24h | 7d | 30d

CVE-2026-3055

Overview

  • NetScaler
  • ADC
23 Mar 2026
Published
24 Mar 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.03%
KEV

Description

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

Statistics

  • 20 Posts
  • 11 Interactions
Last activity: 2 hours ago

Fediverse

Profile picture fallback
Erik Jonker @ErikJonker

It just never stops those Citrix vulnerabilities...
thecyberexpress.com/cve-2026-3
#citrix #cybersecurity #cve

  • 3
  • 3
  • 0
  • 8h ago
Profile picture fallback
Patrick C Miller :donor: @patrickcmiller

Urgent Alert: NetScaler bug CVE-2026-3055 probed by attackers could leak sensitive data securityaffairs.com/190131/hac

  • 1
  • 1
  • 1
  • 17h ago
Profile picture fallback
:mastodon: decio @decio

⚠️ CVE-2026-3055 / Citrix NetScaler : la reconnaissance est en cours.

Des activités de reconnaissance ciblent déjà les appliances exposées, avec notamment des requêtes vers /cgi/GetAuthMethods pour identifier les configs exploitables, en particulier les environnements SAML IdP.
GBHackers relaie ces observations
👇
gbhackers.com/hackers-probe-ci

Côté exposition, ONYPHE recense plus de 18000 IP uniques sur une version vulnérable, (dont environ +800 en Suisse).
👇
linkedin.com/posts/onyphe_vuln

Le pattern rappelle clairement les précédents CitrixBleed : si du NetScaler est encore exposé, la fenêtre avant exploitation de masse pourrait être très courte.

  • 0
  • 1
  • 0
  • 10h ago
Profile picture fallback
:mastodon: decio @decio

la vulnérabilité est à considérer comme activement exploitée selon watchTowr.

ils ont publié une analyse technique détaillée de la faille, utile pour mieux comprendre le mécanisme d’exploitation
👇
labs.watchtowr.com/please-we-b

Pour les équipes concernées, on n’est plus dans l’anticipation mais dans la réaction rapide.

  • 0
  • 1
  • 0
  • 10h ago
Profile picture fallback
Günter Born @gborn

Jemand mit Citrix (Netscaler oder Gateway) unterwegs und ungepatcht? Schwachstelle CVE-2026-3055 wird angegriffen

borncity.com/blog/2026/03/30/s

  • 0
  • 0
  • 1
  • 3h ago

Bluesky

Profile picture fallback
/r/netsec @r-netsec-bot.bsky.social
Please, We Beg, Just One Weekend Free Of Appliances (Citrix NetScaler CVE-2026-3055 Memory Overread Part 2) - watchTowr Labs
  • 0
  • 1
  • 6
  • 22h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
Citrix NetScalerは、CVE-2026-3055(CVSS 9.3)メモリオーバーリードバグに対するアクティブな調査中です Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug #HackerNews (Mar 28) thehackernews.com/2026/03/citr...
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
tamosan @tamosan.bsky.social
既に偵察活動が活発になっているようす:Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug https://thehackernews.com/2026/03/citrix-netscaler-under-active-recon-for.html
  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
Sami Laiho @samilaiho.com
The Sequels Are Never As Good, But We're Still In Pain (Citrix NetScaler CVE-2026-3055 Memory Overread) labs.watchtowr.com/the-sequels-...
  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
CyberVeille @cyberveille-ch.bsky.social
📢 CVE-2026-3055 : Citrix NetScaler – Seconde vulnérabilité de fuite mémoire exploitée in-the-wild 📝 ## 🔍 Contexte Publié le 30 mars 2026 … https://cyberveille.ch/posts/2026-03-30-cve-2026-3055-citrix-netscaler-seconde-vulnerabilite-de-fuite-memoire-exploitee-in-the-wild/ #CVE_2026_3055 #Cyberveille
  • 0
  • 0
  • 0
  • 5h ago
Profile picture fallback
CyberVeille @cyberveille-ch.bsky.social
📢 CVE-2026-3055 : Vulnérabilité critique sur Citrix NetScaler déjà ciblée par des acteurs malveillants 📝 ## 🔍 Contexte Publié le 3… https://cyberveille.ch/posts/2026-03-30-cve-2026-3055-vulnerabilite-critique-sur-citrix-netscaler-deja-ciblee-par-des-acteurs-malveillants/ #CVE_2026_3055 #Cyberveille
  • 0
  • 0
  • 0
  • 5h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cybergcca~ CCCS issued 10 advisories, warning of critical, actively exploited vulnerabilities in Fortinet FortiClientEMS and Citrix NetScaler. - IOCs: CVE-2026-21643, CVE-2026-3055 - #CVE #Citrix #Fortinet #ThreatIntel
  • 0
  • 0
  • 0
  • 2h ago

CVE-2025-53521

Overview

  • F5
  • BIG-IP
15 Oct 2025
Published
29 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
19.16%
KEV

Description

When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution (RCE).   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Statistics

  • 10 Posts
Last activity: 1 hour ago

Fediverse

Profile picture fallback
Capstone Technologies Group @CapTechGroup

Critical alert: Attackers are actively exploiting a remote code execution vulnerability in BIG-IP APM systems (CVE-2025-53521). Financial services, government, and public sector organizations are targeted. Understand the threat landscape and essential defensive measures.

captechgroup.com/about-us/thre

  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
Tom Sellers @TomSellers

@offseq There has literally been a CVE and patch for this since October - runzero.com/blog/f5-bigip-inst

  • 0
  • 0
  • 0
  • 6h ago

Bluesky

Profile picture fallback
r/blueteamsec bot @r-blueteamsec.bsky.social
K000156741: BIG-IP APM vulnerability CVE-2025-53521 - from Oct - previously a DoS with CVSS scores of 7.5 (CVSS v3.1) and 8.7 (CVSS v4.0) - re-categorized to an RCE with CVSS scores of 9.8 and 9.3
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Mar 27) CVE-2025-53521 F5 BIG-IPのリモートコード実行の脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
攻撃者は、BIG-IP APMシステムのリモートコード実行(RCE)の脆弱性(CVE-2025-53521)を悪用しています Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521) #HelpNetSecurity (Mar 28) www.helpnetsecurity.com/2026/03/28/b...
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAは、F5 BIG-IP APMの脆弱性を悪用した攻撃が活発に行われたことを受け、CVE-2025-53521をKEVに追加した CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation #HackerNews (Mar 28) thehackernews.com/2026/03/cisa...
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
CISA warns of exploitation of a critical F5 BIG-IP vulnerability, CVE-2025-53521, allowing remote code execution on affected systems.
  • 0
  • 0
  • 0
  • 10h ago
Profile picture fallback
CyberVeille @cyberveille-ch.bsky.social
📢 Exploitation active de CVE-2025-53521 : F5 BIG-IP APM reclassifié en RCE critique 📝 ## 🔍 Contexte Source : BleepingComputer, publié le 30 mars 2026. https://cyberveille.ch/posts/2026-03-30-exploitation-active-de-cve-2025-53521-f5-big-ip-apm-reclassifie-en-rce-critique/ #CISA_KEV #Cyberveille
  • 0
  • 0
  • 0
  • 6h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Ncsc~ Actively exploited unauthenticated RCE (CVE-2025-53521) affects F5 BIG-IP APM; immediate mitigation and compromise investigation required. - IOCs: CVE-2025-53521 - #CVE202553521 #F5 #ThreatIntel
  • 0
  • 0
  • 0
  • 5h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
F5 reclassifies BIG-IP APM flaw CVE-2025-53521 from DoS to critical RCE after active exploitation deploying webshells on unpatched devices. Over 240K instances exposed online. #BIGIPAPM #RemoteCodeExecution #USA
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-21643

Overview

  • Fortinet
  • FortiClientEMS
06 Feb 2026
Published
30 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.05%
KEV

Description

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

Statistics

  • 5 Posts
  • 1 Interaction
Last activity: Last hour

Bluesky

Profile picture fallback
Help Net Security @helpnetsecurity.com
Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643) 📖 Read more: www.helpnetsecurity.com/2026/03/30/f... #cybersecurity #cybersecuritynews #enterprise #vulnerability @bishopfox.bsky.social
  • 0
  • 1
  • 0
  • 5h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Critical SQL injection CVE-2026-21643 in Fortinet FortiClient EMS 7.4.4 is actively exploited, allowing unauthenticated code execution via EMS web interface. Patch to 7.4.5+ to fix thousands exposed globally. #FortinetFlaw #SQLInjection #USA
  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
Red Siege @redsiege.com
Critical bug (CVE-2026-21643) in Fortinet FortiClient EMS is already being exploited. Unauthenticated attackers can run code via the web interface, and thousands of instances are exposed. Patch ASAP (7.4.5+). via @bleepingcomputer.com www.bleepingcomputer.com/news/securit...
  • 0
  • 0
  • 0
  • 1h ago
Profile picture fallback
Undercode Testing @undercode.bsky.social
Critical FortiClient EMS SQL Injection (CVE-2026-21643) Actively Exploited: Attackers Bypass WAF via HTTP Headers + Video Introduction: A critical severity SQL injection vulnerability, designated CVE-2026-21643, has been identified in Fortinet’s FortiClient Endpoint Management Server (EMS) and is…
  • 0
  • 0
  • 0
  • Last hour
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cybergcca~ CCCS issued 10 advisories, warning of critical, actively exploited vulnerabilities in Fortinet FortiClientEMS and Citrix NetScaler. - IOCs: CVE-2026-21643, CVE-2026-3055 - #CVE #Citrix #Fortinet #ThreatIntel
  • 0
  • 0
  • 0
  • 2h ago

CVE-2026-3587

Overview

  • WAGO
  • Lean Managed Switch 852-1812
23 Mar 2026
Published
24 Mar 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.12%
KEV

Description

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device.

Statistics

  • 1 Post
  • 21 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture fallback
Dickenhobelix @dickenhobelix

Hui, CVE für einen Wago Switch mit CVSS 10.0: An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device.

Bingo!

FTR: CVE-2026-3587

  • 9
  • 12
  • 0
  • 9h ago

CVE-2026-31893

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 5 Interactions
Last activity: 5 hours ago

Fediverse

Profile picture fallback
raptor :C_H: @raptor

Anyone knows anything more about this ?

"CVE-2026-31893 describes a serious Tunnelblick vulnerability.

This vulnerability is present in all versions of all Tunnelblick versions 3.3beta26 through 9.0beta01.

Tunnelblick 8.0.1 and 9.0beta02 contain fixes for the vulnerability.

The CVE is expected to be published and this page updated on or before 2026-03-27."

tunnelblick.net/CVE-2026-31893

  • 2
  • 3
  • 0
  • 5h ago

CVE-2025-15036

Overview

  • mlflow
  • mlflow/mlflow
30 Mar 2026
Published
30 Mar 2026
Updated
CVSS v3.0
CRITICAL (9.6)
EPSS
0.05%
KEV

Description

A path traversal vulnerability exists in the `extract_archive_to_dir` function within the `mlflow/pyfunc/dbconnect_artifact_cache.py` file of the mlflow/mlflow repository. This vulnerability, present in versions before v3.7.0, arises due to the lack of validation of tar member paths during extraction. An attacker with control over the tar.gz file can exploit this issue to overwrite arbitrary files or gain elevated privileges, potentially escaping the sandbox directory in multi-tenant or shared cluster environments.

Statistics

  • 1 Post
  • 3 Interactions
Last activity: 10 hours ago

Bluesky

Profile picture fallback
BaseFortify.eu @basefortify.bsky.social
🚨 CVE-2025-15036 (CRITICAL 9.6) MLflow archive extraction flaw allows attackers to overwrite arbitrary files via path traversal (“../”) in tar.gz files, potentially leading to privilege escalation and sandbox escape. 🔎 basefortify.eu/cve_reports/... #CVE #CyberSecurity #MLflow #PathTraversal
  • 1
  • 2
  • 0
  • 10h ago

CVE-2025-1727

Overview

  • End-of-Train and Head-of-Train remote linking protocol
  • End-of-Train and Head-of-Train remote linking protocol
10 Jul 2025
Published
11 Jul 2025
Updated
CVSS v3.1
HIGH (8.1)
EPSS
0.03%
KEV

Description

The protocol used for remote linking over RF for End-of-Train and Head-of-Train (also known as a FRED) relies on a BCH checksum for packet creation. It is possible to create these EoT and HoT packets with a software defined radio and issue brake control commands to the EoT device, disrupting operations or potentially overwhelming the brake systems.

Statistics

  • 1 Post
  • 3 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture fallback
Dickenhobelix @dickenhobelix

CVE-2025-1727 makes trains go brrrrrrrrrrrt

Eingleisübung wann?

  • 1
  • 2
  • 0
  • 9h ago

CVE-2026-0848

Overview

  • nltk
  • nltk/nltk
05 Mar 2026
Published
06 Mar 2026
Updated
CVSS v3.0
CRITICAL (10.0)
EPSS
0.48%
KEV

Description

NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply or replace the JAR file, enabling the execution of arbitrary Java bytecode at import time. This vulnerability can be exploited through methods such as model poisoning, MITM attacks, or dependency poisoning, leading to remote code execution. The issue arises from the direct execution of the JAR file via subprocess with unvalidated classpath input, allowing malicious classes to execute when loaded by the JVM.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 4 hours ago

Fediverse

Profile picture fallback
Claudio C @cktodon

Cómo un fallo en una librería de #Python puede comprometer sistemas de #IA (CVE-2026-0848)

unaaldia.hispasec.com/2026/03/

  • 1
  • 0
  • 0
  • 4h ago

CVE-2026-4438

Overview

  • The GNU C Library
  • glibc
20 Mar 2026
Published
23 Mar 2026
Updated
CVSS
Pending
EPSS
0.03%
KEV

Description

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.

Statistics

  • 1 Post
  • 5 Interactions
Last activity: 7 hours ago

Fediverse

Profile picture fallback
grawity @grawity

CVE-2026-4438 reminds me of that time I discovered BIND's "check-names no" and found out that "freenode/staff/foo.example.com" was a valid rDNS entry according to the ircd

  • 0
  • 5
  • 0
  • 7h ago

CVE-2026-4176

Overview

  • SHAY
  • perl
  • perl
29 Mar 2026
Published
30 Mar 2026
Updated
CVSS
Pending
EPSS
0.01%
KEV

Description

Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a vendored version of zlib which has several vulnerabilities, including CVE-2026-27171. The bundled Compress::Raw::Zlib was updated to version 2.221 in Perl blead commit c75ae9cc164205e1b6d6dbd57bd2c65c8593fe94.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 19 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

⚠️ CVE-2026-4176 (HIGH): Perl Compress::Raw::Zlib uses a vulnerable zlib, risking memory corruption or code execution. Affects 5.9.4 – 5.43.0. Update to Compress::Raw::Zlib 2.221+ ASAP! radar.offseq.com/threat/cve-20

  • 0
  • 1
  • 0
  • 19h ago
Showing 1 to 10 of 84 CVEs