CVE-2026-26208 ADB Explorer Vulnerable to Remote Code Execution via Insecure Deserialization

ADB Explorer is a fluent UI for ADB on Windows. Prior to Beta 0.9.26020, ADB Explorer is vulnerable to Insecure Deserialization leading to Remote Code Execution. The application attempts to deserialize the App.txt settings file using Newtonsoft.Json with TypeNameHandling set to Objects. This allo...

ADB Explorer 代码问题漏洞

ADB Explorer is a ADB user interface developed by Alex B as an individual developer. Versions of ADB Explorer prior to Beta 0.9.26020 contained code-related vulnerabilities, which stemmed from insecure deserialization mechanisms, potentially allowing remote code execution...

CVE-2019-25334

Product Key Explorer 4.2.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by overflowing the registration name input field. Attackers can create a specially crafted text file with repeated characters to trigger a buffer overflow when pasted into...

CVE-2019-25334

Product Key Explorer 4.2.0.0 contains a local denial-of-service vulnerability in the registration name input field. A crafted text file with repeated characters can trigger a buffer overflow when pasted, causing the application to crash. The advisory documents this as a local exploit with a high ...

CVE-2019-25334 Product Key Explorer 4.2.0.0 - 'Name' Denial of Service

Product Key Explorer 4.2.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by overflowing the registration name input field. Attackers can create a specially crafted text file with repeated characters to trigger a buffer overflow when pasted into...

CVE-2019-25334 Product Key Explorer 4.2.0.0 - 'Name' Denial of Service

Product Key Explorer 4.2.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by overflowing the registration name input field. Attackers can create a specially crafted text file with repeated characters to trigger a buffer overflow when pasted into...

PT-2026-7933

Product Key Explorer 4.2.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by overflowing the registration name input field. Attackers can create a specially crafted text file with repeated characters to trigger a buffer overflow when pasted into...

Nsasoft Product Key Explorer 安全漏洞

Nsasoft Product Key Explorer is a product key search tool developed by the US company Nsasoft. It is used to recover and locate product keys for over 5,000 programs. Version 4.2.0.0 of Nsasoft Product Key Explorer contains a security vulnerability caused by a buffer overflow in the registration...

February 2026 Patch Tuesday includes six actively exploited zero-days

Microsoft releases important security updates on the second Tuesday of every month, known as “Patch Tuesday.” This month’s update patches fix 59 Microsoft CVE’s including six zero-days. Let’s have a quick look at these six actively exploited zero-days. Windows Shell Security Feature Bypass...

PT-2026-7658

Name of the Vulnerable Software and Affected Versions XWEB Pro versions prior to 1.12.1 MSHTML affected versions not specified Description An OS command injection issue exists in XWEB Pro, allowing a user with network access to execute code remotely by injecting malicious input into the request...

CVE-2026-21528 Azure IoT Explorer Information Disclosure Vulnerability

...

CVE-2026-21528

CVE-2026-21528 affects the Azure IoT SDK with binding to an unrestricted IP address, enabling an unauthorized attacker to disclose information over a network. The CVSS v3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) yields a base score of 6.5 (Medium). Affected component is the Azure IoT SDK; t...

February 10, 2026—KB5075897 (OS Build 25398.2149)

February 10, 2026—KB5075897 OS Build 25398.2149 This cumulative update for Windows Server, version 23H2 KB5075897, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security...

KB5075944: Cumulative security update for Internet Explorer: February 10, 2026

KB5075944: Cumulative security update for Internet Explorer: February 10, 2026 Important Certain versions of Microsoft Internet Explorer have reached the end of support. Note that some versions of Internet Explorer may be supported past the latest OS end date when Extended Security Updates ESUs a...

Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability

Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network...

CVE-2026-25880

SumatraPDF (Windows)

CVE-2026-25880 Untrusted Search Path in SumatraPDF Reader (explorer.exe on Windows)

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

CVE-2026-25880 Untrusted Search Path in SumatraPDF Reader (explorer.exe on Windows)

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

CVE-2026-25880 Untrusted Search Path in SumatraPDF Reader (explorer.exe on Windows)

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary explorer.exe located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s...

CVE-2020-37142

10-Strike Network Inventory Explorer 8.54 contains a structured exception handler buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting SEH records. Attackers can craft a malicious payload targeting the 'Computer' parameter during the 'Add' function to trigg...