Vulnerability Disclosure

Zero Day Initiative Vulnerability Disclosure Apr 15

ZDI-26-267: Malwarebytes Anti-Malware Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Anti-Malware. An attacker must first obtain the ab...

T1548 T1068

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Docker Apr 15

ZDI-26-261: (0Day) Docker Desktop credentialHelper Directory Traversal Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to es...

T1548

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Docker Apr 15

ZDI-26-260: (0Day) Docker Desktop System Editor Uncontrolled Search Path Element Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to es...

T1548

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Microsoft Docker Apr 15

ZDI-26-259: (0Day) Docker Desktop cli-plugins Incorrect Permission Assignment Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. An attacker must first obtain the a...

T1548 T1068

Zero Day Initiative →

Zero Day Initiative Vulnerability Disclosure Microsoft Docker Apr 15

ZDI-26-258: (0Day) Docker Desktop extension-manager Exposed Dangerous Function Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop for Windows. An attacker must first obtain the a...

T1548 T1068

Zero Day Initiative →

Wordfence Blog Vulnerability Disclosure Intel WordPress Apr 13

Attackers Actively Exploiting Critical Vulnerability in Kali Forms Plugin

On March 2nd, 2026, we received a submission through our Bug Bounty Program for a Remote Code Execution vulnerability in Kali Forms, a WordPress plugin with ...

T1190

Wordfence Blog →

Wordfence Blog Vulnerability Disclosure WordPress Apr 10

The Increasing Role of AI in Vulnerability Research

At Wordfence, we run a bug bounty program that pays out mid-six figures per year to researchers in bug bounties for WordPress related vulnerabilities. Fundin...

Wordfence Blog →

Exploit Database Vulnerability Disclosure Apr 10

[local] NetBT e-Fatura - Privilege Escalation

NetBT e-Fatura - Privilege Escalation

T1548

Exploit Database →

Wordfence Blog Vulnerability Disclosure Intel WordPress Apr 9

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 30, 2026 to April 5, 2026)

Last week, there were disclosed in that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPress Se...

Wordfence Blog →

SentinelOne Blog Vulnerability Disclosure Apr 9