Indicators of Compromise

Zero Day Initiative 📡 RSS Mar 17

ZDI-26-216: (Pwn2Own) QNAP TS-453E smbd domain_name Argument Injection Authentication Bypass Vulnerability

CVEs: CVE-2025-62847

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-215: KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

CVEs: CVE-2026-4158

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-214: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2026-2049

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-213: GIMP LBM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2026-2046

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-212: Schneider Electric EcoStruxure Data Center Expert Hard-coded Password Remote Code Execution Vulnerability

CVEs: CVE-2025-13957

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-211: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2026-1361

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-210: (Pwn2Own) Samsung Galaxy S25 Samsung Members Security Feature Bypass Vulnerability

CVEs: CVE-2025-21079

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-209: (Pwn2Own) Samsung Galaxy S25 Samsung Members Open Redirect Security Bypass Vulnerability

CVEs: CVE-2025-21079

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-208: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Integer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2025-14237

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-207: (Pwn2Own) Canon imageCLASS MF654Cdw dtdc_addr_importSub Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2025-14236

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-206: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2025-14235

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-205: (Pwn2Own) Canon imageCLASS MF654Cdw PJCC Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2025-14234

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-204: (Pwn2Own) Canon imageCLASS MF654Cdw XPS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2025-14232

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-203: (Pwn2Own) Canon imageCLASS MF654Cdw XML SOAP Request Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2025-14231

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-202: (Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin query_original_file_size SQL Injection Remote Code Execution Vulnerability

CVEs: CVE-2025-59389

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-201: (Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin Hard-Coded Credentials Authentication Bypass Vulnerability

CVEs: CVE-2025-59388

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-200: (Pwn2Own) QNAP TS-453E nvrlog_event_add msg SQL Injection Remote Code Execution Vulnerability

CVEs: CVE-2025-62849

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-199: (Pwn2Own) QNAP TS-453E conn_log_tool Format String Remote Code Execution Vulnerability

CVEs: CVE-2025-62848

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-198: (Pwn2Own) QNAP TS-453E malware_remover Code Injection Remote Code Execution Vulnerability

CVEs: CVE-2025-11837

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 16

ZDI-26-197: (Pwn2Own) ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability

CVEs: CVE-2026-4157

Zero Day Initiative →