Indicators of Compromise

Zero Day Initiative 📡 RSS Mar 6

ZDI-26-156: (Pwn2Own) Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability

CVEs: CVE-2026-3558

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 6

ZDI-26-155: (Pwn2Own) Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2026-3557

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 6

ZDI-26-154: (Pwn2Own) Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2026-3556

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 6

ZDI-26-153: (Pwn2Own) Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability

CVEs: CVE-2026-3555

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 6

ZDI-26-152: Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

CVEs: CVE-2025-15558

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 6

ZDI-26-151: Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2026-3094

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-150: Docker Desktop for Mac Docker Model Runner Exposed Dangerous Function Denial-of-Service Vulnerability

CVEs: CVE-2026-28400

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-149: Trend Micro Cleaner One Pro Link Following Denial-of-Service Vulnerability

CVEs: CVE-2025-71218

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-148: Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability

CVEs: CVE-2025-71209

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-147: Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability

CVEs: CVE-2025-71208

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-146: Trend Micro Apex Central Manual Update Server-Side Request Forgery Vulnerability

CVEs: CVE-2025-71207

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-145: Trend Micro Apex Central Scheduled Update Server-Side Request Forgery Vulnerability

CVEs: CVE-2025-71206

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-144: Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability

CVEs: CVE-2025-71205

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-143: Trend Micro Apex One Security Agent TmSelfProtect Origin Validation Error Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71217

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-142: Trend Micro Apex One Security Agent Cache Mechanism Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71216

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-141: Trend Micro Apex One Security Agent iCore Service Signature Verification Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71215

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-140: Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71213

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-139: Trend Micro Apex One Security Agent iCore Service Origin Validation Error Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71214

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-138: Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability

CVEs: CVE-2025-71212

Zero Day Initiative →

Zero Day Initiative 📡 RSS Mar 3

ZDI-26-137: Trend Micro Apex One Console Directory Traversal Remote Code Execution Vulnerability

CVEs: CVE-2025-71211

Zero Day Initiative →