Indicators of Compromise

Zero Day Initiative 📡 RSS Feb 25

ZDI-26-126: (Pwn2Own) Ubiquiti Networks AI Pro Discovery Protocol Missing Encryption Protocol Downgrade Vulnerability

CVEs: CVE-2026-21633

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 25

ZDI-26-125: Docker Desktop grpcfuse Kernel Module Out-Of-Bounds Read Information Disclosure Vulnerability

CVEs: CVE-2026-2664

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 25

ZDI-26-124: claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability

CVEs: CVE-2025-15060

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-122: PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

CVEs: CVE-2026-2040

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-121: GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2026-2048

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-120: GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2026-2047

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-119: GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2026-2045

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-118: GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability

CVEs: CVE-2026-2044

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-117: RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability

CVEs: CVE-2026-2490

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-116: TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

CVEs: CVE-2026-2492

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-115: Fortinet FortiClient VPN FCConfig Utility Link Following Local Privilege Escalation Vulnerability

CVEs: CVE-2025-62676

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-114: Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2026-1335

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-113: Dassault Systèmes eDrawings Viewer EPRT File Parsing Memory Corruption Remote Code Execution Vulnerability

CVEs: CVE-2026-1334

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-112: Dassault Systèmes eDrawings Viewer EPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

CVEs: CVE-2026-1333

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-111: MLflow Use of Default Password Authentication Bypass Vulnerability

CVEs: CVE-2026-2635

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-110: Bosch Rexroth IndraWorks Print Settings File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

CVEs: CVE-2025-60037 CVE-2025-60038

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-109: Bosch Rexroth IndraWorks OPC.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

CVEs: CVE-2025-60035

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-108: Bosch Rexroth IndraWorks UA.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

CVEs: CVE-2025-60036

Zero Day Initiative →

Mandiant Blog 📡 RSS Feb 17

From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day

CVEs: CVE-2026-22769

Mandiant Blog →

Fortinet Blog 📡 RSS Feb 10

Deep Dive into New XWorm Campaign Utilizing Multiple-Themed Phishing Emails

CVEs: CVE-2018-0802

Fortinet Blog →