PT-2026-32798

CVE-2026-32072 Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally. https://t.co/LqmmLGYoRL...

PT-2026-32730

Name of the Vulnerable Software and Affected Versions Microsoft Power Apps affected versions not specified Description Improper neutralization of escape, meta, or control sequences allows an authorized attacker to bypass a security feature over a network. Recommendations At the moment, there is n...

Docmost 跨站脚本漏洞

Docmost is an open-source collaborative wiki and documentation software developed by Docmost. Versions of Docmost prior to 0.70.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of MIME type deception, which could lead to storage-based cross-site...

PT-2026-32772

🪟 CVE-2026-27910 reminds us: Windows Installer metadata is basically a neon sign for attackers. Great—patch time, again. Enterprise risk never really “goes away,” does it? https://t.co/VVCvsxvJkF ElevationOfPrivilege PrivilegeEscalation WindowsInstaller MsrcSecurityUpdates https://t.co/vnE4IWgHgA...

PT-2026-32866

Name of the Vulnerable Software and Affected Versions Windows USB Print Driver versions prior to April 2026 Description A heap-based buffer overflow in the Windows USB Printing Stack usbprint.sys allows an unauthorized attacker to elevate privileges. This issue can be exploited through a physical...

jq 安全漏洞

jq is a lightweight and flexible command-line JSON processor developed by jqlang. There is a security vulnerability in jq, which stems from the CLI input parsing mechanism allowing bypasses through the embedding of the NUL byte, potentially leading to parser-side attacks...

PT-2026-32748

Name of the Vulnerable Software and Affected Versions System.Security.Cryptography.Xml versions 10.0.0 through 10.0.5 System.Security.Cryptography.Xml versions 9.0.0 through 9.0.14 System.Security.Cryptography.Xml versions 8.0.0 through 8.0.2 Description Uncontrolled resource consumption in the...

UBUNTU-CVE-2026-33116

Loop with unreachable exit condition 'infinite loop' in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network...

PT-2026-32778

CVE-2026-27916 Use after free in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally. https://t.co/58w4XiQTfi...

PT-2026-32883

Name of the Vulnerable Software and Affected Versions Microsoft Windows 10 Version 1607 versions 10.0.14393.0 through 10.0.14393.9059 Description A double free issue exists in the Windows IKE Extension. This flaw allows an unauthorized remote attacker to trigger memory corruption in the IKE servi...

PT-2026-32886

Name of the Vulnerable Software and Affected Versions Microsoft Windows 10 versions 10.0.14393.0 through 10.0.14393.9059 Microsoft Windows 10 affected versions not specified Microsoft Windows 11 affected versions not specified Microsoft Windows Server 2019 affected versions not specified Microsof...

PT-2026-32840

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description Improper privilege management in the Telemetry Service allows an authorized attacker to cause a local denial of service, which affects the system. Recommendations At the moment, the...

Microsoft Windows Shell 安全漏洞

The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft.The easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. A spoofing vulnerability exists in...

PT-2026-32827

Name of the Vulnerable Software and Affected Versions Microsoft Remote Desktop client for Windows Desktop versions 1.2.0.0 through 2.0.1069.0 Description A use-after-free issue in the Microsoft Remote Desktop client for Windows Desktop allows an unauthorized attacker to achieve remote code...

PT-2026-32853

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Server Subscription Edition affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description Improper input...

PT-2026-32666

An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5 all versions, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR...

Microsoft Windows Remote Desktop Services 安全漏洞

Microsoft Windows Remote Desktop Services is a set of features provided by Microsoft that allow users to access graphical desktops and Windows applications remotely. There are security vulnerabilities in Microsoft Windows Remote Desktop Services. Attackers can exploit these vulnerabilities to car...

PT-2026-32779

Name of the Vulnerable Software and Affected Versions Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys affected versions not specified Description A use after free issue in the Windows WFP NDIS Lightweight Filter Driver wfplwfs.sys allows an authorized attacker to elevate privileges locally...

PT-2026-32871

Name of the Vulnerable Software and Affected Versions Windows HTTP.sys affected versions not specified Description An out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to cause a denial of service over a network. Recommendations At the moment, there is no information about a...

PT-2026-32691

A improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox PaaS 5.0.0 through 5.0.5, FortiSandbox PaaS 4.4.0 through 4.4.8,...