Indicators of Compromise

Tenable Blog CVE Mar 17

FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security prompts, enabling deployment of...

CVEs: CVE-2026-21514

Tenable Blog →

Tenable Blog CVE Mar 17

Operation Epic Fury: Why exposure data changes everything about Iran's cyber-kinetic campaign

Iran's retaliatory campaign following Operation Epic Fury has collapsed the boundary between physical and digital warfare. Tenable's exposure data analysis a...

CVEs: CVE-2026-21514

Tenable Blog →

Qualys Blog CVE Mar 17

CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root

The Qualys Threat Research Unit has identified a Local Privilege Escalation (LPE) vulnerability affecting default installations of Ubuntu Desktop version 24....

CVEs: CVE-2026-3888

Qualys Blog →

CISA Advisories General Mar 17

CODESYS in Festo Automation Suite

View CSAF Summary 3. TECHNICAL DETAILS The following versions of CODESYS in Festo Automation Suite are affected: FESTO Software Festo Automation Suite (versi...

IPs: 2.8.0.138 3.5.16.10 2.8.0.137

CISA Advisories →

The Hacker News CVE Mar 17

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

The U.S.

CVEs: CVE-2025-47813

The Hacker News →

Zero Day Initiative CVE Mar 17

ZDI-26-216: (Pwn2Own) QNAP TS-453E smbd domain_name Argument Injection Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP TS-453E devices. Authentication is not requir...

CVEs: CVE-2025-62847

Zero Day Initiative →

CISA Advisories CVE Mar 16

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-47813 Wing FTP ...

CVEs: CVE-2025-47813

CISA Advisories →

Zero Day Initiative CVE Mar 16

ZDI-26-215: KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of KeePassXC. An attacker must first obtain the ability to execute...

CVEs: CVE-2026-4158

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-214: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

CVEs: CVE-2026-2049

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-213: GIMP LBM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

CVEs: CVE-2026-2046

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-212: Schneider Electric EcoStruxure Data Center Expert Hard-coded Password Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Data Center Expert. Authenti...

CVEs: CVE-2025-13957

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-211: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ASDA-Soft. User interaction is required t...

CVEs: CVE-2026-1361

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-210: (Pwn2Own) Samsung Galaxy S25 Samsung Members Security Feature Bypass Vulnerability

This vulnerability allows remote attackers to bypass a security feature on affected installations of Samsung Galaxy S25. Authentication is not required to ex...

CVEs: CVE-2025-21079

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-209: (Pwn2Own) Samsung Galaxy S25 Samsung Members Open Redirect Security Bypass Vulnerability

This vulnerability allows remote attackers to bypass security on affected installations of Samsung Galaxy S25. Authentication is not required to exploit this...

CVEs: CVE-2025-21079

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-208: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14237

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-207: (Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14236

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-206: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14235

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-205: (Pwn2Own) Canon imageCLASS MF654Cdw PJCC Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14234

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-204: (Pwn2Own) Canon imageCLASS MF654Cdw XPS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14232

Zero Day Initiative →

Zero Day Initiative CVE Mar 16

ZDI-26-203: (Pwn2Own) Canon imageCLASS MF654Cdw XML SOAP Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF654Cdw printers. Authenticatio...

CVEs: CVE-2025-14231

Zero Day Initiative →