Linux Distros Unpatched Vulnerability : CVE-2026-8547

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer...

CVE-2026-41288

WatchGuard Agent on Windows is affected by an improper permission assignment in the patch management component, allowing an authenticated local user to escalate to NT AUTHORITY\SYSTEM. The CVE entry notes a local-privilege-escalation impact with high confidentiality, integrity, and availability i...

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released

Google on Thursday released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said has been exploited in the wild. The high-severity vulnerability, CVE-2026-5281 CVSS score: N/A, concerns a use-after-free bug in Dawn, an open-source and...

PT-2026-28215

Hi guys! Recently I got this email from [email protected]. I read through the email and spotted a few grammatical errors, as well as a share.google link, which I thought was unusual for Microsoft to do. Even though it was fully delivered and signed by GitHub.com, I realised that what the...

EUVD-2026-8718

This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash...

CVE-2021-41065

An issue was discovered in Listary through 6. An attacker can create a \\.\pipe\Listary.listaryService named pipe and wait for a privileged user to open a session on the Listary installed host. Listary will automatically access the named pipe and the attacker will be able to duplicate the...

CVE-2025-42701

A race condition exists in the Falcon sensor for Windows that could allow an attacker, with the prior ability to execute code on a host, to delete arbitrary files. CrowdStrike released a security fix for this issue in Falcon sensor for Windows versions 7.24 and above and all Long Term Visibility...

EUVD-2020-24093

Malware in sbrugna...

WinRAR vulnerability exploited by two different groups

On July 30, 2025, WinRAR released a new version 7.13 Final to patch a vulnerability which was used in two separate malware campaigns. WinRAR is a popular file archiving and data compression tool that allows users to compress files into smaller archives, like RAR and ZIP, and can also unpack vario...

CVE-2025-32780 BleachBit for Windows Has DLL Untrusted Path Vulnerability

BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.6.2 is vulnerable to a DLL Hijacking vulnerability. By placing a malicious DLL with the name uuid.dll in the folder C:\Users\AppData\Local\Microsoft\WindowsApps, an attacker can execute...

Raspberry Robin Malware Upgrades with Discord Spread and New Exploits

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that "Raspberry Robin has access to an exploit seller or its authors develop the...

Nutanix power actions failure after the windows patches on Cloud Connector

Following a Windows patch to Cloud Connectors, power actions, and autoscale actions are failing to Nutanix-hosted VDAs. You can see failures relating to the Citrix Remote Broker Provider service, and the Nutanix PlugIn on the Cloud Connectors event logs, XaXdProxy crash linked to the broker...

PT-2023-1046 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: The issue is related to the implementation of the Layer 2 Tunneling Protocol L2TP in Microsoft Windows, specifically involving the use of memory after it has been freed. This can be...

Exploit for CVE-2021-1675

PrintNightmare Here is a project that will help to fight agai...

Startup issues for both IBM Sterling B2B Integrator and IBM Sterling File Gateway caused by Microsoft® Windows Patch KB2992611 for Microsoft® Security Bulletin MS14-066

Abstract Applying Windows Patch KB2992611 for Microsoft® Security Bulletin MS14-066 could prevent startup of both IBM Sterling B2B Integrator and IBM Sterling File Gateway. Content IBM Support has received several production down calls from IBM Sterling B2B Integrator and IBM Sterling File Gatewa...

SandboxEscaper Debuts ByeBear Windows Patch Bypass

Guerrilla developer SandboxEscaper has disclosed a second bypass exploit for a patch that fixes a Windows local privilege-escalation LPE flaw — again without notifying Microsoft. The exploit, dubbed “ByeBear,” enables attackers to get past the patch to attack a permissions-overwrite,...

Windows Zero-Day Emerges in Active Exploits

A just-patched vulnerability in the Windows operating system that was previously unknown up until last week is being actively exploited in the wild; it opens the door for full system takeover. Discovered by Vasily Berdnikov and Boris Larin of Kaspersky Lab on St. Patrick’s Day this year, the flaw...

Dräger Infinity Delta

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low skill level to exploit Vendor: Dräger Equipment: Infinity Delta Vulnerabilities: Improper Input Validation, Information Exposure Through Log Files, Improper Privilege Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

63 New Flaws (Including 0-Days) Windows Users Need to Patch Now

It's Patch Tuesday once again…time for another round of security updates for the Windows operating system and other Microsoft products. This month Windows users and system administrators need to immediately take care of a total of 63 security vulnerabilities, of which 12 are rated critical, 49...

Adobe Releases Critical Security Updates for Acrobat, Reader and Photoshop CC

Adobe has just released new versions of its Acrobat DC, Reader and Photoshop CC for Windows and macOS users that patch 48 vulnerabilities in its software. A total of 47 vulnerabilities affect Adobe Acrobat and Reader applications, and one critical remote code execution flaw has been patched in...