Wing FTP Server 8.1.3 - Authenticated Remote Code Execution

Exploit Title: Wing FTP Server 8.1.3 - Authenticated Remote Code Execution Date: 12.05.2026 Exploit Author: Ünsal Furkan Harani Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download.htm Version: v8.1.2 Tested on: Wing FTP Server = 8.1.2, fixed in 8.1.3 CV...

People 安全漏洞

People is an open-source user and team permission management application developed by La Suite numérique. Versions of People prior to 1.25.0 contained a security vulnerability. This vulnerability allowed users with the role of email domain administrators to elevate any existing user to the owner...

Security Bulletin: Vulnerability in FreeIPA affects IBM Netezza Appliance

Summary The FreeIPA package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-7493 Vulnerability Details CVEID:CVE-2025-7493 DESCRIPTION: A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is...

RLSA-2025:17129 Important: idm:DL1 security update

Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA...

CVE-2025-40538

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On...

CVE-2025-40538

CVE-2025-40538 affects SolarWinds Serv-U; it describes a broken access control vulnerability that, if abused, enables a malicious actor with domain/admin privileges to create a system administrator account and execute arbitrary code with privileged access. Impact per sources: high/critical across...

CVE-2025-40538

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On...

PT-2026-21667

Name of the Vulnerable Software and Affected Versions Serv-U versions prior to 15.5.4 Serv-U 15.5 Description A broken access control issue exists in Serv-U, potentially allowing a malicious actor with administrative privileges to create a system administrator user and execute arbitrary code with...

Exploit for Improper Certificate Validation in Microsoft

CVE-2022-26923 – Certifried Exploit AD CS Abuse Automatisat...

ipa security update

An update is available for ipa. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Identity Management IdM is a centralized...

ROS-20251112-04

The FreeIpa server vulnerability is related to the fact that the application does not check the canonical name root@REALM, which can also be used as a realm administrator name. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges from the host level to...

FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA

A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA...

RHEL 10 : ipa (RHSA-2025:20994)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:20994 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-bas...

ALSA-2025:20928 Important: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-7493 For more details...

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

Threat actors are abusing Velociraptor, an open-source digital forensics and incident response DFIR tool, in connection with ransomware attacks likely orchestrated by Storm-2603 aka CL-CRI-1040 or Gold Salem, which is known for deploying the Warlock and LockBit ransomware. The threat actor's use ...

RLSA-2025:17084 Important: ipa security update

Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA...

RHEL 7 : ipa (RHSA-2025:17649)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:17649 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-base...

FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA

A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA...

FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA

A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA...

RLSA-2025:17085 Important: ipa security update

Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA...