Indicators of Compromise

Zero Day Initiative CVE Feb 19

ZDI-26-108: Bosch Rexroth IndraWorks UA.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bosch Rexroth IndraWorks. User interaction is required to e...

CVEs: CVE-2025-60036

Zero Day Initiative →

Zero Day Initiative CVE Feb 18

ZDI-26-107: Autodesk AutoCAD MODEL File Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit t...

CVEs: CVE-2026-0875

Zero Day Initiative →

Zero Day Initiative CVE Feb 18

ZDI-26-106: Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit t...

CVEs: CVE-2026-0874

Zero Day Initiative →

Mandiant Blog Zero-Day Feb 17

From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day

Written by: Peter Ukhanov, Daniel Sislo, Nick Harbour, John Scarbrough, Fernando Tomlinson, Jr., Rich Reece Introduction Mandiant and Google Threat Intellige...

CVEs: CVE-2026-22769

Mandiant Blog →

Zero Day Initiative CVE Feb 13

ZDI-26-105: MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to e...

CVEs: CVE-2026-2033

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-104: Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exp...

CVEs: CVE-2026-2034

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-103: Oracle VirtualBox VMSVGA Out-Of-Bounds Access Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to...

CVEs: CVE-2026-21956

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-102: Oracle VirtualBox VMSVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to...

CVEs: CVE-2026-21957

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-101: Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the...

CVEs: CVE-2026-21963

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-100: Oracle VirtualBox LsiLogic Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the...

CVEs: CVE-2026-21985

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-099: Oracle VirtualBox VMSVGA Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to...

CVEs: CVE-2026-21984

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-098: Oracle VirtualBox VMSVGA Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to...

CVEs: CVE-2026-21955

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-097: Oracle VirtualBox VMSVGA Heap-based Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to...

CVEs: CVE-2026-21983

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-096: Dassault Systèmes eDrawings Viewer EPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

CVEs: CVE-2026-1283

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-095: Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

CVEs: CVE-2026-1284

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-094: Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

CVEs: CVE-2025-13845

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-093: Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

CVEs: CVE-2025-13845

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-092: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

CVEs: CVE-2025-13845

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-091: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

CVEs: CVE-2025-13845

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-090: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

CVEs: CVE-2025-13845

Zero Day Initiative →