EUVD-2026-37773

Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and earlier, StaticFiles on Windows is vulnerable to SSRF. An UNC path such as \attacker.com\share can cause os.path.realpath to initiate an outbound SMB connection before the path is rejected, exposing the service account’s...

CVE-2026-33682 Streamlit on Windows has Unauthenticated SSRF Vulnerability (NTLM Credential Exposure)

Streamlit is a data oriented application development framework for python. Streamlit Open Source versions prior to 1.54.0 running on Windows hosts have an unauthenticated Server-Side Request Forgery SSRF vulnerability. The vulnerability arises from improper validation of attacker-supplied...

EUVD-2005-0148

Malware in sbrugna...

EUVD-2010-1441

Malware in sbrugna...

EUVD-2010-1411

Malware in sbrugna...

EUVD-2009-3954

Malware in sbrugna...

EUVD-2021-30900

Malicious code in bioql PyPI...

EUVD-2022-33624

Malicious code in bioql PyPI...

EUVD-2023-29647

Malicious code in bioql PyPI...

(0Day) Microsoft Exchange PowerShell Exposed Dangerous Method NTLM Relay Vulnerability

This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PowerShell backend. The issue results from an exposed dangerous method. An attacker c...

(0Day) Microsoft Windows Theme File Parsing Improper Input Validation NTLM Relay Vulnerability

This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

(0Day) Microsoft Windows MonikerLink Information Disclosure Vulnerability

This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

(0Day) Microsoft Edge PDF NTLM Response Information Disclosure Vulnerability

This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of lin...

CVE-2022-29281

Notable before 1.9.0-beta.8 doesn't effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share could lead to execution of an arbitrary program or theft of NTLM credentials via an SMB relay attack,...

CVE-2010-1383

CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue...

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation in the wild. The vulnerability, assigned the CVE identifier...

Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability

This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Mintty. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of printed...

PT-2024-40608 · Poco · Poco

Name of the Vulnerable Software and Affected Versions: Poco affected versions not specified Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the Poco::Net::NTLMCredentials::parseChallengeMessage function, which is called by...

Microsoft SQL Server NTLM Stealer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server NTLM Stealer', 'Description' = %q This module can be used to help capture or relay the LM/NTLM credentials of the account...

Largest Patch Tuesday in 3 months includes 5 critical vulnerabilities

Microsoft released its monthly security update on Tuesday, disclosing 142 vulnerabilities across its suite of products and software. Of those, there are five critical vulnerabilities, and every other security issue disclosed this month is considered "important." This is the largest Patch Tuesday...