MITRE ATT&CK — FreeIntelHub

Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an a...

T1190 T1059 1 IOC

The Hacker News →

Cisco Advisories Vulnerability Disclosure Cisco Apr 28

Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote atta...

T1190

Cisco Advisories →

The Hacker News CVE GitHub Apr 28

Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE

Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,0...

T1190 1 IOC

The Hacker News →

Zero Day Initiative CVE Apr 27

ZDI-26-304: Foxit PDF Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit t...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apr 27

ZDI-26-302: Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit t...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apr 27

ZDI-26-301: Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit t...

T1190 1 IOC

Zero Day Initiative →

CISA Advisories CVE Apr 23

Milesight Cameras

View CSAF Summary Successful exploitation of these vulnerabilities could crash the device being accessed or allow remote code execution. The following versio...

T1190 6 IOCs

CISA Advisories →

CISA Advisories CVE Apr 23

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-39987 Marimo Re...

T1190 1 IOC

CISA Advisories →

Zero Day Initiative CVE Apr 23

ZDI-26-296: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ASDA-Soft. User interaction is required t...

T1190 1 IOC

Zero Day Initiative →

Cisco Advisories Vulnerability Disclosure Cisco Apr 22

Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker ...

T1190 T1059

Cisco Advisories →

CISA Advisories CVE Apr 21

Hardy Barth Salia EV Charge Controller

View CSAF Summary Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code e...

T1190 2 IOCs

CISA Advisories →

Zero Day Initiative CVE Amazon Apr 21

ZDI-26-245: (0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit t...

T1190 T1059 1 IOC

Zero Day Initiative →

Wordfence Blog Vulnerability Disclosure WordPress Apr 16

Attackers Actively Exploiting Critical Vulnerability in Ninja Forms – File Upload Plugin

On April 6th, 2026, we publicly disclosed a critical Arbitrary File Upload vulnerability in Ninja Forms – File Upload, a WordPress plugin with an estimated 5...

T1190

Wordfence Blog →

Cisco Advisories Vulnerability Disclosure Cisco Apr 15

Cisco Identity Services Engine Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlyin...

T1190

Cisco Advisories →

Zero Day Initiative CVE Apr 15

ZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E devices. Authentication is not requi...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Apr 15

ZDI-26-291: NI LabVIEW LVCLASS File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI LabVIEW. User interaction is required to exploit this vu...

T1190 1 IOC

Zero Day Initiative →

Discovery

T1046 Network Service Discovery

Lateral Movement

T1021 Remote Services

Command and Control

T1071 Application Layer Protocol T1573 Encrypted Channel T1572 Protocol Tunneling

Exfiltration

T1041 Exfiltration Over C2 Channel T1567 Exfiltration Over Web Service

Impact

T1486 Data Encrypted for Impact T1489 Service Stop T1498 Network Denial of Service T1491 Defacement T1529 System Shutdown/Reboot

Resource Development

T1583 Acquire Infrastructure T1588 Obtain Capabilities

Reconnaissance

T1592 Gather Victim Host Information T1598 Phishing for Information

MITRE ATT&CK Mapping

T1190 — Exploit Public-Facing Application (Initial Access)

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Command and Control

Exfiltration

Impact

Resource Development

Reconnaissance