24h | 7d | 30d

CVE-2026-25108

Overview

  • Soliton Systems K.K.
  • FileZen
13 Feb 2026
Published
25 Feb 2026
Updated
CVSS v3.0
HIGH (8.8)
EPSS
18.59%
KEV

Description

FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command.

Statistics

  • 9 Posts
  • 1 Interaction
Last activity: 1 hour ago

Fediverse

Profile picture fallback
ekiledjian @edwardk

CISA has confirmed the active exploitation of a critical OS Command Injection vulnerability (CVE-2026-25108) in FileZen by Soliton Systems K.K., adding it to the Known Exploited Vulnerabilities (KEV) Catalog. Organizations using FileZen are urged to apply security updates immediately to prevent unauthorized access and system compromise.
cybersecuritynews.com/cisa-con

  • 0
  • 0
  • 0
  • 11h ago
Profile picture fallback
Anonymous :verified: @youranonnewsirc

CISA warns of active exploitation of a FileZen vulnerability (CVE-2026-25108) (Feb 25). IBM's 2026 X-Force Threat Index reveals escalating AI-driven attacks exploiting basic security gaps (Feb 25). Geopolitically, China banned exports to 40 Japanese firms (Feb 24), and Iran-US talks continue in Geneva (Feb 25). DARPA advances kilometer-range X-ray vision technology (Feb 25).
#AnonNews_irc #Cybersecurity #News

  • 0
  • 0
  • 0
  • 4h ago

Bluesky

Profile picture fallback
Ninja Owl @ninjaowl.ai
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
  • 0
  • 1
  • 0
  • 14h ago
Profile picture fallback
ohhara @shiojiri.com
CVE-2026-25108 Soliton Systems K.K. FileZen OS Command Injection Vulnerability
  • 0
  • 0
  • 0
  • 18h ago
Profile picture fallback
ohhara @shiojiri.com
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability https://thehackernews.com/2026/02/cisa-confirms-active-exploitation-of.html
  • 0
  • 0
  • 0
  • 18h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
CISA added CVE-2026-25108, an OS command injection vulnerability in FileZen, to its Known Exploited Vulnerabilities catalog due to active exploitation evidence.
  • 0
  • 0
  • 0
  • 18h ago
Profile picture fallback
ReconBee @reconbee.bsky.social
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability reconbee.com/cisa-confirm... #CISA #FileZen #vulnerability #cybersecurity #cyberattacks
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
Help Net Security @helpnetsecurity.com
CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108) 📖 Read more: www.helpnetsecurity.com/2026/02/25/c... #cybersecurity #cybersecuritynews #0day #filesharing #ransomware #vulnerability
  • 0
  • 0
  • 0
  • 14h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISA が FileZen のコマンドインジェクションバグを報告、今すぐパッチを適用してください! (CVE-2026-25108) CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108) #HelpNetSecurity (Feb 25) www.helpnetsecurity.com/2026/02/25/c...
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-20127

Overview

  • Cisco
  • Cisco Catalyst SD-WAN Manager
25 Feb 2026
Published
25 Feb 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
Pending
KEV

Description

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. 

Statistics

  • 7 Posts
  • 7 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
CERT-FR @cert_fr

⚠️ Alerte CERT-FR ⚠️

La vulnérabilité CVE-2026-20127 affecte Cisco Catalyst SD-WAN et permet à un attaquant non-authentifié de se connecter à un compte avec des privilèges élevés. Elle est activement exploitée.

cert.ssi.gouv.fr/alerte/CERTFR

  • 2
  • 1
  • 1
  • 7h ago

Bluesky

Profile picture fallback
BleepingComputer @bleepingcomputer.com
Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers and add malicious rogue peers to targeted networks.
  • 1
  • 3
  • 0
  • 6h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
脅威アクターは2023年からCisco SD-WANゼロデイ脆弱性を悪用している(CVE-2026-20127) Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127) #HelpNetSecurity (Feb 25) www.helpnetsecurity.com/2026/02/25/c...
  • 0
  • 0
  • 0
  • 1h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cisa~ Threat actors are actively exploiting CVE-2026-20127 and CVE-2022-20775 for initial access and privilege escalation on Cisco SD-WAN systems. - IOCs: CVE-2026-20127, CVE-2022-20775 - #CVE202620127 #Cisco #ThreatIntel
  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cisa~ CISA adds two actively exploited Cisco SD-WAN vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, urging immediate remediation. - IOCs: CVE-2022-20775, CVE-2026-20127 - #Cisco #KEV #ThreatIntel
  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが2つの既知の脆弱性をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Feb 25) CVE-2022-20775 Cisco Catalyst SD-WAN パストラバーサル脆弱性 CVE-2026-20127 Cisco Catalyst SD-WAN コントローラおよびマネージャの認証バイパスの脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 1h ago

CVE-2025-40538

Overview

  • SolarWinds
  • Serv-U
24 Feb 2026
Published
25 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.03%
KEV

Description

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.

Statistics

  • 4 Posts
Last activity: 3 hours ago

Fediverse

Profile picture fallback
TechNadu @technadu

Security Advisory Summary:
SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
• CVE-2025-40538 – Broken access control → system admin creation + root RCE
• Two type confusion flaws → root code execution
• One IDOR vulnerability → elevated execution

Attack prerequisites:
High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

Exposure landscape:
12K+ internet-facing instances observed (Shodan)
File transfer platforms remain ransomware-favored entry vectors

Historical context:
Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

Immediate actions:
- Patch to 15.5.4
- Audit privileged accounts
- Review FTP/SFTP exposure
- Monitor for anomalous admin creation

Source: bleepingcomputer.com/news/secu

Follow us for tactical advisories and vulnerability intelligence.

Comment with your detection or hardening recommendations.

  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
Raphael @0x3e4

latest SolarWinds CVEs.. all critical lmao.. patch patch patch!

CVE-2025-40538 - Improper Privilege Management
CVE-2025-40539 - Incorrect Type Conversion or Cast
CVE-2025-40540 - Incorrect Type Conversion or Cast
CVE-2025-40541 - Incorrect Type Conversion or Cast & Authorization Bypass Through User-Controlled Key

SolarWinds Serv-U 15.5.3 and prior versions

hecate.pw/vulnerabilities?sear

#vulnerability #security #solarwinds

  • 0
  • 0
  • 0
  • 3h ago

Bluesky

Profile picture fallback
ohhara @shiojiri.com
SolarWinds Serv-Uに重大な脆弱性、サーバーへのrootアクセスが可能に(CVE-2025-40538他) | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/44109/
  • 0
  • 0
  • 0
  • 18h ago
Profile picture fallback
TechNadu @technadu.com
Critical update for enterprise defenders. SolarWinds fixes four Serv-U flaws - including CVE-2025-40538 - that could enable root/admin escalation on unpatched systems. Even with high-privilege prerequisites, file transfer software is historically a ransomware magnet... #CyberSecurity #SolarWinds
  • 0
  • 0
  • 0
  • 13h ago

CVE-2022-20775

Overview

  • Cisco
  • Cisco Catalyst SD-WAN
30 Sep 2022
Published
25 Feb 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
0.23%
KEV

Description

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF

Statistics

  • 4 Posts
  • 1 Interaction
Last activity: 1 hour ago

Fediverse

Profile picture fallback
cR0w @cR0w

@leb Yep. And they finally updated the one in my original post:

In February 2026, the Cisco PSIRT became aware of attempted exploitation of the vulnerability described in CVE-2022-20775.

  • 0
  • 1
  • 0
  • 2h ago

Bluesky

Profile picture fallback
piggo @pigondrugs.bsky.social
~Cisa~ Threat actors are actively exploiting CVE-2026-20127 and CVE-2022-20775 for initial access and privilege escalation on Cisco SD-WAN systems. - IOCs: CVE-2026-20127, CVE-2022-20775 - #CVE202620127 #Cisco #ThreatIntel
  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cisa~ CISA adds two actively exploited Cisco SD-WAN vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, urging immediate remediation. - IOCs: CVE-2022-20775, CVE-2026-20127 - #Cisco #KEV #ThreatIntel
  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが2つの既知の脆弱性をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Feb 25) CVE-2022-20775 Cisco Catalyst SD-WAN パストラバーサル脆弱性 CVE-2026-20127 Cisco Catalyst SD-WAN コントローラおよびマネージャの認証バイパスの脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 1h ago

CVE-2025-13942

Overview

  • Zyxel
  • EX3510-B0 firmware
24 Feb 2026
Published
25 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.39%
KEV

Description

A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0 could allow a remote attacker to execute operating system (OS) commands on an affected device by sending specially crafted UPnP SOAP requests.

Statistics

  • 2 Posts
Last activity: 3 hours ago

Fediverse

Profile picture fallback
Michael I Ransier @thecybermind

NCTAG 5.8: The Zyxel Perimeter Crisis
120,000 targets identified. The Cyber Mind Co™ has released Global Watchtower Manifest (GWM) NCTAG 1.1, detailing a critical Unauthenticated RCE (CVE-2025-13942) in Zyxel devices

thecybermind.co/2026/02/25/zyx

thecybermind.co/2026/02/25/zyx

  • 0
  • 0
  • 0
  • 3h ago

Bluesky

Profile picture fallback
CyberHub @cyberhub.blog
📌 CVE-2025-13942 - A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0 could allow a remote attacke... https://www.cyberhub.blog/cves/CVE-2025-13942
  • 0
  • 0
  • 0
  • 5h ago

CVE-2026-22769

Overview

  • Dell
  • RecoverPoint for Virtual Machines
17 Feb 2026
Published
19 Feb 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
34.16%
KEV

Description

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.

Statistics

  • 2 Posts
Last activity: 19 hours ago

Bluesky

Profile picture fallback
AlphaHunt Converge @alphahunt.io
Your backup system isn’t your parachute. It’s a beachhead. 🏖️ Mandiant/GTIG report UNC6201 exploiting Dell RP4VM (CVE-2026-22769, CVSS 10.0). Hardcoded credential → OS-level control + root persistence. CISA KEV indicated. Recovery ≠ safe. #AlphaHunt #CISA #ZeroDay
  • 0
  • 0
  • 0
  • 23h ago
Profile picture fallback
OpsMatters @opsmatters.com
The latest update for #CyCognito includes "Emerging Threat – Dell RecoverPoint for VMs Hardcoded Credential (CVE-2026-22769)" and "Permission to Ignore: Leveraging the CTEM Framework to Focus on Real Risk". #cybersecurity #AttackSurfaceManagement #EASM https://opsmtrs.com/44Srq0X
  • 0
  • 0
  • 0
  • 19h ago

CVE-2026-27593

Overview

  • statamic
  • cms
24 Feb 2026
Published
24 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.3)
EPSS
0.02%
KEV

Description

Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 6.3.3 and 5.73.10, an attacker may leverage a vulnerability in the password reset feature to capture a user's token and reset the password on their behalf. The attacker must know the email address of a valid account on the site, and the actual user must blindly click the link in their email even though they didn't request the reset. This has been fixed in 6.3.3 and 5.73.10.

Statistics

  • 1 Post
  • 8 Interactions
Last activity: 23 hours ago

Fediverse

Profile picture fallback
Stephen Rees-Carter :laravel: @valorin

PSA for Statamic folks - update your sites ASAP! ⚠️

A CRITICAL vuln was discovered that allows full account takeover via password resets! 😱

All the details: cvereports.com/reports/CVE-202 #Laravel

  • 7
  • 1
  • 0
  • 23h ago

CVE-2026-25253

Overview

  • OpenClaw
  • OpenClaw
01 Feb 2026
Published
03 Feb 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.05%
KEV

Description

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 12 hours ago

Fediverse

Profile picture fallback
Linkeaz @linkeaz

MITRE ATLAS documente plusieurs incidents majeurs autour d’OpenClaw, un agent IA autonome open-source : interfaces exposées, skills malveillants en supply chain, RCE one-click (CVE-2026-25253) et C2 via prompt injection indirecte. Un agent avec accès shell, filesystem et réseau crée une surface d’attaque complexe. Isolation stricte et gouvernance des secrets indispensables.

⚡️linkeaz.net/fr/posts/openclaw-

#IA #aisecurity #agenticAI #infosec #supplychain #cybersecurity #news #tech

  • 1
  • 1
  • 0
  • 12h ago

CVE-2025-15060

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 6 hours ago

Bluesky

Profile picture fallback
TrendAI Zero Day Initiative @thezdi.bsky.social
[ZDI-26-124|CVE-2025-15060] claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability (CVSS 9.8; Credit: Peter Girnus of Trend Research) zerodayinitiative.com/advisories/Z...
  • 1
  • 0
  • 1
  • 6h ago

CVE-2026-27624

Overview

  • coturn
  • coturn
25 Feb 2026
Published
25 Feb 2026
Updated
CVSS v3.1
HIGH (7.2)
EPSS
0.03%
KEV

Description

Coturn is a free open source implementation of TURN and STUN Server. Coturn is commonly configured to block loopback and internal ranges using "denied-peer-ip" and/or default loopback restrictions. CVE-2020-26262 addressed bypasses involving "0.0.0.0", "[::1]" and "[::]", but IPv4-mapped IPv6 is not covered. When sending a "CreatePermission" or "ChannelBind" request with the "XOR-PEER-ADDRESS" value of "::ffff:127.0.0.1", a successful response is received, even though "127.0.0.0/8" is blocked via "denied-peer-ip". The root cause is that, prior to the updated fix implemented in version 4.9.0, three functions in "src/client/ns_turn_ioaddr.c" do not check "IN6_IS_ADDR_V4MAPPED". "ioa_addr_is_loopback()" checks "127.x.x.x" (AF_INET) and "::1" (AF_INET6), but not "::ffff:127.0.0.1." "ioa_addr_is_zero()" checks "0.0.0.0" and "::", but not "::ffff:0.0.0.0." "addr_less_eq()" used by "ioa_addr_in_range()" for "denied-peer-ip" matching: when the range is AF_INET and the peer is AF_INET6, the comparison returns 0 without extracting the embedded IPv4. Version 4.9.0 contains an updated fix to address the bypass of the fix for CVE-2020-26262.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 14 hours ago

Fediverse

Profile picture fallback
Enable Security @enablesecurity

Two weeks ago we published our analysis of TURN security threats. Today: how to fix them.

New guides covering implementation-agnostic best practices (IP range blocking, protocol hardening, rate limiting, deployment patterns) and coturn-specific configuration with copy-paste templates at three security levels.

Best practices: enablesecurity.com/blog/turn-s
coturn guide: enablesecurity.com/blog/coturn
Config templates on GitHub: github.com/EnableSecurity/cotu

coturn 4.9.0 dropped yesterday with fixes for CVE-2026-27624 (IPv4-mapped IPv6 bypass of deny rules) and an inverted web admin password check that had been broken since ~2019. The guides cover workarounds for older versions.

  • 0
  • 1
  • 0
  • 14h ago
Showing 1 to 10 of 83 CVEs