Exploit for Out-of-bounds Write in Microsoft

CVE-2016-0189 Proof-of-Concept exploit for CVE-2016-0189 VBSc...

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2026-21643 CVSS score: 9.1 - An SQL injection...

Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability

Microsoft Visual Basic for Applications VBA contains an insecure library loading vulnerability that could allow for remote code execution...

WhatsApp malware campaign delivers VBScript and MSI backdoors

In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. Hunting queries 4. Indicators of compromise Microsoft Defender Experts observed a campaign beginning in late February 2026 that uses WhatsApp messages to deliver malicious Visual Basic Script VBS files. Once execute...

Microsoft Windows Malicious Script File Generator

This PHP script generates a malicious .WSF Windows Script File containing both VBScript and JScript payload blocks. The payload runs arbitrary system commands through WScript.Shell...

Multiple Cisco Products Snort 3 Visual Basic for Applications DoS Vulnerabilities (cisco-sa-ftd-snort3-vbavuls-96UcVVed_CVE-2026-20053_CVE-2026-20054_CVE-2026-20057)

According to its self-reported version, Cisco ASA Software is affected by multiple vulnerabilities. - Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This...

EUVD-2026-9460

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper error checking when decompressing VBA data. An attacker could exploit this...

CVE-2026-20058 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability

Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...

CVE-2026-20058 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability

Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...

CVE-2026-20058

CVE-2026-20058 affects Cisco products featuring the Snort 3 VBA capability. The issue stems from improper error checking when decompressing VBA data in the Snort 3 Detection Engine, which could allow an unauthenticated, remote attacker to send crafted VBA data over the network and cause the Detec...

CVE-2026-20057

CVE-2026-20057 affects multiple Cisco products via the Snort 3 VBA feature. The issue stems from lack of proper error checking when decompressing VBA data, enabling an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash and restart, resulting in a DoS (availability imp...

CVE-2026-20057

Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...

CVE-2026-20057 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...

CVE-2026-20054 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Infinite Loop Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper error checking when decompressing VBA data. An attacker could exploit this...

CVE-2026-20054

Cisco CVE-2026-20054 affects Snort 3 VBA feature. The vulnerability stems from improper error checking when decompressing VBA data, allowing an unauthenticated attacker to send crafted VBA to the Snort 3 Detection Engine and force an infinite loop, resulting in DoS. CVSS‑3.1 metrics: AV:N/AC:L/PR...

CVE-2026-20053 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Heap Overflow Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper range checking when decompressing VBA data, which is user controlled. An...

CVE-2026-20053

Cisco CVE-2026-20053 affects multiple Cisco products via Snort 3 Visual Basic for Applications (VBA) Decompression Engine. The vulnerability stems from improper range checking when decompressing VBA data, which is user-controlled, enabling an unauthenticated, remote attacker to cause the Snort 3 ...

Multiple Cisco Products Snort 3 Visual Basic for Applications Denial of Service Vulnerabilities

Multiple Cisco products are affected by vulnerabilities in the Snort 3 Visual Basic for Applications VBA Decompression Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service DoS condition. For mor...

PT-2026-23020

Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications VBA feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to lack of proper error checking when decompressing VBA...

CVE-2026-28338

PMD is an extensible multilanguage static code analyzer. Prior to version 7.22.0, PMD's vbhtml and yahtml report formats insert rule violation messages into HTML output without escaping. When PMD analyzes untrusted source code containing crafted string literals, the generated HTML report contains...