39 matches found
Microsoft and Adobe Patch Tuesday, February 2026 Security Update Review
Microsoft's February 2026 Patch Tuesday focuses on closing security gaps that attackers could exploit, reinforcing the importance of timely patching in enterprise environments. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for February 2026 This month's release...
PT-2026-7353
Name of the Vulnerable Software and Affected Versions Windows NTLM affected versions not specified Description A flaw exists in Windows NTLM that permits external control of file names or paths, potentially enabling a local attacker to perform spoofing. This issue allows attackers to affect the...
CVE-2026-20925
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-59284
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally...
CVE-2025-59284 Windows NTLM Spoofing Vulnerability
...
EUVD-2025-2286
Malicious code in bioql PyPI...
CVE-2025-54918 Windows NTLM Elevation of Privilege Vulnerability
...
CVE-2025-54918
CVE-2025-54918 describes an improper authentication flaw in Windows NTLM that enables a network-authenticated attacker to elevate privileges. The CVSS v3.1 base score is 8.8 (HIGH) with network access, low attack complexity, and privileges required. A PoC exploit exists on GitHub (CVE-2025-54918-...
VulnCheck KEV: CVE-2025-24054
Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-24996
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-24054
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-24996
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-24054
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-24054
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-24054
CVE-2025-24054 is a Windows NTLM vulnerability allowing an attacker to induce NTLMv2-SSP hash disclosure by leveraging explorer.exe to fetch remote SMB resources via crafted file types (notably .library-ms and .lnk/.library-ms payloads). Public PoCs and exploits demonstrate creating malicious .li...
CVE-2025-24054
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
PT-2025-10839 · Microsoft · Windows Ntlm +1
Name of the Vulnerable Software and Affected Versions: Windows NTLM affected versions not specified Description: The issue allows an unauthorized attacker to perform spoofing over a network due to external control of file name or path in Windows NTLM. Recommendations: At the moment, there is no...
CVE-2025-21311
Windows NTLM V1 Elevation of Privilege Vulnerability...
CVE-2025-21217
Windows NTLM Spoofing Vulnerability...
CVE-2025-21311 Windows NTLM V1 Elevation of Privilege Vulnerability
...