CVE-2021-4480

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execu...

EUVD-2026-30498

Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the metasploitPostgreSQL service the subsequent postgres.exe service attempts to load an OpenSSL configuration file from a non-existent directo...

Palo Alto GlobalProtect App 6.0.x < 6.0.13 / 6.2.x < 6.2.8-h10 / 6.3.x < 6.3.3-h9 Multiple Vulnerabilities

The version of Palo Alto GlobalProtect App installed on the remote host is 6.0.x prior to 6.0.13, 6.2.x prior to 6.2.8-h10, or 6.3.x prior to 6.3.3-h9. It is, therefore, affected by multiple vulnerabilities: - A buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that...

PT-2026-40971

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.81.0 Description A flaw in the software installer pipeline allows a crafted software package to execute arbitrary commands as root on macOS and Linux, or as SYSTEM on Windows, when an uninstall is triggered. When...

CVE-2026-0246

A vulnerability with a privilege management mechanism in the Palo Alto Networks Prisma Access Agent® enables a locally authenticated non-administrative user to escalate their privileges to root on macOS and Linux or NT AUTHORITY\SYSTEM on Windows. This allows the user to execute arbitrary code an...

CVE-2026-0251

Multiple local privilege escalation vulnerabilities in the Palo Alto Networks GlobalProtect™ app allow a local user to escalate their privileges to NT AUTHORITY\SYSTEM on Windows and root on macOS and Linux. This enables a non-administrative user to execute arbitrary commands with administrative...

PT-2026-40752

Name of the Vulnerable Software and Affected Versions Palo Alto Networks GlobalProtect app affected versions not specified Description Multiple local privilege escalation issues in the GlobalProtect app allow a local user to elevate their privileges to NT AUTHORITYSYSTEM on Windows and root on...

CVE-2026-35603

Claude Code is an agentic coding tool. In versions prior to 2.1.75 on Windows, Claude Code loaded the system-wide default configuration from C:\ProgramData\ClaudeCode\managed-settings.json without validating directory ownership or access permissions. Because the ProgramData directory is writable ...

CVE-2026-5131

GREENmod uses named pipes for communication between plugins, the web portal, and the system service, but the access control lists for these pipes are configured incorrectly. This allows an attacker to communicate with the stream and upload any XML or JSON file, which will be processed by the name...

CVE-2026-5131

GREENmod uses named pipes for communication between plugins, the web portal, and the system service, with ACLs configured incorrectly. This can allow an attacker to communicate with the stream and upload XML or JSON files, which are processed by the named pipe under the service user’s privileges,...

EUVD-2026-22617

Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network...

CVE-2026-32223 Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability

...

HTTPS Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/https/x86/patchupdllinject/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid set ACTION msf...

EUVD-2026-16758

Fleet is open source device management software. Prior to 4.81.1, a command injection vulnerability in Fleet's software installer pipeline allows an attacker to achieve arbitrary code execution as root macOS/Linux or SYSTEM Windows on managed hosts when an uninstall is triggered for a crafted...

CVE-2026-25166

Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally...

📄 FreeFloat FTP Server 1.0 Buffer Overflow

Proof of concept exploit for a buffer overflow vulnerability in FreeFloat FTP Server version 1.0. The exploit works by sending an overly long payload through the NOOP FTP command, which overflows the server's buffer and allows control of the EIP Extended Instruction Pointer...

EUVD-2026-10629

Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally...

CVE-2026-25166 Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability

...

CVE-2026-25166 Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability

...

QSpy: A Quantum RAT for Circuit Spying and IP Theft

As quantum computing platforms increasingly adopt cloud-based execution, users submit quantum circuits to remote compilers and backends, trusting that what they submit is exactly what will be run. This shift introduces new trust assumptions in the submission pipeline, which remain largely...