Indicators of Compromise

Zero Day Initiative CVE Feb 12

ZDI-26-089: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

CVEs: CVE-2025-13845

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-088: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

CVEs: CVE-2025-13845

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-087: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

CVEs: CVE-2025-13845

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-086: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

CVEs: CVE-2025-13845

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-085: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

CVEs: CVE-2025-13845

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-084: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

CVEs: CVE-2025-13845

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-083: Microsoft Windows searchConnector-ms NTLM Response Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose NTLM responses on affected installations of Microsoft Windows. User interaction is required to exploit...

CVEs: CVE-2026-21249

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-082: Microsoft Exchange InterceptorSmtpAgent Reliance on Untrusted Inputs Security Feature Bypass Vulnerability

This vulnerability allows remote attackers to bypass a security feature on affected installations of Microsoft Exchange. Authentication is not required to ex...

CVEs: CVE-2026-21527

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-081: Microsoft Windows win32kfull Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

CVEs: CVE-2026-21235

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-080: Ivanti Endpoint Manager AuthHelper Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Endpoint Manager. Authentication is not required to e...

CVEs: CVE-2026-1603

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-079: Ivanti Endpoint Manager ROI SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to expl...

CVEs: CVE-2026-1602

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-078: Deciso OPNsense diag_backup.php filename Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deciso OPNsense. Authentication is required to ex...

CVEs: CVE-2026-2035

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-077: GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this...

CVEs: CVE-2026-2039

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-076: GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Although authentication is required to exploi...

CVEs: CVE-2026-2036

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-075: GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this...

CVEs: CVE-2026-2038

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-074: GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Although authentication is required to exploi...

CVEs: CVE-2026-2037

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-073: Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vul...

CVEs: CVE-2026-2041

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-072: Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vul...

CVEs: CVE-2026-2043

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-071: Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vul...

CVEs: CVE-2026-2042

Zero Day Initiative →

Zero Day Initiative CVE Feb 6

ZDI-26-070: Adobe ColdFusion CAR File Parsing Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe ColdFusion. Authentication is required to exploit thi...

CVEs: CVE-2025-61808

Zero Day Initiative →