Indicators of Compromise

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-279: Microsoft Windows Snipping Tool Improper Input Validation Remote Code Execution Vulnerability

CVEs: CVE-2026-32183

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-278: Microsoft Windows win32kfull Improper Locking Local Privilege Escalation Vulnerability

CVEs: CVE-2026-33104

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-277: Microsoft Windows afd.sys Race Condition Local Privilege Escalation Vulnerability

CVEs: CVE-2026-32073

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-276: Microsoft Windows Secure Kernel Double Free Local Privilege Escalation Vulnerability

CVEs: CVE-2026-26179

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-272: ATEN Unizon RpcProvider Missing Authentication Denial-of-Service Vulnerability

CVEs: CVE-2026-5057

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-271: Avast Premium Security Gen Self Protection Driver Exposed Dangerous Function Local Privilege Escalation Vulnerability

CVEs: CVE-2026-5424

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-270: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability

CVEs: CVE-2025-54987

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-269: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability

CVEs: CVE-2025-54948

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-268: Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability

CVEs: CVE-2026-25203

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-266: Fortinet FortiWeb cat_cgi_paths Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2026-40688

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-265: Fortinet FortiWeb cgi_buf_alloc Integer Overflow Denial-of-Service Vulnerability

CVEs: CVE-2026-39811

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-264: Adobe ColdFusion fetchCFSettingFile Directory Traversal Information Disclosure Vulnerability

CVEs: CVE-2026-27305

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-263: Adobe ColdFusion subscribeToEndpoints Authentication Bypass Vulnerability

CVEs: CVE-2026-27282

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 15

ZDI-26-262: Adobe ColdFusion deleteVersion Directory Traversal Arbitrary File Deletion Vulnerability

CVEs: CVE-2026-34619

Zero Day Initiative →

SentinelOne Blog 📡 RSS Apr 14

Securing the Software Supply Chain: How SentinelOne’s AI EDR Autonomously Blocked the CPU-Z Watering Hole Cyber Attack

Domains: cpuid.com

SentinelOne Blog →

Zero Day Initiative 📡 RSS Apr 6

ZDI-26-257: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2026-5495

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 6

ZDI-26-256: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2026-5494

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 6

ZDI-26-255: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2026-5493

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 6

ZDI-26-254: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerability

CVEs: CVE-2026-5496

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 2

ZDI-26-253: Microsoft Visual Studio Code mcp.json Command Injection Remote Code Execution Vulnerability

CVEs: CVE-2026-21518

Zero Day Initiative →