CVE-2026-22769

Overview

Dell
RecoverPoint for Virtual Machines

17 Feb 2026

Published

19 Feb 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

28.78%

MITRE

KEV

Description

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.

Statistics

16 Posts
6 Interactions

Last activity: 2 hours ago

Fediverse

:awesome:🐦‍🔥nemo™🐦‍⬛ 🇺🇦🍉 @nemo

Dell warns of a max-severity flaw (CVE-2026-22769) in RecoverPoint for VMs, already exploited for root access in the wild. 🔓💻 Security teams are urged to patch or apply mitigations immediately. Details: https://cyberinsider.com/dell-warns-of-max-severity-flaw-in-recoverpoint-exploited-by-hackers/ #cybersecurity #infosec #Dell #Newz

2
3
0
22h ago

benzogaga33 :verified: @benzogaga33

Cette faille critique dans Dell RecoverPoint est exploitée depuis mi-2024 https://www.it-connect.fr/dell-recoverpoint-faille-critique-cve-2026-22769/ #ActuCybersécurité #Cybersécurité #Dell

0
1
0
10h ago

Nistal Talson @niztal

⚠️ Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

https://thehackernews.com/2026/02/dell-recoverpoint-for-vms-zero-day-cve.html

#CyberSecurity #InfoSec

0
0
1
21h ago

TechNadu @technadu

CVE-2026-22769 (CVSS 10.0) in Dell RecoverPoint for VMs is under confirmed exploitation.

Attribution: UNC6201 (linked to Silk Typhoon)
Malware: BRICKSTORM (evolving) → GRIMBOLT
Vector: Hard-coded credentials
Impact Layer: VMware-integrated DR appliances

This is a high-leverage target:
- Elevated privileges
- Direct integration with hypervisors & storage
- Influence over replicated datasets
- Potential long-term espionage dwell time

CISA has mandated immediate patching for federal agencies.

Key takeaway: Recovery infrastructure is now an active battlefield.
How are you validating integrity of replicated VM copies?
Comment below.

Source: https://therecord.media/fed-agencies-ordered-to-patch-dell-bug-after-exploitation-warning

Follow TechNadu for threat intelligence updates.
Share within your security teams.
#Infosec #ThreatIntelligence #ZeroDay #CISAAlert #VMwareSecurity #CyberEspionage #BlueTeam #RedTeam #APT #SecurityOperations #DigitalForensics

0
0
0
5h ago

অর্ঘ্য 🏏📚 💻 @StringsVsAtoms

The issue, officially named CVE-2026-22769, involves hardcoded credentials. This means the software came with a built-in username and password that could not be easily changed.
5/10

0
0
0
2h ago

Bluesky

tamosan @tamosan.bsky.social

以前からか…『UNC6201がラテラルムーブメントのために悪用』：中国関連ハッカー、Dell製品のゼロデイを2024年半ばから悪用：CVE-2026-22769 | Codebook｜Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/43921/

0
0
0
20h ago

セキュリティ対策Lab @securitylab-jp.bsky.social

中国系ハッカーがDellのゼロデイ脆弱性を悪用しサイバー攻撃(CVE-2026-22769) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews

0
0
0
20h ago

キタきつね @kitafox.bsky.social

Dell RecoverPoint for VMs のゼロデイ脆弱性 CVE-2026-22769 が 2024 年半ばから悪用される Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024 #HackerNews (Feb 18) thehackernews.com/2026/02/dell...

0
0
0
20h ago

キタきつね @kitafox.bsky.social

中国関連のハッカーが2024年からDellのゼロデイ脆弱性を悪用（CVE-2026-22769） China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769) #HelpNetSecurity (Feb 18) www.helpnetsecurity.com/2026/02/18/e...

0
0
0
20h ago

曖昧ナ犬 @aimainainnu.bsky.social

中国関連ハッカー､ #Dell 製品のゼロデイを2024年半ばから悪用：CVE-2026-22769 | Codebook Codebook｜サイバーインテリジェンス/セキュリティNews - マキナレコード ... マルウェアを展開するために悪用していたとされる。初期アクセスの手段は確認されていないものの、UNC6201は初期アクセスのためにVPNコンセントレータなどの ... codebook.machinarecord.com/threatreport...

0
0
0
16h ago

guardian360.bsky.social @guardian360.bsky.social

(GTIG). The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials affecting versions prior to 6.0.3.1 HF1. Other products, including RecoverPoint Classic, are not vulnerable to the flaw. thehackernews.com/2026/02/de...

0
0
0
4h ago

Undercode Testing @undercode.bsky.social

Dell Zero-Day Exploit (CVE-2026-22769): How UNC6201 Weaponized Hard-Coded Credentials + Video Introduction: In a stark reminder of the risks lurking within enterprise backup infrastructure, a maximum-severity zero-day vulnerability in Dell RecoverPoint for Virtual Machines has been under active…

0
0
0
2h ago

Undercode Testing @undercode.bsky.social

Critical Zero-Day in Dell RecoverPoint for VMs: Chinese APT Exploits Hardcoded Credentials for Root Access Since 2024 + Video Introduction A maximum-severity zero-day vulnerability (CVE-2026-22769) in Dell RecoverPoint for Virtual Machines has been under active exploitation by suspected Chinese…

0
0
0
2h ago

キタきつね @kitafox.bsky.social

CISAが2つの既知の脆弱性をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Feb 18) CVE-2021-22175 GitLab サーバーサイドリクエストフォージェリ（SSRF）脆弱性 CVE-2026-22769 Dell RecoverPoint for Virtual Machines (RP4VMs) におけるハードコードされた資格情報の使用に関する脆弱性 www.cisa.gov/news-events/...

0
0
0
20h ago

ohhara @shiojiri.com

CVE-2021-22175 GitLab Server-Side Request Forgery (SSRF) Vulnerability CVE-2026-22769 Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability

0
0
0
16h ago

CVE-2026-2441

Overview

Google
Chrome

13 Feb 2026

Published

18 Feb 2026

Updated

CVSS

Pending

EPSS

0.53%

MITRE

KEV

Description

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Statistics

6 Posts
4 Interactions

Last activity: 2 hours ago

Fediverse

elhacker.NET @elhackernet

Google corrige un zero-day de Chrome (CVE-2026-2441) ya explotado en ataques

https://blog.elhacker.net/2026/02/google-corrige-un-zero-day-de-chrome.html

1
2
0
3h ago

Bluesky

Hackernews Top Stories @news.facts.dev

⚡ Hackernews Top story: Zero-day CSS: CVE-2026-2441 exists in the wild

0
1
0
22h ago

Calimeg @calimegai.bsky.social

🚨 CISA ajoute 4 failles actives à son catalogue KEV, dont CVE-2026-2441 (score 8.8) dans #GoogleChrome, exposant à des attaques à distance via use-after-free. #CyberSecurity #calimeg

0
0
0
13h ago

topickapp (IT技術系ニュースサイト) @topickapp.bsky.social

https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html Google Chromeの安定版チャンネルがアップデートされました。今回の更新にはCSSのUse after free脆弱性 (CVE-2026-2441) の修正が含まれています。この脆弱性に対する悪用がすでに確認されているため、早めの更新が推奨されます。

0
0
0
7h ago

Hacker News JP 🤖 @hacker-news-jp.bsky.social

現場で悪用されているゼロデイのCSS脆弱性 CVE-2026-2441 Zero-day CSS: CVE-2026-2441 exists in the wild 🔺 369 💬 21 🔗 HN Post | Article

0
0
0
2h ago

Hacker News Best @hnbest.bsky.social

Zero-day CSS: CVE-2026-2441 exists in the wild https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html comments #chromereleases.googleblog.com

0
0
0
2h ago

CVE-2026-21509

Overview

Microsoft
Microsoft 365 Apps for Enterprise

26 Jan 2026

Published

13 Feb 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

9.21%

MITRE

KEV

Description

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.

Statistics

3 Posts
5 Interactions

Last activity: 1 hour ago

Fediverse

HackerWorkspace @hackerworkspace

The video discusses a recently patched Microsoft Office zero-day vulnerability (CVE-2026-21509) being actively exploited by Russian hackers. It emphasizes the rapid weaponization of vulnerabilities after patches and the importance of threat intelligence for managing exposed attack surfaces.
https://www.youtube.com/watch?v=Ck8IPInn74A

#threatintelligence #exploit #zeroday

1
0
0
1h ago

Bluesky

John Hammond @johnhammond.bsky.social

Quick dance with CVE-2026-21509, a "Security Feature Bypass Vulnerability" and an emergency out-of-band fix from January Patch Tuesday (and an obligatory exaggerated YouTube thumbnail -- I apologize and appreciate folks who understand algorithm nuance) youtu.be/Ck8IPInn74A

0
4
1
6h ago

CVE-2026-2329

Overview

Grandstream
GXP1610

18 Feb 2026

Published

18 Feb 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

0.09%

MITRE

KEV

Description

An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. The vulnerability affects all six device models in the series: GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630.

Statistics

2 Posts
2 Interactions

Last activity: 4 hours ago

Bluesky

Help Net Security @helpnetsecurity.com

Bug in widely used VoIP phones allows stealthy network footholds, call interception (CVE-2026-2329) 📖 Read more: www.helpnetsecurity.com/2026/02/19/g... #cybersecurity #cybersecuritynews #securityupdate #vulnerability #VoIP #SMBs @rapid7.com @stephenfewer.bsky.social @fulmetalpackets.bsky.social

1
1
0
8h ago

Eyal Estrin ☁️ @eyalestrin.bsky.social

Bug in widely used VoIP phones allows stealthy network footholds, call interception (CVE-2026-2329) #patchmanagement

0
0
0
4h ago

CVE-2026-26119

Overview

Microsoft
Windows Admin Center

17 Feb 2026

Published

19 Feb 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.06%

MITRE

KEV

Description

Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

Statistics

2 Posts
2 Interactions

Last activity: 4 hours ago

Bluesky

Information Security Briefly @infosecbriefly.bsky.social

A Windows Admin Center authentication flaw (CVE-2026-26119) lets authorized users escalate privileges across networks, potentially granting widespread administrative control.

1
1
0
20h ago

Help Net Security @helpnetsecurity.com

Microsoft reveals critical Windows Admin Center vulnerability (CVE-2026-26119) 📖 Read more: www.helpnetsecurity.com/2026/02/19/w... @msftresearch.bsky.social #CyberSecurity #CyberSecurityNews #Microsoft

0
0
0
4h ago

CVE-2026-2649

Overview

Google
Chrome

18 Feb 2026

Published

19 Feb 2026

Updated

CVSS

Pending

EPSS

0.03%

MITRE

KEV

Description

Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Statistics

2 Posts

Last activity: 12 hours ago

Fediverse

Offensive Sequence @offseq

🛑 CVE-2026-2649: HIGH severity integer overflow in Chrome V8 pre-145.0.7632.109 lets remote attackers trigger heap corruption via crafted HTML. Update ASAP to patch! https://radar.offseq.com/threat/cve-2026-2649-integer-overflow-in-google-chrome-1776d2df #OffSeq #Chrome #Vuln #Security

0
0
0
16h ago

Bluesky

BaseFortify.eu @basefortify.bsky.social

🚨 CVE-2026-2649 – Google Chrome Integer overflow in the V8 engine (Chrome < 145.0.7632.109) allows remote attackers to trigger heap corruption via a crafted HTML page. CVSS: 8.8 (HIGH) Full analysis: basefortify.eu/cve_reports/... #CVE #Chrome #V8 #CyberSecurity #InfoSec

0
0
0
12h ago

CVE-2026-1281

Overview

Ivanti
Endpoint Manager Mobile

29 Jan 2026

Published

30 Jan 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

43.87%

MITRE

KEV

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

Statistics

3 Posts

Last activity: 8 hours ago

Fediverse

Jeroen Wiert Pluimers @wiert

@christopherkunz didn't see this in your Toots yet, but hope you already saw it somewhere else:

https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2026/2026-221601-1032_bits.html

Version 1.3: Ivanti EPMM - Aktive Angriffe über Zero-Day Schwachstellen beobachtet

Schwachstellen CVE-2026-1281 und CVE-2026-1340

https://nvd.nist.gov/vuln/detail/CVE-2026-1281

https://nvd.nist.gov/vuln/detail/CVE-2026-1340

0
0
0
8h ago

Bluesky

Undercode Testing @undercode.bsky.social

CVE-2026-1281 & CVE-2026-1340: Ivanti EPMM Under Attack—Bash Arithmetic Exploits Deploying Covert Backdoors + Video Introduction: A fresh wave of sophisticated attacks is targeting enterprise mobile fleets, exploiting two critical zero-day vulnerabilities in Ivanti Endpoint Management Mobile…

0
0
0
11h ago

Information Security Briefly @infosecbriefly.bsky.social

Exploitation of two patched Ivanti EPMM critical vulnerabilities (CVE-2026-1281, CVE-2026-1340) has surged, enabling remote unauthenticated code execution and full MDM compromise.

0
0
0
8h ago

CVE-2026-1340

Overview

Ivanti
Endpoint Manager Mobile

29 Jan 2026

Published

30 Jan 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

32.27%

MITRE

KEV

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

Statistics

3 Posts

Last activity: 8 hours ago

Fediverse

Jeroen Wiert Pluimers @wiert

@christopherkunz didn't see this in your Toots yet, but hope you already saw it somewhere else:

https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2026/2026-221601-1032_bits.html

Version 1.3: Ivanti EPMM - Aktive Angriffe über Zero-Day Schwachstellen beobachtet

Schwachstellen CVE-2026-1281 und CVE-2026-1340

https://nvd.nist.gov/vuln/detail/CVE-2026-1281

https://nvd.nist.gov/vuln/detail/CVE-2026-1340

0
0
0
8h ago

Bluesky

Undercode Testing @undercode.bsky.social

CVE-2026-1281 & CVE-2026-1340: Ivanti EPMM Under Attack—Bash Arithmetic Exploits Deploying Covert Backdoors + Video Introduction: A fresh wave of sophisticated attacks is targeting enterprise mobile fleets, exploiting two critical zero-day vulnerabilities in Ivanti Endpoint Management Mobile…

0
0
0
11h ago

Information Security Briefly @infosecbriefly.bsky.social

Exploitation of two patched Ivanti EPMM critical vulnerabilities (CVE-2026-1281, CVE-2026-1340) has surged, enabling remote unauthenticated code execution and full MDM compromise.

0
0
0
8h ago

CVE-2025-7676

Overview

Microsoft, Inc
Windows 11

28 Jul 2025

Published

28 Jul 2025

Updated

CVSS v4.0

MEDIUM (5.4)

EPSS

0.02%

MITRE

KEV

Description

DLL hijacking of all PE32 executables when run on Windows for ARM64 CPU architecture. This allows an attacker to execute code, if the attacker can plant a DLL in the same directory as the executable. Vulnerable versions of Windows 11 for ARM attempt to load Base DLLs that would ordinarily not be loaded from the application directory. Fixed in release 24H2, but present in all earlier versions of Windows 11 for ARM CPUs.

Statistics

1 Post
16 Interactions

Last activity: 6 hours ago

Fediverse

Jimmy Wylie @mayahustle

I earned my first CVE credit (CVE-2025-7676) for helping with a Windows ARM vuln. So, to commemorate the credit, @reverseics presented me last week with a Trophy of Perpetual Futility, because there’s always more work to do.

https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/refs/heads/main/2025-04.txt

1
15
0
6h ago

CVE-2025-45769

Overview

Pending

31 Jul 2025

Published

18 Feb 2026

Updated

CVSS

Pending

EPSS

0.01%

MITRE

KEV

Description

php-jwt v6.11.0 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant to recommend an outcome for this CVE Record.

Statistics

1 Post
6 Interactions

Last activity: 16 hours ago

Fediverse

Shawn Hooper (he/him) @shawnhooper

If you're using firebase/php-jwt v6, surprise!

GitHub Advisory GHSA for CVE-2025-45769 ignores NVD "Disputed" status, blocks all php-jwt v6 users.

Details here:

https://github.com/firebase/php-jwt/issues/620

#PHP #CVE

2
4
0
16h ago