Indicators of Compromise

Zero Day Initiative 📡 RSS Apr 2

ZDI-26-252: Mozilla Firefox IonMonkey Switch Statement Optimization Type Confusion Remote Code Execution Vulnerability

CVEs: CVE-2026-4698

Zero Day Initiative →

Zero Day Initiative 📡 RSS Apr 2

ZDI-26-251: Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

CVEs: CVE-2026-3775

Zero Day Initiative →

Check Point Research 📡 RSS Mar 31

Operation TrueChaos: 0-Day Exploitation Against Southeast Asian Government Targets

CVEs: CVE-2026-3502

Check Point Research →

Infosecurity Magazine 📡 RSS Mar 31

NCSC Urges Immediate Patching of F5 BIG-IP Bug

CVEs: CVE-2025-53521

Infosecurity Magazine →

Zero Day Initiative 📡 RSS Mar 31

ZDI-26-250: Linux Kernel Analog Device Driver Improper Validation of Array Index Local Privilege Escalation Vulnerability

CVEs: CVE-2026-23092

Zero Day Initiative →

Infosecurity Magazine 📡 RSS Mar 30

Critical Citrix NetScaler Vulnerability Exploited in the Wild

CVEs: CVE-2026-3055

Infosecurity Magazine →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-249: NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

CVEs: CVE-2026-5055

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-248: NoMachine External Control of File Path Local Privilege Escalation Vulnerability

CVEs: CVE-2026-5054

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-247: NoMachine External Control of File Path Arbitrary File Deletion Vulnerability

CVEs: CVE-2026-5053

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-246: (0Day) aws-mcp-server Command Injection Remote Code Execution Vulnerability

CVEs: CVE-2026-5058

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-244: (Pwn2Own) QNAP QHora-322 miro_webserver_controllers_api_login_singIn Authentication Bypass Vulnerability

CVEs: CVE-2024-13088

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-243: (Pwn2Own) QNAP TS-453E write_file_to_svr External Control of File Path Remote Code Execution Vulnerability

CVEs: CVE-2025-62842

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-242: (Pwn2Own) QNAP TS-453E server_handlers.pyc rr2s.kwargs Error Message Information Disclosure Vulnerability

CVEs: CVE-2025-62840

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-241: (Pwn2Own) QNAP QHora-322 qvpn_db_mgr username SQL Injection Remote Code Execution Vulnerability

CVEs: CVE-2025-62846

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-240: (Pwn2Own) QNAP QHora-322 qvpn_db_mgr role_type Improper Neutralization of Escape Sequences Authentication Bypass Vulnerability

CVEs: CVE-2025-62845

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-239: (Pwn2Own) QNAP QHora-322 login.newAuthMiddleware.Authenticator Authentication Bypass Vulnerability

CVEs: CVE-2025-62844

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-238: Linux Kernel AoE Driver Use-After-Free Local Privilege Escalation Vulnerability

CVEs: CVE-2023-6270

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-237: (Pwn2Own) QNAP QHora-322 ip6_wanifset Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability

CVEs: CVE-2025-62843

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-236: Digilent DASYLab DSB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2026-0954

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 30

ZDI-26-235: Digilent DASYLab DSA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2026-0957

Zero Day Initiative →