Internet-Scale Measurement of React2Shell Exploitation Using an Active Network Telescope

The increasing adoption of server-side component-based web frameworks has introduced new application-layer attack surfaces that remain insufficiently understood at Internet scale. On 3 December 2025, a critical remote code execution vulnerability CVE-2025-55182 in React Server Components, referre...

Highly Autonomous Cyber-Capable Agents: Anticipating Capabilities, Tactics, and Strategic Implications

This report introduces the concept of "Highly Autonomous Cyber-Capable Agents" HACCAs, AI systems capable of autonomously conducting multi-stage cyber campaigns at a level comparable to today's top criminal hacking groups or state-affiliated threat actors, and analyzes the security implications o...

EUVD-2026-10615

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...

EUVD-2026-10614

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...

EUVD-2026-10657

Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to disclose information locally...

CVE-2026-25186

Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to disclose information locally...

CVE-2026-24291

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...

CVE-2026-30969 Coral Server has insufficient agent authentication in session communication channels

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...

CVE-2026-25186 Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability

...

CVE-2026-25186

Technical details not publicly available in the provided documents. Monitor for updates.

CVE-2026-24291

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...

CVE-2026-24291 Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability

...

CVE-2026-24291

CVE-2026-24291 affects Windows Accessibility Infrastructure (ATBroker.exe). It is an Elevation of Privilege vulnerability with local attack vector, require low privileges and no user interaction, and it impacts confidentiality, integrity, and availability. Exploit code maturity is UNPROVEN; remed...

CVE-2026-27139 vulnerabilities

Vulnerabilities for packages: flux-image-reflector-controller-fips, gatekeeper, policy-bot, tofu-controller-fips, percona-server-mongodb-operator-fips, stern, prometheus-pushgateway, yunikorn-k8shim, wgcf, aws-ebs-csi-driver-fips, dex-k8s-authenticator, nri-jmx, flux-image-reflector-controller,...

PT-2026-24310

Name of the Vulnerable Software and Affected Versions Windows Accessibility Infrastructure ATBroker.exe affected versions not specified Description The issue concerns the insufficient protection of sensitive data within the Windows Accessibility Infrastructure ATBroker.exe. Successful exploitatio...

PT-2026-24341

Name of the Vulnerable Software and Affected Versions Coral Server versions prior to 1.1.0 Description Coral Server is an open collaboration infrastructure designed for communication, coordination, trust, and payments within The Internet of Agents. Before version 1.1.0, the software permitted the...

CVE-2026-25572

creationtimestamp| type| source ---|---|--- 2026-03-10 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0255/ 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-04...

KB5078774: Windows Server 2012 R2 Security Update (March 2026)

The remote Windows host is missing security update 5078774. It is, therefore, affected by multiple vulnerabilities - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. CVE-2026-23669 - Use after free in Windows Win32K allows an...

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-long campaign. The activity, which has targeted aviation, energy, government, law enforcement, pharmaceutical, technology, and telecommunications sectors, has been...

CVE-2026-26051

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then...