24h | 7d | 30d

CVE-2026-0257

Overview

  • Palo Alto Networks
  • Cloud NGFW
13 May 2026
Published
30 May 2026
Updated
CVSS v4.0
HIGH (7.8)
EPSS
41.50%
KEV

Description

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues.

Statistics

  • 13 Posts
  • 1 Interaction
Last activity: Last hour

Fediverse

Profile picture fallback
🔒 Security Cyber @securitycyber

CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

A new vulnerability has landed and it deserves attention. CVE-2026-0257: Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May 13. Two weeks later, cybersecurity firm Rapid7 confirmed active exploitation across multiple customer environments.

securitycyber.uk

Resources: securitycyber.uk | hackthebox.com

  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
benzogaga33 :verified: @benzogaga33

Palo Alto – CVE-2026-0257 : cette faille dans le VPN est activement exploitée ! it-connect.fr/palo-alto-cve-20 #ActuCybersécurité #Cybersécurité #Vulnérabilité #PaloAlto

  • 0
  • 0
  • 0
  • Last hour

Bluesky

Profile picture fallback
N_{Dario Fadda} @nuke86.rfeed.it
CVE-2026-0257: Palo Alto GlobalProtect sotto attacco — cookies bypassano l’autenticazione VPN il blog: insicurezzadigitale.com/cve-2026-025... #cybersecurity #cisakev #globalprotect #infosec #paloaltonetworks #vpn #zeroday
  • 0
  • 1
  • 0
  • 8h ago
Profile picture fallback
セキュリティ対策Lab @securitylab-jp.bsky.social
Palo Alto Networks PAN-OSのGlobalProtect 認証回避 脆弱性 CVE-2026-0257がサイバー攻撃に確認 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews
  • 0
  • 0
  • 0
  • 15h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (May 29) CVE-2026-0257 Palo Alto Networks PAN-OS認証バイパスの脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CVE-2026-0257: Rapid7は、複数の顧客に対して偽造VPNクッキーを悪用する攻撃者を発見した CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers #SecurityAffairs (May 31) securityaffairs.com/192933/secur...
  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
PAN-OS GlobalProtect認証バイパス(CVE-2026-0257)が現在悪用されています PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation #HackerNews (May 30) thehackernews.com/2026/05/pan-...
  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
Help Net Security @helpnetsecurity.com
Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257) 📖 Read more: www.helpnetsecurity.com/2026/06/01/h... #cybersecurity #cybersecuritynews #VPN #vulnerability @paloaltonetworks.com @rapid7.com
  • 0
  • 0
  • 0
  • 6h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
Threat actors exploited CVE-2026-0257 in Palo Alto PAN-OS GlobalProtect portals and gateways shortly after disclosure, bypassing restrictions and gaining VPN access.
  • 0
  • 0
  • 0
  • 5h ago
Profile picture fallback
IT-Connect @it-connect.bsky.social
⚠️ Palo Alto – CVE-2026-0257 Cette faille de sécurité dans le VPN GlobalProtect est activement exploitée ! Elle permet de contourner l'authentification... Un patch PAN-OS est disponible. Plus d'infos par ici : - www.it-connect.fr/palo-alto-cv... #paloalto #infosec #cybersecurite
  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
CVE-2026-0257 in Palo Alto Networks PAN-OS was exploited within 4 days of disclosure, with forged cookies bypassing GlobalProtect auth. Rapid7 and CISA confirmed active attacks. #PaloAlto #PANOS #CISA
  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
Attackers are exploiting CVE-2026-0257 to bypass GlobalProtect authentication on vulnerable PAN-OS systems, enabling unauthorized VPN access and requiring urgent patching.
  • 0
  • 0
  • 0
  • 3h ago
Profile picture fallback
boredchilada @boredchilada.bsky.social
~Checkpoint~ Weekly threat intel highlights major data breaches, AI-driven campaigns, and active exploitation of PAN-OS and Ghost CMS vulnerabilities. - IOCs: CVE-2026-0257, CVE-2026-26980, CVE-2026-48131 - #DataBreach #ThreatIntel #Vulnerabilities
  • 0
  • 0
  • 0
  • Last hour

CVE-2026-41089

Overview

  • Microsoft
  • Windows Server 2012
12 May 2026
Published
26 May 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.10%
KEV

Description

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.

Statistics

  • 6 Posts
  • 6 Interactions
Last activity: Last hour

Fediverse

Profile picture fallback
N_{Dario Fadda} @nuke

CVE-2026-41089: Windows Netlogon 0-Click RCE Now Actively Exploited — Patch Domain Controllers Immediately
#CyberSecurity
securebulletin.com/cve-2026-41

  • 5
  • 0
  • 0
  • 7h ago

Bluesky

Profile picture fallback
Tech-News @technology-news.bsky.social
The critical Windows Netlogon remote code execution (RCE) vulnerability tracked as CVE-2026-41089 is now under active exploitation in the wild, significantly raising the risk profile for unpatched Windows Server environments.
  • 0
  • 1
  • 0
  • 1h ago
Profile picture fallback
Help Net Security @helpnetsecurity.com
Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089) 🔗 Read more: www.helpnetsecurity.com/2026/06/01/w... #vulnerability #Windows #cybersecurity
  • 0
  • 0
  • 0
  • 1h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
CVE-2026-41089 enables unauthenticated remote code execution against Windows domain controllers via Netlogon, and is actively exploited in the wild.
  • 0
  • 0
  • 1
  • 1h ago
Profile picture fallback
boredchilada @boredchilada.bsky.social
~Cybergcca~ CCCS published 9 advisories, notably warning of active in-the-wild exploitation of Windows Netlogon vulnerability CVE-2026-41089. - IOCs: CVE-2026-41089 - #CVE202641089 #ThreatIntel #Vulnerability
  • 0
  • 0
  • 0
  • Last hour

CVE-2026-8732

Overview

  • flippercode
  • WP Maps Pro
29 May 2026
Published
29 May 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.07%
KEV

Description

The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmp_temp_access_ajax AJAX action being registered with wp_ajax_nopriv_ and protected only by a nonce check using the fc-call-nonce nonce, which is publicly embedded into every frontend page via wp_localize_script as the nonce field of the wpgmp_local JavaScript object, rendering the check ineffective as an access control mechanism. This makes it possible for unauthenticated attackers to invoke the wpgmp_temp_access_support handler with check_temp=false, which unconditionally creates a new WordPress user with the hardcoded role of administrator via wp_insert_user() and returns a magic login URL that, when visited, calls wp_set_auth_cookie() to fully authenticate the attacker as the newly created administrator, resulting in complete site takeover.

Statistics

  • 3 Posts
Last activity: 2 hours ago

Fediverse

Profile picture fallback
Neo @neo_agent

Ich habe gerade eine aktive Ausnutzung einer kritischen WP Maps Pro Schwachstelle gesehen. CVE-2026-8732 (CVSS 9.8) erlaubt unauthentifizierten Angreifern Admin-Accounts anzulegen und Sites zu kapern. Alle Versionen bis 6.1.0 betroffen.

Update dringend auf 6.1.1!

#WordPress #Security #CVE

  • 0
  • 0
  • 0
  • 2h ago
Profile picture fallback
🔒 Security Cyber @securitycyber

CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password Tracked as **CVE-2026-8732**.
CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password

- CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create WordPress admin accounts.

securitycyber.uk

Resources: securitycyber.uk | hackthebox.com

  • 0
  • 0
  • 0
  • 2h ago

Bluesky

Profile picture fallback
Bitnewsbot @bitnewsbot.bsky.social
A critical vulnerability (CVE-2026-8732) in the WP Maps Pro WordPress plugin allows attackers to create admin accounts. The flaw affects […]
  • 0
  • 0
  • 0
  • 6h ago

CVE-2026-48770

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 2 Posts
  • 5 Interactions
Last activity: Last hour

Fediverse

Profile picture fallback
:mastodon: decio @decio

Si vous utilisez Notepad++, pensez à vérifier votre version : la 8.9.6.2 corrige plusieurs vulnérabilités, dont certaines pouvant mener à l’exécution de code arbitraire.
👇
notepad-plus-plus.org/news/v89
⬇️
notepad-plus-plus.org/news/v89

Un attaquant pourrait tirer parti de fichiers de configuration ou de raccourcis spécialement modifiés pour faire exécuter des commandes à notre insu dans certains scénarios

Un PoC public circule déjà, ce qui réduit le délai entre la divulgation et les tentatives d’exploitation opportunistes.
⬇️
github.com/atiilla/Notepad-8.9

Dans les news
⬇️
thecyberexpress.com/notepad-cv

  • 2
  • 3
  • 0
  • 7h ago

Bluesky

Profile picture fallback
CyberVeille @cyberveille-ch.bsky.social
📢 Notepad++ 8.9.6.1 corrige trois vulnérabilités dont une RCE critique via config.xml 📝 📰 **Source** : The Cyber Express | **Date de publication** … https://cyberveille.ch/posts/2026-06-01-notepad-8-9-6-1-corrige-trois-vulnerabilites-dont-une-rce-critique-via-config-xml/ #CVE_2026_48770 #Cyberveille
  • 0
  • 0
  • 0
  • Last hour

CVE-2026-10192

Overview

  • Tenda
  • W12
31 May 2026
Published
01 Jun 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.09%
KEV

Description

A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function set_local_time_0 of the file /bin/httpd. Such manipulation of the argument Time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used.

Statistics

  • 2 Posts
  • 2 Interactions
Last activity: 13 hours ago

Fediverse

Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-10192 - Critical stack buffer overflow in Tenda W12 routers. Remote RCE via /bin/httpd set_local_time_0 function. CVSS 8.8. Exploit public. No patch available. Isolate devices immediately. #CVE #Tenda #infosec

valtersit.com/cve/CVE-2026-101

  • 1
  • 0
  • 0
  • 17h ago
Profile picture fallback
OffSequence @offseq

⚠️ CVE-2026-10192: HIGH-severity buffer overflow in Tenda W12 (v3.0.0.7). Remote code execution possible, exploit is public, no patch yet. Restrict remote admin & monitor for updates. radar.offseq.com/threat/cve-20

  • 1
  • 0
  • 0
  • 13h ago

CVE-2026-10206

Overview

  • D-Link
  • DI-8400
01 Jun 2026
Published
01 Jun 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.08%
KEV

Description

A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. The initial researcher advisory mentions contradicting parameter names to be affected.

Statistics

  • 2 Posts
  • 2 Interactions
Last activity: 14 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

⚠️ HIGH-severity: CVE-2026-10206 affects D-Link DI-8400 (≤16.07.26A1) — stack buffer overflow in /dbsrv.asp allows remote code execution. Public exploit available, no patch yet. Limit exposure & monitor. radar.offseq.com/threat/cve-20

  • 1
  • 0
  • 0
  • 14h ago
Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-10206 - Critical stack buffer overflow in D-link DI-8400 up to 16.07.26A1 via /dbsrv.asp. Remote exploit public. CVSS 8.8. No patch available. Isolate affected devices now. #CVE #Dlink #infosec

valtersit.com/cve/CVE-2026-102

  • 1
  • 0
  • 0
  • 14h ago

CVE-2026-10187

Overview

  • Totolink
  • N300RH
31 May 2026
Published
31 May 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.15%
KEV

Description

A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 16 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

⚠️ CVE-2026-10187 CRITICAL: Totolink N300RH (6.1c.1353_B20190305) is exposed to a remote stack-based buffer overflow in setWiFiBasicConfig. Exploit is public, no patch yet — restrict Web Management access! radar.offseq.com/threat/cve-20

  • 1
  • 0
  • 0
  • 16h ago
Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-10187 - Critical stack buffer overflow in Totolink N300RH. Remote RCE via KeyStr argument. CVSS 9.8. Exploit public, no patch available. Disable remote management immediately. #CVE #IoT #infosec

valtersit.com/cve/CVE-2026-101

  • 0
  • 0
  • 0
  • 22h ago

CVE-2026-48188

Overview

  • OTRS AG
  • OTRS
01 Jun 2026
Published
01 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.07%
KEV

Description

An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NO_BACKSLASH_ESCAPES SQL mode. This issue affects OTRS: * 7.0.X * 8.0.X * 2023.X * 2024.X * 2025.X * 2026.X before 2026.4.X * (OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 6 hours ago

Fediverse

Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-48188 - Critical SQL injection in OTRS. Unauthenticated attackers can bypass authentication via MySQL/MariaDB with NO_BACKSLASH_ESCAPES mode. CVSS 9.1. No patch available. Disable affected SQL mode immediately. #CVE #OTRS #infosec

valtersit.com/cve/CVE-2026-481

  • 0
  • 0
  • 0
  • 11h ago

Bluesky

Profile picture fallback
BaseFortify.eu @basefortify.bsky.social
🚨 OTRS users should take note of CVE-2026-48188 A critical unauthenticated SQL injection vulnerability may allow authentication bypass under specific MySQL/MariaDB configurations. 🎫 Affects multiple OTRS generations and Community Edition. 🔗 basefortify.eu/cve_reports/... #OTRS #SQLInjection #CVE
  • 0
  • 1
  • 0
  • 6h ago

CVE-2026-10189

Overview

  • Tenda
  • W12
31 May 2026
Published
01 Jun 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.09%
KEV

Description

A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability affects the function cgiSysTimeInfoSet of the file /bin/httpd. The manipulation of the argument sec leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Statistics

  • 2 Posts
Last activity: 7 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

⚠️ CVE-2026-10189: HIGH severity stack-based buffer overflow in Tenda W12 (v3.0.0.7). Exploitable remotely, risk of code execution. No patch — restrict access & monitor for updates. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-10189 - Critical stack buffer overflow in Tenda W12 3.0.0.7(4763). Remote attack possible via /bin/httpd cgiSysTimeInfoSet. CVSS 8.8. Unpatched. Isolate affected devices immediately. #CVE #Tenda #infosec

valtersit.com/cve/CVE-2026-101

  • 0
  • 0
  • 0
  • 7h ago

CVE-2026-39987

Overview

  • marimo-team
  • marimo
09 Apr 2026
Published
24 Apr 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
82.17%
KEV

Description

marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSocket endpoints (e.g., /ws) that correctly call validate_auth() for authentication, the /terminal/ws endpoint only checks the running mode and platform support before accepting connections, completely skipping authentication verification. This vulnerability is fixed in 0.23.0.

Statistics

  • 2 Posts
Last activity: 9 hours ago

Bluesky

Profile picture fallback
Michael Wyres @mwyr.es
Attackers Use LLM Agent For Post-Exploitation After Marimo CVE-2026-39987 Exploit - https://mwyr.es/pUqIWw5L #thn #infosec
  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
ReconBee @reconbee.bsky.social
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit reconbee.com/attackers-us... #LLM #Marimo #largelanguagemodels #llmagent #cybersecurity
  • 0
  • 0
  • 0
  • 9h ago
Showing 1 to 10 of 42 CVEs