CVE-2026-20714

Summary: CVE-2026-20714 impacts Intel QAT software drivers for Windows, prior to version 1.13, in Ring 3 (User Applications). The flaw is an out-of-bounds write that may enable privilege escalation. An unprivileged, authenticated user with low attack complexity and no user interaction could abuse...

CVE-2026-20914

The CVE-2026-20914 entry concerns Intel QAT software drivers for Windows prior to version 2.6.0. The vulnerability is a Null Pointer Dereference in Ring 3 (User Applications) that could allow a Denial of Service. Exploitation requires a local authenticated user with low complexity and no user int...

CVE-2026-20782

Buffer overflow for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

EUVD-2026-29427

Affected devices do not properly validate and sanitize Technology Object TO name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the...

Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help

Why do the Riskiest SOC Alerts Go Unanswered? Security operations teams are drowning in alerts. But the real problem isn't always alert volume; it's the blind spots. The most dangerous alerts are the ones no one is investigating. A recent report from The Hacker News examined why certain high-risk...

CVE-2026-25787

Affected devices do not properly validate and sanitize Technology Object TO name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the...

State-sponsored actors, better known as the friends you don’t want

State-sponsored actors don't break in. They log in, and they use your own tools to stay invisible for months. Responding to a state-sponsored threat is nothing like responding to ransomware, and the differences can make or break the outcome. From logging and baselines to OT segmentation and suppl...

CVE-2026-6001 IDOR in Abis Technology's BAPSİS

Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affects BAPSİS: before v.202604152042...

CVE-2026-25787

CVE-2026-25787 affects Siemens devices with a web interface where the Technology Object (TO) name on the Motion Control Diagnostics page is not properly validated/sanitized. An authenticated user who is authorized to download a TIA project could inject malicious scripts into the page, and if anot...

CVE-2026-25787

Affected devices do not properly validate and sanitize Technology Object TO name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the...

CVE-2026-25787

Affected devices do not properly validate and sanitize Technology Object TO name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the...

Intel QAT software drivers for Windows 输入验证错误漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions of Intel QAT software drivers for Windows prior to version 1.13 contain a vulnerability related to input validation. This...

Ingeteam Ingecon Sun EMS Board 加密问题漏洞

The Ingeteam Ingecon Sun EMS Board is a control and communication expansion card developed by Ingeteam for photovoltaic power generation and energy management scenarios. The Ingeteam Ingecon Sun EMS Board has encryption-related vulnerabilities. These vulnerabilities stem from insecure credential...

Intel QAT software drivers for Windows 安全漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions prior to Intel QAT software drivers for Windows 1.13 contain security vulnerabilities. These vulnerabilities stem from the...

Intel QAT software drivers for Windows 缓冲区错误漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions of Intel QAT software drivers for Windows prior to version 1.13 contain a buffer error vulnerability. This vulnerability...

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

The Canvas Hack Is a New Kind of Ransomware Debacle

Thousands of schools around the US were paralyzed on Thursday after education tech firm Instructure shut down access to its Canvas platform following a breach by hackers going by the name ShinyHunters...

OT Cybersecurity Challenges for ICS in 2026

OT Cybersecurity Challenges for ICS in 2026 OT cybersecurity has become a board-level risk because industrial control systems are no longer isolated, predictable, or invisible to attackers. In 2026, security teams protecting manufacturing plants, utilities, transportation systems, energy...

Canvas Breach Disrupts Schools & Colleges Nationwide

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service's login page with a ransom demand that threatened to...

CVE-Hunter-2026

CVE Hunter 2026 AI-assisted penetration testing tool that det...