.000Z","origin":"rss"},{"type":"domain","value":"crates.io","source":"GBHackers","article_title":"34 Malicious Packages Steal Cloud Keys, Wallets, and SSH Credentials","article_url":"https://gbhackers.com/34-malicious-packages-steal-cloud-keys/","published_at":"2026-06-02T08:02:28.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4387","source":"GBHackers","article_title":"Critical StrongDM Flaw Exposes Users to Authentication Token Theft and Reuse","article_url":"https://gbhackers.com/critical-strongdm-flaw-exposes-users/","published_at":"2026-06-02T07:06:33.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5509","source":"GBHackers","article_title":"TP-Link Router Security Bug Enables Remote Command Execution Attacks","article_url":"https://gbhackers.com/tp-link-router-security-bug/","published_at":"2026-06-02T05:42:12.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9954,","source":"SANS ISC","article_title":"ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)","article_url":"https://isc.sans.edu/diary/rss/33038","published_at":"2026-06-02T02:00:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8732","source":"SecurityWeek","article_title":"WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites","article_url":"https://www.securityweek.com/wp-maps-pro-vulnerability-exploited-to-take-over-wordpress-sites/","published_at":"2026-06-01T18:19:23.000Z","origin":"rss"},{"type":"domain","value":"chatgpt.com","source":"SC Media","article_title":"Attackers use ChatGPT feature to spread malware","article_url":"https://www.scworld.com/brief/attackers-use-chatgpt-feature-to-spread-malware","published_at":"2026-06-01T17:24:17.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41089","source":"SecurityWeek","article_title":"Critical Windows Netlogon Vulnerability in Attackers’ Crosshairs","article_url":"https://www.securityweek.com/critical-windows-netlogon-vulnerability-in-attackers-crosshairs/","published_at":"2026-06-01T15:02:17.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41089","source":"Help Net Security","article_title":"Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089)","article_url":"https://www.helpnetsecurity.com/2026/06/01/windows-netlogon-rce-exploited-cve-2026-41089/","published_at":"2026-06-01T14:17:39.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45247","source":"GBHackers","article_title":"Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks","article_url":"https://gbhackers.com/magento-cache-plugin-vulnerability/","published_at":"2026-06-01T13:05:45.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0826","source":"Rapid7 Blog","article_title":"CVE-2026-0826: How an Old Bug Can Feed AI-Powered Impersonation","article_url":"https://www.rapid7.com/blog/post/ve-cve-2026-0826-how-an-old-bug-can-feed-ai-powered-impersonation","published_at":"2026-06-01T13:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0826","source":"Rapid7 Blog","article_title":"CVE-2026-0826: Critical unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones (FIXED)","article_url":"https://www.rapid7.com/blog/post/ve-cve-2026-0826-critical-unauthenticated-stack-buffer-overflow-hp-poly-vvx-trio-voip-phones-fixed","published_at":"2026-06-01T13:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-44962","source":"GBHackers","article_title":"Critical Plesk Vulnerability Lets Users Execute Server Commands","article_url":"https://gbhackers.com/critical-plesk-vulnerability/","published_at":"2026-06-01T12:30:26.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-21182","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/06/01/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-06-01T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8732","source":"Security Affairs","article_title":"CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password","article_url":"https://securityaffairs.com/192977/hacking/cve-2026-8732-the-wp-maps-pro-flaw-that-lets-anyone-create-a-wordpress-admin-without-a-password.html","published_at":"2026-06-01T11:36:20.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"SecurityWeek","article_title":"Recent Palo Alto Networks Vulnerability Exploited for Weeks","article_url":"https://www.securityweek.com/recent-palo-alto-networks-vulnerability-exploited-for-weeks/","published_at":"2026-06-01T10:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"Help Net Security","article_title":"Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257)","article_url":"https://www.helpnetsecurity.com/2026/06/01/hackers-are-exploiting-palo-alto-globalprotect-vpn-authentication-bypass-cve-2026-0257/","published_at":"2026-06-01T09:40:54.000Z","origin":"rss"},{"type":"domain","value":"chatgpt.com","source":"Infosecurity Magazine","article_title":"Attackers Abuse Shared Content for ChatGPT Phishing Campaign","article_url":"https://www.infosecurity-magazine.com/news/attackers-shared-content-chatgpt/","published_at":"2026-06-01T09:30:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"Security Affairs","article_title":"U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/192951/security/u-s-cisa-adds-palo-alto-networks-pan-os-flaw-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-06-01T08:36:29.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41089","source":"GBHackers","article_title":"Windows Netlogon 0-Click RCE Vulnerability Under Active Exploitation","article_url":"https://gbhackers.com/windows-netlogon-0-click-rce-vulnerability/","published_at":"2026-06-01T06:00:51.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9952,","source":"SANS ISC","article_title":"ISC Stormcast For Monday, June 1st, 2026 https://isc.sans.edu/podcastdetail/9952, (Mon, Jun 1st)","article_url":"https://isc.sans.edu/diary/rss/33036","published_at":"2026-06-01T02:00:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"Security Affairs","article_title":"CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers","article_url":"https://securityaffairs.com/192933/security/cve-2026-0257-rapid7-caught-attackers-abusing-forged-vpn-cookies-against-multiple-customers.html","published_at":"2026-05-31T17:52:29.000Z","origin":"rss"},{"type":"domain","value":"crates.io","source":"Security Affairs","article_title":"SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99","article_url":"https://securityaffairs.com/192928/security/security-affairs-malware-newsletter-round-99.html","published_at":"2026-05-31T14:53:47.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-26980","source":"Security Affairs","article_title":"SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99","article_url":"https://securityaffairs.com/192928/security/security-affairs-malware-newsletter-round-99.html","published_at":"2026-05-31T14:53:47.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"BleepingComputer","article_title":"Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks","article_url":"https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/","published_at":"2026-05-30T18:02:51.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"GBHackers","article_title":"Palo Alto PAN-OS Authentication Bypass Vulnerability Actively Exploited in the Wild","article_url":"https://gbhackers.com/palo-alto-pan-os-authentication-bypass/","published_at":"2026-05-30T06:57:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"The Hacker News","article_title":"PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation","article_url":"https://thehackernews.com/2026/05/pan-os-globalprotect-authentication.html","published_at":"2026-05-30T06:41:26.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-43284","source":"Rapid7 Blog","article_title":"Metasploit Wrap Up 05/29/2026","article_url":"https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-05-29-2026","published_at":"2026-05-29T19:34:41.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-43500","source":"Rapid7 Blog","article_title":"Metasploit Wrap Up 05/29/2026","article_url":"https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-05-29-2026","published_at":"2026-05-29T19:34:41.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3055","source":"Rapid7 Blog","article_title":"Metasploit Wrap Up 05/29/2026","article_url":"https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-05-29-2026","published_at":"2026-05-29T19:34:41.000Z","origin":"rss"},{"type":"domain","value":"chatgpt.com","source":"The Hacker News","article_title":"ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface","article_url":"https://thehackernews.com/2026/05/chatgphish-vulnerability-turns-chatgpt.html","published_at":"2026-05-29T18:07:12.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8398","source":"SC Media","article_title":"CISA adds Daemon Tools, TanStack, and Nx Console compromised versions to KEV catalog","article_url":"https://www.scworld.com/brief/cisa-adds-daemon-tools-tanstack-and-nx-console-flaws-to-known-exploited-vulnerabilities-catalog","published_at":"2026-05-29T18:03:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45321","source":"SC Media","article_title":"CISA adds Daemon Tools, TanStack, and Nx Console compromised versions to KEV catalog","article_url":"https://www.scworld.com/brief/cisa-adds-daemon-tools-tanstack-and-nx-console-flaws-to-known-exploited-vulnerabilities-catalog","published_at":"2026-05-29T18:03:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48027","source":"SC Media","article_title":"CISA adds Daemon Tools, TanStack, and Nx Console compromised versions to KEV catalog","article_url":"https://www.scworld.com/brief/cisa-adds-daemon-tools-tanstack-and-nx-console-flaws-to-known-exploited-vulnerabilities-catalog","published_at":"2026-05-29T18:03:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"Rapid7 Blog","article_title":"Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)","article_url":"https://www.rapid7.com/blog/post/etr-rapid7-observed-exploitation-of-pan-os-globalprotect-authentication-bypass-vulnerability-cve-2026-0257","published_at":"2026-05-29T16:49:40.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-39987","source":"The Hacker News","article_title":"Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit","article_url":"https://thehackernews.com/2026/05/attackers-use-llm-agent-for-post.html","published_at":"2026-05-29T14:39:56.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0257","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/29/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-05-29T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-35616","source":"Help Net Security","article_title":"New infostealer reaches enterprise devices through FortiClient EMS vulnerability","article_url":"https://www.helpnetsecurity.com/2026/05/29/forticlient-ems-vulnerability-infostealer/","published_at":"2026-05-29T11:45:59.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48778","source":"CSO Online","article_title":"Notepad++ vulnerabilities could enable arbitrary code execution on Windows systems","article_url":"https://www.csoonline.com/article/4178622/notepad-vulnerabilities-could-enable-arbitrary-code-execution-on-windows-systems.html","published_at":"2026-05-29T09:40:04.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48800","source":"CSO Online","article_title":"Notepad++ vulnerabilities could enable arbitrary code execution on Windows systems","article_url":"https://www.csoonline.com/article/4178622/notepad-vulnerabilities-could-enable-arbitrary-code-execution-on-windows-systems.html","published_at":"2026-05-29T09:40:04.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4480","source":"GBHackers","article_title":"Samba Security Flaw Lets Attackers Execute Code Remotely","article_url":"https://gbhackers.com/samba-security-flaw/","published_at":"2026-05-29T07:45:05.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9560","source":"GBHackers","article_title":"OpenVPN Connect macOS Vulnerability Allows Remote Command Execution","article_url":"https://gbhackers.com/openvpn-connect-macos-vulnerability/","published_at":"2026-05-29T07:18:44.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9950,","source":"SANS ISC","article_title":"ISC Stormcast For Friday, May 29th, 2026 https://isc.sans.edu/podcastdetail/9950, (Fri, May 29th)","article_url":"https://isc.sans.edu/diary/rss/33030","published_at":"2026-05-29T02:00:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-35616","source":"BleepingComputer","article_title":"Hackers exploit FortiClient EMS flaw to push infostealer malware","article_url":"https://www.bleepingcomputer.com/news/security/hackers-exploit-forticlient-ems-flaw-to-push-infostealer-malware/","published_at":"2026-05-28T17:25:43.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-35616","source":"Security Affairs","article_title":"CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks","article_url":"https://securityaffairs.com/192817/malware/cve-2026-35616-forticlient-ems-flaw-actively-exploited-in-malware-attacks.html","published_at":"2026-05-28T16:05:32.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-39987","source":"GBHackers","article_title":"Hackers Pivot from marimo RCE to Internal Database Using LLM Agent","article_url":"https://gbhackers.com/hackers-pivot-from-marimo-rce/","published_at":"2026-05-28T13:38:36.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8398","source":"Security Affairs","article_title":"U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/192776/security/u-s-cisa-adds-daemon-tools-tanstack-and-nx-console-flaws-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-05-28T13:14:54.000Z","origin":"rss"},{"type":"domain","value":"zapier.com","source":"Help Net Security","article_title":"Zapier exploit chain shows how known anti-patterns compose into critical risk","article_url":"https://www.helpnetsecurity.com/2026/05/28/token-security-zapier-exploit-chain/","published_at":"2026-05-28T13:00:12.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-27771","source":"GBHackers","article_title":"Gitea Container Registry Vulnerability Could Lead to Private Image Exposure","article_url":"https://gbhackers.com/gitea-container-registry-vulnerability-private-image-exposure/","published_at":"2026-05-28T10:05:32.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48770","source":"GBHackers","article_title":"Critical Notepad++ Flaw Could Enable Remote Code Execution Attacks","article_url":"https://gbhackers.com/critical-notepad-flaw-remote-code-execution-attacks/","published_at":"2026-05-28T09:46:34.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48778","source":"GBHackers","article_title":"Critical Notepad++ Flaw Could Enable Remote Code Execution Attacks","article_url":"https://gbhackers.com/critical-notepad-flaw-remote-code-execution-attacks/","published_at":"2026-05-28T09:46:34.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48800","source":"GBHackers","article_title":"Critical Notepad++ Flaw Could Enable Remote Code Execution Attacks","article_url":"https://gbhackers.com/critical-notepad-flaw-remote-code-execution-attacks/","published_at":"2026-05-28T09:46:34.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48172","source":"Security Affairs","article_title":"U.S. CISA adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/192795/hacking/u-s-cisa-adds-litespeed-cpanel-plugin-flaw-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-05-28T09:39:34.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45208","source":"Zero Day Initiative","article_title":"ZDI-26-326: TrendAI Vision One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-326/","published_at":"2026-05-28T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45207","source":"Zero Day Initiative","article_title":"ZDI-26-325: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-325/","published_at":"2026-05-28T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45206","source":"Zero Day Initiative","article_title":"ZDI-26-324: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-324/","published_at":"2026-05-28T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34930","source":"Zero Day Initiative","article_title":"ZDI-26-323: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-323/","published_at":"2026-05-28T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34929","source":"Zero Day Initiative","article_title":"ZDI-26-322: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-322/","published_at":"2026-05-28T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34928","source":"Zero Day Initiative","article_title":"ZDI-26-321: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-321/","published_at":"2026-05-28T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34927","source":"Zero Day Initiative","article_title":"ZDI-26-320: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-320/","published_at":"2026-05-28T05:00:00.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9948,","source":"SANS ISC","article_title":"ISC Stormcast For Thursday, May 28th, 2026 https://isc.sans.edu/podcastdetail/9948, (Thu, May 28th)","article_url":"https://isc.sans.edu/diary/rss/33028","published_at":"2026-05-28T02:00:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48710","source":"SC Media","article_title":"High-severity Starlette vulnerability 'BadHost' could expose sensitive data","article_url":"https://www.scworld.com/brief/high-severity-starlette-vulnerability-badhost-could-expose-sensitive-data","published_at":"2026-05-27T21:42:52.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48710","source":"CSO Online","article_title":"FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework","article_url":"https://www.csoonline.com/article/4177711/fastapi-based-ai-tools-exposed-to-authentication-bypass-by-flaw-in-starlette-framework.html","published_at":"2026-05-27T14:46:10.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48710","source":"GBHackers","article_title":"BadHost Vulnerability Exposes Sensitive AI Agent Server Endpoints to Attackers","article_url":"https://gbhackers.com/badhost-vulnerability-exposes-sensitive-ai-agent-server/","published_at":"2026-05-27T12:29:34.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8398","source":"CISA Advisories","article_title":"CISA Adds Three Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/27/cisa-adds-three-known-exploited-vulnerabilities-catalog","published_at":"2026-05-27T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45321","source":"CISA Advisories","article_title":"CISA Adds Three Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/27/cisa-adds-three-known-exploited-vulnerabilities-catalog","published_at":"2026-05-27T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48027","source":"CISA Advisories","article_title":"CISA Adds Three Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/27/cisa-adds-three-known-exploited-vulnerabilities-catalog","published_at":"2026-05-27T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48172","source":"GBHackers","article_title":"CISA Warns LiteSpeed cPanel Plugin Vulnerability Is Being Exploited in Attacks","article_url":"https://gbhackers.com/cisa-warns-litespeed-cpanel-plugin-vulnerability-is-being-exploited-in-attacks/","published_at":"2026-05-27T11:49:19.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-40369","source":"GBHackers","article_title":"Windows Kernel Vulnerability Lets Attackers Modify Kernel Memory Counters","article_url":"https://gbhackers.com/windows-kernel-vulnerability/","published_at":"2026-05-27T10:18:49.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-27771","source":"The Hacker News","article_title":"Gitea Vulnerability Exposes Private Container Images without Authentication","article_url":"https://thehackernews.com/2026/05/gitea-vulnerability-exposes-private.html","published_at":"2026-05-27T10:06:32.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45659","source":"Security Affairs","article_title":"Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.","article_url":"https://securityaffairs.com/192730/security/microsoft-sharepoint-has-a-new-rce-flaw-if-you-havent-patched-yet-go-do-that.html","published_at":"2026-05-27T07:10:59.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45659","source":"GBHackers","article_title":"Microsoft SharePoint Server Flaw Enables Remote Code Execution Attacks","article_url":"https://gbhackers.com/microsoft-sharepoint-server-flaw/","published_at":"2026-05-27T05:11:21.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9946,","source":"SANS ISC","article_title":"ISC Stormcast For Wednesday, May 27th, 2026 https://isc.sans.edu/podcastdetail/9946, (Wed, May 27th)","article_url":"https://isc.sans.edu/diary/rss/33022","published_at":"2026-05-27T02:00:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9082","source":"SC Media","article_title":"Drupal bug added to CISA list of known exploited vulnerabilities","article_url":"https://www.scworld.com/news/drupal-bug-added-to-cisa-list-of-known-exploited-vulnerabilities","published_at":"2026-05-26T19:04:15.000Z","origin":"rss"},{"type":"domain","value":"tea.xyz","source":"AWS Security Blog","article_title":"Well-architected best practices for software supply chain security","article_url":"https://aws.amazon.com/blogs/security/well-architected-best-practices-for-software-supply-chain-security/","published_at":"2026-05-26T17:03:30.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8153","source":"SC Media","article_title":"Critical vulnerability in Universal Robots' PolyScope OS allows remote command execution","article_url":"https://www.scworld.com/brief/critical-vulnerability-in-universal-robots-polyscope-os-allows-remote-command-execution","published_at":"2026-05-26T16:21:05.000Z","origin":"rss"},{"type":"domain","value":"asp.net","source":"SC Media","article_title":"Zero-day vulnerability in Japanese LMS exploited to deploy Cobalt Strike","article_url":"https://www.scworld.com/brief/zero-day-vulnerability-in-japanese-lms-exploited-to-deploy-cobalt-strike","published_at":"2026-05-26T16:17:59.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5426","source":"SC Media","article_title":"Zero-day vulnerability in Japanese LMS exploited to deploy Cobalt Strike","article_url":"https://www.scworld.com/brief/zero-day-vulnerability-in-japanese-lms-exploited-to-deploy-cobalt-strike","published_at":"2026-05-26T16:17:59.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-43300","source":"SC Media","article_title":"Zero-click attack hijacks WhatsApp accounts on iOS 16","article_url":"https://www.scworld.com/brief/zero-click-attack-hijacks-whatsapp-accounts-on-ios-16","published_at":"2026-05-26T16:10:07.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-55177","source":"SC Media","article_title":"Zero-click attack hijacks WhatsApp accounts on iOS 16","article_url":"https://www.scworld.com/brief/zero-click-attack-hijacks-whatsapp-accounts-on-ios-16","published_at":"2026-05-26T16:10:07.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-26980","source":"SC Media","article_title":"Ghost CMS vulnerability exploited in large-scale campaign","article_url":"https://www.scworld.com/brief/ghost-cms-vulnerability-exploited-in-large-scale-campaign","published_at":"2026-05-26T15:50:29.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34926","source":"Help Net Security","article_title":"Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)","article_url":"https://www.helpnetsecurity.com/2026/05/26/actively-exploited-trend-micro-apex-one-flaw-cve-2026-34926/","published_at":"2026-05-26T13:48:13.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48172","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/26/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-05-26T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45659","source":"The Hacker News","article_title":"Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions","article_url":"https://thehackernews.com/2026/05/microsoft-patches-sharepoint-rce-flaw.html","published_at":"2026-05-26T11:49:53.000Z","origin":"rss"},{"type":"domain","value":"crates.io","source":"CSO Online","article_title":"TrapDoor malware campaign puts developer workstations in CISO spotlight","article_url":"https://www.csoonline.com/article/4177019/trapdoor-malware-campaign-puts-developer-workstations-in-ciso-spotlight.html","published_at":"2026-05-26T11:34:29.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45659","source":"Help Net Security","article_title":"High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)","article_url":"https://www.helpnetsecurity.com/2026/05/26/sharepoint-vulnerability-cve-2026-45659/","published_at":"2026-05-26T10:44:57.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-47783","source":"GBHackers","article_title":"Memcached SASL Flaw Exposes Usernames to Enumeration Attacks","article_url":"https://gbhackers.com/memcached-sasl-flaw-enumeration-attacks/","published_at":"2026-05-26T10:43:59.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-26980","source":"GBHackers","article_title":"Ghost CMS Vulnerability Exploited to Infect 700 Sites With ClickFix Malware","article_url":"https://gbhackers.com/ghost-cms-vulnerability/","published_at":"2026-05-26T08:52:12.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-44930","source":"GBHackers","article_title":"Apache CXF Flaw Exposes Systems to LDAP Injection Attacks","article_url":"https://gbhackers.com/apache-cxf-flaw-exposes-systems/","published_at":"2026-05-26T08:22:59.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9089","source":"GBHackers","article_title":"ConnectWise Automate Flaw Allows Hackers to Evade Security Controls","article_url":"https://gbhackers.com/connectwise-automate-flaw/","published_at":"2026-05-26T08:06:52.000Z","origin":"rss"},{"type":"domain","value":"asp.net","source":"The Hacker News","article_title":"KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike","article_url":"https://thehackernews.com/2026/05/knowledgedeliver-lms-flaw-exploited-to.html","published_at":"2026-05-26T05:19:38.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5426","source":"The Hacker News","article_title":"KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike","article_url":"https://thehackernews.com/2026/05/knowledgedeliver-lms-flaw-exploited-to.html","published_at":"2026-05-26T05:19:38.000Z","origin":"rss"},{"type":"domain","value":"asp.net","source":"GBHackers","article_title":"Hackers Abuse KnowledgeDeliver LMS Flaw to Install BLUEBEAM Web Shell","article_url":"https://gbhackers.com/hackers-abuse-knowledgedeliver-lms-flaw/","published_at":"2026-05-26T05:00:30.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5426","source":"GBHackers","article_title":"Hackers Abuse KnowledgeDeliver LMS Flaw to Install BLUEBEAM Web Shell","article_url":"https://gbhackers.com/hackers-abuse-knowledgedeliver-lms-flaw/","published_at":"2026-05-26T05:00:30.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9944,","source":"SANS ISC","article_title":"ISC Stormcast For Tuesday, May 26th, 2026 https://isc.sans.edu/podcastdetail/9944, (Tue, May 26th)","article_url":"https://isc.sans.edu/diary/rss/33020","published_at":"2026-05-26T02:00:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-26980","source":"Security Affairs","article_title":"Ghost CMS flaw abused to push ClickFix attacks on hundreds of sites","article_url":"https://securityaffairs.com/192655/cyber-crime/ghost-cms-flaw-abused-to-push-clickfix-attacks-on-hundreds-of-sites.html","published_at":"2026-05-25T18:07:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-26980","source":"The Hacker News","article_title":"Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks","article_url":"https://thehackernews.com/2026/05/ghost-cms-cve-2026-26980-exploited-to.html","published_at":"2026-05-25T12:02:46.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9082","source":"GBHackers","article_title":"CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks","article_url":"https://gbhackers.com/cisa-warns-drupal-core-sql-injection-vulnerability/","published_at":"2026-05-25T09:27:31.000Z","origin":"rss"},{"type":"domain","value":"crates.io","source":"The Hacker News","article_title":"TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO","article_url":"https://thehackernews.com/2026/05/trapdoor-supply-chain-attack-spreads.html","published_at":"2026-05-25T05:59:13.000Z","origin":"rss"},{"type":"domain","value":"crates.io","source":"GBHackers","article_title":"Hackers Compromise 34 npm, PyPI, and Crates Packages in Major Supply Chain Attack","article_url":"https://gbhackers.com/hackers-compromise-34-npm-pypi-and-crates-packages/","published_at":"2026-05-25T05:40:38.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9256","source":"GBHackers","article_title":"Nginx-poolslip Flaw Exposes Servers to DoS and Code Execution Attacks","article_url":"https://gbhackers.com/nginx-poolslip-flaw-exposes-servers/","published_at":"2026-05-25T05:00:27.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-26980","source":"BleepingComputer","article_title":"Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign","article_url":"https://www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/","published_at":"2026-05-24T14:12:32.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9082","source":"Security Affairs","article_title":"Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION","article_url":"https://securityaffairs.com/192586/hacking/security-affairs-newsletter-round-578-by-pierluigi-paganini-international-edition.html","published_at":"2026-05-24T11:51:37.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9082","source":"Security Affairs","article_title":"U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/192566/uncategorized/u-s-cisa-adds-a-flaw-in-drupal-core-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-05-24T07:54:20.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9082","source":"Security Affairs","article_title":"CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack","article_url":"https://securityaffairs.com/192557/security/cve-2026-9082-drupals-highly-critical-sql-injection-flaw-is-already-under-active-attack.html","published_at":"2026-05-23T16:17:07.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48172","source":"GBHackers","article_title":"LiteSpeed cPanel Plugin 0-Day Exploited for Server Root Access","article_url":"https://gbhackers.com/litespeed-cpanel-plugin-0-day-exploited/","published_at":"2026-05-23T09:17:38.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-48172","source":"The Hacker News","article_title":"LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root","article_url":"https://thehackernews.com/2026/05/litespeed-cpanel-plugin-cve-2026-48172.html","published_at":"2026-05-23T07:35:13.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9082","source":"The Hacker News","article_title":"Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV","article_url":"https://thehackernews.com/2026/05/drupal-core-sql-injection-bug-actively.html","published_at":"2026-05-23T07:23:48.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34908","source":"SC Media","article_title":"Ubiquiti patches three critical vulnerabilities in UniFi OS","article_url":"https://www.scworld.com/brief/ubiquiti-patches-three-critical-vulnerabilities-in-unifi-os","published_at":"2026-05-22T21:14:04.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34909","source":"SC Media","article_title":"Ubiquiti patches three critical vulnerabilities in UniFi OS","article_url":"https://www.scworld.com/brief/ubiquiti-patches-three-critical-vulnerabilities-in-unifi-os","published_at":"2026-05-22T21:14:04.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34910","source":"SC Media","article_title":"Ubiquiti patches three critical vulnerabilities in UniFi OS","article_url":"https://www.scworld.com/brief/ubiquiti-patches-three-critical-vulnerabilities-in-unifi-os","published_at":"2026-05-22T21:14:04.000Z","origin":"rss"},{"type":"domain","value":"hunt.io","source":"SC Media","article_title":"Middle East malicious infrastructure report highlights concentration of C2 servers","article_url":"https://www.scworld.com/brief/middle-east-malicious-infrastructure-report-highlights-concentration-of-c2-servers","published_at":"2026-05-22T20:51:28.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-34291","source":"SC Media","article_title":"CISA adds Trend Micro Apex One and Langflow flaws to exploited vulnerabilities catalog","article_url":"https://www.scworld.com/brief/cisa-adds-trend-micro-apex-one-and-langflow-flaws-to-exploited-vulnerabilities-catalog","published_at":"2026-05-22T20:13:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34926","source":"SC Media","article_title":"CISA adds Trend Micro Apex One and Langflow flaws to exploited vulnerabilities catalog","article_url":"https://www.scworld.com/brief/cisa-adds-trend-micro-apex-one-and-langflow-flaws-to-exploited-vulnerabilities-catalog","published_at":"2026-05-22T20:13:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"Rapid7 Blog","article_title":"Metasploit Wrap Up 05/22/2026","article_url":"https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-05-22-2026","published_at":"2026-05-22T19:10:05.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9082","source":"SecurityWeek","article_title":"Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure","article_url":"https://www.securityweek.com/drupal-vulnerability-in-hacker-crosshairs-shortly-after-disclosure/","published_at":"2026-05-22T17:15:26.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9082","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/22/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-05-22T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-34291","source":"GBHackers","article_title":"CISA Adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog","article_url":"https://gbhackers.com/cisa-adds-langflow-origin-validation-flaw/","published_at":"2026-05-22T11:19:54.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45498","source":"GBHackers","article_title":"CISA Issues Alert on Exploited Microsoft Defender Zero-Day Vulnerabilities","article_url":"https://gbhackers.com/cisa-alert-on-exploited-microsoft-defender-zero-day/","published_at":"2026-05-22T09:55:16.000Z","origin":"rss"},{"type":"email","value":"vulnerability@cisa.dhs.gov","source":"Help Net Security","article_title":"CISA’s new KEV nomination form opens reporting to vendors and researchers","article_url":"https://www.helpnetsecurity.com/2026/05/22/cisa-kev-nomination-form/","published_at":"2026-05-22T09:34:16.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-34291","source":"Security Affairs","article_title":"U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/192529/hacking/u-s-cisa-adds-trend-micro-apex-one-and-langflow-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-05-22T09:13:30.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34926","source":"SecurityWeek","article_title":"TrendAI Patches Apex One Zero-Day Exploited in the Wild","article_url":"https://www.securityweek.com/trendai-patches-apex-one-zero-day-exploited-in-the-wild/","published_at":"2026-05-22T08:19:24.000Z","origin":"rss"},{"type":"domain","value":"hunt.io","source":"Security Affairs","article_title":"One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure","article_url":"https://securityaffairs.com/192518/hacking/one-telecom-provider-hosted-most-of-the-middle-east-s-active-c2-infrastructure.html","published_at":"2026-05-22T07:29:37.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34926","source":"GBHackers","article_title":"CISA Warns Trend Micro Apex One Vulnerability Is Being Exploited in Attacks","article_url":"https://gbhackers.com/cisa-warns-trend-micro-apex-one-vulnerability/","published_at":"2026-05-22T06:28:16.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-34291","source":"The Hacker News","article_title":"CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV","article_url":"https://thehackernews.com/2026/05/cisa-adds-exploited-langflow-and-trend.html","published_at":"2026-05-22T05:47:33.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20223","source":"The Hacker News","article_title":"Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access","article_url":"https://thehackernews.com/2026/05/cisco-patches-cvss-100-secure-workload.html","published_at":"2026-05-22T05:36:18.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9942,","source":"SANS ISC","article_title":"ISC Stormcast For Friday, May 22nd, 2026 https://isc.sans.edu/podcastdetail/9942, (Fri, May 22nd)","article_url":"https://isc.sans.edu/diary/rss/33004","published_at":"2026-05-22T02:00:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45829","source":"CSO Online","article_title":"Unpatched ChromaDB flaw leaves servers open to remote code execution","article_url":"https://www.csoonline.com/article/4175958/unpatched-chromadb-flaw-leaves-servers-open-to-remote-code-execution.html","published_at":"2026-05-21T21:29:13.000Z","origin":"rss"},{"type":"cve","value":"CVE-2008-4250","source":"Security Affairs","article_title":"U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/192508/security/u-s-cisa-adds-microsoft-and-adobe-flaws-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-05-21T20:27:11.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-12802","source":"SC Media","article_title":"Attackers exploit SonicWall VPN vulnerability to bypass MFA","article_url":"https://www.scworld.com/brief/attackers-exploit-sonicwall-vpn-vulnerability-to-bypass-mfa","published_at":"2026-05-21T17:13:30.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9082","source":"Tenable Blog","article_title":"CVE-2026-9082: Highly Critical SQL Injection Vulnerability in Drupal Core (SA-CORE-2026-004)","article_url":"https://www.tenable.com/blog/cve-2026-9082-highly-critical-sql-injection-vulnerability-in-drupal-core-sa-core-2026-004","published_at":"2026-05-21T13:25:37.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20223","source":"Security Affairs","article_title":"Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload","article_url":"https://securityaffairs.com/192473/security/cisco-fixed-maximum-severity-flaw-cve-2026-20223-in-secure-workload.html","published_at":"2026-05-21T13:22:17.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-10504","source":"CISA Advisories","article_title":"ABB Terra AC Wallbox","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-05","published_at":"2026-05-21T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-12142","source":"CISA Advisories","article_title":"ABB Terra AC Wallbox","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-05","published_at":"2026-05-21T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-12143","source":"CISA Advisories","article_title":"ABB Terra AC Wallbox","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-05","published_at":"2026-05-21T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2022-4304","source":"CISA Advisories","article_title":"Hitachi Energy GMS600","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-01","published_at":"2026-05-21T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-3449","source":"CISA Advisories","article_title":"ABB B&R Automation Runtime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-04","published_at":"2026-05-21T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-3448","source":"CISA Advisories","article_title":"ABB B&R Automation Runtime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-04","published_at":"2026-05-21T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-11498","source":"CISA Advisories","article_title":"ABB B&R Automation Runtime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-04","published_at":"2026-05-21T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-34291","source":"CISA Advisories","article_title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/21/cisa-adds-two-known-exploited-vulnerabilities-catalog","published_at":"2026-05-21T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34926","source":"CISA Advisories","article_title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/21/cisa-adds-two-known-exploited-vulnerabilities-catalog","published_at":"2026-05-21T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41091","source":"GBHackers","article_title":"Microsoft Defender Zero-Day Vulnerabilities Actively Exploited in the Wild","article_url":"https://gbhackers.com/microsoft-defender-zero-day-vulnerabilities/","published_at":"2026-05-21T11:32:23.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45498","source":"GBHackers","article_title":"Microsoft Defender Zero-Day Vulnerabilities Actively Exploited in the Wild","article_url":"https://gbhackers.com/microsoft-defender-zero-day-vulnerabilities/","published_at":"2026-05-21T11:32:23.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9082","source":"SecurityWeek","article_title":"Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking","article_url":"https://www.securityweek.com/drupal-patches-highly-critical-vulnerability-exposing-websites-to-hacking/","published_at":"2026-05-21T10:58:49.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41091","source":"Help Net Security","article_title":"Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)","article_url":"https://www.helpnetsecurity.com/2026/05/21/microsoft-defender-vulnerabilities-cve-2026-41091-cve-2026-45498/","published_at":"2026-05-21T10:57:13.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45498","source":"Help Net Security","article_title":"Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)","article_url":"https://www.helpnetsecurity.com/2026/05/21/microsoft-defender-vulnerabilities-cve-2026-41091-cve-2026-45498/","published_at":"2026-05-21T10:57:13.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41091","source":"The Hacker News","article_title":"Microsoft Warns of Two Actively Exploited Defender Vulnerabilities","article_url":"https://thehackernews.com/2026/05/microsoft-warns-of-two-actively.html","published_at":"2026-05-21T10:55:57.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20223","source":"GBHackers","article_title":"Critical Vulnerability in Cisco Secure Workload Threatens Enterprise API Security","article_url":"https://gbhackers.com/critical-vulnerability-in-cisco-secure-workload/","published_at":"2026-05-21T09:13:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46333","source":"The Hacker News","article_title":"9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros","article_url":"https://thehackernews.com/2026/05/9-year-old-linux-kernel-flaw-enables.html","published_at":"2026-05-21T07:35:53.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46333","source":"GBHackers","article_title":"Nine-Year-Old Kernel Flaw Puts Linux SSH Private Keys at Risk","article_url":"https://gbhackers.com/nine-year-old-kernel-flaw/","published_at":"2026-05-21T07:10:25.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3517","source":"Zero Day Initiative","article_title":"ZDI-26-319: Progress Software Kemp LoadMaster addcountry Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-319/","published_at":"2026-05-21T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3518","source":"Zero Day Initiative","article_title":"ZDI-26-318: Progress Software Kemp LoadMaster ssodomain_killsession Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-318/","published_at":"2026-05-21T05:00:00.000Z","origin":"rss"},{"type":"domain","value":"cve.org","source":"The Hacker News","article_title":"Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks","article_url":"https://thehackernews.com/2026/05/highly-critical-drupal-core-flaw.html","published_at":"2026-05-21T03:44:11.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-9082","source":"The Hacker News","article_title":"Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks","article_url":"https://thehackernews.com/2026/05/highly-critical-drupal-core-flaw.html","published_at":"2026-05-21T03:44:11.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9940,","source":"SANS ISC","article_title":"ISC Stormcast For Thursday, May 21st, 2026 https://isc.sans.edu/podcastdetail/9940, (Thu, May 21st)","article_url":"https://isc.sans.edu/diary/rss/33000","published_at":"2026-05-21T02:00:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45585","source":"CSO Online","article_title":"Microsoft is working on a patch for ‘YellowKey’ attack on Bitlocker, offers temporary fix","article_url":"https://www.csoonline.com/article/4175411/microsoft-is-working-on-a-patch-for-yellowkey-attack-on-bitlocker-offers-temporary-fix-2.html","published_at":"2026-05-21T01:08:41.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46333","source":"Qualys Blog","article_title":"CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path","article_url":"https://blog.qualys.com/misc/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path","published_at":"2026-05-20T15:40:19.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46333","source":"Qualys Blog","article_title":"CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path","article_url":"https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path","published_at":"2026-05-20T15:40:19.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45585","source":"Security Affairs","article_title":"Microsoft issues YellowKey mitigation, no patch yet","article_url":"https://securityaffairs.com/192449/hacking/microsoft-issues-yellowkey-mitigation-no-patch-yet.html","published_at":"2026-05-20T15:07:51.000Z","origin":"rss"},{"type":"domain","value":"monday.com","source":"Help Net Security","article_title":"NanoCo lands $12 million seed funding, launches enterprise assistant built on NanoClaw","article_url":"https://www.helpnetsecurity.com/2026/05/20/nanoco-seed-funding-12-million/","published_at":"2026-05-20T14:00:58.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3102","source":"GBHackers","article_title":"Critical ExifTool Vulnerability Lets Hackers Compromise Macs via Malicious Images","article_url":"https://gbhackers.com/exiftool-vulnerability-2/","published_at":"2026-05-20T13:26:42.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-24207","source":"GBHackers","article_title":"NVIDIA Triton Inference Server Flaw Raises Risk of Unauthorized Access","article_url":"https://gbhackers.com/nvidia-triton-inference-server-flaw-raises-risk-of-unauthorized-access/","published_at":"2026-05-20T12:13:19.000Z","origin":"rss"},{"type":"cve","value":"CVE-2008-4250","source":"CISA Advisories","article_title":"CISA Adds Seven Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/20/cisa-adds-seven-known-exploited-vulnerabilities-catalog","published_at":"2026-05-20T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2009-1537","source":"CISA Advisories","article_title":"CISA Adds Seven Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/20/cisa-adds-seven-known-exploited-vulnerabilities-catalog","published_at":"2026-05-20T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2009-3459","source":"CISA Advisories","article_title":"CISA Adds Seven Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/20/cisa-adds-seven-known-exploited-vulnerabilities-catalog","published_at":"2026-05-20T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2010-0249","source":"CISA Advisories","article_title":"CISA Adds Seven Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/20/cisa-adds-seven-known-exploited-vulnerabilities-catalog","published_at":"2026-05-20T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2010-0806","source":"CISA Advisories","article_title":"CISA Adds Seven Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/20/cisa-adds-seven-known-exploited-vulnerabilities-catalog","published_at":"2026-05-20T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4109","source":"CISA Advisories","article_title":"CISA Adds Seven Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/20/cisa-adds-seven-known-exploited-vulnerabilities-catalog","published_at":"2026-05-20T12:00:00.000Z","origin":"rss"},{"type":"domain","value":"www.se.com","source":"CISA Advisories","article_title":"Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-07","published_at":"2026-05-20T12:00:00.000Z","origin":"rss"},{"type":"url","value":"https://www.se.com/ww/en/download/document/EcoStruxureME_HVAC/)","source":"CISA Advisories","article_title":"Schnieider Electric EcoStruxure Machine Expert HVAC (SEVD-2026-132-01)","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-07","published_at":"2026-05-20T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3102","source":"Kaspersky Securelist","article_title":"How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)","article_url":"https://securelist.com/exiftool-compromise-mac/119866/","published_at":"2026-05-20T09:02:31.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5140","source":"GBHackers","article_title":"Pardus Linux Vulnerability Lets Local Attackers Gain Silent Root Access","article_url":"https://gbhackers.com/pardus-linux-vulnerability/","published_at":"2026-05-20T08:39:56.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45585","source":"Help Net Security","article_title":"Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)","article_url":"https://www.helpnetsecurity.com/2026/05/20/yellowkey-bitlocker-mitigation-cve-2026-45585/","published_at":"2026-05-20T08:33:52.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45585","source":"The Hacker News","article_title":"Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit","article_url":"https://thehackernews.com/2026/05/microsoft-releases-mitigation-for.html","published_at":"2026-05-20T08:28:26.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-31635","source":"Security Affairs","article_title":"DirtyDecrypt: PoC Released for yet another Linux flaw","article_url":"https://securityaffairs.com/192436/uncategorized/dirtydecrypt-poc-released-for-yet-another-linux-flaw.html","published_at":"2026-05-20T07:36:57.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46376","source":"GBHackers","article_title":"FreePBX Security Flaw Lets Attackers Access User Portals","article_url":"https://gbhackers.com/freepbx-security-flaw/","published_at":"2026-05-20T06:30:14.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9938,","source":"SANS ISC","article_title":"ISC Stormcast For Wednesday, May 20th, 2026 https://isc.sans.edu/podcastdetail/9938, (Wed, May 20th)","article_url":"https://isc.sans.edu/diary/rss/32998","published_at":"2026-05-20T02:00:02.000Z","origin":"rss"},{"type":"domain","value":"jit.io","source":"SC Media","article_title":"Torq acquires Jit.io to enhance AI-driven security operations","article_url":"https://www.scworld.com/brief/torq-acquires-jit-io-to-enhance-ai-driven-security-operations","published_at":"2026-05-19T23:52:06.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-31635","source":"The Hacker News","article_title":"DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability","article_url":"https://thehackernews.com/2026/05/dirtydecrypt-poc-released-for-linux.html","published_at":"2026-05-19T14:56:26.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-3465","source":"CISA Advisories","article_title":"ABB CoreSense HM and CoreSense M10","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-139-01","published_at":"2026-05-19T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2005","source":"GBHackers","article_title":"20-Year-Old PostgreSQL Flaw Gets Public PoC Exploit for Remote Code Execution","article_url":"https://gbhackers.com/20-year-old-postgresql-flaw-gets-public-poc-exploit/","published_at":"2026-05-19T09:19:42.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-9643","source":"GBHackers","article_title":"Four-Faith Industrial Routers Targeted in Botnet Hijacking Campaign","article_url":"https://gbhackers.com/four-faith-industrial-routers-targeted-in-botnet-hijacking-campaign/","published_at":"2026-05-19T08:52:42.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8153","source":"SecurityWeek","article_title":"Critical Vulnerability Exposes Industrial Robot Fleets to Hacking","article_url":"https://www.securityweek.com/critical-vulnerability-exposes-industrial-robot-fleets-to-hacking/","published_at":"2026-05-19T06:18:51.000Z","origin":"rss"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Schwachstellen managen: Die besten Vulnerability-Management-Tools","article_url":"https://www.csoonline.com/article/3495294/schwachstellen-managen-die-6-besten-vulnerability-management-tools.html","published_at":"2026-05-19T04:00:00.000Z","origin":"rss"},{"type":"domain","value":"peopleimages.com","source":"CSO Online","article_title":"SIEM-Kaufratgeber","article_url":"https://www.csoonline.com/article/3835828/siem-kaufratgeber.html","published_at":"2026-05-19T04:00:00.000Z","origin":"rss"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"SIEM-Kaufratgeber","article_url":"https://www.csoonline.com/article/3835828/siem-kaufratgeber.html","published_at":"2026-05-19T04:00:00.000Z","origin":"rss"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Security-Infotainment: Die besten Hacker-Dokus","article_url":"https://www.csoonline.com/article/3492776/security-infotainment-die-besten-hacker-dokus.html","published_at":"2026-05-19T03:48:00.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9936,","source":"SANS ISC","article_title":"ISC Stormcast For Tuesday, May 19th, 2026 https://isc.sans.edu/podcastdetail/9936, (Tue, May 19th)","article_url":"https://isc.sans.edu/diary/rss/32996","published_at":"2026-05-19T02:00:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42945","source":"Help Net Security","article_title":"Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)","article_url":"https://www.helpnetsecurity.com/2026/05/18/ngnix-vulnerability-exploited-cve-2026-42945/","published_at":"2026-05-18T13:29:49.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-8088","source":"GBHackers","article_title":"Gamaredon Deploys GammaDrop, GammaLoad in Phishing Campaigns","article_url":"https://gbhackers.com/gammaload-in-phishing-campaigns/","published_at":"2026-05-18T12:33:49.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42945","source":"GBHackers","article_title":"Critical NGINX Vulnerability Lets Hackers Launch Remote Code Execution Attacks","article_url":"https://gbhackers.com/critical-nginx-vulnerability/","published_at":"2026-05-18T11:20:48.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8043","source":"The Hacker News","article_title":"Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws","article_url":"https://thehackernews.com/2026/05/ivanti-fortinet-sap-vmware-n8n-patch.html","published_at":"2026-05-18T10:54:05.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-39987","source":"GBHackers","article_title":"Critical Marimo RCE Flaw Could Let Attackers Execute Malicious Code Remotely","article_url":"https://gbhackers.com/critical-marimo-rce-flaw/","published_at":"2026-05-18T08:45:28.000Z","origin":"rss"},{"type":"cve","value":"CVE-2020-17103","source":"Security Affairs","article_title":"Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix","article_url":"https://securityaffairs.com/192325/hacking/chaotic-eclipse-discloses-miniplasma-zero-day-suggesting-a-missing-or-undone-2020-windows-security-fix.html","published_at":"2026-05-18T08:13:09.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42945","source":"Security Affairs","article_title":"Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945","article_url":"https://securityaffairs.com/192289/uncategorized/experts-warn-of-active-exploitation-of-critical-nginx-flaw-cve-2026-42945.html","published_at":"2026-05-18T06:33:16.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42945","source":"Security Affairs","article_title":"Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945","article_url":"https://securityaffairs.com/192289/hacking/experts-warn-of-active-exploitation-of-critical-nginx-flaw-cve-2026-42945.html","published_at":"2026-05-18T06:33:16.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41940","source":"Security Affairs","article_title":"SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97","article_url":"https://securityaffairs.com/192278/security/security-affairs-malware-newsletter-round-97.html","published_at":"2026-05-17T13:54:22.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42945","source":"The Hacker News","article_title":"NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE","article_url":"https://thehackernews.com/2026/05/nginx-cve-2026-42945-exploited-in-wild.html","published_at":"2026-05-17T11:57:53.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42897","source":"Security Affairs","article_title":"U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/192240/hacking/u-s-cisa-adds-a-flaw-in-microsoft-exchange-server-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-05-16T17:30:29.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46333","source":"GBHackers","article_title":"Linux “ssh-keysign-pwn” Flaw Exposing Critical Authentication Files","article_url":"https://gbhackers.com/linux-ssh-keysign-pwn-flaw/","published_at":"2026-05-16T07:52:28.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42897","source":"Security Affairs","article_title":"CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day","article_url":"https://securityaffairs.com/192204/security/cve-2026-42897-microsoft-confirms-active-exploitation-of-exchange-server-zero-day.html","published_at":"2026-05-15T14:03:58.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8181","source":"SC Media","article_title":"Critical vulnerability in Burst Statistics plugin allows admin takeover","article_url":"https://www.scworld.com/brief/critical-vulnerability-in-burst-statistics-plugin-allows-admin-takeover","published_at":"2026-05-15T13:32:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41702","source":"GBHackers","article_title":"VMware Fusion Flaw Could Allow Attackers to Gain Root Privileges","article_url":"https://gbhackers.com/vmware-fusion-flaw-gain-root-privileges/","published_at":"2026-05-15T12:47:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"Help Net Security","article_title":"Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)","article_url":"https://www.helpnetsecurity.com/2026/05/15/cisco-sd-wan-zero-day-cve-2026-20182/","published_at":"2026-05-15T12:43:27.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42897","source":"SecurityWeek","article_title":"Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild","article_url":"https://www.securityweek.com/microsoft-warns-of-exchange-server-zero-day-exploited-in-the-wild/","published_at":"2026-05-15T12:06:53.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42897","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/15/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-05-15T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-44338","source":"GBHackers","article_title":"PraisonAI Vulnerability Actively Exploited Within Hours of Being Made Public","article_url":"https://gbhackers.com/praisonai-vulnerability-actively-exploited/","published_at":"2026-05-15T11:57:27.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42897","source":"Help Net Security","article_title":"Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)","article_url":"https://www.helpnetsecurity.com/2026/05/15/exchange-server-cve-2026-42897-exploited/","published_at":"2026-05-15T09:58:09.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8178","source":"GBHackers","article_title":"Amazon Redshift JDBC Driver Flaws Expose Systems to RCE Attacks","article_url":"https://gbhackers.com/amazon-redshift-jdbc-driver-flaws/","published_at":"2026-05-15T08:36:56.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"GBHackers","article_title":"Cisco Catalyst SD-WAN Controller Flaw Under Active Exploitation for Admin Access","article_url":"https://gbhackers.com/cisco-catalyst-sd-wan-controller-flaw/","published_at":"2026-05-15T07:21:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"SecurityWeek","article_title":"Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026","article_url":"https://www.securityweek.com/cisco-patches-another-sd-wan-zero-day-the-sixth-exploited-in-2026/","published_at":"2026-05-15T06:28:46.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-44578","source":"GBHackers","article_title":"Next.js Security Flaw Leaks Cloud Credentials, API Keys, and Admin Interfaces","article_url":"https://gbhackers.com/next-js-security-flaw-leaks-cloud-credentials/","published_at":"2026-05-15T06:22:13.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42897","source":"The Hacker News","article_title":"On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email","article_url":"https://thehackernews.com/2026/05/on-prem-microsoft-exchange-server-cve.html","published_at":"2026-05-15T06:19:04.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"The Hacker News","article_title":"CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits","article_url":"https://thehackernews.com/2026/05/cisa-adds-cisco-sd-wan-cve-2026-20182.html","published_at":"2026-05-15T05:28:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"GBHackers","article_title":"Palo Alto Firewalls Hit by Zero-Day Allowing Arbitrary Code Execution as Root","article_url":"https://gbhackers.com/palo-alto-firewalls-hit-by-pan-os-zero-day/","published_at":"2026-05-15T05:13:08.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9934,","source":"SANS ISC","article_title":"ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)","article_url":"https://isc.sans.edu/diary/rss/32992","published_at":"2026-05-15T04:10:13.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"Tenable Blog","article_title":"Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182)","article_url":"https://www.tenable.com/blog/faq-about-the-continued-exploitation-of-cisco-catalyst-sd-wan-vulnerabilities-uat-8616","published_at":"2026-05-15T01:05:46.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4782","source":"SC Media","article_title":"Two vulnerabilities found in popular WordPress plugin Avada Builder","article_url":"https://www.scworld.com/brief/two-vulnerabilities-found-in-popular-wordpress-plugin-avada-builder","published_at":"2026-05-14T23:38:45.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4798","source":"SC Media","article_title":"Two vulnerabilities found in popular WordPress plugin Avada Builder","article_url":"https://www.scworld.com/brief/two-vulnerabilities-found-in-popular-wordpress-plugin-avada-builder","published_at":"2026-05-14T23:38:45.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42945","source":"CSO Online","article_title":"AI agent finds 18-year-old remote code execution flaw in Nginx","article_url":"https://www.csoonline.com/article/4171437/ai-agent-finds-18-year-old-remote-code-execution-flaw-in-nginx.html","published_at":"2026-05-14T23:06:50.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"BleepingComputer","article_title":"Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks","article_url":"https://www.bleepingcomputer.com/news/security/cisco-warns-of-new-critical-sd-wan-flaw-exploited-in-zero-day-attacks/","published_at":"2026-05-14T20:09:56.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46300","source":"Tenable Blog","article_title":"Fragnesia (CVE-2026-46300): Frequently asked questions about new Linux Kernel XFRM ESP-in-TCP privilege escalation","article_url":"https://www.tenable.com/blog/fragnesia-cve-2026-46300-faq-about-new-linux-kernel-xfrm-esp-in-tcp-priv-esc","published_at":"2026-05-14T19:38:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0265","source":"Rapid7 Blog","article_title":"CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS","article_url":"https://www.rapid7.com/blog/post/etr-cve-2026-0265-authentication-bypass-in-palo-alto-networks-pan-os","published_at":"2026-05-14T19:15:49.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"Security Affairs","article_title":"U.S. CISA adds a flaw in Cisco Catalyst SD-WAN  to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/192157/hacking/u-s-cisa-adds-a-flaw-in-cisco-catalyst-sd-wan-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-05-14T18:35:43.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46300","source":"Security Affairs","article_title":"Linux Kernel bug Fragnesia allows local root access attacks","article_url":"https://securityaffairs.com/192145/uncategorized/linux-kernel-bug-fragnesia-allows-local-root-access-attacks.html","published_at":"2026-05-14T17:57:14.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"The Hacker News","article_title":"Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access","article_url":"https://thehackernews.com/2026/05/cisco-catalyst-sd-wan-controller-auth.html","published_at":"2026-05-14T17:45:20.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"Rapid7 Blog","article_title":"CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)","article_url":"https://www.rapid7.com/blog/post/ve-cve-2026-20182-critical-authentication-bypass-cisco-catalyst-sd-wan-controller-fixed","published_at":"2026-05-14T16:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20127","source":"Rapid7 Blog","article_title":"CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)","article_url":"https://www.rapid7.com/blog/post/ve-cve-2026-20182-critical-authentication-bypass-cisco-catalyst-sd-wan-controller-fixed","published_at":"2026-05-14T16:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41702","source":"Security Affairs","article_title":"Broadcom releases VMware Fusion security update for root access bug","article_url":"https://securityaffairs.com/192136/security/broadcom-releases-vmware-fusion-security-update-for-root-access-bug.html","published_at":"2026-05-14T15:46:09.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-32975","source":"SC Media","article_title":"Critical Quest KACE SMA flaw exploited after 10 months","article_url":"https://www.scworld.com/brief/critical-quest-kace-sma-flaw-exploited-after-10-months","published_at":"2026-05-14T15:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46300","source":"Help Net Security","article_title":"Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)","article_url":"https://www.helpnetsecurity.com/2026/05/14/fragnesia-cve-2026-46300-linux-lpe-vulnerability/","published_at":"2026-05-14T14:34:43.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-43284","source":"Help Net Security","article_title":"Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)","article_url":"https://www.helpnetsecurity.com/2026/05/14/fragnesia-cve-2026-46300-linux-lpe-vulnerability/","published_at":"2026-05-14T14:34:43.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46300","source":"SecurityWeek","article_title":"New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation","article_url":"https://www.securityweek.com/new-linux-kernel-vulnerability-fragnesia-allows-root-privilege-escalation/","published_at":"2026-05-14T13:44:46.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42945","source":"Security Affairs","article_title":"NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to light","article_url":"https://securityaffairs.com/192132/hacking/nginx-rift-an-18-year-old-flaw-in-the-worlds-most-deployed-web-server-just-came-to-light.html","published_at":"2026-05-14T13:30:44.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8181","source":"GBHackers","article_title":"Critical WordPress Plugin Flaw Allows Unauthorized Access to Websites","article_url":"https://gbhackers.com/critical-wordpress-plugin-flaw-allows-unauthorized-access/","published_at":"2026-05-14T13:09:58.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41096","source":"GBHackers","article_title":"Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution","article_url":"https://gbhackers.com/windows-dns-client-security-flaw-exposes-systems/","published_at":"2026-05-14T12:57:44.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33862","source":"CISA Advisories","article_title":"Siemens Teamcenter","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-04","published_at":"2026-05-14T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33893","source":"CISA Advisories","article_title":"Siemens Teamcenter","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-04","published_at":"2026-05-14T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-4367","source":"CISA Advisories","article_title":"Siemens Teamcenter","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-04","published_at":"2026-05-14T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20182","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/14/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-05-14T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45185","source":"GBHackers","article_title":"Critical Exim Mailer Flaw Enables Remote Code Execution Attacks","article_url":"https://gbhackers.com/critical-exim-mailer-flaw/","published_at":"2026-05-14T11:40:55.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-44338","source":"The Hacker News","article_title":"PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure","article_url":"https://thehackernews.com/2026/05/praisonai-cve-2026-44338-auth-bypass.html","published_at":"2026-05-14T11:40:14.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33017","source":"GBHackers","article_title":"Langflow CVE-2026-33017 Exploited to Steal AWS Keys, Deploy NATS Worker","article_url":"https://gbhackers.com/langflow-cve-2026-33017-exploited/","published_at":"2026-05-14T07:56:14.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46300","source":"BleepingComputer","article_title":"New Fragnesia Linux flaw lets attackers gain root privileges","article_url":"https://www.bleepingcomputer.com/news/security/new-fragnesia-linux-flaw-lets-attackers-gain-root-privileges/","published_at":"2026-05-14T07:34:19.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-46300","source":"The Hacker News","article_title":"New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption","article_url":"https://thehackernews.com/2026/05/new-fragnesia-linux-kernel-lpe-grants.html","published_at":"2026-05-14T07:06:15.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8053","source":"GBHackers","article_title":"MongoDB Security Flaw Enables Arbitrary Code Execution on Vulnerable Systems","article_url":"https://gbhackers.com/mongodb-security-flaw/","published_at":"2026-05-14T06:47:33.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42945","source":"The Hacker News","article_title":"18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE","article_url":"https://thehackernews.com/2026/05/18-year-old-nginx-rewrite-module-flaw.html","published_at":"2026-05-14T06:00:09.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9932,","source":"SANS ISC","article_title":"ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932, (Thu, May 14th)","article_url":"https://isc.sans.edu/diary/rss/32988","published_at":"2026-05-14T04:20:11.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-32975","source":"Security Affairs","article_title":"Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations","article_url":"https://securityaffairs.com/192067/security/quest-kace-sma-flaw-cve-2025-32975-when-one-unpatched-tool-opens-the-door-to-60-organizations.html","published_at":"2026-05-13T13:24:36.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-44277","source":"SC Media","article_title":"Fortinet addresses critical vulnerabilities in FortiSandbox and FortiAuthenticator","article_url":"https://www.scworld.com/brief/fortinet-addresses-critical-vulnerabilities-in-fortisandbox-and-fortiauthenticator","published_at":"2026-05-13T13:09:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-40361","source":"Help Net Security","article_title":"Microsoft’s agentic AI system found four critical Windows RCE flaws","article_url":"https://www.helpnetsecurity.com/2026/05/13/microsoft-mdash-agentic-ai-security-system/","published_at":"2026-05-13T10:41:09.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-40364","source":"Help Net Security","article_title":"Microsoft’s agentic AI system found four critical Windows RCE flaws","article_url":"https://www.helpnetsecurity.com/2026/05/13/microsoft-mdash-agentic-ai-security-system/","published_at":"2026-05-13T10:41:09.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-40361","source":"SecurityWeek","article_title":"Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises","article_url":"https://www.securityweek.com/microsoft-patches-critical-zero-click-outlook-vulnerability-threatening-enterprises/","published_at":"2026-05-13T10:33:46.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-54957","source":"Google Project Zero","article_title":"A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens","article_url":"https://projectzero.google/2026/05/pixel-10-exploit.html","published_at":"2026-05-13T07:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-44277","source":"Security Affairs","article_title":"Critical Fortinet vulnerabilities fixed in FortiSandbox and FortiAuthenticator","article_url":"https://securityaffairs.com/192047/security/critical-fortinet-vulnerabilities-fixed-in-fortisandbox-and-fortiauthenticator.html","published_at":"2026-05-13T06:22:55.000Z","origin":"rss"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Der Kaufratgeber für Breach & Attack Simulation Tools","article_url":"https://www.csoonline.com/article/3494368/der-kaufratgeber-fur-breach-attack-simulation-tools.html","published_at":"2026-05-13T04:14:00.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9930,","source":"SANS ISC","article_title":"ISC Stormcast For Wednesday, May 13th, 2026 https://isc.sans.edu/podcastdetail/9930, (Wed, May 13th)","article_url":"https://isc.sans.edu/diary/rss/32984","published_at":"2026-05-13T03:05:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41089","source":"Rapid7 Blog","article_title":"Patch Tuesday - May 2026","article_url":"https://www.rapid7.com/blog/post/em-patch-tuesday-may-2026","published_at":"2026-05-13T00:22:19.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-40361","source":"Help Net Security","article_title":"Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days","article_url":"https://www.helpnetsecurity.com/2026/05/12/microsoft-may-2026-patch-tuesday/","published_at":"2026-05-12T19:03:16.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-40364","source":"Help Net Security","article_title":"Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days","article_url":"https://www.helpnetsecurity.com/2026/05/12/microsoft-may-2026-patch-tuesday/","published_at":"2026-05-12T19:03:16.000Z","origin":"rss"},{"type":"domain","value":"asp.net","source":"Tenable Blog","article_title":"Microsoft’s May 2026 Patch Tuesday Addresses 118 CVEs (CVE-2026-41103)","article_url":"https://www.tenable.com/blog/microsofts-may-2026-patch-tuesday-addresses-118-cves-cve-2026-41103","published_at":"2026-05-12T17:42:34.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41103","source":"Tenable Blog","article_title":"Microsoft’s May 2026 Patch Tuesday Addresses 118 CVEs (CVE-2026-41103)","article_url":"https://www.tenable.com/blog/microsofts-may-2026-patch-tuesday-addresses-118-cves-cve-2026-41103","published_at":"2026-05-12T17:42:34.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-54518","source":"Tenable Blog","article_title":"Microsoft’s May 2026 Patch Tuesday Addresses 118 CVEs (CVE-2026-41103)","article_url":"https://www.tenable.com/blog/microsofts-may-2026-patch-tuesday-addresses-118-cves-cve-2026-41103","published_at":"2026-05-12T17:42:34.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-45185","source":"The Hacker News","article_title":"New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution","article_url":"https://thehackernews.com/2026/05/new-exim-bdat-vulnerability-exposes.html","published_at":"2026-05-12T16:44:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41940","source":"Help Net Security","article_title":"Stealthy hackers exploit cPanel flaw in active backdoor campaign (CVE-2026-41940)","article_url":"https://www.helpnetsecurity.com/2026/05/12/cpanel-vulnerability-exploited-backdoor-cve-2026-41940/","published_at":"2026-05-12T15:44:50.000Z","origin":"rss"},{"type":"domain","value":"mend.io","source":"The Hacker News","article_title":"RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded","article_url":"https://thehackernews.com/2026/05/rubygems-suspends-new-signups-after.html","published_at":"2026-05-12T14:47:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41940","source":"SC Media","article_title":"Threat actor Mr_Rot13 exploits critical cPanel flaw to deploy Filemanager backdoor","article_url":"https://www.scworld.com/brief/threat-actor-mrrot13-exploits-critical-cpanel-flaw-to-deploy-filemanager-backdoor","published_at":"2026-05-12T13:35:44.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-44413","source":"Help Net Security","article_title":"JetBrains TeamCity vulnerability allows privilege escalation, API exposure (CVE-2026-44413)","article_url":"https://www.helpnetsecurity.com/2026/05/12/jetbrains-teamcity-vulnerability-cve-2026-44413/","published_at":"2026-05-12T12:26:12.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-2595","source":"CISA Advisories","article_title":"ABB AC500 V3 Multiple Vulnerabilities","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-03","published_at":"2026-05-12T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-41659","source":"CISA Advisories","article_title":"ABB AC500 V3 Multiple Vulnerabilities","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-03","published_at":"2026-05-12T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-41691","source":"CISA Advisories","article_title":"ABB AC500 V3 Multiple Vulnerabilities","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-03","published_at":"2026-05-12T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41940","source":"Security Affairs","article_title":"Attackers exploit cPanel CVE-2026-41940 to deploy Filemanager Backdoor","article_url":"https://securityaffairs.com/192013/cyber-crime/attackers-exploit-cpanel-cve-2026-41940-to-deploy-filemanager-backdoor.html","published_at":"2026-05-12T11:41:28.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41940","source":"CSO Online","article_title":"cPanel flaw exposes enterprises to hosting supply-chain risks","article_url":"https://www.csoonline.com/article/4169957/cpanel-flaw-exposes-enterprises-to-hosting-supply-chain-risks.html","published_at":"2026-05-12T10:26:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-44211","source":"GBHackers","article_title":"Cline AI Agent Flaw Allows Attackers to Launch RCE Attacks","article_url":"https://gbhackers.com/cline-ai-agent-flaw-launch-rce-attacks/","published_at":"2026-05-12T09:12:28.000Z","origin":"rss"},{"type":"domain","value":"googletagmanager.com","source":"GBHackers","article_title":"Magecart Hackers Exploit Google Tag Manager to Inject Credit Card Skimmers","article_url":"https://gbhackers.com/magecart-hackers-exploit-google-tag-manager/","published_at":"2026-05-12T06:39:17.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-48804","source":"GBHackers","article_title":"BitUnlocker Downgrade Attack Bypasses Windows 11 Disk Encryption in Minutes","article_url":"https://gbhackers.com/bitunlocker-downgrade-attack-bypasses-windows-11-disk-encryption/","published_at":"2026-05-12T05:59:20.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-8109","source":"Zero Day Initiative","article_title":"ZDI-26-308: Ivanti Endpoint Manager RemoteControlAuth Exposed Dangerous Method Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-308/","published_at":"2026-05-12T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34342","source":"Zero Day Initiative","article_title":"ZDI-26-310: Microsoft Windows splwow64 Race Condition Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-310/","published_at":"2026-05-12T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33838","source":"Zero Day Initiative","article_title":"ZDI-26-309: Microsoft Windows Message Queueing Double Free Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-309/","published_at":"2026-05-12T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28941","source":"Zero Day Initiative","article_title":"ZDI-26-315: Apple macOS USD Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-315/","published_at":"2026-05-12T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28940","source":"Zero Day Initiative","article_title":"ZDI-26-314: Apple macOS USD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-314/","published_at":"2026-05-12T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28847","source":"Zero Day Initiative","article_title":"ZDI-26-313: Apple Safari Regular Expression Duplicate Named Groups Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-313/","published_at":"2026-05-12T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28955","source":"Zero Day Initiative","article_title":"ZDI-26-312: Apple Safari Web Inspector WebCore Style Resolver Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-312/","published_at":"2026-05-12T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28918","source":"Zero Day Initiative","article_title":"ZDI-26-311: Apple macOS CoreSymbolication Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-311/","published_at":"2026-05-12T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-12659","source":"Zero Day Initiative","article_title":"ZDI-26-317: Siemens Simcenter Femap IPT File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-317/","published_at":"2026-05-12T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-12659","source":"Zero Day Initiative","article_title":"ZDI-26-316: Siemens Simcenter Femap IPT File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-316/","published_at":"2026-05-12T05:00:00.000Z","origin":"rss"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Cybersicherheitsvorschriften: So erfüllen Sie Ihre Compliance-Anforderungen","article_url":"https://www.csoonline.com/article/3494023/cybersicherheitsvorschriften-so-erfullen-sie-ihre-compliance-anforderungen.html","published_at":"2026-05-12T04:00:00.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9928,","source":"SANS ISC","article_title":"ISC Stormcast For Tuesday, May 12th, 2026 https://isc.sans.edu/podcastdetail/9928, (Tue, May 12th)","article_url":"https://isc.sans.edu/diary/rss/32978","published_at":"2026-05-12T03:15:10.000Z","origin":"rss"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Customer Identity & Access Management: Die besten CIAM-Tools","article_url":"https://www.csoonline.com/article/3492789/customer-identity-access-management-die-6-besten-ciam-tools.html","published_at":"2026-05-12T03:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41940","source":"The Hacker News","article_title":"cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor","article_url":"https://thehackernews.com/2026/05/cpanel-cve-2026-41940-under-active.html","published_at":"2026-05-11T17:54:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41940","source":"GBHackers","article_title":"cPanel and WHM Servers Targeted in Attacks Exploiting CVE-2026-41940","article_url":"https://gbhackers.com/cpanel-and-whm-servers-targeted/","published_at":"2026-05-11T12:30:57.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0073","source":"GBHackers","article_title":"PoC Exploit Released for Android Zero-Click Flaw Enabling Remote Shell Access","article_url":"https://gbhackers.com/poc-exploit-released-for-android-zero-click-flaw/","published_at":"2026-05-11T09:32:43.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42208","source":"Security Affairs","article_title":"U.S. CISA adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/191964/security/u-s-cisa-adds-a-flaw-in-berriai-litellm-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-05-11T09:14:46.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-43284","source":"SecurityWeek","article_title":"New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks","article_url":"https://www.securityweek.com/new-dirty-frag-linux-vulnerability-possibly-exploited-in-attacks/","published_at":"2026-05-11T08:15:28.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-43500","source":"SecurityWeek","article_title":"New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks","article_url":"https://www.securityweek.com/new-dirty-frag-linux-vulnerability-possibly-exploited-in-attacks/","published_at":"2026-05-11T08:15:28.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9926,","source":"SANS ISC","article_title":"ISC Stormcast For Monday, May 11th, 2026 https://isc.sans.edu/podcastdetail/9926, (Mon, May 11th)","article_url":"https://isc.sans.edu/diary/rss/32972","published_at":"2026-05-11T02:15:11.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-7482","source":"The Hacker News","article_title":"Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak","article_url":"https://thehackernews.com/2026/05/ollama-out-of-bounds-read-vulnerability.html","published_at":"2026-05-10T12:41:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-43284","source":"Qualys Blog","article_title":"Dirty Frag: Using the Page Caches as an Attack Surface","article_url":"https://blog.qualys.com/product-tech/vulnmgmt-detection-response/2026/05/09/dirty-frag-using-the-page-caches-as-an-attack-surface","published_at":"2026-05-09T07:22:34.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-43500","source":"Qualys Blog","article_title":"Dirty Frag: Using the Page Caches as an Attack Surface","article_url":"https://blog.qualys.com/product-tech/vulnmgmt-detection-response/2026/05/09/dirty-frag-using-the-page-caches-as-an-attack-surface","published_at":"2026-05-09T07:22:34.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-29201","source":"The Hacker News","article_title":"cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now","article_url":"https://thehackernews.com/2026/05/cpanel-whm-patch-3-new-vulnerabilities.html","published_at":"2026-05-09T07:16:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-43284","source":"Tenable Blog","article_title":"Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain","article_url":"https://www.tenable.com/blog/dirty-frag-cve-2026-43284-cve-2026-43500-frequently-asked-questions-linux-kernel-lpe","published_at":"2026-05-08T16:58:20.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-43500","source":"Tenable Blog","article_title":"Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain","article_url":"https://www.tenable.com/blog/dirty-frag-cve-2026-43284-cve-2026-43500-frequently-asked-questions-linux-kernel-lpe","published_at":"2026-05-08T16:58:20.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23918","source":"SC Media","article_title":"Apache fixes critical HTTP/2 vulnerability allowing remote code execution","article_url":"https://www.scworld.com/brief/apache-fixes-critical-http-2-vulnerability-allowing-remote-code-execution","published_at":"2026-05-08T16:08:59.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-43284","source":"Help Net Security","article_title":"Dirty Frag: Unpatched Linux vulnerability delivers root access","article_url":"https://www.helpnetsecurity.com/2026/05/08/dirty-frag-linux-vulnerability-cve-2026-43284-cve-2026-43500/","published_at":"2026-05-08T14:13:04.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-43500","source":"Help Net Security","article_title":"Dirty Frag: Unpatched Linux vulnerability delivers root access","article_url":"https://www.helpnetsecurity.com/2026/05/08/dirty-frag-linux-vulnerability-cve-2026-43284-cve-2026-43500/","published_at":"2026-05-08T14:13:04.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42208","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/08/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-05-08T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-6973","source":"Help Net Security","article_title":"Ivanti EPMM vulnerability exploited in zero-day attacks (CVE-2026-6973)","article_url":"https://www.helpnetsecurity.com/2026/05/08/ivanti-epmm-zero-day-cve-2026-6973/","published_at":"2026-05-08T10:30:49.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41050","source":"GBHackers","article_title":"Critical Vulnerability in Rancher Fleet Enables Full Cluster-Admin Privileges","article_url":"https://gbhackers.com/critical-vulnerability-in-rancher-fleet/","published_at":"2026-05-08T08:54:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-68670","source":"Kaspersky Securelist","article_title":"CVE-2025-68670: discovering an RCE vulnerability in xrdp","article_url":"https://securelist.com/cve-2025-68670/119742/","published_at":"2026-05-08T08:00:54.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-31431","source":"SANS ISC","article_title":"Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)","article_url":"https://isc.sans.edu/diary/rss/32968","published_at":"2026-05-08T07:50:01.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-6973","source":"SecurityWeek","article_title":"Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks","article_url":"https://www.securityweek.com/ivanti-patches-epmm-zero-day-exploited-in-targeted-attacks/","published_at":"2026-05-08T05:41:30.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-31431","source":"The Hacker News","article_title":"Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions","article_url":"https://thehackernews.com/2026/05/linux-kernel-dirty-frag-lpe-exploit.html","published_at":"2026-05-08T05:12:00.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9924,","source":"SANS ISC","article_title":"ISC Stormcast For Friday, May 8th, 2026 https://isc.sans.edu/podcastdetail/9924, (Fri, May 8th)","article_url":"https://isc.sans.edu/diary/rss/32966","published_at":"2026-05-08T02:00:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"CSO Online","article_title":"Palo Alto Networks firewall flaw has been exploited for several weeks","article_url":"https://www.csoonline.com/article/4168646/a-vulnerability-in-the-palo-alto-networks-firewall-has-been-exploited-for-several-weeks.html","published_at":"2026-05-08T01:19:01.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-7482","source":"CSO Online","article_title":"Ollama vulnerability highlights danger of AI frameworks with unrestricted access","article_url":"https://www.csoonline.com/article/4168584/ollama-vulnerability-highlights-danger-of-ai-frameworks-with-unrestricted-access.html","published_at":"2026-05-07T21:14:16.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"Security Affairs","article_title":"Nation-state actors exploit Palo Alto PAN-OS zero-day for weeks","article_url":"https://securityaffairs.com/191831/security/nation-state-actors-exploit-palo-alto-pan-os-zero-day-for-weeks.html","published_at":"2026-05-07T20:44:22.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-6973","source":"Security Affairs","article_title":"U.S. CISA adds a flaw in Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/191822/security/u-s-cisa-adds-a-flaw-in-ivanti-endpoint-manager-mobile-epmm-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-05-07T18:03:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-6973","source":"The Hacker News","article_title":"Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access","article_url":"https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html","published_at":"2026-05-07T17:55:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"The Hacker News","article_title":"PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage","article_url":"https://thehackernews.com/2026/05/pan-os-rce-exploit-under-active-use.html","published_at":"2026-05-07T13:34:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"GBHackers","article_title":"CISA Issues Warning Over Palo Alto PAN-OS Flaw Enabling Root-Level Access","article_url":"https://gbhackers.com/cisa-issues-warning-over-palo-alto-pan-os-flaw/","published_at":"2026-05-07T12:38:11.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-6973","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/07/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-05-07T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"Help Net Security","article_title":"State-sponsored hackers likely behind zero-day attacks on Palo Alto firewalls","article_url":"https://www.helpnetsecurity.com/2026/05/07/state-sponsored-hackers-zero-day-attacks-palo-alto-firewalls/","published_at":"2026-05-07T11:39:09.000Z","origin":"rss"},{"type":"domain","value":"hunt.io","source":"Security Affairs","article_title":"From Android TVs to routers: the xlabs_v1 Mirai-based botnet built for DDoS attacks","article_url":"https://securityaffairs.com/191796/malware/from-android-tvs-to-routers-the-xlabs_v1-mirai-based-botnet-built-for-ddos-attacks.html","published_at":"2026-05-07T10:15:08.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23479","source":"GBHackers","article_title":"Redis Security Flaws Expose Servers to Remote Code Execution Risks","article_url":"https://gbhackers.com/redis-security-flaws-expose-servers/","published_at":"2026-05-07T07:19:06.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-25243","source":"GBHackers","article_title":"Redis Security Flaws Expose Servers to Remote Code Execution Risks","article_url":"https://gbhackers.com/redis-security-flaws-expose-servers/","published_at":"2026-05-07T07:19:06.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-25588","source":"GBHackers","article_title":"Redis Security Flaws Expose Servers to Remote Code Execution Risks","article_url":"https://gbhackers.com/redis-security-flaws-expose-servers/","published_at":"2026-05-07T07:19:06.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-25589","source":"GBHackers","article_title":"Redis Security Flaws Expose Servers to Remote Code Execution Risks","article_url":"https://gbhackers.com/redis-security-flaws-expose-servers/","published_at":"2026-05-07T07:19:06.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23631","source":"GBHackers","article_title":"Redis Security Flaws Expose Servers to Remote Code Execution Risks","article_url":"https://gbhackers.com/redis-security-flaws-expose-servers/","published_at":"2026-05-07T07:19:06.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"Security Affairs","article_title":"U.S. CISA adds a flaw in Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/191780/security/u-s-cisa-adds-a-flaw-in-palo-alto-networks-pan-os-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-05-07T06:51:04.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20188","source":"GBHackers","article_title":"Cisco Network Flaw Exposes Devices to Remote Denial-of-Service Exploits","article_url":"https://gbhackers.com/cisco-network-flaw-exposes-devices/","published_at":"2026-05-07T06:42:55.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9922,","source":"SANS ISC","article_title":"ISC Stormcast For Thursday, May 7th, 2026 https://isc.sans.edu/podcastdetail/9922, (Thu, May 7th)","article_url":"https://isc.sans.edu/diary/rss/32964","published_at":"2026-05-07T02:00:02.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"Unit 42","article_title":"Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution","article_url":"https://unit42.paloaltonetworks.com/captive-portal-zero-day/","published_at":"2026-05-07T00:00:53.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"The Record","article_title":"Palo Alto warns of critical software bug used in firewall attacks","article_url":"https://therecord.media/palo-alto-warns-of-critical-software-bug-firewalls","published_at":"2026-05-06T20:33:00.000Z","origin":"rss"},{"type":"domain","value":"hunt.io","source":"The Hacker News","article_title":"Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks","article_url":"https://thehackernews.com/2026/05/mirai-based-xlabsv1-botnet-exploits-adb.html","published_at":"2026-05-06T20:21:00.000Z","origin":"rss"},{"type":"domain","value":"sec.cloudapps.cisco.com","source":"Cisco Advisories","article_title":"Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities","article_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-rce-ssrf-hENhuASy?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unity%20Connection%20Remote%20Code%20Execution%20and%20Server-Side%20Request%20Forgery%20Vulnerabilities%26vs_k=1","published_at":"2026-05-06T16:00:00.000Z","origin":"rss"},{"type":"url","value":"https://sec.cloudapps.cisco.com/s","source":"Cisco Advisories","article_title":"Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities","article_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-rce-ssrf-hENhuASy?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unity%20Connection%20Remote%20Code%20Execution%20and%20Server-Side%20Request%20Forgery%20Vulnerabilities%26vs_k=1","published_at":"2026-05-06T16:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-29014","source":"SC Media","article_title":"MetInfo CMS vulnerability exploited by threat actors","article_url":"https://www.scworld.com/brief/metinfo-cms-vulnerability-exploited-by-threat-actors","published_at":"2026-05-06T15:32:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"Rapid7 Blog","article_title":"Critical Buffer Overflow in Palo Alto Networks PAN-OS User-ID Authentication Portal (CVE-2026-0300)","article_url":"https://www.rapid7.com/blog/post/etr-critical-buffer-overflow-in-palo-alto-networks-pan-os-user-id-authentication-portal-cve-2026-0300","published_at":"2026-05-06T13:27:31.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/06/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-05-06T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23918","source":"Security Affairs","article_title":"Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE","article_url":"https://securityaffairs.com/191759/security/apache-fixes-critical-http-2-double-free-flaw-cve-2026-23918-enabling-rce.html","published_at":"2026-05-06T11:00:06.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"Security Affairs","article_title":"Palo Alto Networks PAN-OS flaw exploited for remote code execution","article_url":"https://securityaffairs.com/191748/security/palo-alto-networks-pan-os-flaw-exploited-for-remote-code-execution.html","published_at":"2026-05-06T08:52:21.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"The Hacker News","article_title":"Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution","article_url":"https://thehackernews.com/2026/05/palo-alto-pan-os-flaw-under-active.html","published_at":"2026-05-06T06:14:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0300","source":"SecurityWeek","article_title":"Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls","article_url":"https://www.securityweek.com/palo-alto-networks-to-patch-zero-day-exploited-to-hack-firewalls/","published_at":"2026-05-06T04:46:23.000Z","origin":"rss"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Die besten DAST- & SAST-Tools","article_url":"https://www.csoonline.com/article/3493611/dynamic-static-application-security-testing-die-besten-dast-sast-tools.html","published_at":"2026-05-06T04:00:00.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9920,","source":"SANS ISC","article_title":"ISC Stormcast For Wednesday, May 6th, 2026 https://isc.sans.edu/podcastdetail/9920, (Wed, May 6th)","article_url":"https://isc.sans.edu/diary/rss/32960","published_at":"2026-05-06T02:00:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-31431","source":"Unit 42","article_title":"Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years","article_url":"https://unit42.paloaltonetworks.com/cve-2026-31431-copy-fail/","published_at":"2026-05-05T23:00:33.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23918","source":"The Hacker News","article_title":"Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE","article_url":"https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html","published_at":"2026-05-05T16:19:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0073","source":"Security Affairs","article_title":"Critical Android vulnerability CVE-2026-0073 fixed by Google","article_url":"https://securityaffairs.com/191710/breaking-news/critical-android-vulnerability-cve-2026-0073-fixed-by-google.html","published_at":"2026-05-05T14:06:33.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-11044","source":"CISA Advisories","article_title":"ABB B&R Automation Runtime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-125-03","published_at":"2026-05-05T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-11043","source":"CISA Advisories","article_title":"ABB B&R Automation Studio","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-125-04","published_at":"2026-05-05T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2018-1002208","source":"CISA Advisories","article_title":"Hitachi Energy PCM600","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-125-01","published_at":"2026-05-05T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-21661","source":"CISA Advisories","article_title":"Johnson Controls CEM AC2000","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-125-05","published_at":"2026-05-05T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-29014","source":"The Hacker News","article_title":"MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks","article_url":"https://thehackernews.com/2026/05/metinfo-cms-cve-2026-29014-exploited.html","published_at":"2026-05-05T11:56:00.000Z","origin":"rss"},{"type":"domain","value":"ssl.com","source":"SANS ISC","article_title":"SSL.com rotates their root certificate today, (Tue, May 5th)","article_url":"https://isc.sans.edu/diary/rss/32956","published_at":"2026-05-05T11:39:45.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-22679","source":"The Hacker News","article_title":"Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API","article_url":"https://thehackernews.com/2026/05/weaver-e-cology-rce-flaw-cve-2026-22679.html","published_at":"2026-05-05T07:37:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-31431","source":"Information Security Buzz","article_title":"Copy Fail lands in CISA KEV as actively exploited Linux flaw threatens widespread privilege escalation","article_url":"https://informationsecuritybuzz.com/copy-fail-actively-exploited-linux-flaw/","published_at":"2026-05-05T06:48:13.000Z","origin":"rss"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"10 Anzeichen für einen schlechten CSO","article_url":"https://www.csoonline.com/article/3494128/auswirkungen-auf-it-fachkrafte-10-anzeichen-fur-einen-schlechten-cso.html","published_at":"2026-05-05T04:00:00.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9918,","source":"SANS ISC","article_title":"ISC Stormcast For Tuesday, May 5th, 2026 https://isc.sans.edu/podcastdetail/9918, (Tue, May 5th)","article_url":"https://isc.sans.edu/diary/rss/32952","published_at":"2026-05-05T02:00:02.000Z","origin":"rss"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9916,","source":"SANS ISC","article_title":"ISC Stormcast For Monday, May 4th, 2026 https://isc.sans.edu/podcastdetail/9916, (Mon, May 4th)","article_url":"https://isc.sans.edu/diary/rss/32946","published_at":"2026-05-04T02:00:03.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-31431","source":"The Hacker News","article_title":"CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV","article_url":"https://thehackernews.com/2026/05/cisa-adds-actively-exploited-linux-root.html","published_at":"2026-05-03T06:26:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-31431","source":"Microsoft Security Blog","article_title":"CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments","article_url":"https://www.microsoft.com/en-us/security/blog/2026/05/01/cve-2026-31431-copy-fail-vulnerability-enables-linux-root-privilege-escalation/","published_at":"2026-05-02T03:06:08.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-31431","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/05/01/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-05-01T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41265","source":"Zero Day Initiative","article_title":"ZDI-26-307: FlowiseAI Flowise Airtable_Agent Code Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-307/","published_at":"2026-05-01T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-31431","source":"Tenable Blog","article_title":"Copy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerability","article_url":"https://www.tenable.com/blog/copy-fail-cve-2026-31431-frequently-asked-questions-about-linux-kernel-privilege-escalation","published_at":"2026-04-30T15:50:50.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41940","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/04/30/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-04-30T12:00:00.000Z","origin":"rss"},{"type":"domain","value":"xint.io","source":"The Hacker News","article_title":"New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions","article_url":"https://thehackernews.com/2026/04/new-linux-copy-fail-vulnerability.html","published_at":"2026-04-30T09:24:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-31431","source":"The Hacker News","article_title":"New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions","article_url":"https://thehackernews.com/2026/04/new-linux-copy-fail-vulnerability.html","published_at":"2026-04-30T09:24:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41940","source":"Rapid7 Blog","article_title":"CVE-2026-41940: cPanel & WHM Authentication Bypass","article_url":"https://www.rapid7.com/blog/post/etr-cve-2026-41940-cpanel-whm-authentication-bypass","published_at":"2026-04-29T20:00:20.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-1708","source":"The Hacker News","article_title":"CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV","article_url":"https://thehackernews.com/2026/04/cisa-adds-actively-exploited.html","published_at":"2026-04-29T08:46:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-42208","source":"The Hacker News","article_title":"LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure","article_url":"https://thehackernews.com/2026/04/litellm-cve-2026-42208-sql-injection.html","published_at":"2026-04-29T05:34:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3854","source":"The Hacker News","article_title":"Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push","article_url":"https://thehackernews.com/2026/04/researchers-discover-critical-github.html","published_at":"2026-04-28T18:19:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-1708","source":"CISA Advisories","article_title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/04/28/cisa-adds-two-known-exploited-vulnerabilities-catalog","published_at":"2026-04-28T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-32202","source":"CISA Advisories","article_title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/04/28/cisa-adds-two-known-exploited-vulnerabilities-catalog","published_at":"2026-04-28T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-25874","source":"The Hacker News","article_title":"Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE","article_url":"https://thehackernews.com/2026/04/critical-cve-2026-25874-leaves-hugging.html","published_at":"2026-04-28T11:18:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-35230","source":"Zero Day Initiative","article_title":"ZDI-26-306: Oracle VirtualBox SoundBlaster 16 Race Condition Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-306/","published_at":"2026-04-28T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5943","source":"Zero Day Initiative","article_title":"ZDI-26-304: Foxit PDF Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-304/","published_at":"2026-04-27T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5942","source":"Zero Day Initiative","article_title":"ZDI-26-303: Foxit PDF Reader AcroForm Signature Use-After-Free Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-303/","published_at":"2026-04-27T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5941","source":"Zero Day Initiative","article_title":"ZDI-26-302: Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-302/","published_at":"2026-04-27T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5940","source":"Zero Day Initiative","article_title":"ZDI-26-301: Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-301/","published_at":"2026-04-27T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-41276","source":"Zero Day Initiative","article_title":"ZDI-26-300: Flowise AccountService resetPassword Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-300/","published_at":"2026-04-27T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-7399","source":"CISA Advisories","article_title":"CISA Adds Four Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/04/24/cisa-adds-four-known-exploited-vulnerabilities-catalog","published_at":"2026-04-24T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-57726","source":"CISA Advisories","article_title":"CISA Adds Four Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/04/24/cisa-adds-four-known-exploited-vulnerabilities-catalog","published_at":"2026-04-24T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-57728","source":"CISA Advisories","article_title":"CISA Adds Four Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/04/24/cisa-adds-four-known-exploited-vulnerabilities-catalog","published_at":"2026-04-24T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-29635","source":"CISA Advisories","article_title":"CISA Adds Four Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/04/24/cisa-adds-four-known-exploited-vulnerabilities-catalog","published_at":"2026-04-24T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28747","source":"CISA Advisories","article_title":"Milesight Cameras","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-27785","source":"CISA Advisories","article_title":"Milesight Cameras","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-32644","source":"CISA Advisories","article_title":"Milesight Cameras","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-32649","source":"CISA Advisories","article_title":"Milesight Cameras","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20766","source":"CISA Advisories","article_title":"Milesight Cameras","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-03","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-6375","source":"CISA Advisories","article_title":"SpiceJet Online Booking System","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-04","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-6376","source":"CISA Advisories","article_title":"SpiceJet Online Booking System","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-04","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-70994","source":"CISA Advisories","article_title":"Yadea T5 Electric Bicycle","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-01","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-39987","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/04/23/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-6074","source":"CISA Advisories","article_title":"Intrado 911 Emergency Gateway (EGW)","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-06","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-65856","source":"CISA Advisories","article_title":"Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-05","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3893","source":"CISA Advisories","article_title":"Carlson Software VASCO-B GNSS Receiver","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-02","published_at":"2026-04-23T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-6406","source":"Zero Day Initiative","article_title":"ZDI-26-299: Docker Desktop Enhanced Container Isolation Exposed Dangerous Function Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-299/","published_at":"2026-04-23T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-24032","source":"Zero Day Initiative","article_title":"ZDI-26-298: Siemens SINEC NMS Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-298/","published_at":"2026-04-23T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-25654","source":"Zero Day Initiative","article_title":"ZDI-26-297: Siemens SINEC NMS Improper Authentication Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-297/","published_at":"2026-04-23T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5726","source":"Zero Day Initiative","article_title":"ZDI-26-296: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-296/","published_at":"2026-04-23T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33825","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/04/22/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-04-22T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-5873","source":"CISA Advisories","article_title":"Hardy Barth Salia EV Charge Controller","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-05","published_at":"2026-04-21T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-10371","source":"CISA Advisories","article_title":"Hardy Barth Salia EV Charge Controller","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-05","published_at":"2026-04-21T12:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5059","source":"Zero Day Initiative","article_title":"ZDI-26-245: (0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-245/","published_at":"2026-04-21T05:00:00.000Z","origin":"rss"},{"type":"domain","value":"booking.com","source":"Check Point Research","article_title":"20th April – Threat Intelligence Report","article_url":"https://research.checkpoint.com/2026/20th-april-threat-intelligence-report/","published_at":"2026-04-20T14:24:24.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-3721","source":"Infosecurity Magazine","article_title":"Attackers Exploit DVR Command Injection Flaw to Deploy  Mirai-Based Botnet","article_url":"https://www.infosecurity-magazine.com/news/mirai-variant-dvr-flaw-iot-botnet/","published_at":"2026-04-20T13:01:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-3721","source":"Fortinet Blog","article_title":"Tracking Mirai Variant Nexcorium: A Vulnerability-Driven IoT Botnet Campaign","article_url":"https://feeds.fortinet.com/~/953946956/0/fortinet/blog/threat-research~Tracking-Mirai-Variant-Nexcorium-A-VulnerabilityDriven-IoT-Botnet-Campaign","published_at":"2026-04-17T13:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2017-17215","source":"Fortinet Blog","article_title":"Tracking Mirai Variant Nexcorium: A Vulnerability-Driven IoT Botnet Campaign","article_url":"https://feeds.fortinet.com/~/953946956/0/fortinet/blog/threat-research~Tracking-Mirai-Variant-Nexcorium-A-VulnerabilityDriven-IoT-Botnet-Campaign","published_at":"2026-04-17T13:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2023-33538","source":"Unit 42","article_title":"A Deep Dive Into Attempted Exploitation of CVE-2023-33538","article_url":"https://unit42.paloaltonetworks.com/exploitation-of-cve-2023-33538/","published_at":"2026-04-16T22:00:13.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33032","source":"Rapid7 Blog","article_title":"CVE-2026-33032: Nginx UI Missing MCP Authentication","article_url":"https://www.rapid7.com/blog/post/etr-cve-2026-33032-nginx-ui-missing-mcp-authentication","published_at":"2026-04-16T19:44:49.000Z","origin":"rss"},{"type":"domain","value":"sec.cloudapps.cisco.com","source":"Cisco Advisories","article_title":"Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities","article_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unity%20Connection%20Cross-Site%20Scripting,%20Open%20Redirect,%20and%20SQL%20Injection%20Vulnerabilities%26vs_k=1","published_at":"2026-04-15T16:00:00.000Z","origin":"rss"},{"type":"url","value":"https://sec.cloudapps.cisco.com/security/c","source":"Cisco Advisories","article_title":"Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities","article_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unity%20Connection%20Cross-Site%20Scripting,%20Open%20Redirect,%20and%20SQL%20Injection%20Vulnerabilities%26vs_k=1","published_at":"2026-04-15T16:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33032","source":"Infosecurity Magazine","article_title":"Critical Nginx-ui MCP Flaw Actively Exploited in the Wild","article_url":"https://www.infosecurity-magazine.com/news/nginx-ui-mcp-flaw-actively/","published_at":"2026-04-15T13:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-22898","source":"Zero Day Initiative","article_title":"ZDI-26-292: QNAP TS-453E QVRPro excpostgres  Exposed Dangerous Method Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-292/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-32861","source":"Zero Day Initiative","article_title":"ZDI-26-291: NI LabVIEW LVCLASS File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-291/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-32860","source":"Zero Day Initiative","article_title":"ZDI-26-290: NI LabVIEW LVLIB File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-290/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71066","source":"Zero Day Initiative","article_title":"ZDI-26-289: Linux Kernel ETS Scheduler Race Condition Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-289/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5492","source":"Zero Day Initiative","article_title":"ZDI-26-288: DriveLock Directory Traversal Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-288/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5491","source":"Zero Day Initiative","article_title":"ZDI-26-287: DriveLock Directory Traversal Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-287/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5490","source":"Zero Day Initiative","article_title":"ZDI-26-286: DriveLock SQL Injection Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-286/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5489","source":"Zero Day Initiative","article_title":"ZDI-26-285: DriveLock Directory Traversal Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-285/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5487","source":"Zero Day Initiative","article_title":"ZDI-26-284: DriveLock Directory Traversal Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-284/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5056","source":"Zero Day Initiative","article_title":"ZDI-26-283: GStreamer qtdemux Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-283/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2050","source":"Zero Day Initiative","article_title":"ZDI-26-282: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-282/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34054","source":"Zero Day Initiative","article_title":"ZDI-26-281: Microsoft vcpkg OpenSSL Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-281/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4682","source":"Zero Day Initiative","article_title":"ZDI-26-280: (Pwn2Own) HP DeskJet 2855e JobStatusEvent Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-280/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-32183","source":"Zero Day Initiative","article_title":"ZDI-26-279: Microsoft Windows Snipping Tool Improper Input Validation Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-279/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-33104","source":"Zero Day Initiative","article_title":"ZDI-26-278: Microsoft Windows win32kfull Improper Locking Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-278/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-32073","source":"Zero Day Initiative","article_title":"ZDI-26-277: Microsoft Windows afd.sys Race Condition Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-277/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-26179","source":"Zero Day Initiative","article_title":"ZDI-26-276: Microsoft Windows Secure Kernel Double Free Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-276/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5057","source":"Zero Day Initiative","article_title":"ZDI-26-272: ATEN Unizon RpcProvider Missing Authentication Denial-of-Service Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-272/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5424","source":"Zero Day Initiative","article_title":"ZDI-26-271: Avast Premium Security Gen Self Protection Driver Exposed Dangerous Function Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-271/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-54987","source":"Zero Day Initiative","article_title":"ZDI-26-270: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-270/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-54948","source":"Zero Day Initiative","article_title":"ZDI-26-269: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-269/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-25203","source":"Zero Day Initiative","article_title":"ZDI-26-268: Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-268/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-40688","source":"Zero Day Initiative","article_title":"ZDI-26-266: Fortinet FortiWeb cat_cgi_paths Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-266/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-39811","source":"Zero Day Initiative","article_title":"ZDI-26-265: Fortinet FortiWeb cgi_buf_alloc Integer Overflow Denial-of-Service Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-265/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-27305","source":"Zero Day Initiative","article_title":"ZDI-26-264: Adobe ColdFusion fetchCFSettingFile Directory Traversal Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-264/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-27282","source":"Zero Day Initiative","article_title":"ZDI-26-263: Adobe ColdFusion subscribeToEndpoints Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-263/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-34619","source":"Zero Day Initiative","article_title":"ZDI-26-262: Adobe ColdFusion deleteVersion Directory Traversal Arbitrary File Deletion Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-262/","published_at":"2026-04-15T05:00:00.000Z","origin":"rss"},{"type":"domain","value":"cpuid.com","source":"SentinelOne Blog","article_title":"Securing the Software Supply Chain: How SentinelOne’s AI EDR Autonomously Blocked the CPU-Z Watering Hole Cyber Attack","article_url":"https://www.sentinelone.com/blog/securing-the-software-supply-chain-how-sentinelones-ai-edr-autonomously-blocked-the-cpu-z-watering-hole-cyber-attack/","published_at":"2026-04-14T22:59:27.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5495","source":"Zero Day Initiative","article_title":"ZDI-26-257: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-257/","published_at":"2026-04-06T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5494","source":"Zero Day Initiative","article_title":"ZDI-26-256: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-256/","published_at":"2026-04-06T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5493","source":"Zero Day Initiative","article_title":"ZDI-26-255: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-255/","published_at":"2026-04-06T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5496","source":"Zero Day Initiative","article_title":"ZDI-26-254: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-254/","published_at":"2026-04-06T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-21518","source":"Zero Day Initiative","article_title":"ZDI-26-253: Microsoft Visual Studio Code mcp.json Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-253/","published_at":"2026-04-02T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4698","source":"Zero Day Initiative","article_title":"ZDI-26-252: Mozilla Firefox IonMonkey Switch Statement Optimization Type Confusion Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-252/","published_at":"2026-04-02T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3775","source":"Zero Day Initiative","article_title":"ZDI-26-251: Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-251/","published_at":"2026-04-02T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3502","source":"Check Point Research","article_title":"Operation TrueChaos: 0-Day Exploitation Against Southeast Asian Government Targets","article_url":"https://research.checkpoint.com/2026/operation-truechaos-0-day-exploitation-against-southeast-asian-government-targets/","published_at":"2026-03-31T13:16:50.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-53521","source":"Infosecurity Magazine","article_title":"NCSC Urges Immediate Patching of F5 BIG-IP Bug","article_url":"https://www.infosecurity-magazine.com/news/ncsc-urges-immediate-patching-f5/","published_at":"2026-03-31T08:45:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23092","source":"Zero Day Initiative","article_title":"ZDI-26-250: Linux Kernel Analog Device Driver Improper Validation of Array Index Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-250/","published_at":"2026-03-31T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3055","source":"Infosecurity Magazine","article_title":"Critical Citrix NetScaler Vulnerability Exploited in the Wild","article_url":"https://www.infosecurity-magazine.com/news/critical-citrix-netscaler/","published_at":"2026-03-30T10:45:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5055","source":"Zero Day Initiative","article_title":"ZDI-26-249: NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-249/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5054","source":"Zero Day Initiative","article_title":"ZDI-26-248: NoMachine External Control of File Path Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-248/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5053","source":"Zero Day Initiative","article_title":"ZDI-26-247: NoMachine External Control of File Path Arbitrary File Deletion Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-247/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-5058","source":"Zero Day Initiative","article_title":"ZDI-26-246: (0Day) aws-mcp-server Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-246/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-13088","source":"Zero Day Initiative","article_title":"ZDI-26-244: (Pwn2Own) QNAP QHora-322 miro_webserver_controllers_api_login_singIn Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-244/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-62842","source":"Zero Day Initiative","article_title":"ZDI-26-243: (Pwn2Own) QNAP TS-453E write_file_to_svr External Control of File Path Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-243/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-62840","source":"Zero Day Initiative","article_title":"ZDI-26-242: (Pwn2Own) QNAP TS-453E server_handlers.pyc rr2s.kwargs Error Message Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-242/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-62846","source":"Zero Day Initiative","article_title":"ZDI-26-241: (Pwn2Own) QNAP QHora-322 qvpn_db_mgr username SQL Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-241/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-62845","source":"Zero Day Initiative","article_title":"ZDI-26-240: (Pwn2Own) QNAP QHora-322 qvpn_db_mgr role_type Improper Neutralization of Escape Sequences Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-240/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-62844","source":"Zero Day Initiative","article_title":"ZDI-26-239: (Pwn2Own) QNAP QHora-322 login.newAuthMiddleware.Authenticator Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-239/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2023-6270","source":"Zero Day Initiative","article_title":"ZDI-26-238: Linux Kernel AoE Driver Use-After-Free Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-238/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-62843","source":"Zero Day Initiative","article_title":"ZDI-26-237: (Pwn2Own) QNAP QHora-322  ip6_wanifset Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-237/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0954","source":"Zero Day Initiative","article_title":"ZDI-26-236: Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-236/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0957","source":"Zero Day Initiative","article_title":"ZDI-26-235: Digilent DASYLab DSA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-235/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0956","source":"Zero Day Initiative","article_title":"ZDI-26-234: Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-234/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-0955","source":"Zero Day Initiative","article_title":"ZDI-26-233: Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-233/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-40277","source":"Zero Day Initiative","article_title":"ZDI-26-232: (Pwn2Own) Red Hat Enterprise Linux vmwgfx Driver Integer Overflow Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-232/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20695","source":"Zero Day Initiative","article_title":"ZDI-26-231: Apple macOS Exposure of Sensitive Information to Unauthorized Sphere Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-231/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20690","source":"Zero Day Initiative","article_title":"ZDI-26-230: Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-230/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3691","source":"Zero Day Initiative","article_title":"ZDI-26-229: OpenClaw Client PKCE Verifier Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-229/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3690","source":"Zero Day Initiative","article_title":"ZDI-26-228: OpenClaw Canvas Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-228/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3689","source":"Zero Day Initiative","article_title":"ZDI-26-227: OpenClaw Canvas Path Traversal Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-227/","published_at":"2026-03-30T05:00:00.000Z","origin":"rss"},{"type":"domain","value":"booking.com","source":"Recorded Future","article_title":"ClickFix Campaigns Targeting Windows and macOS","article_url":"https://www.recordedfuture.com/research/clickfix-campaigns-targeting-windows-and-macos","published_at":"2026-03-25T00:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20131","source":"Infosecurity Magazine","article_title":"CISA Orders US Government to Patch Maximum Severity Cisco Flaw","article_url":"https://www.infosecurity-magazine.com/news/cisa-orders-us-government-patch/","published_at":"2026-03-23T10:30:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-58487","source":"Zero Day Initiative","article_title":"ZDI-26-225: (Pwn2Own) Samsung Galaxy S25 Samsung Account Open Redirect Security Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-225/","published_at":"2026-03-23T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-58486","source":"Zero Day Initiative","article_title":"ZDI-26-224: (Pwn2Own) Samsung Galaxy S25 Samsung Account Cross-Site Scripting Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-224/","published_at":"2026-03-23T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-58488","source":"Zero Day Initiative","article_title":"ZDI-26-223: (Pwn2Own) Samsung Galaxy S25 Smart Touch Call Application Protection Mechanism Failure Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-223/","published_at":"2026-03-23T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-14233","source":"Zero Day Initiative","article_title":"ZDI-26-222: (Pwn2Own) Canon imageCLASS MF654Cdw BJNP Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-222/","published_at":"2026-03-23T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4154","source":"Zero Day Initiative","article_title":"ZDI-26-221: GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-221/","published_at":"2026-03-19T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4153","source":"Zero Day Initiative","article_title":"ZDI-26-220: GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-220/","published_at":"2026-03-19T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4152","source":"Zero Day Initiative","article_title":"ZDI-26-219: GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-219/","published_at":"2026-03-19T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4151","source":"Zero Day Initiative","article_title":"ZDI-26-218: GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-218/","published_at":"2026-03-19T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4150","source":"Zero Day Initiative","article_title":"ZDI-26-217: GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-217/","published_at":"2026-03-19T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3888","source":"Infosecurity Magazine","article_title":"New Ubuntu Flaw Enables Local Attackers to Gain Root Access","article_url":"https://www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/","published_at":"2026-03-18T15:45:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-62847","source":"Zero Day Initiative","article_title":"ZDI-26-216: (Pwn2Own) QNAP TS-453E smbd domain_name Argument Injection Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-216/","published_at":"2026-03-17T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4158","source":"Zero Day Initiative","article_title":"ZDI-26-215: KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-215/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2049","source":"Zero Day Initiative","article_title":"ZDI-26-214: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-214/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2046","source":"Zero Day Initiative","article_title":"ZDI-26-213: GIMP LBM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-213/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-13957","source":"Zero Day Initiative","article_title":"ZDI-26-212: Schneider Electric EcoStruxure Data Center Expert Hard-coded Password Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-212/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-1361","source":"Zero Day Initiative","article_title":"ZDI-26-211: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-211/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-21079","source":"Zero Day Initiative","article_title":"ZDI-26-210: (Pwn2Own) Samsung Galaxy S25 Samsung Members Security Feature Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-210/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-21079","source":"Zero Day Initiative","article_title":"ZDI-26-209: (Pwn2Own) Samsung Galaxy S25 Samsung Members Open Redirect Security Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-209/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-14237","source":"Zero Day Initiative","article_title":"ZDI-26-208: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-208/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-14236","source":"Zero Day Initiative","article_title":"ZDI-26-207: (Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-207/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-14235","source":"Zero Day Initiative","article_title":"ZDI-26-206: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-206/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-14234","source":"Zero Day Initiative","article_title":"ZDI-26-205: (Pwn2Own) Canon imageCLASS MF654Cdw PJCC Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-205/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-14232","source":"Zero Day Initiative","article_title":"ZDI-26-204: (Pwn2Own) Canon imageCLASS MF654Cdw XPS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-204/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-14231","source":"Zero Day Initiative","article_title":"ZDI-26-203: (Pwn2Own) Canon imageCLASS MF654Cdw XML SOAP Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-203/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-59389","source":"Zero Day Initiative","article_title":"ZDI-26-202: (Pwn2Own) QNAP TS-453E  Hyper Data Protector Plugin query_original_file_size SQL Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-202/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-59388","source":"Zero Day Initiative","article_title":"ZDI-26-201: (Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin Hard-Coded Credentials Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-201/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-62849","source":"Zero Day Initiative","article_title":"ZDI-26-200: (Pwn2Own) QNAP TS-453E nvrlog_event_add msg SQL Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-200/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-62848","source":"Zero Day Initiative","article_title":"ZDI-26-199: (Pwn2Own) QNAP TS-453E conn_log_tool Format String Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-199/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-11837","source":"Zero Day Initiative","article_title":"ZDI-26-198: (Pwn2Own) QNAP TS-453E malware_remover Code Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-198/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4157","source":"Zero Day Initiative","article_title":"ZDI-26-197: (Pwn2Own) ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-197/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4156","source":"Zero Day Initiative","article_title":"ZDI-26-196: (Pwn2Own) ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-196/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4155","source":"Zero Day Initiative","article_title":"ZDI-26-195: (Pwn2Own) ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-195/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-21527","source":"Zero Day Initiative","article_title":"ZDI-26-194: Microsoft Exchange InterceptorSmtpAgent Improper Input Validation Security Feature Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-194/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2022-1972","source":"Zero Day Initiative","article_title":"ZDI-26-193: (Pwn2Own) Linux Kernel nf_tables_newset Out-Of-Bounds Write Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-193/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-4149","source":"Zero Day Initiative","article_title":"ZDI-26-192: Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-192/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2022-32250","source":"Zero Day Initiative","article_title":"ZDI-26-191: (Pwn2Own) Linux Kernel nf_tables Use-After-Free Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-191/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-41238","source":"Zero Day Initiative","article_title":"ZDI-26-190: (Pwn2Own) VMware Workstation PVSCSI Heap-based Buffer Overflow Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-190/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-41236","source":"Zero Day Initiative","article_title":"ZDI-26-189: (Pwn2Own) VMware ESXi VMXNET3 Integer Overflow Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-189/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-41237","source":"Zero Day Initiative","article_title":"ZDI-26-188: (Pwn2Own) VMware ESXi VMCI Integer Underflow Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-188/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2022-45188","source":"Zero Day Initiative","article_title":"ZDI-26-187: (Pwn2Own) Synology DiskStation Manager Netatalk Library Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-187/","published_at":"2026-03-16T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-24018","source":"Zero Day Initiative","article_title":"ZDI-26-186: Fortinet FortiClient Link Following Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-186/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-25181","source":"Zero Day Initiative","article_title":"ZDI-26-185: Microsoft Windows GDI Bitmap Parsing Out-Of-Bound Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-185/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-24289","source":"Zero Day Initiative","article_title":"ZDI-26-184: Microsoft Windows NDIS Driver Use-After-Free Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-184/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-24285","source":"Zero Day Initiative","article_title":"ZDI-26-183: Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-183/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-24285","source":"Zero Day Initiative","article_title":"ZDI-26-182: Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-182/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-24285","source":"Zero Day Initiative","article_title":"ZDI-26-181: Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-181/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23668","source":"Zero Day Initiative","article_title":"ZDI-26-180: Microsoft Windows cdd Improper Locking Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-180/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23668","source":"Zero Day Initiative","article_title":"ZDI-26-179: Microsoft Windows win32kfull Improper Locking Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-179/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23668","source":"Zero Day Initiative","article_title":"ZDI-26-178: Microsoft Windows cdd Improper Locking Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-178/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-26364","source":"Zero Day Initiative","article_title":"ZDI-26-177: Array Networks MotionPro ArrayInstallManager Incorrect Permission Assignment Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-177/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20616","source":"Zero Day Initiative","article_title":"ZDI-26-176: Apple macOS libusd_ms Alembic File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-176/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20634","source":"Zero Day Initiative","article_title":"ZDI-26-175: Apple macOS ImageIO SGI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-175/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20675","source":"Zero Day Initiative","article_title":"ZDI-26-174: Apple macOS ImageIO SGI File Parsing Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-174/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-20611","source":"Zero Day Initiative","article_title":"ZDI-26-173: Apple macOS Audio APAC Frame Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-173/","published_at":"2026-03-10T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3839","source":"Zero Day Initiative","article_title":"ZDI-26-172: Unraid Authentication Request Path Traversal Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-172/","published_at":"2026-03-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3838","source":"Zero Day Initiative","article_title":"ZDI-26-171: Unraid Update Request Path Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-171/","published_at":"2026-03-09T05:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3086","source":"Zero Day Initiative","article_title":"ZDI-26-170: GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-170/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3084","source":"Zero Day Initiative","article_title":"ZDI-26-169: GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-169/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2921","source":"Zero Day Initiative","article_title":"ZDI-26-168: GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-168/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3085","source":"Zero Day Initiative","article_title":"ZDI-26-167: GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-167/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3083","source":"Zero Day Initiative","article_title":"ZDI-26-166: GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-166/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2922","source":"Zero Day Initiative","article_title":"ZDI-26-165: GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-165/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2920","source":"Zero Day Initiative","article_title":"ZDI-26-164: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-164/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3082","source":"Zero Day Initiative","article_title":"ZDI-26-163: GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-163/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3081","source":"Zero Day Initiative","article_title":"ZDI-26-162: GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-162/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2923","source":"Zero Day Initiative","article_title":"ZDI-26-161: GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-161/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3562","source":"Zero Day Initiative","article_title":"ZDI-26-160: (Pwn2Own) Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-160/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3561","source":"Zero Day Initiative","article_title":"ZDI-26-159: (Pwn2Own) Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-159/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3560","source":"Zero Day Initiative","article_title":"ZDI-26-158: (Pwn2Own) Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-158/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3559","source":"Zero Day Initiative","article_title":"ZDI-26-157: (Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-157/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3558","source":"Zero Day Initiative","article_title":"ZDI-26-156: (Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-156/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3557","source":"Zero Day Initiative","article_title":"ZDI-26-155: (Pwn2Own) Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-155/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3556","source":"Zero Day Initiative","article_title":"ZDI-26-154: (Pwn2Own) Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-154/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3555","source":"Zero Day Initiative","article_title":"ZDI-26-153: (Pwn2Own) Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-153/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-15558","source":"Zero Day Initiative","article_title":"ZDI-26-152: Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-152/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-3094","source":"Zero Day Initiative","article_title":"ZDI-26-151: Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-151/","published_at":"2026-03-06T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-28400","source":"Zero Day Initiative","article_title":"ZDI-26-150: Docker Desktop for Mac Docker Model Runner Exposed Dangerous Function Denial-of-Service Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-150/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71218","source":"Zero Day Initiative","article_title":"ZDI-26-149: Trend Micro Cleaner One Pro Link Following Denial-of-Service Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-149/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71209","source":"Zero Day Initiative","article_title":"ZDI-26-148: Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-148/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71208","source":"Zero Day Initiative","article_title":"ZDI-26-147: Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-147/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71207","source":"Zero Day Initiative","article_title":"ZDI-26-146: Trend Micro Apex Central Manual Update Server-Side Request Forgery Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-146/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71206","source":"Zero Day Initiative","article_title":"ZDI-26-145: Trend Micro Apex Central Scheduled Update Server-Side Request Forgery Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-145/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71205","source":"Zero Day Initiative","article_title":"ZDI-26-144: Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-144/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71217","source":"Zero Day Initiative","article_title":"ZDI-26-143: Trend Micro Apex One Security Agent TmSelfProtect Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-143/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71216","source":"Zero Day Initiative","article_title":"ZDI-26-142: Trend Micro Apex One Security Agent Cache Mechanism Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-142/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71215","source":"Zero Day Initiative","article_title":"ZDI-26-141: Trend Micro Apex One Security Agent iCore Service Signature Verification Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-141/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71213","source":"Zero Day Initiative","article_title":"ZDI-26-140: Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-140/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71214","source":"Zero Day Initiative","article_title":"ZDI-26-139: Trend Micro Apex One Security Agent iCore Service Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-139/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71212","source":"Zero Day Initiative","article_title":"ZDI-26-138: Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-138/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71211","source":"Zero Day Initiative","article_title":"ZDI-26-137: Trend Micro Apex One Console Directory Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-137/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-71210","source":"Zero Day Initiative","article_title":"ZDI-26-136: Trend Micro Apex One Console Directory Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-136/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-27794","source":"Zero Day Initiative","article_title":"ZDI-26-135: LangChain LangGraph BaseCache Deserialization of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-135/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-23600","source":"Zero Day Initiative","article_title":"ZDI-26-134: Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-134/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-26975","source":"Zero Day Initiative","article_title":"ZDI-26-133: (Pwn2Own) Music Assistant _update_library_item External Control of File Path Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-133/","published_at":"2026-03-03T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-25656","source":"Zero Day Initiative","article_title":"ZDI-26-132: Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-132/","published_at":"2026-02-25T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-25655","source":"Zero Day Initiative","article_title":"ZDI-26-131: Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-131/","published_at":"2026-02-25T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2493","source":"Zero Day Initiative","article_title":"ZDI-26-130: IceWarp collaboration Directory Traversal Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-130/","published_at":"2026-02-25T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2491","source":"Zero Day Initiative","article_title":"ZDI-26-129: Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-129/","published_at":"2026-02-25T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-21634","source":"Zero Day Initiative","article_title":"ZDI-26-128: (Pwn2Own) Ubiquiti Networks AI Pro Uncaught Exception Denial-of-Service Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-128/","published_at":"2026-02-25T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-21633","source":"Zero Day Initiative","article_title":"ZDI-26-127: (Pwn2Own) Ubiquiti Networks AI Pro Cleartext Transmission Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-127/","published_at":"2026-02-25T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-21633","source":"Zero Day Initiative","article_title":"ZDI-26-126: (Pwn2Own) Ubiquiti Networks AI Pro Discovery Protocol Missing Encryption Protocol Downgrade Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-126/","published_at":"2026-02-25T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2664","source":"Zero Day Initiative","article_title":"ZDI-26-125: Docker Desktop grpcfuse Kernel Module Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-125/","published_at":"2026-02-25T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-15060","source":"Zero Day Initiative","article_title":"ZDI-26-124: claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-124/","published_at":"2026-02-25T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2040","source":"Zero Day Initiative","article_title":"ZDI-26-122: PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-122/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2048","source":"Zero Day Initiative","article_title":"ZDI-26-121: GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-121/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2047","source":"Zero Day Initiative","article_title":"ZDI-26-120: GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-120/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2045","source":"Zero Day Initiative","article_title":"ZDI-26-119: GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-119/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2044","source":"Zero Day Initiative","article_title":"ZDI-26-118: GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-118/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2490","source":"Zero Day Initiative","article_title":"ZDI-26-117: RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-117/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2492","source":"Zero Day Initiative","article_title":"ZDI-26-116: TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-116/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-62676","source":"Zero Day Initiative","article_title":"ZDI-26-115: Fortinet FortiClient VPN FCConfig Utility Link Following Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-115/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-1335","source":"Zero Day Initiative","article_title":"ZDI-26-114: Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-114/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-1334","source":"Zero Day Initiative","article_title":"ZDI-26-113: Dassault Systèmes eDrawings Viewer EPRT File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-113/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-1333","source":"Zero Day Initiative","article_title":"ZDI-26-112: Dassault Systèmes eDrawings Viewer EPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-112/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-2635","source":"Zero Day Initiative","article_title":"ZDI-26-111: MLflow Use of Default Password Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-111/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-60037","source":"Zero Day Initiative","article_title":"ZDI-26-110: Bosch Rexroth IndraWorks Print Settings File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-110/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-60038","source":"Zero Day Initiative","article_title":"ZDI-26-110: Bosch Rexroth IndraWorks Print Settings File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-110/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-60035","source":"Zero Day Initiative","article_title":"ZDI-26-109: Bosch Rexroth IndraWorks OPC.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-109/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-60036","source":"Zero Day Initiative","article_title":"ZDI-26-108: Bosch Rexroth IndraWorks UA.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-108/","published_at":"2026-02-19T06:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2026-22769","source":"Mandiant Blog","article_title":"From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day","article_url":"https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day/","published_at":"2026-02-17T14:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2018-0802","source":"Fortinet Blog","article_title":"Deep Dive into New XWorm Campaign Utilizing Multiple-Themed Phishing Emails","article_url":"https://feeds.fortinet.com/~/945702296/0/fortinet/blog/threat-research~Deep-Dive-into-New-XWorm-Campaign-Utilizing-MultipleThemed-Phishing-Emails","published_at":"2026-02-10T14:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2024-54529","source":"Google Project Zero","article_title":"Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529","article_url":"https://projectzero.google/2026/01/sound-barrier-2.html","published_at":"2026-01-29T23:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-31235","source":"Google Project Zero","article_title":"Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529","article_url":"https://projectzero.google/2026/01/sound-barrier-2.html","published_at":"2026-01-29T23:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-64328","source":"Fortinet Blog","article_title":"Unveiling the Weaponized Web Shell EncystPHP","article_url":"https://feeds.fortinet.com/~/943094408/0/fortinet/blog/threat-research~Unveiling-the-Weaponized-Web-Shell-EncystPHP","published_at":"2026-01-28T14:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-8088","source":"Mandiant Blog","article_title":"Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088","article_url":"https://cloud.google.com/blog/topics/threat-intelligence/exploiting-critical-winrar-vulnerability/","published_at":"2026-01-27T14:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2017-11882","source":"Fortinet Blog","article_title":"New Remcos Campaign Distributed Through Fake Shipping Document","article_url":"https://feeds.fortinet.com/~/940295429/0/fortinet/blog/threat-research~New-Remcos-Campaign-Distributed-Through-Fake-Shipping-Document","published_at":"2026-01-14T14:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-55182","source":"Recorded Future","article_title":"December 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat Activity","article_url":"https://www.recordedfuture.com/blog/december-2025-cve-landscape","published_at":"2026-01-13T00:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-50165","source":"ESET Research","article_title":"Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component","article_url":"https://www.welivesecurity.com/en/eset-research/revisiting-cve-2025-50165-critical-flaw-windows-imaging-component/","published_at":"2025-12-22T09:55:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2017-3558","source":"Google Project Zero","article_title":"Thinking Outside The Box [dusted off draft from 2017]","article_url":"https://projectzero.google/2025/12/thinking-outside-the-box.html","published_at":"2025-12-16T09:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-12480","source":"Mandiant Blog","article_title":"No Place Like Localhost: Unauthenticated Remote Access via Triofox Vulnerability CVE-2025-12480","article_url":"https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480/","published_at":"2025-11-10T14:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-61884","source":"Mandiant Blog","article_title":"Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign","article_url":"https://cloud.google.com/blog/topics/threat-intelligence/oracle-ebusiness-suite-zero-day-exploitation/","published_at":"2025-10-09T14:00:00.000Z","origin":"rss"},{"type":"domain","value":"asp.net","source":"Mandiant Blog","article_title":"ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690)","article_url":"https://cloud.google.com/blog/topics/threat-intelligence/viewstate-deserialization-zero-day-vulnerability/","published_at":"2025-09-03T14:00:00.000Z","origin":"rss"},{"type":"cve","value":"CVE-2025-53690","source":"Mandiant Blog","article_title":"ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690)","article_url":"https://cloud.google.com/blog/topics/threat-intelligence/viewstate-deserialization-zero-day-vulnerability/","published_at":"2025-09-03T14:00:00.000Z","origin":"rss"}]}