{"exported_at":"2026-04-04T17:46:43.403Z","count":437,"iocs":[{"type":"cve","value":"CVE-2026-3502","source":"Security Affairs","article_title":"U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/190341/security/u-s-cisa-adds-a-flaw-in-trueconf-client-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-04-04T16:42:38.000Z"},{"type":"cve","value":"CVE-2026-35616","source":"Help Net Security","article_title":"FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)","article_url":"https://www.helpnetsecurity.com/2026/04/04/forticlient-ems-zero-day-cve-2026-35616/","published_at":"2026-04-04T14:09:54.000Z"},{"type":"cve","value":"CVE-2026-5281","source":"CSO Online","article_title":"Google patches fourth Chrome zero-day so far this year","article_url":"https://www.csoonline.com/article/4154235/google-patches-fourth-chrome-zero-day-so-far-this-year.html","published_at":"2026-04-03T17:29:30.000Z"},{"type":"cve","value":"CVE-2026-2699","source":"SC Media","article_title":"Progress ShareFile vulnerabilities allow unauthenticated file exfiltration","article_url":"https://www.scworld.com/brief/progress-sharefile-vulnerabilities-allow-unauthenticated-file-exfiltration","published_at":"2026-04-03T15:17:56.000Z"},{"type":"cve","value":"CVE-2026-2701","source":"SC Media","article_title":"Progress ShareFile vulnerabilities allow unauthenticated file exfiltration","article_url":"https://www.scworld.com/brief/progress-sharefile-vulnerabilities-allow-unauthenticated-file-exfiltration","published_at":"2026-04-03T15:17:56.000Z"},{"type":"cve","value":"CVE-2026-20093","source":"Help Net Security","article_title":"Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)","article_url":"https://www.helpnetsecurity.com/2026/04/03/cisco-imc-vulnerability-cve-2026-20093/","published_at":"2026-04-03T12:59:22.000Z"},{"type":"cve","value":"CVE-2026-2699","source":"GBHackers","article_title":"New Progress ShareFile Flaws Expose Servers to Unauthorized Remote Takeover","article_url":"https://gbhackers.com/new-progress-sharefile-flaws-expose-servers/","published_at":"2026-04-03T12:52:55.000Z"},{"type":"cve","value":"CVE-2026-2701","source":"GBHackers","article_title":"New Progress ShareFile Flaws Expose Servers to Unauthorized Remote Takeover","article_url":"https://gbhackers.com/new-progress-sharefile-flaws-expose-servers/","published_at":"2026-04-03T12:52:55.000Z"},{"type":"cve","value":"CVE-2026-3502","source":"GBHackers","article_title":"CISA Includes TrueConf Security Flaw in KEV Catalog After Exploitation in the Wild","article_url":"https://gbhackers.com/cisa-includes-trueconf-security-flaw-in-kev-catalog/","published_at":"2026-04-03T10:49:09.000Z"},{"type":"cve","value":"CVE-2025-53521","source":"GBHackers","article_title":"14,000+ F5 BIG-IP APM Instances Exposed Online as Attackers Exploit RCE Vulnerability","article_url":"https://gbhackers.com/14000-f5-big-ip-apm-instances-exposed-online/","published_at":"2026-04-03T10:40:25.000Z"},{"type":"cve","value":"CVE-2025-55182","source":"GBHackers","article_title":"Attackers Abuse React2Shell Flaw to Compromise 700+ Next.js Hosts","article_url":"https://gbhackers.com/attackers-abuse-react2shell-flaw/","published_at":"2026-04-03T06:49:02.000Z"},{"type":"domain","value":"b2b-contenthub.com","source":"CSO Online","article_title":"Die besten XDR-Tools","article_url":"https://www.csoonline.com/article/3492511/extended-detection-and-response-losungendie-11-besten-xdr-tools.html","published_at":"2026-04-03T04:38:00.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2025/02/original2cso_ArtemisDiana.jpg?quality=50&strip=all","source":"CSO Online","article_title":"Die besten XDR-Tools","article_url":"https://www.csoonline.com/article/3492511/extended-detection-and-response-losungendie-11-besten-xdr-tools.html","published_at":"2026-04-03T04:38:00.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2025/02/original2cso_ArtemisDiana.jpg?resize=300%2C168&quality=50&strip=all","source":"CSO Online","article_title":"Die besten XDR-Tools","article_url":"https://www.csoonline.com/article/3492511/extended-detection-and-response-losungendie-11-besten-xdr-tools.html","published_at":"2026-04-03T04:38:00.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2025/02/original2cso_ArtemisDiana.jpg?resize=768%2C432&quality=50&strip=all","source":"CSO Online","article_title":"Die besten XDR-Tools","article_url":"https://www.csoonline.com/article/3492511/extended-detection-and-response-losungendie-11-besten-xdr-tools.html","published_at":"2026-04-03T04:38:00.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2025/02/original2cso_ArtemisDiana.jpg?resize=1024%2C576&quality=50&strip=all","source":"CSO Online","article_title":"Die besten XDR-Tools","article_url":"https://www.csoonline.com/article/3492511/extended-detection-and-response-losungendie-11-besten-xdr-tools.html","published_at":"2026-04-03T04:38:00.000Z"},{"type":"domain","value":"mend.io","source":"Help Net Security","article_title":"New infosec products of the month: March 2026","article_url":"https://www.helpnetsecurity.com/2026/04/03/new-infosec-products-of-the-month-march-2026/","published_at":"2026-04-03T04:00:58.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9878,","source":"SANS ISC","article_title":"ISC Stormcast For Friday, April 3rd, 2026 https://isc.sans.edu/podcastdetail/9878, (Fri, Apr 3rd)","article_url":"https://isc.sans.edu/diary/rss/32862","published_at":"2026-04-03T02:00:02.000Z"},{"type":"cve","value":"CVE-2026-5281","source":"SC Media","article_title":"Actively exploited Chrome zero-day patched","article_url":"https://www.scworld.com/brief/actively-exploited-chrome-zero-day-patched","published_at":"2026-04-02T23:11:21.000Z"},{"type":"cve","value":"CVE-2026-20093","source":"CSO Online","article_title":"Cisco fixes critical IMC auth bypass present in many products","article_url":"https://www.csoonline.com/article/4154052/cisco-fixes-critical-imc-auth-bypass-present-in-many-products.html","published_at":"2026-04-02T22:26:37.000Z"},{"type":"cve","value":"CVE-2025-55182","source":"The Hacker News","article_title":"Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials","article_url":"https://thehackernews.com/2026/04/hackers-exploit-cve-2025-55182-to.html","published_at":"2026-04-02T19:30:00.000Z"},{"type":"cve","value":"CVE-2026-20093","source":"Security Affairs","article_title":"Cisco fixed critical and high-severity flaws","article_url":"https://securityaffairs.com/190295/security/cisco-fixed-critical-and-high-severity-flaws.html","published_at":"2026-04-02T17:04:38.000Z"},{"type":"cve","value":"CVE-2026-20093","source":"The Hacker News","article_title":"Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise","article_url":"https://thehackernews.com/2026/04/cisco-patches-98-cvss-imc-and-ssm-flaws.html","published_at":"2026-04-02T15:21:00.000Z"},{"type":"url","value":"https://github.com/vitejs/vite].","source":"SANS ISC","article_title":"Attempts to Exploit Exposed \"Vite\" Installs (CVE-2025-30208), (Thu, Apr 2nd)","article_url":"https://isc.sans.edu/diary/rss/32860","published_at":"2026-04-02T14:49:00.000Z"},{"type":"cve","value":"CVE-2025-30208","source":"SANS ISC","article_title":"Attempts to Exploit Exposed \"Vite\" Installs (CVE-2025-30208), (Thu, Apr 2nd)","article_url":"https://isc.sans.edu/diary/rss/32860","published_at":"2026-04-02T14:49:00.000Z"},{"type":"cve","value":"CVE-2025-7741","source":"CISA Advisories","article_title":"Yokogawa CENTUM VP","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-092-02","published_at":"2026-04-02T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-10492","source":"CISA Advisories","article_title":"Hitachi Energy Ellipse","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-092-03","published_at":"2026-04-02T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-3502","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/04/02/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-04-02T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-5281","source":"GBHackers","article_title":"CISA Issues Alert on Chrome Zero-Day Under Active Exploitation","article_url":"https://gbhackers.com/cisa-alert-on-chrome-zero-day/","published_at":"2026-04-02T09:16:35.000Z"},{"type":"domain","value":"outlook.com","source":"BleepingComputer","article_title":"Microsoft links Classic Outlook issue to email delivery problems","article_url":"https://www.bleepingcomputer.com/news/microsoft/microsoft-links-classic-outlook-bug-to-email-delivery-issues/","published_at":"2026-04-02T09:12:12.000Z"},{"type":"cve","value":"CVE-2026-3502","source":"Help Net Security","article_title":"TrueConf zero-day vulnerability turns its own update process into malware delivery channel","article_url":"https://www.helpnetsecurity.com/2026/04/02/trueconf-zero-day-vulnerability-cyber-espionage/","published_at":"2026-04-02T08:57:18.000Z"},{"type":"cve","value":"CVE-2026-20160","source":"GBHackers","article_title":"Cisco Smart Software Manager Flaw Allowed Arbitrary Command Execution","article_url":"https://gbhackers.com/cisco-smart-software-manager-flaw/","published_at":"2026-04-02T06:50:27.000Z"},{"type":"cve","value":"CVE-2026-1579","source":"GBHackers","article_title":"Critical PX4 Autopilot Vulnerability Let Attackers Gain Control of Drones","article_url":"https://gbhackers.com/critical-px4-autopilot-vulnerability/","published_at":"2026-04-02T06:46:42.000Z"},{"type":"cve","value":"CVE-2026-20093","source":"GBHackers","article_title":"Cisco Warns of Critical IMC Vulnerability Enabling Authentication Bypass","article_url":"https://gbhackers.com/cisco-warns-of-critical-imc-vulnerability/","published_at":"2026-04-02T05:26:45.000Z"},{"type":"cve","value":"CVE-2026-3991","source":"GBHackers","article_title":"Symantec DLP Agent Flaw Exposed Systems to Privilege Escalation Attacks","article_url":"https://gbhackers.com/symantec-dlp-agent-flaw/","published_at":"2026-04-02T05:02:39.000Z"},{"type":"cve","value":"CVE-2026-3775","source":"Zero Day Initiative","article_title":"ZDI-26-251: Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-251/","published_at":"2026-04-02T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-21518","source":"Zero Day Initiative","article_title":"ZDI-26-253: Microsoft Visual Studio Code mcp.json Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-253/","published_at":"2026-04-02T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-4698","source":"Zero Day Initiative","article_title":"ZDI-26-252: Mozilla Firefox IonMonkey Switch Statement Optimization Type Confusion Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-252/","published_at":"2026-04-02T05:00:00.000Z"},{"type":"domain","value":"b2b-contenthub.com","source":"CSO Online","article_title":"Tools, um MCP-Server abzusichern","article_url":"https://www.csoonline.com/article/4093704/tools-um-mcp-server-abzusichern.html","published_at":"2026-04-02T04:00:00.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2025/11/Gorodenkoff_shutterstock_2324952347_16z9.jpg?quality=50&strip=all","source":"CSO Online","article_title":"Tools, um MCP-Server abzusichern","article_url":"https://www.csoonline.com/article/4093704/tools-um-mcp-server-abzusichern.html","published_at":"2026-04-02T04:00:00.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2025/11/Gorodenkoff_shutterstock_2324952347_16z9.jpg?resize=300%2C168&quality=50&strip=all","source":"CSO Online","article_title":"Tools, um MCP-Server abzusichern","article_url":"https://www.csoonline.com/article/4093704/tools-um-mcp-server-abzusichern.html","published_at":"2026-04-02T04:00:00.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2025/11/Gorodenkoff_shutterstock_2324952347_16z9.jpg?resize=768%2C432&quality=50&strip=all","source":"CSO Online","article_title":"Tools, um MCP-Server abzusichern","article_url":"https://www.csoonline.com/article/4093704/tools-um-mcp-server-abzusichern.html","published_at":"2026-04-02T04:00:00.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2025/11/Gorodenkoff_shutterstock_","source":"CSO Online","article_title":"Tools, um MCP-Server abzusichern","article_url":"https://www.csoonline.com/article/4093704/tools-um-mcp-server-abzusichern.html","published_at":"2026-04-02T04:00:00.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9876,","source":"SANS ISC","article_title":"ISC Stormcast For Thursday, April 2nd, 2026 https://isc.sans.edu/podcastdetail/9876, (Thu, Apr 2nd)","article_url":"https://isc.sans.edu/diary/rss/32858","published_at":"2026-04-02T02:00:02.000Z"},{"type":"cve","value":"CVE-2026-5281","source":"Security Affairs","article_title":"U.S. CISA adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/190282/security/u-s-cisa-adds-a-flaw-in-google-dawn-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-04-01T23:30:12.000Z"},{"type":"cve","value":"CVE-2026-5281","source":"Security Affairs","article_title":"Google fixes fourth actively exploited Chrome zero-day of 2026","article_url":"https://securityaffairs.com/190265/hacking/google-fixes-fourth-actively-exploited-chrome-zero-day-of-2026.html","published_at":"2026-04-01T20:41:11.000Z"},{"type":"cve","value":"CVE-2026-3502","source":"SC Media","article_title":"Attacks with TrueConf zero-day hit Southeast Asian governments","article_url":"https://www.scworld.com/brief/attacks-with-trueconf-zero-day-hit-southeast-asian-governments","published_at":"2026-04-01T15:53:54.000Z"},{"type":"cve","value":"CVE-2026-5281","source":"SecurityWeek","article_title":"Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome","article_url":"https://www.securityweek.com/exploited-zero-day-among-21-vulnerabilities-patched-in-chrome/","published_at":"2026-04-01T14:36:39.000Z"},{"type":"cve","value":"CVE-2026-5281","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/04/01/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-04-01T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-5281","source":"The Hacker News","article_title":"New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released","article_url":"https://thehackernews.com/2026/04/new-chrome-zero-day-cve-2026-5281-under.html","published_at":"2026-04-01T11:42:00.000Z"},{"type":"cve","value":"CVE-2026-5281","source":"Help Net Security","article_title":"Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)","article_url":"https://www.helpnetsecurity.com/2026/04/01/google-chrome-zero-day-cve-2026-5281/","published_at":"2026-04-01T11:27:11.000Z"},{"type":"cve","value":"CVE-2026-34982","source":"GBHackers","article_title":"Vim Modeline Vulnerability Opens Door to Arbitrary OS Command Execution","article_url":"https://gbhackers.com/vim-modeline-vulnerability-arbitrary-os-command-execution/","published_at":"2026-04-01T11:15:17.000Z"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Hacker zielen auf Exilportal Iranwire","article_url":"https://www.csoonline.com/article/4153080/hacker-zielen-auf-exilportal-iranwire-2.html","published_at":"2026-04-01T10:56:52.000Z"},{"type":"cve","value":"CVE-2026-33026","source":"GBHackers","article_title":"PoC Exploit Code Published for nginx-ui Backup Restore Security Flaw","article_url":"https://gbhackers.com/poc-exploit-code-published-for-nginx-ui/","published_at":"2026-04-01T08:46:12.000Z"},{"type":"cve","value":"CVE-2026-3502","source":"GBHackers","article_title":"TrueConf Vulnerability Under Active Exploitation in Southeast Asia Government Attacks","article_url":"https://gbhackers.com/trueconf-vulnerability-under-active-exploitation/","published_at":"2026-04-01T06:12:29.000Z"},{"type":"cve","value":"CVE-2026-21962","source":"GBHackers","article_title":"Hackers Actively Exploit Critical WebLogic RCE Vulnerabilities in Ongoing Attacks","article_url":"https://gbhackers.com/hackers-exploit-critical-weblogic-rce-vulnerabilities/","published_at":"2026-04-01T04:48:30.000Z"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Attack Surface Management – ein Kaufratgeber","article_url":"https://www.csoonline.com/article/3492897/attack-surface-management-losungen-9-tools-um-ihre-angriffsflache-zu-managen.html","published_at":"2026-04-01T04:00:00.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9874,","source":"SANS ISC","article_title":"ISC Stormcast For Wednesday, April 1st, 2026 https://isc.sans.edu/podcastdetail/9874, (Wed, Apr 1st)","article_url":"https://isc.sans.edu/diary/rss/32852","published_at":"2026-04-01T02:05:11.000Z"},{"type":"domain","value":"gmail.com","source":"BleepingComputer","article_title":"Google now allows you to change your @gmail.com address","article_url":"https://www.bleepingcomputer.com/news/google/google-now-allows-you-to-change-your-gmailcom-address/","published_at":"2026-03-31T23:13:56.000Z"},{"type":"cve","value":"CVE-2026-21643","source":"SC Media","article_title":"Critical Fortinet FortiClient EMS vulnerability under attack","article_url":"https://www.scworld.com/brief/critical-fortinet-forticlient-ems-vulnerability-under-attack","published_at":"2026-03-31T20:35:19.000Z"},{"type":"cve","value":"CVE-2025-53521","source":"CSO Online","article_title":"5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild","article_url":"https://www.csoonline.com/article/4152658/5-month-old-f5-big-ip-dos-bug-becomes-critical-rce-exploited-in-the-wild.html","published_at":"2026-03-31T18:46:36.000Z"},{"type":"cve","value":"CVE-2025-53521","source":"SC Media","article_title":"F5 BIG-IP APM systems vulnerable to critical remote code execution flaw","article_url":"https://www.scworld.com/brief/f5-big-ip-apm-systems-vulnerable-to-critical-remote-code-execution-flaw","published_at":"2026-03-31T17:46:36.000Z"},{"type":"cve","value":"CVE-2026-3502","source":"The Hacker News","article_title":"TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks","article_url":"https://thehackernews.com/2026/03/trueconf-zero-day-exploited-in-attacks.html","published_at":"2026-03-31T16:03:00.000Z"},{"type":"cve","value":"CVE-2026-3502","source":"Check Point Research","article_title":"Operation TrueChaos: 0-Day Exploitation Against Southeast Asian Government Targets","article_url":"https://research.checkpoint.com/2026/operation-truechaos-0-day-exploitation-against-southeast-asian-government-targets/","published_at":"2026-03-31T13:16:50.000Z"},{"type":"cve","value":"CVE-2026-3356","source":"CISA Advisories","article_title":"Anritsu Remote Spectrum Monitor","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-090-01","published_at":"2026-03-31T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-53521","source":"HackRead","article_title":"Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild","article_url":"https://hackread.com/critical-f5-big-ip-flaw-upgrad-to-9-8-rce-exploited/","published_at":"2026-03-31T11:36:21.000Z"},{"type":"cve","value":"CVE-2026-3055","source":"Security Affairs","article_title":"U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/190197/security/u-s-cisa-adds-a-flaw-in-citrix-netscaler-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-03-31T09:31:41.000Z"},{"type":"cve","value":"CVE-2025-53521","source":"Infosecurity Magazine","article_title":"NCSC Urges Immediate Patching of F5 BIG-IP Bug","article_url":"https://www.infosecurity-magazine.com/news/ncsc-urges-immediate-patching-f5/","published_at":"2026-03-31T08:45:00.000Z"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Fahndung nach Cyberkriminellen – 130 Firmen attackiert","article_url":"https://www.csoonline.com/article/4152271/fahndung-nach-cyberkriminellen-130-firmen-attackiert-2.html","published_at":"2026-03-31T07:16:58.000Z"},{"type":"cve","value":"CVE-2026-20929","source":"CrowdStrike Blog","article_title":"Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse","article_url":"https://www.crowdstrike.com/en-us/blog/detecting-kerberos-relay-attack-via-dns-cname-abuse/","published_at":"2026-03-31T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-23092","source":"Zero Day Initiative","article_title":"ZDI-26-250: Linux Kernel Analog Device Driver Improper Validation of Array Index Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-250/","published_at":"2026-03-31T05:00:00.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9872,","source":"SANS ISC","article_title":"ISC Stormcast For Tuesday, March 31st, 2026 https://isc.sans.edu/podcastdetail/9872, (Tue, Mar 31st)","article_url":"https://isc.sans.edu/diary/rss/32848","published_at":"2026-03-31T02:00:02.000Z"},{"type":"cve","value":"CVE-2026-21643","source":"CSO Online","article_title":"Fortinet hit by another exploited cybersecurity flaw","article_url":"https://www.csoonline.com/article/4152117/fortinet-hit-by-another-exploited-cybersecurity-flaw.html","published_at":"2026-03-30T23:19:24.000Z"},{"type":"cve","value":"CVE-2026-3055","source":"BleepingComputer","article_title":"Critical Citrix NetScaler memory flaw actively exploited in attacks","article_url":"https://www.bleepingcomputer.com/news/security/critical-citrix-netscaler-memory-flaw-actively-exploited-in-attacks/","published_at":"2026-03-30T18:28:37.000Z"},{"type":"cve","value":"CVE-2026-21643","source":"Help Net Security","article_title":"Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)","article_url":"https://www.helpnetsecurity.com/2026/03/30/forticlient-ems-cve-2026-21643-reported-exploitation/","published_at":"2026-03-30T12:19:10.000Z"},{"type":"cve","value":"CVE-2026-3055","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/30/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-03-30T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-3055","source":"Infosecurity Magazine","article_title":"Critical Citrix NetScaler Vulnerability Exploited in the Wild","article_url":"https://www.infosecurity-magazine.com/news/critical-citrix-netscaler/","published_at":"2026-03-30T10:45:00.000Z"},{"type":"cve","value":"CVE-2026-21643","source":"Security Affairs","article_title":"Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution","article_url":"https://securityaffairs.com/190158/security/critical-fortinet-forticlient-ems-flaw-exploited-for-remote-code-execution.html","published_at":"2026-03-30T10:43:26.000Z"},{"type":"cve","value":"CVE-2026-21643","source":"GBHackers","article_title":"Critical Fortinet FortiClient EMS Vulnerability Actively Exploited in Attacks","article_url":"https://gbhackers.com/critical-fortinet-forticlient-ems-vulnerability-2/","published_at":"2026-03-30T09:38:45.000Z"},{"type":"cve","value":"CVE-2026-3055","source":"GBHackers","article_title":"Hackers Probe Citrix NetScaler Systems Ahead of Suspected CVE-2026-3055 Exploitation","article_url":"https://gbhackers.com/hackers-probe-citrix-netscaler-systems-cve-2026-3055-exploitation/","published_at":"2026-03-30T05:41:24.000Z"},{"type":"cve","value":"CVE-2026-20695","source":"Zero Day Initiative","article_title":"ZDI-26-231: Apple macOS Exposure of Sensitive Information to Unauthorized Sphere Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-231/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-20690","source":"Zero Day Initiative","article_title":"ZDI-26-230: Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-230/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-3691","source":"Zero Day Initiative","article_title":"ZDI-26-229: OpenClaw Client PKCE Verifier Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-229/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-3690","source":"Zero Day Initiative","article_title":"ZDI-26-228: OpenClaw Canvas Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-228/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-3689","source":"Zero Day Initiative","article_title":"ZDI-26-227: OpenClaw Canvas Path Traversal Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-227/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2024-13088","source":"Zero Day Initiative","article_title":"ZDI-26-244: (Pwn2Own) QNAP QHora-322 miro_webserver_controllers_api_login_singIn Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-244/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-62842","source":"Zero Day Initiative","article_title":"ZDI-26-243: (Pwn2Own) QNAP TS-453E write_file_to_svr External Control of File Path Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-243/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-62840","source":"Zero Day Initiative","article_title":"ZDI-26-242: (Pwn2Own) QNAP TS-453E server_handlers.pyc rr2s.kwargs Error Message Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-242/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-62846","source":"Zero Day Initiative","article_title":"ZDI-26-241: (Pwn2Own) QNAP QHora-322 qvpn_db_mgr username SQL Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-241/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-62845","source":"Zero Day Initiative","article_title":"ZDI-26-240: (Pwn2Own) QNAP QHora-322 qvpn_db_mgr role_type Improper Neutralization of Escape Sequences Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-240/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-62844","source":"Zero Day Initiative","article_title":"ZDI-26-239: (Pwn2Own) QNAP QHora-322 login.newAuthMiddleware.Authenticator Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-239/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2023-6270","source":"Zero Day Initiative","article_title":"ZDI-26-238: Linux Kernel AoE Driver Use-After-Free Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-238/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-62843","source":"Zero Day Initiative","article_title":"ZDI-26-237: (Pwn2Own) QNAP QHora-322  ip6_wanifset Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-237/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-0954","source":"Zero Day Initiative","article_title":"ZDI-26-236: Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-236/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-0957","source":"Zero Day Initiative","article_title":"ZDI-26-235: Digilent DASYLab DSA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-235/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-0956","source":"Zero Day Initiative","article_title":"ZDI-26-234: Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-234/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-0955","source":"Zero Day Initiative","article_title":"ZDI-26-233: Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-233/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-40277","source":"Zero Day Initiative","article_title":"ZDI-26-232: (Pwn2Own) Red Hat Enterprise Linux vmwgfx Driver Integer Overflow Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-232/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-5058","source":"Zero Day Initiative","article_title":"ZDI-26-246: (0Day) aws-mcp-server Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-246/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-5059","source":"Zero Day Initiative","article_title":"ZDI-26-245: (0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-245/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-5055","source":"Zero Day Initiative","article_title":"ZDI-26-249: NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-249/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-5054","source":"Zero Day Initiative","article_title":"ZDI-26-248: NoMachine External Control of File Path Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-248/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-5053","source":"Zero Day Initiative","article_title":"ZDI-26-247: NoMachine External Control of File Path Arbitrary File Deletion Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-247/","published_at":"2026-03-30T05:00:00.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9870,","source":"SANS ISC","article_title":"ISC Stormcast For Monday, March 30th, 2026 https://isc.sans.edu/podcastdetail/9870, (Mon, Mar 30th)","article_url":"https://isc.sans.edu/diary/rss/32844","published_at":"2026-03-30T02:00:02.000Z"},{"type":"domain","value":"rawpixel.com","source":"CSO Online","article_title":"Data Security Posture Management: Die besten DSPM-Tools","article_url":"https://www.csoonline.com/article/3493645/data-security-posture-management-die-besten-dspm-tools.html","published_at":"2026-03-30T00:07:00.000Z"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Data Security Posture Management: Die besten DSPM-Tools","article_url":"https://www.csoonline.com/article/3493645/data-security-posture-management-die-besten-dspm-tools.html","published_at":"2026-03-30T00:07:00.000Z"},{"type":"cve","value":"CVE-2026-3055","source":"Security Affairs","article_title":"Urgent Alert: NetScaler bug CVE-2026-3055 probed by attackers could leak sensitive data","article_url":"https://securityaffairs.com/190131/hacking/urgent-alert-netscaler-bug-cve-2026-3055-probed-by-attackers-could-leak-sensitive-data.html","published_at":"2026-03-29T13:33:57.000Z"},{"type":"cve","value":"CVE-2026-3055","source":"The Hacker News","article_title":"Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug","article_url":"https://thehackernews.com/2026/03/citrix-netscaler-under-active-recon-for.html","published_at":"2026-03-28T09:11:00.000Z"},{"type":"cve","value":"CVE-2025-53521","source":"Help Net Security","article_title":"Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)","article_url":"https://www.helpnetsecurity.com/2026/03/28/big-ip-apm-vulnerability-cve-2025-53521-exploited/","published_at":"2026-03-28T09:02:09.000Z"},{"type":"cve","value":"CVE-2025-53521","source":"Security Affairs","article_title":"U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/190076/uncategorized/u-s-cisa-adds-a-flaw-in-f5-big-ip-amp-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-03-28T07:33:15.000Z"},{"type":"cve","value":"CVE-2025-53521","source":"The Hacker News","article_title":"CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation","article_url":"https://thehackernews.com/2026/03/cisa-adds-cve-2025-53521-to-kev-after.html","published_at":"2026-03-28T07:07:00.000Z"},{"type":"cve","value":"CVE-2026-4681","source":"Security Affairs","article_title":"CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw","article_url":"https://securityaffairs.com/190049/security/cisa-and-bsi-warn-orgs-of-critical-ptc-windchill-and-flexplm-flaw.html","published_at":"2026-03-27T14:58:30.000Z"},{"type":"cve","value":"CVE-2025-53521","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/27/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-03-27T12:00:00.000Z"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Cyberangriff auf die Linke","article_url":"https://www.csoonline.com/article/4151169/cyberangriff-auf-die-linke.html","published_at":"2026-03-27T10:58:49.000Z"},{"type":"cve","value":"CVE-2026-33017","source":"Help Net Security","article_title":"CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation","article_url":"https://www.helpnetsecurity.com/2026/03/27/cve-2026-33017-cve-2026-33634-exploited/","published_at":"2026-03-27T10:43:12.000Z"},{"type":"cve","value":"CVE-2026-33634","source":"Help Net Security","article_title":"CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation","article_url":"https://www.helpnetsecurity.com/2026/03/27/cve-2026-33017-cve-2026-33634-exploited/","published_at":"2026-03-27T10:43:12.000Z"},{"type":"cve","value":"CVE-2026-33634","source":"Security Affairs","article_title":"U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/190044/security/u-s-cisa-adds-an-aquasecurity-trivy-flaw-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-03-27T10:14:48.000Z"},{"type":"cve","value":"CVE-2026-33634","source":"GBHackers","article_title":"CISA Adds Critical Aquasecurity Trivy Scanner Vulnerability to KEV Catalog","article_url":"https://gbhackers.com/cisa-adds-critical-aquasecurity-trivy-scanner-vulnerability/","published_at":"2026-03-27T09:47:59.000Z"},{"type":"cve","value":"CVE-2026-4681","source":"SecurityWeek","article_title":"CISA Flags Critical PTC Vulnerability That Had German Police Mobilized","article_url":"https://www.securityweek.com/cisa-flags-critical-ptc-vulnerability-that-had-german-police-mobilized/","published_at":"2026-03-27T09:21:14.000Z"},{"type":"cve","value":"CVE-2026-20817","source":"GBHackers","article_title":"Windows Error Reporting Vulnerability Exposes Systems to Privilege Escalation, Allowing SYSTEM Access","article_url":"https://gbhackers.com/windows-error-reporting-vulnerability/","published_at":"2026-03-27T06:26:21.000Z"},{"type":"cve","value":"CVE-2026-3608","source":"GBHackers","article_title":"ISC Issues Critical Warning Over Kea DHCP Vulnerability That Could Remotely Crash Services","article_url":"https://gbhackers.com/isc-issues-critical-warning-over-kea-dhcp-vulnerability/","published_at":"2026-03-27T05:08:47.000Z"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Was ist Social Engineering?","article_url":"https://www.csoonline.com/article/3491733/was-ist-social-engineering.html","published_at":"2026-03-27T03:36:00.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9868,","source":"SANS ISC","article_title":"ISC Stormcast For Friday, March 27th, 2026 https://isc.sans.edu/podcastdetail/9868, (Fri, Mar 27th)","article_url":"https://isc.sans.edu/diary/rss/32836","published_at":"2026-03-27T02:00:02.000Z"},{"type":"cve","value":"CVE-2026-33017","source":"Security Affairs","article_title":"U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog","article_url":"https://securityaffairs.com/190018/security/u-s-cisa-adds-a-langflow-flaw-to-its-known-exploited-vulnerabilities-catalog.html","published_at":"2026-03-26T21:05:01.000Z"},{"type":"cve","value":"CVE-2026-33017","source":"BleepingComputer","article_title":"CISA: New Langflow flaw actively exploited to hijack AI workflows","article_url":"https://www.bleepingcomputer.com/news/security/cisa-new-langflow-flaw-actively-exploited-to-hijack-ai-workflows/","published_at":"2026-03-26T19:17:43.000Z"},{"type":"domain","value":"booking.com","source":"GBHackers","article_title":"New ClickFix Attack Exploits Windows Run Dialog and macOS Terminal to Deploy Malware","article_url":"https://gbhackers.com/clickfix-attack-exploits-windows/","published_at":"2026-03-26T15:07:22.000Z"},{"type":"cve","value":"CVE-2026-33017","source":"GBHackers","article_title":"CISA Issues Urgent Warning on Langflow Code Injection Vulnerability Actively Exploited in Attacks","article_url":"https://gbhackers.com/cisa-issues-urgent-warning-on-langflow-code-injection-vulnerability/","published_at":"2026-03-26T12:15:31.000Z"},{"type":"cve","value":"CVE-2026-3587","source":"CISA Advisories","article_title":"WAGO GmbH & Co. KG Industrial Managed Switches","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-085-01","published_at":"2026-03-26T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-4681","source":"CISA Advisories","article_title":"PTC Windchill Product Lifecycle Management","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-085-03","published_at":"2026-03-26T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-70614","source":"CISA Advisories","article_title":"OpenCode Systems OC Messaging and USSD Gateway","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-085-02","published_at":"2026-03-26T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-33634","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/26/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-03-26T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-1995","source":"GBHackers","article_title":"IDrive for Windows Vulnerability Allows Attackers to Escalate Privileges and Gain Unauthorized Access","article_url":"https://gbhackers.com/idrive-for-windows-vulnerability/","published_at":"2026-03-26T09:03:09.000Z"},{"type":"cve","value":"CVE-2023-32434","source":"Kaspersky Securelist","article_title":"Coruna: the framework used in Operation Triangulation","article_url":"https://securelist.com/coruna-framework-updated-operation-triangulation-exploit/119228/","published_at":"2026-03-26T08:00:19.000Z"},{"type":"cve","value":"CVE-2023-38606","source":"Kaspersky Securelist","article_title":"Coruna: the framework used in Operation Triangulation","article_url":"https://securelist.com/coruna-framework-updated-operation-triangulation-exploit/119228/","published_at":"2026-03-26T08:00:19.000Z"},{"type":"cve","value":"CVE-2026-33634","source":"GBHackers","article_title":"Microsoft Unveils New Guidance to Detect and Defend Against Trivy Supply Chain Attack","article_url":"https://gbhackers.com/microsoft-to-detect-defend-against-trivy-supply-chain-attack/","published_at":"2026-03-26T06:47:09.000Z"},{"type":"cve","value":"CVE-2026-20131","source":"GBHackers","article_title":"Cisco Secure Firewall Vulnerability Exposes Systems to Remote Code Execution by Attackers","article_url":"https://gbhackers.com/cisco-secure-firewall-vulnerability-3/","published_at":"2026-03-26T04:56:59.000Z"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"10 essenzielle Maßnahmen für physische Sicherheit","article_url":"https://www.csoonline.com/article/3493920/10-essenzielle-masnahmen-fur-physische-sicherheit.html","published_at":"2026-03-26T04:01:00.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9866,","source":"SANS ISC","article_title":"ISC Stormcast For Thursday, March 26th, 2026 https://isc.sans.edu/podcastdetail/9866, (Thu, Mar 26th)","article_url":"https://isc.sans.edu/diary/rss/32832","published_at":"2026-03-26T02:00:02.000Z"},{"type":"cve","value":"CVE-2026-3055","source":"CSO Online","article_title":"New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert","article_url":"https://www.csoonline.com/article/4150224/new-critical-citrix-netscaler-hole-of-similar-severity-to-citrixbleed2-says-expert.html","published_at":"2026-03-25T23:55:18.000Z"},{"type":"cve","value":"CVE-2026-20114","source":"CSO Online","article_title":"Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service","article_url":"https://www.csoonline.com/article/4150185/chained-vulnerabilities-in-cisco-catalyst-switches-could-induce-denial-of-service-2.html","published_at":"2026-03-25T18:28:24.000Z"},{"type":"cve","value":"CVE-2026-20110","source":"CSO Online","article_title":"Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service","article_url":"https://www.csoonline.com/article/4150185/chained-vulnerabilities-in-cisco-catalyst-switches-could-induce-denial-of-service-2.html","published_at":"2026-03-25T18:28:24.000Z"},{"type":"cve","value":"CVE-2025-15517","source":"Security Affairs","article_title":"Patch now: TP-Link Archer NX routers vulnerable to firmware takeover","article_url":"https://securityaffairs.com/189980/iot/patch-now-tp-link-archer-nx-routers-vulnerable-to-firmware-takeover.html","published_at":"2026-03-25T14:44:41.000Z"},{"type":"cve","value":"CVE-2026-4404","source":"GBHackers","article_title":"GoHarbor Issues Urgent Patch for Harbor Flaw Allowing Full Registry Compromise","article_url":"https://gbhackers.com/goharbor-issues-urgent-patch/","published_at":"2026-03-25T12:15:38.000Z"},{"type":"cve","value":"CVE-2026-33017","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/25/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-03-25T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-32647","source":"GBHackers","article_title":"F5 NGINX Plus & Open‑Source Flaw Lets Attackers Execute Code via MP4 File","article_url":"https://gbhackers.com/f5-nginx-plus-open-source-flaw/","published_at":"2026-03-25T10:59:25.000Z"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"Empathie trifft IT-Sicherheit: Der Weg zu gelebter Compliance","article_url":"https://www.csoonline.com/article/4025731/empathie-trifft-it-sicherheit-der-weg-zu-gelebter-compliance.html","published_at":"2026-03-25T04:00:00.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9864,","source":"SANS ISC","article_title":"ISC Stormcast For Wednesday, March 25th, 2026 https://isc.sans.edu/podcastdetail/9864, (Wed, Mar 25th)","article_url":"https://isc.sans.edu/diary/rss/32828","published_at":"2026-03-25T02:00:03.000Z"},{"type":"domain","value":"sekoia.io","source":"SC Media","article_title":"Sekoia.io's Georges Bossert on avoiding making SOCs faster at being wrong","article_url":"https://www.scworld.com/resource/sekoia-ios-georges-bossert-on-avoiding-making-socs-faster-at-being-wrong","published_at":"2026-03-25T01:08:54.000Z"},{"type":"domain","value":"booking.com","source":"Recorded Future","article_title":"ClickFix Campaigns Targeting Windows and macOS","article_url":"https://www.recordedfuture.com/research/clickfix-campaigns-targeting-windows-and-macos","published_at":"2026-03-25T00:00:00.000Z"},{"type":"domain","value":"b2b-contenthub.com","source":"CSO Online","article_title":"DDoS-Angriffe haben sich verdoppelt","article_url":"https://www.csoonline.com/article/4149357/ddos-angriffe-haben-sich-verdoppelt.html","published_at":"2026-03-24T13:38:11.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2026/03/DDoS-Attack-COunt_16-9.png?quality=50&strip=all","source":"CSO Online","article_title":"DDoS-Angriffe haben sich verdoppelt","article_url":"https://www.csoonline.com/article/4149357/ddos-angriffe-haben-sich-verdoppelt.html","published_at":"2026-03-24T13:38:11.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2026/03/DDoS-Attack-COunt_16-9.png?resize=300%2C168&quality=50&strip=all","source":"CSO Online","article_title":"DDoS-Angriffe haben sich verdoppelt","article_url":"https://www.csoonline.com/article/4149357/ddos-angriffe-haben-sich-verdoppelt.html","published_at":"2026-03-24T13:38:11.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2026/03/DDoS-Attack-COunt_16-9.png?resize=768%2C432&quality=50&strip=all","source":"CSO Online","article_title":"DDoS-Angriffe haben sich verdoppelt","article_url":"https://www.csoonline.com/article/4149357/ddos-angriffe-haben-sich-verdoppelt.html","published_at":"2026-03-24T13:38:11.000Z"},{"type":"url","value":"https://b2b-contenthub.com/wp-content/uploads/2026/03/DDoS-Attack-COunt_16-9.png?resize=1024%2C576&quality=50&strip=all","source":"CSO Online","article_title":"DDoS-Angriffe haben sich verdoppelt","article_url":"https://www.csoonline.com/article/4149357/ddos-angriffe-haben-sich-verdoppelt.html","published_at":"2026-03-24T13:38:11.000Z"},{"type":"cve","value":"CVE-2026-3055","source":"Security Affairs","article_title":"Citrix NetScaler critical flaw could leak data, update now","article_url":"https://securityaffairs.com/189908/security/citrix-netscaler-critical-flaw-could-leak-data-update-now.html","published_at":"2026-03-24T12:46:49.000Z"},{"type":"cve","value":"CVE-2026-2417","source":"CISA Advisories","article_title":"Pharos Controls Mosaic Show Controller","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-083-01","published_at":"2026-03-24T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-49844","source":"CISA Advisories","article_title":"Schneider Electric Plant iT/Brewmaxx","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-083-03","published_at":"2026-03-24T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-46817","source":"CISA Advisories","article_title":"Schneider Electric Plant iT/Brewmaxx","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-083-03","published_at":"2026-03-24T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-46818","source":"CISA Advisories","article_title":"Schneider Electric Plant iT/Brewmaxx","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-083-03","published_at":"2026-03-24T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-46819","source":"CISA Advisories","article_title":"Schneider Electric Plant iT/Brewmaxx","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-083-03","published_at":"2026-03-24T12:00:00.000Z"},{"type":"domain","value":"www.se.com","source":"CISA Advisories","article_title":"Schneider Electric EcoStruxure Foxboro DCS","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-083-02","published_at":"2026-03-24T12:00:00.000Z"},{"type":"url","value":"https://www.se.com/ww/en/product-range/63680-ecostruxure-foxboro-dcs/](https://www.se.com/ww/en/product-range/63680-ecostruxure-foxboro-dcs/))","source":"CISA Advisories","article_title":"Schneider Electric EcoStruxure Foxboro DCS","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-083-02","published_at":"2026-03-24T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-3650","source":"CISA Advisories","article_title":"Grassroots DICOM (GDCM)","article_url":"https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-083-01","published_at":"2026-03-24T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-3055","source":"The Hacker News","article_title":"Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks","article_url":"https://thehackernews.com/2026/03/citrix-urges-patching-critical.html","published_at":"2026-03-24T05:59:00.000Z"},{"type":"cve","value":"CVE-2026-4368","source":"The Hacker News","article_title":"Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks","article_url":"https://thehackernews.com/2026/03/citrix-urges-patching-critical.html","published_at":"2026-03-24T05:59:00.000Z"},{"type":"domain","value":"shutterstock.com","source":"CSO Online","article_title":"ISO und ISMS: Darum gehen Security-Zertifizierungen schief","article_url":"https://www.csoonline.com/article/3495826/iso-und-isms-darum-gehen-security-zertifizierungen-schief.html","published_at":"2026-03-24T03:34:00.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9862,","source":"SANS ISC","article_title":"ISC Stormcast For Tuesday, March 24th, 2026 https://isc.sans.edu/podcastdetail/9862, (Tue, Mar 24th)","article_url":"https://isc.sans.edu/diary/rss/32822","published_at":"2026-03-24T02:00:02.000Z"},{"type":"cve","value":"CVE-2025-62843","source":"Security Affairs","article_title":"QNAP fixed four vulnerabilities demonstrated at Pwn2Own Ireland 2025","article_url":"https://securityaffairs.com/189871/security/qnap-fixed-four-vulnerabilities-demonstrated-at-pwn2own-ireland-2025.html","published_at":"2026-03-23T20:49:23.000Z"},{"type":"cve","value":"CVE-2025-62846","source":"Security Affairs","article_title":"QNAP fixed four vulnerabilities demonstrated at Pwn2Own Ireland 2025","article_url":"https://securityaffairs.com/189871/security/qnap-fixed-four-vulnerabilities-demonstrated-at-pwn2own-ireland-2025.html","published_at":"2026-03-23T20:49:23.000Z"},{"type":"cve","value":"CVE-2026-3055","source":"Rapid7 Blog","article_title":"CVE-2026-3055: Citrix NetScaler ADC and NetScaler Gateway Out-of-Bounds Read","article_url":"https://www.rapid7.com/blog/post/etr-cve-2026-3055-citrix-netscaler-adc-and-netscaler-gateway-out-of-bounds-read","published_at":"2026-03-23T19:30:51.000Z"},{"type":"cve","value":"CVE-2026-20131","source":"Infosecurity Magazine","article_title":"CISA Orders US Government to Patch Maximum Severity Cisco Flaw","article_url":"https://www.infosecurity-magazine.com/news/cisa-orders-us-government-patch/","published_at":"2026-03-23T10:30:00.000Z"},{"type":"cve","value":"CVE-2025-32975","source":"The Hacker News","article_title":"Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems","article_url":"https://thehackernews.com/2026/03/hackers-exploit-cve-2025-32975-cvss-100.html","published_at":"2026-03-23T06:15:00.000Z"},{"type":"cve","value":"CVE-2025-58487","source":"Zero Day Initiative","article_title":"ZDI-26-225: (Pwn2Own) Samsung Galaxy S25 Samsung Account Open Redirect Security Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-225/","published_at":"2026-03-23T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-58486","source":"Zero Day Initiative","article_title":"ZDI-26-224: (Pwn2Own) Samsung Galaxy S25 Samsung Account Cross-Site Scripting Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-224/","published_at":"2026-03-23T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-58488","source":"Zero Day Initiative","article_title":"ZDI-26-223: (Pwn2Own) Samsung Galaxy S25 Smart Touch Call Application Protection Mechanism Failure Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-223/","published_at":"2026-03-23T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-14233","source":"Zero Day Initiative","article_title":"ZDI-26-222: (Pwn2Own) Canon imageCLASS MF654Cdw BJNP Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-222/","published_at":"2026-03-23T05:00:00.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9860,","source":"SANS ISC","article_title":"ISC Stormcast For Monday, March 23rd, 2026 https://isc.sans.edu/podcastdetail/9860, (Mon, Mar 23rd)","article_url":"https://isc.sans.edu/diary/rss/32818","published_at":"2026-03-23T02:00:02.000Z"},{"type":"cve","value":"CVE-2026-21992","source":"The Hacker News","article_title":"Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager","article_url":"https://thehackernews.com/2026/03/oracle-patches-critical-cve-2026-21992.html","published_at":"2026-03-21T10:24:00.000Z"},{"type":"cve","value":"CVE-2025-31277","source":"The Hacker News","article_title":"CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026","article_url":"https://thehackernews.com/2026/03/cisa-flags-apple-craft-cms-laravel-bugs.html","published_at":"2026-03-21T08:25:00.000Z"},{"type":"cve","value":"CVE-2026-33017","source":"The Hacker News","article_title":"Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure","article_url":"https://thehackernews.com/2026/03/critical-langflow-flaw-cve-2026-33017.html","published_at":"2026-03-20T15:15:00.000Z"},{"type":"domain","value":"app.gainsight.com","source":"Rapid7 Blog","article_title":"CVE-2026-31381, CVE-2026-31382: Gainsight Assist Information Disclosure and Cross-Site Scripting (FIXED)","article_url":"https://www.rapid7.com/blog/post/ve-cve-2026-31381-cve-2026-31382-gainsight-assist-information-disclosure-xss-fixed","published_at":"2026-03-20T13:00:00.000Z"},{"type":"cve","value":"CVE-2026-31381","source":"Rapid7 Blog","article_title":"CVE-2026-31381, CVE-2026-31382: Gainsight Assist Information Disclosure and Cross-Site Scripting (FIXED)","article_url":"https://www.rapid7.com/blog/post/ve-cve-2026-31381-cve-2026-31382-gainsight-assist-information-disclosure-xss-fixed","published_at":"2026-03-20T13:00:00.000Z"},{"type":"cve","value":"CVE-2026-31382","source":"Rapid7 Blog","article_title":"CVE-2026-31381, CVE-2026-31382: Gainsight Assist Information Disclosure and Cross-Site Scripting (FIXED)","article_url":"https://www.rapid7.com/blog/post/ve-cve-2026-31381-cve-2026-31382-gainsight-assist-information-disclosure-xss-fixed","published_at":"2026-03-20T13:00:00.000Z"},{"type":"cve","value":"CVE-2025-31277","source":"CISA Advisories","article_title":"CISA Adds Five Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/20/cisa-adds-five-known-exploited-vulnerabilities-catalog","published_at":"2026-03-20T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-32432","source":"CISA Advisories","article_title":"CISA Adds Five Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/20/cisa-adds-five-known-exploited-vulnerabilities-catalog","published_at":"2026-03-20T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-43510","source":"CISA Advisories","article_title":"CISA Adds Five Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/20/cisa-adds-five-known-exploited-vulnerabilities-catalog","published_at":"2026-03-20T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-43520","source":"CISA Advisories","article_title":"CISA Adds Five Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/20/cisa-adds-five-known-exploited-vulnerabilities-catalog","published_at":"2026-03-20T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-54068","source":"CISA Advisories","article_title":"CISA Adds Five Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/20/cisa-adds-five-known-exploited-vulnerabilities-catalog","published_at":"2026-03-20T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-21992","source":"Tenable Blog","article_title":"CVE-2026-21992: Critical Out-of-Band Oracle Identity Manager and Oracle Web Services Manager Remote Code Execution Vulnerability","article_url":"https://www.tenable.com/blog/cve-2026-21992-critical-out-of-band-oracle-identity-manager-and-oracle-web-services-manager","published_at":"2026-03-20T07:58:50.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9858,","source":"SANS ISC","article_title":"ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)","article_url":"https://isc.sans.edu/diary/rss/32814","published_at":"2026-03-20T02:00:02.000Z"},{"type":"cve","value":"CVE-2026-20131","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/19/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-03-19T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-3888","source":"Information Security Buzz","article_title":"New Ubuntu Snap Bug Opens Door to Delayed Root Compromise","article_url":"https://informationsecuritybuzz.com/ubuntu-snap-bug-opens-to-root-compromise/","published_at":"2026-03-19T08:03:04.000Z"},{"type":"cve","value":"CVE-2025-66376","source":"The Hacker News","article_title":"CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks","article_url":"https://thehackernews.com/2026/03/cisa-warns-of-zimbra-sharepoint-flaw.html","published_at":"2026-03-19T06:05:00.000Z"},{"type":"cve","value":"CVE-2026-4154","source":"Zero Day Initiative","article_title":"ZDI-26-221: GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-221/","published_at":"2026-03-19T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-4153","source":"Zero Day Initiative","article_title":"ZDI-26-220: GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-220/","published_at":"2026-03-19T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-4152","source":"Zero Day Initiative","article_title":"ZDI-26-219: GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-219/","published_at":"2026-03-19T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-4151","source":"Zero Day Initiative","article_title":"ZDI-26-218: GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-218/","published_at":"2026-03-19T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-4150","source":"Zero Day Initiative","article_title":"ZDI-26-217: GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-217/","published_at":"2026-03-19T05:00:00.000Z"},{"type":"url","value":"https://isc.sans.edu/podcastdetail/9856,","source":"SANS ISC","article_title":"ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th)","article_url":"https://isc.sans.edu/diary/rss/32812","published_at":"2026-03-19T02:00:03.000Z"},{"type":"cve","value":"CVE-2026-20131","source":"The Hacker News","article_title":"Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access","article_url":"https://thehackernews.com/2026/03/interlock-ransomware-exploits-cisco-fmc.html","published_at":"2026-03-18T16:00:00.000Z"},{"type":"cve","value":"CVE-2026-20131","source":"AWS Security Blog","article_title":"Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls","article_url":"https://aws.amazon.com/blogs/security/amazon-threat-intelligence-teams-identify-interlock-ransomware-campaign-targeting-enterprise-firewalls/","published_at":"2026-03-18T15:57:45.000Z"},{"type":"cve","value":"CVE-2026-3888","source":"Infosecurity Magazine","article_title":"New Ubuntu Flaw Enables Local Attackers to Gain Root Access","article_url":"https://www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/","published_at":"2026-03-18T15:45:00.000Z"},{"type":"cve","value":"CVE-2026-32746","source":"The Hacker News","article_title":"Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE","article_url":"https://thehackernews.com/2026/03/critical-telnetd-flaw-cve-2026-32746.html","published_at":"2026-03-18T12:30:00.000Z"},{"type":"cve","value":"CVE-2025-66376","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/18/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-03-18T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-20963","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/18/cisa-adds-one-known-exploited-vulnerability-catalog-0","published_at":"2026-03-18T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-3888","source":"The Hacker News","article_title":"Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit","article_url":"https://thehackernews.com/2026/03/ubuntu-cve-2026-3888-bug-lets-attackers.html","published_at":"2026-03-18T08:08:00.000Z"},{"type":"cve","value":"CVE-2026-20643","source":"The Hacker News","article_title":"Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS","article_url":"https://thehackernews.com/2026/03/apple-fixes-webkit-vulnerability.html","published_at":"2026-03-18T06:31:00.000Z"},{"type":"cve","value":"CVE-2026-21514","source":"Tenable Blog","article_title":"FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word","article_url":"https://www.tenable.com/blog/faq-on-cve-2026-21514-ole-bypass-n-day-in-microsoft-word","published_at":"2026-03-17T22:00:41.000Z"},{"type":"cve","value":"CVE-2026-21514","source":"Tenable Blog","article_title":"Operation Epic Fury: Why exposure data changes everything about Iran's cyber-kinetic campaign","article_url":"https://www.tenable.com/blog/operation-epic-fury-why-exposure-data-changes-everything-about-irans-cyber-kinetic-campaign","published_at":"2026-03-17T21:59:07.000Z"},{"type":"cve","value":"CVE-2026-3888","source":"Qualys Blog","article_title":"CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root","article_url":"https://blog.qualys.com/vulnerabilities-threat-research/2026/03/17/cve-2026-3888-important-snap-flaw-enables-local-privilege-escalation-to-root","published_at":"2026-03-17T19:20:02.000Z"},{"type":"cve","value":"CVE-2025-47813","source":"The Hacker News","article_title":"CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths","article_url":"https://thehackernews.com/2026/03/cisa-flags-actively-exploited-wing-ftp.html","published_at":"2026-03-17T05:23:00.000Z"},{"type":"cve","value":"CVE-2025-62847","source":"Zero Day Initiative","article_title":"ZDI-26-216: (Pwn2Own) QNAP TS-453E smbd domain_name Argument Injection Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-216/","published_at":"2026-03-17T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-47813","source":"CISA Advisories","article_title":"CISA Adds One Known Exploited Vulnerability to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/16/cisa-adds-one-known-exploited-vulnerability-catalog","published_at":"2026-03-16T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-4158","source":"Zero Day Initiative","article_title":"ZDI-26-215: KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-215/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-2049","source":"Zero Day Initiative","article_title":"ZDI-26-214: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-214/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-2046","source":"Zero Day Initiative","article_title":"ZDI-26-213: GIMP LBM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-213/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-13957","source":"Zero Day Initiative","article_title":"ZDI-26-212: Schneider Electric EcoStruxure Data Center Expert Hard-coded Password Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-212/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-1361","source":"Zero Day Initiative","article_title":"ZDI-26-211: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-211/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-21079","source":"Zero Day Initiative","article_title":"ZDI-26-210: (Pwn2Own) Samsung Galaxy S25 Samsung Members Security Feature Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-210/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-21079","source":"Zero Day Initiative","article_title":"ZDI-26-209: (Pwn2Own) Samsung Galaxy S25 Samsung Members Open Redirect Security Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-209/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-14237","source":"Zero Day Initiative","article_title":"ZDI-26-208: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-208/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-14236","source":"Zero Day Initiative","article_title":"ZDI-26-207: (Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-207/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-14235","source":"Zero Day Initiative","article_title":"ZDI-26-206: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-206/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-14234","source":"Zero Day Initiative","article_title":"ZDI-26-205: (Pwn2Own) Canon imageCLASS MF654Cdw PJCC Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-205/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-14232","source":"Zero Day Initiative","article_title":"ZDI-26-204: (Pwn2Own) Canon imageCLASS MF654Cdw XPS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-204/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-14231","source":"Zero Day Initiative","article_title":"ZDI-26-203: (Pwn2Own) Canon imageCLASS MF654Cdw XML SOAP Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-203/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-59389","source":"Zero Day Initiative","article_title":"ZDI-26-202: (Pwn2Own) QNAP TS-453E  Hyper Data Protector Plugin query_original_file_size SQL Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-202/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-59388","source":"Zero Day Initiative","article_title":"ZDI-26-201: (Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin Hard-Coded Credentials Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-201/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-62849","source":"Zero Day Initiative","article_title":"ZDI-26-200: (Pwn2Own) QNAP TS-453E nvrlog_event_add msg SQL Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-200/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-62848","source":"Zero Day Initiative","article_title":"ZDI-26-199: (Pwn2Own) QNAP TS-453E conn_log_tool Format String Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-199/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-11837","source":"Zero Day Initiative","article_title":"ZDI-26-198: (Pwn2Own) QNAP TS-453E malware_remover Code Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-198/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-4157","source":"Zero Day Initiative","article_title":"ZDI-26-197: (Pwn2Own) ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-197/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-4156","source":"Zero Day Initiative","article_title":"ZDI-26-196: (Pwn2Own) ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-196/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-4155","source":"Zero Day Initiative","article_title":"ZDI-26-195: (Pwn2Own) ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-195/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-21527","source":"Zero Day Initiative","article_title":"ZDI-26-194: Microsoft Exchange InterceptorSmtpAgent Improper Input Validation Security Feature Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-194/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2022-1972","source":"Zero Day Initiative","article_title":"ZDI-26-193: (Pwn2Own) Linux Kernel nf_tables_newset Out-Of-Bounds Write Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-193/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-4149","source":"Zero Day Initiative","article_title":"ZDI-26-192: Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-192/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2022-32250","source":"Zero Day Initiative","article_title":"ZDI-26-191: (Pwn2Own) Linux Kernel nf_tables Use-After-Free Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-191/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-41238","source":"Zero Day Initiative","article_title":"ZDI-26-190: (Pwn2Own) VMware Workstation PVSCSI Heap-based Buffer Overflow Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-190/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-41236","source":"Zero Day Initiative","article_title":"ZDI-26-189: (Pwn2Own) VMware ESXi VMXNET3 Integer Overflow Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-189/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-41237","source":"Zero Day Initiative","article_title":"ZDI-26-188: (Pwn2Own) VMware ESXi VMCI Integer Underflow Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-188/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2022-45188","source":"Zero Day Initiative","article_title":"ZDI-26-187: (Pwn2Own) Synology DiskStation Manager Netatalk Library Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-187/","published_at":"2026-03-16T05:00:00.000Z"},{"type":"cve","value":"CVE-2025-71243","source":"Rapid7 Blog","article_title":"Metasploit Wrap-Up 03/13/2026","article_url":"https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-03-13-2026","published_at":"2026-03-13T19:06:41.000Z"},{"type":"cve","value":"CVE-2026-3909","source":"CISA Advisories","article_title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/13/cisa-adds-two-known-exploited-vulnerabilities-catalog","published_at":"2026-03-13T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-3910","source":"CISA Advisories","article_title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","article_url":"https://www.cisa.gov/news-events/alerts/2026/03/13/cisa-adds-two-known-exploited-vulnerabilities-catalog","published_at":"2026-03-13T12:00:00.000Z"},{"type":"cve","value":"CVE-2026-24858","source":"CISA Advisories","article_title":"Siemens RUGGEDCOM APE1808 Devices","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-02","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-55018","source":"CISA Advisories","article_title":"Siemens RUGGEDCOM APE1808 Devices","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-02","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-62439","source":"CISA Advisories","article_title":"Siemens RUGGEDCOM APE1808 Devices","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-02","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-64157","source":"CISA Advisories","article_title":"Siemens RUGGEDCOM APE1808 Devices","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-02","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2024-29857","source":"CISA Advisories","article_title":"Siemens SIDIS Prime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-03","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2024-30171","source":"CISA Advisories","article_title":"Siemens SIDIS Prime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-03","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2024-30172","source":"CISA Advisories","article_title":"Siemens SIDIS Prime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-03","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2024-41996","source":"CISA Advisories","article_title":"Siemens SIDIS Prime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-03","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-6965","source":"CISA Advisories","article_title":"Siemens SIDIS Prime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-03","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-7783","source":"CISA Advisories","article_title":"Siemens SIDIS Prime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-03","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-9230","source":"CISA Advisories","article_title":"Siemens SIDIS Prime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-03","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-9232","source":"CISA Advisories","article_title":"Siemens SIDIS Prime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-03","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-9670","source":"CISA Advisories","article_title":"Siemens SIDIS Prime","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-03","published_at":"2026-03-12T12:00:00.000Z"},{"type":"cve","value":"CVE-2025-13913","source":"CISA Advisories","article_title":"Inductive Automation Ignition Software","article_url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-06","published_at":"2026-03-12T12:00:00.000Z"},{"type":"domain","value":"asp.net","source":"Tenable Blog","article_title":"Microsoft’s March 2026 Patch Tuesday Addresses 83 CVEs (CVE-2026-21262, CVE-2026-26127)","article_url":"https://www.tenable.com/blog/microsofts-march-2026-patch-tuesday-addresses-83-cves-cve-2026-21262-cve-2026-26127","published_at":"2026-03-10T17:59:53.000Z"},{"type":"cve","value":"CVE-2026-21262","source":"Tenable Blog","article_title":"Microsoft’s March 2026 Patch Tuesday Addresses 83 CVEs (CVE-2026-21262, CVE-2026-26127)","article_url":"https://www.tenable.com/blog/microsofts-march-2026-patch-tuesday-addresses-83-cves-cve-2026-21262-cve-2026-26127","published_at":"2026-03-10T17:59:53.000Z"},{"type":"cve","value":"CVE-2026-26127","source":"Tenable Blog","article_title":"Microsoft’s March 2026 Patch Tuesday Addresses 83 CVEs (CVE-2026-21262, CVE-2026-26127)","article_url":"https://www.tenable.com/blog/microsofts-march-2026-patch-tuesday-addresses-83-cves-cve-2026-21262-cve-2026-26127","published_at":"2026-03-10T17:59:53.000Z"},{"type":"cve","value":"CVE-2026-26030","source":"Tenable Blog","article_title":"Microsoft’s March 2026 Patch Tuesday Addresses 83 CVEs (CVE-2026-21262, CVE-2026-26127)","article_url":"https://www.tenable.com/blog/microsofts-march-2026-patch-tuesday-addresses-83-cves-cve-2026-21262-cve-2026-26127","published_at":"2026-03-10T17:59:53.000Z"},{"type":"cve","value":"CVE-2026-24018","source":"Zero Day Initiative","article_title":"ZDI-26-186: Fortinet FortiClient Link Following Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-186/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-25181","source":"Zero Day Initiative","article_title":"ZDI-26-185: Microsoft Windows GDI Bitmap Parsing Out-Of-Bound Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-185/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-24289","source":"Zero Day Initiative","article_title":"ZDI-26-184: Microsoft Windows NDIS Driver Use-After-Free Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-184/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-24285","source":"Zero Day Initiative","article_title":"ZDI-26-183: Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-183/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-24285","source":"Zero Day Initiative","article_title":"ZDI-26-182: Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-182/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-24285","source":"Zero Day Initiative","article_title":"ZDI-26-181: Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-181/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-23668","source":"Zero Day Initiative","article_title":"ZDI-26-180: Microsoft Windows cdd Improper Locking Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-180/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-23668","source":"Zero Day Initiative","article_title":"ZDI-26-179: Microsoft Windows win32kfull Improper Locking Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-179/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-23668","source":"Zero Day Initiative","article_title":"ZDI-26-178: Microsoft Windows cdd Improper Locking Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-178/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-26364","source":"Zero Day Initiative","article_title":"ZDI-26-177: Array Networks MotionPro ArrayInstallManager Incorrect Permission Assignment Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-177/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-20616","source":"Zero Day Initiative","article_title":"ZDI-26-176: Apple macOS libusd_ms Alembic File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-176/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-20634","source":"Zero Day Initiative","article_title":"ZDI-26-175: Apple macOS ImageIO SGI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-175/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-20675","source":"Zero Day Initiative","article_title":"ZDI-26-174: Apple macOS ImageIO SGI File Parsing Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-174/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-20611","source":"Zero Day Initiative","article_title":"ZDI-26-173: Apple macOS Audio APAC Frame Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-173/","published_at":"2026-03-10T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-3839","source":"Zero Day Initiative","article_title":"ZDI-26-172: Unraid Authentication Request Path Traversal Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-172/","published_at":"2026-03-09T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-3838","source":"Zero Day Initiative","article_title":"ZDI-26-171: Unraid Update Request Path Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-171/","published_at":"2026-03-09T05:00:00.000Z"},{"type":"cve","value":"CVE-2026-3086","source":"Zero Day Initiative","article_title":"ZDI-26-170: GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-170/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3084","source":"Zero Day Initiative","article_title":"ZDI-26-169: GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-169/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2921","source":"Zero Day Initiative","article_title":"ZDI-26-168: GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-168/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3085","source":"Zero Day Initiative","article_title":"ZDI-26-167: GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-167/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3083","source":"Zero Day Initiative","article_title":"ZDI-26-166: GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-166/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2922","source":"Zero Day Initiative","article_title":"ZDI-26-165: GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-165/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2920","source":"Zero Day Initiative","article_title":"ZDI-26-164: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-164/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3082","source":"Zero Day Initiative","article_title":"ZDI-26-163: GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-163/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3081","source":"Zero Day Initiative","article_title":"ZDI-26-162: GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-162/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2923","source":"Zero Day Initiative","article_title":"ZDI-26-161: GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-161/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3562","source":"Zero Day Initiative","article_title":"ZDI-26-160: (Pwn2Own) Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-160/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3561","source":"Zero Day Initiative","article_title":"ZDI-26-159: (Pwn2Own) Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-159/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3560","source":"Zero Day Initiative","article_title":"ZDI-26-158: (Pwn2Own) Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-158/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3559","source":"Zero Day Initiative","article_title":"ZDI-26-157: (Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-157/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3558","source":"Zero Day Initiative","article_title":"ZDI-26-156: (Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-156/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3557","source":"Zero Day Initiative","article_title":"ZDI-26-155: (Pwn2Own) Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-155/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3556","source":"Zero Day Initiative","article_title":"ZDI-26-154: (Pwn2Own) Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-154/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3555","source":"Zero Day Initiative","article_title":"ZDI-26-153: (Pwn2Own) Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-153/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-15558","source":"Zero Day Initiative","article_title":"ZDI-26-152: Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-152/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-3094","source":"Zero Day Initiative","article_title":"ZDI-26-151: Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-151/","published_at":"2026-03-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-28400","source":"Zero Day Initiative","article_title":"ZDI-26-150: Docker Desktop for Mac Docker Model Runner Exposed Dangerous Function Denial-of-Service Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-150/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71218","source":"Zero Day Initiative","article_title":"ZDI-26-149: Trend Micro Cleaner One Pro Link Following Denial-of-Service Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-149/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71209","source":"Zero Day Initiative","article_title":"ZDI-26-148: Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-148/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71208","source":"Zero Day Initiative","article_title":"ZDI-26-147: Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-147/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71207","source":"Zero Day Initiative","article_title":"ZDI-26-146: Trend Micro Apex Central Manual Update Server-Side Request Forgery Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-146/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71206","source":"Zero Day Initiative","article_title":"ZDI-26-145: Trend Micro Apex Central Scheduled Update Server-Side Request Forgery Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-145/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71205","source":"Zero Day Initiative","article_title":"ZDI-26-144: Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-144/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71217","source":"Zero Day Initiative","article_title":"ZDI-26-143: Trend Micro Apex One Security Agent TmSelfProtect Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-143/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71216","source":"Zero Day Initiative","article_title":"ZDI-26-142: Trend Micro Apex One Security Agent Cache Mechanism Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-142/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71215","source":"Zero Day Initiative","article_title":"ZDI-26-141: Trend Micro Apex One Security Agent iCore Service Signature Verification Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-141/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71213","source":"Zero Day Initiative","article_title":"ZDI-26-140: Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-140/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71214","source":"Zero Day Initiative","article_title":"ZDI-26-139: Trend Micro Apex One Security Agent iCore Service Origin Validation Error Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-139/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71212","source":"Zero Day Initiative","article_title":"ZDI-26-138: Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-138/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71211","source":"Zero Day Initiative","article_title":"ZDI-26-137: Trend Micro Apex One Console Directory Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-137/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-71210","source":"Zero Day Initiative","article_title":"ZDI-26-136: Trend Micro Apex One Console Directory Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-136/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-27794","source":"Zero Day Initiative","article_title":"ZDI-26-135: LangChain LangGraph BaseCache Deserialization of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-135/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-23600","source":"Zero Day Initiative","article_title":"ZDI-26-134: Hewlett Packard Enterprise AutoPass License Server Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-134/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-26975","source":"Zero Day Initiative","article_title":"ZDI-26-133: (Pwn2Own) Music Assistant _update_library_item External Control of File Path Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-133/","published_at":"2026-03-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0628","source":"Unit 42","article_title":"Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel","article_url":"https://unit42.paloaltonetworks.com/gemini-live-in-chrome-hijacking/","published_at":"2026-03-02T11:00:36.000Z"},{"type":"cve","value":"CVE-2025-59536","source":"Check Point Research","article_title":"Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852","article_url":"https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/","published_at":"2026-02-25T13:58:39.000Z"},{"type":"cve","value":"CVE-2026-21852","source":"Check Point Research","article_title":"Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852","article_url":"https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/","published_at":"2026-02-25T13:58:39.000Z"},{"type":"cve","value":"CVE-2026-25656","source":"Zero Day Initiative","article_title":"ZDI-26-132: Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-132/","published_at":"2026-02-25T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-25655","source":"Zero Day Initiative","article_title":"ZDI-26-131: Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-131/","published_at":"2026-02-25T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2493","source":"Zero Day Initiative","article_title":"ZDI-26-130: IceWarp collaboration Directory Traversal Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-130/","published_at":"2026-02-25T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2491","source":"Zero Day Initiative","article_title":"ZDI-26-129: Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-129/","published_at":"2026-02-25T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21634","source":"Zero Day Initiative","article_title":"ZDI-26-128: (Pwn2Own) Ubiquiti Networks AI Pro Uncaught Exception Denial-of-Service Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-128/","published_at":"2026-02-25T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21633","source":"Zero Day Initiative","article_title":"ZDI-26-127: (Pwn2Own) Ubiquiti Networks AI Pro Cleartext Transmission Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-127/","published_at":"2026-02-25T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21633","source":"Zero Day Initiative","article_title":"ZDI-26-126: (Pwn2Own) Ubiquiti Networks AI Pro Discovery Protocol Missing Encryption Protocol Downgrade Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-126/","published_at":"2026-02-25T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2664","source":"Zero Day Initiative","article_title":"ZDI-26-125: Docker Desktop grpcfuse Kernel Module Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-125/","published_at":"2026-02-25T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-15060","source":"Zero Day Initiative","article_title":"ZDI-26-124: claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-124/","published_at":"2026-02-25T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2040","source":"Zero Day Initiative","article_title":"ZDI-26-122: PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-122/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2048","source":"Zero Day Initiative","article_title":"ZDI-26-121: GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-121/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2047","source":"Zero Day Initiative","article_title":"ZDI-26-120: GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-120/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2045","source":"Zero Day Initiative","article_title":"ZDI-26-119: GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-119/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2044","source":"Zero Day Initiative","article_title":"ZDI-26-118: GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-118/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2490","source":"Zero Day Initiative","article_title":"ZDI-26-117: RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-117/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2492","source":"Zero Day Initiative","article_title":"ZDI-26-116: TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-116/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-62676","source":"Zero Day Initiative","article_title":"ZDI-26-115: Fortinet FortiClient VPN FCConfig Utility Link Following Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-115/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-1335","source":"Zero Day Initiative","article_title":"ZDI-26-114: Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-114/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-1334","source":"Zero Day Initiative","article_title":"ZDI-26-113: Dassault Systèmes eDrawings Viewer EPRT File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-113/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-1333","source":"Zero Day Initiative","article_title":"ZDI-26-112: Dassault Systèmes eDrawings Viewer EPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-112/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2635","source":"Zero Day Initiative","article_title":"ZDI-26-111: MLflow Use of Default Password Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-111/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-60037","source":"Zero Day Initiative","article_title":"ZDI-26-110: Bosch Rexroth IndraWorks Print Settings File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-110/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-60038","source":"Zero Day Initiative","article_title":"ZDI-26-110: Bosch Rexroth IndraWorks Print Settings File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-110/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-60035","source":"Zero Day Initiative","article_title":"ZDI-26-109: Bosch Rexroth IndraWorks OPC.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-109/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-60036","source":"Zero Day Initiative","article_title":"ZDI-26-108: Bosch Rexroth IndraWorks UA.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-108/","published_at":"2026-02-19T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0875","source":"Zero Day Initiative","article_title":"ZDI-26-107: Autodesk AutoCAD MODEL File Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-107/","published_at":"2026-02-18T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0874","source":"Zero Day Initiative","article_title":"ZDI-26-106: Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-106/","published_at":"2026-02-18T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-22769","source":"Mandiant Blog","article_title":"From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day","article_url":"https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day/","published_at":"2026-02-17T14:00:00.000Z"},{"type":"cve","value":"CVE-2026-2033","source":"Zero Day Initiative","article_title":"ZDI-26-105: MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-105/","published_at":"2026-02-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2034","source":"Zero Day Initiative","article_title":"ZDI-26-104: Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-104/","published_at":"2026-02-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21956","source":"Zero Day Initiative","article_title":"ZDI-26-103: Oracle VirtualBox VMSVGA Out-Of-Bounds Access Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-103/","published_at":"2026-02-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21957","source":"Zero Day Initiative","article_title":"ZDI-26-102: Oracle VirtualBox VMSVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-102/","published_at":"2026-02-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21963","source":"Zero Day Initiative","article_title":"ZDI-26-101: Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-101/","published_at":"2026-02-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21985","source":"Zero Day Initiative","article_title":"ZDI-26-100: Oracle VirtualBox LsiLogic Uninitialized Memory Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-100/","published_at":"2026-02-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21984","source":"Zero Day Initiative","article_title":"ZDI-26-099: Oracle VirtualBox VMSVGA Race Condition Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-099/","published_at":"2026-02-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21955","source":"Zero Day Initiative","article_title":"ZDI-26-098: Oracle VirtualBox VMSVGA Use-After-Free Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-098/","published_at":"2026-02-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21983","source":"Zero Day Initiative","article_title":"ZDI-26-097: Oracle VirtualBox VMSVGA Heap-based Buffer Overflow Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-097/","published_at":"2026-02-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-1283","source":"Zero Day Initiative","article_title":"ZDI-26-096: Dassault Systèmes eDrawings Viewer EPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-096/","published_at":"2026-02-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-1284","source":"Zero Day Initiative","article_title":"ZDI-26-095: Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-095/","published_at":"2026-02-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13845","source":"Zero Day Initiative","article_title":"ZDI-26-094: Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-094/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13845","source":"Zero Day Initiative","article_title":"ZDI-26-093: Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-093/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13845","source":"Zero Day Initiative","article_title":"ZDI-26-092: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-092/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13845","source":"Zero Day Initiative","article_title":"ZDI-26-091: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-091/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13845","source":"Zero Day Initiative","article_title":"ZDI-26-090: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-090/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13845","source":"Zero Day Initiative","article_title":"ZDI-26-089: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-089/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13845","source":"Zero Day Initiative","article_title":"ZDI-26-088: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-088/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13845","source":"Zero Day Initiative","article_title":"ZDI-26-087: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-087/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13845","source":"Zero Day Initiative","article_title":"ZDI-26-086: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-086/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13845","source":"Zero Day Initiative","article_title":"ZDI-26-085: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-085/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13845","source":"Zero Day Initiative","article_title":"ZDI-26-084: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-084/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21249","source":"Zero Day Initiative","article_title":"ZDI-26-083: Microsoft Windows searchConnector-ms NTLM Response Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-083/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21527","source":"Zero Day Initiative","article_title":"ZDI-26-082: Microsoft Exchange InterceptorSmtpAgent Reliance on Untrusted Inputs Security Feature Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-082/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-21235","source":"Zero Day Initiative","article_title":"ZDI-26-081: Microsoft Windows win32kfull Use-After-Free Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-081/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-1603","source":"Zero Day Initiative","article_title":"ZDI-26-080: Ivanti Endpoint Manager AuthHelper Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-080/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-1602","source":"Zero Day Initiative","article_title":"ZDI-26-079: Ivanti Endpoint Manager ROI SQL Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-079/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2035","source":"Zero Day Initiative","article_title":"ZDI-26-078: Deciso OPNsense diag_backup.php filename Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-078/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2039","source":"Zero Day Initiative","article_title":"ZDI-26-077: GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-077/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2036","source":"Zero Day Initiative","article_title":"ZDI-26-076: GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-076/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2038","source":"Zero Day Initiative","article_title":"ZDI-26-075: GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-075/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2037","source":"Zero Day Initiative","article_title":"ZDI-26-074: GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-074/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2041","source":"Zero Day Initiative","article_title":"ZDI-26-073: Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-073/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2043","source":"Zero Day Initiative","article_title":"ZDI-26-072: Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-072/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-2042","source":"Zero Day Initiative","article_title":"ZDI-26-071: Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-071/","published_at":"2026-02-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-61808","source":"Zero Day Initiative","article_title":"ZDI-26-070: Adobe ColdFusion CAR File Parsing Directory Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-070/","published_at":"2026-02-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0777","source":"Zero Day Initiative","article_title":"ZDI-26-069: (0Day) Xmind Attachment Insufficient UI Warning Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-069/","published_at":"2026-02-06T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-14740","source":"Zero Day Initiative","article_title":"ZDI-26-068: Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-068/","published_at":"2026-02-05T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-14740","source":"Zero Day Initiative","article_title":"ZDI-26-067: Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-067/","published_at":"2026-02-05T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-65079","source":"Zero Day Initiative","article_title":"ZDI-26-066: (Pwn2Own) Lexmark CX532adwe getCFFNames Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-066/","published_at":"2026-02-05T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-65080","source":"Zero Day Initiative","article_title":"ZDI-26-065: (Pwn2Own) Lexmark CX532adwe usecmap Type Confusion Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-065/","published_at":"2026-02-05T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-65081","source":"Zero Day Initiative","article_title":"ZDI-26-064: (Pwn2Own) Lexmark CX532adwe execuserobject Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-064/","published_at":"2026-02-05T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-65077","source":"Zero Day Initiative","article_title":"ZDI-26-063: (Pwn2Own) Lexmark CX532adwe libesffls Directory Traversal Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-063/","published_at":"2026-02-05T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-65078","source":"Zero Day Initiative","article_title":"ZDI-26-062: (Pwn2Own) Lexmark CX532adwe esfhelper Untrusted Search Path Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-062/","published_at":"2026-02-05T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-8088","source":"Check Point Research","article_title":"Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia","article_url":"https://research.checkpoint.com/2026/amaranth-dragon-weaponizes-cve-2025-8088-for-targeted-espionage/","published_at":"2026-02-04T13:57:37.000Z"},{"type":"cve","value":"CVE-2025-33201","source":"Zero Day Initiative","article_title":"ZDI-26-061: NVIDIA Triton Inference Server EVBufferToJson Uncaught Exception Denial-of-Service Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-061/","published_at":"2026-02-04T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-24149","source":"Zero Day Initiative","article_title":"ZDI-26-060: NVIDIA Megatron-LM load_base_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-060/","published_at":"2026-02-04T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-66374","source":"Zero Day Initiative","article_title":"ZDI-26-059: CyberArk Endpoint Privilege Management Improper Privilege Management Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-059/","published_at":"2026-02-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-66589","source":"Zero Day Initiative","article_title":"ZDI-26-058: AzeoTech DAQFactory Pro CTL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-058/","published_at":"2026-02-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-46298","source":"Zero Day Initiative","article_title":"ZDI-26-057: Apple Safari JavaScriptCore FTL New Array Materialization Type Confusion Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-057/","published_at":"2026-02-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-43283","source":"Zero Day Initiative","article_title":"ZDI-26-056: Apple macOS AppleIntelKBLGraphics Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-056/","published_at":"2026-02-03T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13447","source":"Zero Day Initiative","article_title":"ZDI-26-055: Progress Software Kemp LoadMaster addapikey Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-055/","published_at":"2026-02-02T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13447","source":"Zero Day Initiative","article_title":"ZDI-26-054: Progress Software Kemp LoadMaster delapikey OS Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-054/","published_at":"2026-02-02T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13447","source":"Zero Day Initiative","article_title":"ZDI-26-053: Progress Software Kemp LoadMaster listapikeys Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-053/","published_at":"2026-02-02T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13444","source":"Zero Day Initiative","article_title":"ZDI-26-052: Progress Software Kemp LoadMaster getcipherset Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-052/","published_at":"2026-02-02T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-13447","source":"Zero Day Initiative","article_title":"ZDI-26-051: Progress Software Kemp LoadMaster delcert Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-051/","published_at":"2026-02-02T06:00:00.000Z"},{"type":"cve","value":"CVE-2024-54529","source":"Google Project Zero","article_title":"Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529","article_url":"https://projectzero.google/2026/01/sound-barrier-2.html","published_at":"2026-01-30T08:00:00.000Z"},{"type":"cve","value":"CVE-2025-31235","source":"Google Project Zero","article_title":"Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529","article_url":"https://projectzero.google/2026/01/sound-barrier-2.html","published_at":"2026-01-30T08:00:00.000Z"},{"type":"cve","value":"CVE-2026-0797","source":"Zero Day Initiative","article_title":"ZDI-26-050: GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-050/","published_at":"2026-01-30T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0975","source":"Zero Day Initiative","article_title":"ZDI-26-049: Delta Electronics DIAView Exposed Dangerous Method Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-049/","published_at":"2026-01-28T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-67685","source":"Zero Day Initiative","article_title":"ZDI-26-048: Fortinet FortiSandbox fortisandbox Server-Side Request Forgery Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-048/","published_at":"2026-01-28T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-29867","source":"Zero Day Initiative","article_title":"ZDI-26-047: Hancom Office DOC File Parsing Type Confusion Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-047/","published_at":"2026-01-28T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-20026","source":"Zero Day Initiative","article_title":"ZDI-26-046: Cisco Snort _bnfa_search_csparse_nfa Use-After-Free Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-046/","published_at":"2026-01-28T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-20027","source":"Zero Day Initiative","article_title":"ZDI-26-045: Cisco Snort _bnfa_search_csparse_nfa Out-Of-Bounds Read Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-045/","published_at":"2026-01-28T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-8088","source":"Mandiant Blog","article_title":"Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088","article_url":"https://cloud.google.com/blog/topics/threat-intelligence/exploiting-critical-winrar-vulnerability/","published_at":"2026-01-27T14:00:00.000Z"},{"type":"cve","value":"CVE-2026-20871","source":"Zero Day Initiative","article_title":"ZDI-26-044: Microsoft Windows Desktop Window Manager Use-After-Free Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-044/","published_at":"2026-01-13T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-55182","source":"Recorded Future","article_title":"December 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat Activity","article_url":"https://www.recordedfuture.com/blog/december-2025-cve-landscape","published_at":"2026-01-13T00:00:00.000Z"},{"type":"cve","value":"CVE-2026-0775","source":"Zero Day Initiative","article_title":"ZDI-26-043: (0Day) npm cli Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-043/","published_at":"2026-01-12T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0773","source":"Zero Day Initiative","article_title":"ZDI-26-042: (0Day) Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-042/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0778","source":"Zero Day Initiative","article_title":"ZDI-26-041: (0Day) (Pwn2Own) Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-041/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0776","source":"Zero Day Initiative","article_title":"ZDI-26-040: (0Day) Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-040/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0774","source":"Zero Day Initiative","article_title":"ZDI-26-039: (0Day) WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-039/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0772","source":"Zero Day Initiative","article_title":"ZDI-26-038: (0Day) Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-038/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0771","source":"Zero Day Initiative","article_title":"ZDI-26-037: (0Day) Langflow PythonFunction Code Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-037/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0770","source":"Zero Day Initiative","article_title":"ZDI-26-036: (0Day) Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-036/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0769","source":"Zero Day Initiative","article_title":"ZDI-26-035: (0Day) Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-035/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0768","source":"Zero Day Initiative","article_title":"ZDI-26-034: (0Day) Langflow code Code Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-034/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0767","source":"Zero Day Initiative","article_title":"ZDI-26-033: (0Day) Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-033/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0766","source":"Zero Day Initiative","article_title":"ZDI-26-032: (0Day) Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-032/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0765","source":"Zero Day Initiative","article_title":"ZDI-26-031: (0Day) Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-031/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0764","source":"Zero Day Initiative","article_title":"ZDI-26-030: (0Day) GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-030/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0763","source":"Zero Day Initiative","article_title":"ZDI-26-029: (0Day) GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-029/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0762","source":"Zero Day Initiative","article_title":"ZDI-26-028: (0Day) GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-028/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2026-0761","source":"Zero Day Initiative","article_title":"ZDI-26-027: (0Day) Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability","article_url":"http://www.zerodayinitiative.com/advisories/ZDI-26-027/","published_at":"2026-01-09T06:00:00.000Z"},{"type":"cve","value":"CVE-2025-50165","source":"WeLiveSecurity","article_title":"Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component","article_url":"https://www.welivesecurity.com/en/eset-research/revisiting-cve-2025-50165-critical-flaw-windows-imaging-component/","published_at":"2025-12-22T09:55:00.000Z"},{"type":"domain","value":"ukr.net","source":"Recorded Future","article_title":"BlueDelta’s Persistent Campaign Against UKR.NET","article_url":"https://www.recordedfuture.com/research/bluedeltas-persistent-campaign-against-ukrnet","published_at":"2025-12-17T00:00:00.000Z"},{"type":"cve","value":"CVE-2017-3558","source":"Google Project Zero","article_title":"Thinking Outside The Box [dusted off draft from 2017]","article_url":"https://projectzero.google/2025/12/thinking-outside-the-box.html","published_at":"2025-12-16T09:00:00.000Z"},{"type":"cve","value":"CVE-2025-55182","source":"Mandiant Blog","article_title":"Multiple Threat Actors Exploit React2Shell (CVE-2025-55182)","article_url":"https://cloud.google.com/blog/topics/threat-intelligence/threat-actors-exploit-react2shell-cve-2025-55182/","published_at":"2025-12-12T14:00:00.000Z"},{"type":"cve","value":"CVE-2024-7344","source":"WeLiveSecurity","article_title":"Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass","article_url":"https://www.welivesecurity.com/en/eset-research/introducing-hybridpetya-petya-notpetya-copycat-uefi-secure-boot-bypass/","published_at":"2025-09-12T09:00:00.000Z"}]}