CVE-2026-26359

creationtimestamp| type| source ---|---|--- 2026-02-19 10:46:36+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116096892599000054 2026-02-19 16:04:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf7xvdlwrq2c...

Linux Distros Unpatched Vulnerability : CVE-2022-26359

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IOMMU: RMRR VT-d and unity map AMD-Vi handling issues This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...

CVE-2022-26359

IOMMU: RMRR VT-d and unity map AMD-Vi handling issues This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region...

CVE-2025-26359

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to reset user PINs via crafted HTTP requests...

CVE-2025-26359

creationtimestamp| type| source ---|---|--- 2025-02-12 14:48:35+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113991464714723567 2025-02-12 15:05:55+00:00| seen| https://infosec.exchange/users/cve/statuses/113991532844438878 2025-02-12 15:09:32+00:00| seen|...

CVE-2025-26359

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to reset user PINs via crafted HTTP requests...

CVE-2025-26359

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to reset user PINs via crafted HTTP requests...

Adobe ColdFusion vulnerability exploited in the wild

The Cybersecurity and Infrastructure Security Agency CISA has added a critical Adobe ColdFusion vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that Federal Civilian Executive Branch FCEB agencies need to remediate this...

Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a critical security flaw in Adobe ColdFusion to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability, cataloged as CVE-2023-26359 CVSS score: 9.8, relates to a...

VulnCheck KEV: CVE-2023-26359

Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could result in code execution in the context of the current user...

CVE-2023-26359

Adobe ColdFusion versions 2018 Update 15 and earlier and 2021 Update 5 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

CVE-2023-26359 Adobe ColdFusion Deserialization of Untrusted Data Arbitrary code execution

Adobe ColdFusion versions 2018 Update 15 and earlier and 2021 Update 5 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

CVE-2023-26359

creationtimestamp| type| source ---|---|--- 2023-03-15 07:54:44+00:00| exploited| https://t.me/kasperskyb2b/516 2023-03-23 23:36:57+00:00| seen| https://t.me/cibsecurity/60620 2023-04-04 06:27:25+00:00| published-proof-of-concept| https://t.me/ptswarm/169 2023-04-04 15:51:44+00:00| seen|...

CVE-2023-26359

Adobe ColdFusion versions 2018 Update 15 and earlier and 2021 Update 5 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Rece...

SUSE: Security Advisory (SUSE-SU-2022:2158-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for xen (SUSE-SU-2022:2065-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2022:2065-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2065-1 advisory. - IOMMU: RMRR VT-d and unity map AMD-Vi handling issues This CNA information record relates to multiple CVEs;...

openSUSE: Security Advisory for xen (SUSE-SU-2022:1506-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2022:1506-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1506-1 advisory. - Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode...

SUSE: Security Advisory (SUSE-SU-2022:1505-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...