Indicators of Compromise

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-144: Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability

CVEs: CVE-2025-71205

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-143: Trend Micro Apex One Security Agent TmSelfProtect Origin Validation Error Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71217

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-142: Trend Micro Apex One Security Agent Cache Mechanism Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71216

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-141: Trend Micro Apex One Security Agent iCore Service Signature Verification Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71215

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-140: Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71213

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-139: Trend Micro Apex One Security Agent iCore Service Origin Validation Error Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71214

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-138: Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71212

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-137: Trend Micro Apex One Console Directory Traversal Remote Code Execution Vulnerability

CVEs: CVE-2025-71211

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-136: Trend Micro Apex One Console Directory Traversal Remote Code Execution Vulnerability

CVEs: CVE-2025-71210

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-135: LangChain LangGraph BaseCache Deserialization of Untrusted Data Remote Code Execution Vulnerability

CVEs: CVE-2026-27794

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-134: Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability

CVEs: CVE-2026-23600

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-133: (Pwn2Own) Music Assistant _update_library_item External Control of File Path Remote Code Execution Vulnerability

CVEs: CVE-2026-26975

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 25

ZDI-26-132: Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

CVEs: CVE-2026-25656

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 25

ZDI-26-131: Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

CVEs: CVE-2026-25655

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 25

ZDI-26-130: IceWarp collaboration Directory Traversal Information Disclosure Vulnerability

CVEs: CVE-2026-2493

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 25

ZDI-26-129: Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability

CVEs: CVE-2026-2491

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 25

ZDI-26-128: (Pwn2Own) Ubiquiti Networks AI Pro Uncaught Exception Denial-of-Service Vulnerability

CVEs: CVE-2026-21634

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 25

ZDI-26-127: (Pwn2Own) Ubiquiti Networks AI Pro Cleartext Transmission Information Disclosure Vulnerability

CVEs: CVE-2026-21633

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 25

ZDI-26-126: (Pwn2Own) Ubiquiti Networks AI Pro Discovery Protocol Missing Encryption Protocol Downgrade Vulnerability

CVEs: CVE-2026-21633

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 25

ZDI-26-125: Docker Desktop grpcfuse Kernel Module Out-Of-Bounds Read Information Disclosure Vulnerability

CVEs: CVE-2026-2664

Zero Day Initiative →