PT-2026-7483

Heads up, folks: Microsoft's February 2026 Patch Tuesday is out, dropping 55 vulnerability fixes across various products. Among these is CVE-2025-59498, which Microsoft has explicitly marked as Critical. This update is significant, addressing a broad spectrum of security issues. While the specifi...

Exposure Management vs Vulnerability Management: Key Differences

Is your security program truly reducing risk, or is it just getting really good at patching? This question is at the heart of the exposure management vs vulnerability management debate. A traditional approach can tell you that a door has a weak lock, but it can't tell you if that door leads to a...

CVE-2026-25503 iccDEV Has Type Confusion in CIccTagEmbeddedHeightImage::Validate()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, type confusion allowed malformed ICC profiles to trigger undefined behavior when loading invalid icImageEncodingType values causin...

AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities

From an Anthropic blog post: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates h...

CVE-2025-67264

An OS command injection vulnerability in the com.sprd.engineermode component in Doogee Note59, Note59 Pro, and Note59 Pro+ allows a local attacker to execute arbitrary code and escalate privileges via the EngineerMode ADB shell, due to incomplete patching of CVE-2025-31710...

PT-2026-4690

In multiple locations, there is a possible way to reset user-selected permissions selections due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4683

In multiple locations, there is a possible way to reveal images across users due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

PT-2026-4694

Name of the Vulnerable Software and Affected Versions Settings.java affected versions not specified Description A logic error in the enableSystemPackageLPw function within Settings.java may prevent location access from functioning correctly. This could lead to local escalation of privilege withou...

PT-2026-4710

Name of the Vulnerable Software and Affected Versions GrapheneOS versions prior to 2026030200 Description An integer overflow in multiple functions within ubsan throwing runtime.cpp can lead to a persistent denial of service. This issue allows for remote denial of service without requiring...

AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities

Really interesting blog post from Anthropic: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. Th...

CVE-2025-67264

An OS command injection vulnerability in the com.sprd.engineermode component in Doogee Note59, Note59 Pro, and Note59 Pro+ allows a local attacker to execute arbitrary code and escalate privileges via the EngineerMode ADB shell, due to incomplete patching of CVE-2025-31710...

PT-2026-4525

Name of the Vulnerable Software and Affected Versions Doogee Note59 Doogee Note59 Pro Doogee Note59 Pro+ affected versions not specified Description A flaw exists within the com.sprd.engineermode component that could allow a local attacker to execute arbitrary code and escalate privileges. This i...

Oracle Database Server (January 2026 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle Spatial and Graph OpenJPEG component of Oracle Database Server. Supported versions that are affected are...

Azure Linux 3.0 Security Update: nodejs (CVE-2024-21896)

The version of nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21896 advisory. - The permission model protects itself against path traversal attacks by calling path.resolve on any paths giv...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21866)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21866 advisory. - In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by...

ROS-20260120-7307

A vulnerability in the powerpc/code-patching component of the Linux operating system kernel is related to the allocation of unlimited memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

KernelCare : Live Kernel Patching

KernelCare is being used to maintain the remote host's operating system kernel without requiring reboots. %NASLMINLEVEL 80900 C Tenable Network Security, Inc. include"compat.inc"; if description scriptid286277; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate",...

5 Best Secure Container Images for Modern Applications (2026)

Secure container images are now essential for modern apps. These five options help teams reduce risk, cut patching effort, and improve long-term security...

CVE-2021-33191

From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command which was designed to patch the application binary. This "patching" command defaults to calling a trusted binary, but might be modified to an arbitrary value through a "c2-update" command. Said command ...

CVE-2023-4919

The iframe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the iframe shortcode in versions up to, and including, 4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permission and above, ...