24h | 7d | 30d

CVE-2026-29000

Overview

  • pac4j
  • pac4j-jwt
04 Mar 2026
Published
05 Mar 2026
Updated
CVSS v4.0
CRITICAL (10.0)
EPSS
0.24%
KEV

Description

pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT with arbitrary subject and role claims, bypassing signature verification to authenticate as any user including administrators.

Statistics

  • 6 Posts
  • 8 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
Chris Merkel 🐀👨🏼‍🍳 @chrismerkel

Every day is like a loot box drop in software supply chain security

app.opencve.io/cve/CVE-2026-29

  • 0
  • 2
  • 0
  • 7h ago
Profile picture fallback
Offensive Sequence @offseq

🚨 CRITICAL: pac4j-jwt (pre-4.5.9/5.7.9/6.3.3) vulnerable to auth bypass (CVE-2026-29000). Attackers w/ RSA public key can forge JWTs, impersonate any user. Patch now & audit JWT usage! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 17h ago
Profile picture fallback
ekiledjian @edwardk

A critical authentication bypass vulnerability (CVE-2026-29000) in the pac4j-jwt Java library allows attackers to impersonate any user by forging unsigned JSON Web Tokens (JWTs) using only the server's public RSA key. This flaw bypasses signature verification, and patches are available for versions 4.x, 5.x, and 6.x.
gbhackers.com/critical-pac4j-j

  • 0
  • 0
  • 0
  • 8h ago

Bluesky

Profile picture fallback
Best of r/cybersecurity @cybersecurity.page
A new CVSS 10.0 vulnerability, CVE-2026-29000, allows attackers to impersonate users with just the server's public key. Other notable CVSS 10.0 vulnerabilities include Log4Shell, EternalBlue, Heartbleed, and BlueKeep. What are other notable vulnerabilities, and which had the most impact?
  • 1
  • 4
  • 0
  • 7h ago
Profile picture fallback
CyberHub @cyberhub.blog
📌 Notable CVSS 10.0 Vulnerabilities Highlighted, Including Newly Disclosed CVE-2026-29000 https://www.cyberhub.blog/article/20804-notable-cvss-100-vulnerabilities-highlighted-including-newly-disclosed-cve-2026-29000
  • 0
  • 1
  • 0
  • 6h ago
Profile picture fallback
Il Software @mm-ilsoftware-bot.bsky.social
JWT Java a rischio: la falla in pac4j-jwt permette di diventare admin con un solo token La vulnerabilità CVE-2026-29000 in pac4j-jwt consente di aggirare l’autenticaz... https://www.ilsoftware.it/vulnerabilita-applicazioni-jwt-java-libreria-pac4j-jwt/
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-20079

Overview

  • Cisco
  • Cisco Secure Firewall Management Center (FMC)
04 Mar 2026
Published
05 Mar 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.18%
KEV

Description

A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.

Statistics

  • 6 Posts
  • 4 Interactions
Last activity: 6 hours ago

Fediverse

Profile picture fallback
ekiledjian @edwardk

A critical Cisco Secure Firewall Management Vulnerability (CVE-2026-20079) allows unauthenticated attackers to bypass authentication and gain root access by sending crafted HTTP requests. Immediate upgrades to fixed software versions are recommended as no workarounds are available.
cybersecuritynews.com/cisco-se

  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
jbz @jbz

💥 Cisco warns of max severity Secure FMC flaws giving root access

「 Both vulnerabilities can be exploited remotely by unauthenticated attackers: the authentication bypass flaw (CVE-2026-20079) allows attackers to gain root access to the underlying operating system, while the remote code execution (RCE) vulnerability (CVE-2026-20131) lets them execute arbitrary Java code as root on unpatched devices 」

#cisco #rce #cybersecurity
bleepingcomputer.com/news/secu

  • 1
  • 1
  • 0
  • 21h ago
Profile picture fallback
The IT Nerd @The_IT_Nerd

Abstract’s ASTRO research team just released blog about critical CISCO vulnerabilities: CVE-2026-20079 and CVE-2026-20131

itnerd.blog/2026/03/04/abstrac

  • 0
  • 0
  • 0
  • 23h ago

Bluesky

Profile picture fallback
二本松哲也 @nihonmatsu.bsky.social
【注意喚起】Cisco FMC 認証バイパス(CVSS 10.0) Cisco Secure Firewall Management Center に認証バイパス → root権限取得可能な重大脆弱性が公開。 CVE-2026-20079 CVSS: 10.0 (Critical) 攻撃者は未認証で細工したHTTPリクエストを送信することでスクリプト実行 → OSのroot権限取得が可能。 Cisco Advisory sec.cloudapps.cisco.com/security/cen...
  • 0
  • 0
  • 0
  • 6h ago
Profile picture fallback
The IT Nerd @theitnerd.ca
Abstract’s ASTRO research team just released blog about critical CISCO vulnerabilities: CVE-2026-20079 and CVE-2026-20131 Abstract's ASTRO research team has just published a blog entitled: Critical Cisco Vulnerabilities: CVE-2026-20079 and CVE-2026-20131 Affecting Cisco Secure Firewall Management…
  • 0
  • 1
  • 0
  • 23h ago
Profile picture fallback
ohhara @shiojiri.com
Cisco Secure FMCにCVSS 10の重大な脆弱性:CVE-2026-20079、CVE-2026-20131 | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/44345/
  • 0
  • 1
  • 0
  • 13h ago

CVE-2026-20127

Overview

  • Cisco
  • Cisco Catalyst SD-WAN Manager
25 Feb 2026
Published
26 Feb 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
2.60%
KEV

Description

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. 

Statistics

  • 3 Posts
  • 2 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
Cyclone @cyclone

Cisco Catalyst SD-WAN CVSS 10.0 zero-day (CVE-2026-20127) has been actively exploited, with attackers gaining admin access.

Full technical breakdown: forum.hashpwn.net/post/10802

  • 2
  • 0
  • 0
  • 1h ago

Bluesky

Profile picture fallback
piggo @pigondrugs.bsky.social
~Cybergcca~ Active exploitation of CVE-2026-20127 in Cisco Catalyst SD-WAN allows remote attackers to bypass authentication and gain admin privileges. - IOCs: CVE-2026-20127 - #CVE202620127 #Cisco #ThreatIntel
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
Lorenzo Ordóñez @lordman1982.bsky.social
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access thehackernews.com/2026/02/cisc...
  • 0
  • 0
  • 0
  • 9h ago

CVE-2026-22719

Overview

  • VMware
  • Aria Operations
  • vmware-aria-operations
25 Feb 2026
Published
04 Mar 2026
Updated
CVSS v3.1
HIGH (8.1)
EPSS
7.35%
KEV

Description

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress.  To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001  Workarounds for CVE-2026-22719 are documented in the 'Workarounds' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001

Statistics

  • 3 Posts
  • 5 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture fallback
jbz @jbz

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks.

bleepingcomputer.com/news/secu

#cybersecurity

  • 3
  • 2
  • 0
  • 17h ago

Bluesky

Profile picture fallback
キタきつね @kitafox.bsky.social
CISA、VMware Aria Operations の脆弱性 CVE-2026-22719 を KEV カタログに追加 CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog #HackerNews (Mar 4) thehackernews.com/2026/03/cisa...
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
ohhara @shiojiri.com
CVE-2026-21385 Qualcomm Multiple Chipsets Memory Corruption Vulnerability CVE-2026-22719 Broadcom VMware Aria Operations Command Injection Vulnerability
  • 0
  • 0
  • 0
  • 14h ago

CVE-2026-28289

Overview

  • freescout-help-desk
  • freescout
03 Mar 2026
Published
04 Mar 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.04%
KEV

Description

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. A patch bypass vulnerability for CVE-2026-27636 in FreeScout 1.8.206 and earlier allows any authenticated user with file upload permissions to achieve Remote Code Execution (RCE) on the server by uploading a malicious .htaccess file using a zero-width space character prefix to bypass the security check. The vulnerability exists in the sanitizeUploadedFileName() function in app/Http/Helper.php. The function contains a Time-of-Check to Time-of-Use (TOCTOU) flaw where the dot-prefix check occurs before sanitization removes invisible characters. This vulnerability is fixed in 1.8.207.

Statistics

  • 3 Posts
  • 2 Interactions
Last activity: 3 hours ago

Fediverse

Profile picture fallback
ekiledjian @edwardk

A critical vulnerability (CVE-2026-28289) in the open-source help desk platform FreeScout allows unauthenticated, zero-click Remote Code Execution (RCE) via a specially crafted email. This vulnerability bypasses previous security patches by exploiting a Zero-Width Space character to upload malicious .htaccess files, potentially leading to system takeover and data exfiltration.
helpnetsecurity.com/2026/03/05

  • 0
  • 0
  • 0
  • 8h ago

Bluesky

Profile picture fallback
Help Net Security @helpnetsecurity.com
FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289) 📖 Read more: www.helpnetsecurity.com/2026/03/05/f... #cybersecurity #cybersecuritynews #opensource #securityupdate #PoC #CVE
  • 0
  • 2
  • 0
  • 9h ago
Profile picture fallback
CyberHub @cyberhub.blog
📌 CVE-2026-28289 - FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. A patch bypass vulnerability for CVE-2026-27636 in FreeScout 1.8.20... https://www.cyberhub.blog/cves/CVE-2026-28289
  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-20131

Overview

  • Cisco
  • Cisco Secure Firewall Management Center (FMC)
04 Mar 2026
Published
05 Mar 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.44%
KEV

Description

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root. Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced.

Statistics

  • 4 Posts
  • 4 Interactions
Last activity: 13 hours ago

Fediverse

Profile picture fallback
jbz @jbz

💥 Cisco warns of max severity Secure FMC flaws giving root access

「 Both vulnerabilities can be exploited remotely by unauthenticated attackers: the authentication bypass flaw (CVE-2026-20079) allows attackers to gain root access to the underlying operating system, while the remote code execution (RCE) vulnerability (CVE-2026-20131) lets them execute arbitrary Java code as root on unpatched devices 」

#cisco #rce #cybersecurity
bleepingcomputer.com/news/secu

  • 1
  • 1
  • 0
  • 21h ago
Profile picture fallback
The IT Nerd @The_IT_Nerd

Abstract’s ASTRO research team just released blog about critical CISCO vulnerabilities: CVE-2026-20079 and CVE-2026-20131

itnerd.blog/2026/03/04/abstrac

  • 0
  • 0
  • 0
  • 23h ago

Bluesky

Profile picture fallback
The IT Nerd @theitnerd.ca
Abstract’s ASTRO research team just released blog about critical CISCO vulnerabilities: CVE-2026-20079 and CVE-2026-20131 Abstract's ASTRO research team has just published a blog entitled: Critical Cisco Vulnerabilities: CVE-2026-20079 and CVE-2026-20131 Affecting Cisco Secure Firewall Management…
  • 0
  • 1
  • 0
  • 23h ago
Profile picture fallback
ohhara @shiojiri.com
Cisco Secure FMCにCVSS 10の重大な脆弱性:CVE-2026-20079、CVE-2026-20131 | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/44345/
  • 0
  • 1
  • 0
  • 13h ago

CVE-2026-28536

Overview

  • Huawei
  • HarmonyOS
05 Mar 2026
Published
05 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.6)
EPSS
0.01%
KEV

Description

Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Statistics

  • 2 Posts
Last activity: 10 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 CRITICAL auth bypass (CVE-2026-28536) impacts Huawei HarmonyOS 6.0.0 & 5.1.0. Exploitation risks device integrity & confidentiality. No mitigation yet — monitor for updates! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 13h ago

Bluesky

Profile picture fallback
SecQube | Harvey | AI Platform for MS Graph @secqube.com
CVE-2026-28536 - Cisco Device Authentication Bypass Vulnerability scq.ms/4rf2jyV
  • 0
  • 0
  • 0
  • 10h ago

CVE-2026-24061

Overview

  • GNU
  • Inetutils
21 Jan 2026
Published
26 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
81.03%
KEV

Description

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

Statistics

  • 2 Posts
Last activity: 7 hours ago

Fediverse

Profile picture fallback
ekiledjian @edwardk

A critical vulnerability, CVE-2026-24061, in GNU InetUtils telnetd allows remote attackers to gain root access by exploiting an argument injection flaw where the USER environment variable is passed unsanitized to the login program. This decade-old flaw was accidentally introduced in a 2015 patch and can be exploited by crafting a malicious payload like '-f root' to bypass authentication.
picussecurity.com/resource/blo

  • 0
  • 0
  • 0
  • 7h ago

Bluesky

Profile picture fallback
piggo @pigondrugs.bsky.social
~Cybergcca~ CVE-2026-24061 allows remote root access via auth bypass in GNU Inetutils telnetd. - IOCs: CVE-2026-24061 - #CVE202624061 #Linux #ThreatIntel
  • 0
  • 0
  • 0
  • 16h ago

CVE-2026-20128

Overview

  • Cisco
  • Cisco Catalyst SD-WAN Manager
25 Feb 2026
Published
26 Feb 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.02%
KEV

Description

A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker to gain DCA user privileges on an affected system. To exploit this vulnerability, the attacker must have valid vmanage credentials on the affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An attacker could exploit this vulnerability by accessing the filesystem as a low-privileged user and reading the file that contains the DCA password from that affected system. A successful exploit could allow the attacker to access another affected system and gain DCA user privileges. Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 8 hours ago

Fediverse

Profile picture fallback
ekiledjian @edwardk

Cisco has identified two additional Catalyst SD-WAN Manager security flaws (CVE-2026-20128 and CVE-2026-20122) that are being actively exploited in the wild, urging administrators to upgrade vulnerable devices. These vulnerabilities affect the network management software regardless of device configuration, with one allowing arbitrary file overwrite and the other disclosing information.
bleepingcomputer.com/news/secu

  • 0
  • 0
  • 0
  • 8h ago

Bluesky

Profile picture fallback
CyberHub @cyberhub.blog
📌 CVE-2026-20128 - A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker to gain DCA u... https://www.cyberhub.blog/cves/CVE-2026-20128
  • 0
  • 1
  • 0
  • 22h ago

CVE-2026-3102

Overview

  • exiftool
24 Feb 2026
Published
27 Feb 2026
Updated
CVSS v4.0
MEDIUM (5.3)
EPSS
0.20%
KEV

Description

A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the argument DateTimeOriginal causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 13.50 is capable of addressing this issue. Patch name: e9609a9bcc0d32bd252a709a562fb822d6dd86f7. Upgrading the affected component is recommended.

Statistics

  • 1 Post
  • 5 Interactions
Last activity: 3 hours ago

Fediverse

Profile picture fallback
ES Michelson @esmichelson

Photographers, news orgs, researchers: If you’re using ExifTool on Macintosh update it to version 13.52 (current at this writing). A critical vulnerability in ExifTool is fixed. Maliciously crafted metadata embedded in an image file can run commands on the system. kaspersky.co.uk/blog/exiftool-

#press #photography #OSINT

  • 2
  • 3
  • 0
  • 3h ago
Showing 1 to 10 of 84 CVEs