Lucene search
K

1002 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/13 9:27 p.m.2 views

CVE-2026-32720

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...

7.1CVSS5.8AI score0.00262EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/13 8:58 p.m.7 views

github.com/ctfer-io/monitoring Vulnerable to Improper Access Control

Impact Due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. Patch Removing the inter-ns NetworkPolicy patches the...

7.1CVSS5.8AI score0.00262EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.8 views

PT-2026-25399

Name of the Vulnerable Software and Affected Versions CTFer.io Monitoring versions prior to 0.2.1 Description The CTFer.io Monitoring component handles the collection, processing, and storage of signals like logs, metrics, and distributed traces. A misconfigured NetworkPolicy allows a malicious...

7.1CVSS5.8AI score0.00262EPSS
Exploits0References15
The Hacker News
The Hacker News
added 2026/03/12 1:30 p.m.7 views

How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs

Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, modern campaigns rely on trusted infrastructure, legitimate-looking authentication flows, and encrypted traffic that conceals malicious behavior from traditional...

6.3AI score
Exploits0
OSV
OSV
added 2026/03/11 12:24 a.m.6 views

GHSA-FVCW-9W9R-PXC7 Flowise affected by Server-Side Request Forgery (SSRF) in HTTP Node Leading to Internal Network Access

Description: Flowise exposes an HTTP Node in AgentFlow and Chatflow that performs server-side HTTP requests using user-controlled URLs. By default, there are no restrictions on target hosts, including private/internal IP ranges RFC 1918, localhost, or cloud metadata endpoints. This enables...

7.1CVSS5.8AI score0.023EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/03/09 4:37 p.m.127 views

challenge-yourself-level-1

Attack Path Lab !GitHubhttps://img.shields.io/badge/GitHu...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added 2026/03/08 1:11 p.m.136 views

challenge-lab-ASCP

AD Attack Path Lab A complete Active Directory attack simulat...

6AI score
Exploits0
GithubExploit
GithubExploit
added 2026/03/07 11:35 a.m.137 views

denkair-lab

DenkAir - Windows AD Pentesting Lab A comprehensive Windows A...

6.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/05 1:57 a.m.8 views

CVE-2026-25146

OpenEMR is a free and open source electronic health records and medical practice management application. From 5.0.2 to before 8.0.0, there are at least two paths where the gatewayapikey secret value is rendered to the client in plaintext. These secret keys being leaked could result in arbitrary...

9.6CVSS6AI score0.00444EPSS
Exploits1References1
Microsoft Secure
Microsoft Secure
added 2026/03/03 9:11 p.m.30 views

Signed malware impersonating workplace apps deploys RMM backdoors

In February 2026, Microsoft Defender Experts identified multiple phishing campaigns attributed to an unknown threat actor. The campaigns used workplace meeting lures, PDF attachments, and abuse of legitimate binaries to deliver signed malware. Phishing emails directed users to download malicious...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/03 5:15 p.m.9 views

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control C2 framework as a precursor to data exfiltration or ransomware attack. The intrusions, identified by Huntress last month across five partner...

6.2AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/28 12:16 p.m.449 views

RedTeam-MCP

🔴 RedTeam-MCP AI-Powered Autonomous Red Team Framework vi...

6AI score
Exploits0
Packet Storm
Packet Storm
added 2026/02/25 12:0 a.m.109 views

📄 Icinga for Windows 1.13.3 Private Key Disclosure

This Metasploit module identifies and exploits insecure default ACL permissions in vulnerable versions of the Icinga for Windows PowerShell Framework. The certificate directory is created with overly permissive read access for the BUILTIN\Users group, allowing any local user to access the...

6.8CVSS5.5AI score0.00097EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/02/20 12:0 a.m.187 views

📄 Splunk Enterprise 8.2.9 / 9.0.2 Authenticated Remote Code Execution

Proof of concept exploit for CVE-2022-43571, a critical authenticated remote code execution vulnerability affecting Splunk Enterprise versions 8.2.9 and 9.0.2. The flaw resides in the SimpleXML dashboard PDF generation process, where insufficient input sanitization allows a privileged authenticat...

8.8CVSS8.8AI score0.14314EPSS
Exploits5
GithubExploit
GithubExploit
added 2026/02/17 8:43 p.m.148 views

Startup

Startup – Professional Write-up Platform: TryHackMe Tar...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.12 views

PT-2026-20303

Name of the Vulnerable Software and Affected Versions Dell RecoverPoint for Virtual Machines versions prior to 6.0.3.1 HF1 Description Dell RecoverPoint for Virtual Machines contains a critical flaw involving hardcoded Apache Tomcat Manager admin credentials. An unauthenticated remote attacker wi...

10CVSS7.5AI score0.13131EPSS
Exploits1References176
ATTACKERKB
ATTACKERKB
added 2026/02/12 3:31 p.m.4 views

CVE-2026-26216

Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API deployment. The /crawl endpoint accepts a hooks parameter containing Python code that is executed using exec. The import builtin was included in the allowed builtins, allowing unauthenticated remote...

10CVSS6.7AI score0.01589EPSS
Exploits0References4
Microsoft Secure
Microsoft Secure
added 2026/02/07 1:8 a.m.12 views

Analysis of active exploitation of SolarWinds Web Help Desk

The Microsoft Defender Research Team observed a multi‑stage intrusion where threat actors exploited internet‑exposed SolarWinds Web Help Desk WHD instances to get an initial foothold and then laterally moved towards other high-value assets within the organization. However, we have not yet confirm...

9.8CVSS9.6AI score0.8833EPSS
Exploits5
Microsoft Secure
Microsoft Secure
added 2026/02/07 1:8 a.m.10 views

Analysis of active exploitation of SolarWinds Web Help Desk

The Microsoft Defender Research Team observed a multi‑stage intrusion where threat actors exploited internet‑exposed SolarWinds Web Help Desk WHD instances to get an initial foothold and then laterally moved towards other high-value assets within the organization. However, we have not yet confirm...

9.8CVSS9.6AI score0.8833EPSS
Exploits5
CNNVD
CNNVD
added 2026/02/07 12:0 a.m.9 views

WeKan 安全漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to 8.19 contained security vulnerabilities. These vulnerabilities stemmed from the card movement logic, where users could specify target dashboards, lists, or channels without proper authorization checks, an...

7.1CVSS5.8AI score0.00222EPSS
Exploits0References4
Rows per page
Query Builder