Anyone hear of a PoC for CVE-2026-0227 yet?

PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal

https://security.paloaltonetworks.com/CVE-2026-0227

DoS-Schwachstelle in PAN-OS bedroht GlobalProtect-Infrastruktur

Palo Alto Networks hat eine kritische Sicherheitslücke in seiner Firewall-Software PAN-OS behoben. Die als CVE-2026-0227 klassifizierte Schwachstelle erlaubt es Angreifern ohne Authentifizierung, Denial-of-Service-Attacken gegen GlobalProtect-Komponenten durchzuführen und betroffene Systeme in den Wartungsmodus zu zwingen.

https://www.all-about-security.de/dos-schwachstelle-in-pan-os-bedroht-globalprotect-infrastruktur/

#PaloAltoNetworks #DoS #PANOS #firewall

Tracked as CVE-2026-0227, this security flaw affects next-generation firewalls (running PAN-OS 10.1 or later) and Palo Alto Networks' Prisma Access configurations when the GlobalProtect gateway or portal is enabled. https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-dos-bug-letting-hackers-disable-firewalls/

Palo Alto Networks – CVE-2026-0227 : cette nouvelle faille permet de désactiver le firewall à distance https://www.it-connect.fr/palo-alto-networks-cve-2026-0227-firewalls/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #PaloAlto

Un exploit est disponible pour cette nouvelle faille critique dans Fortinet FortiSIEM : CVE-2025-64155 https://www.it-connect.fr/fortinet-fortisiem-cve-2025-64155/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Fortinet

Stupid cloud anyway.

https://cymulate.com/blog/cve-2026-20965-azure-windows-admin-center-tenant-wide-rce/

Cymulate Research Labs discovered a critical vulnerability, CVE-2026-20965, in Azure Windows Admin Center (WAC) that allows an attacker with local administrator access on one machine to achieve tenant-wide Remote Code Execution (RCE). Microsoft has released version 0.70.00 of the Windows Admin Center Azure Extension to patch this flaw, which stems from improper token validation in the Azure AD Single Sign-On implementation.
https://cymulate.com/blog/cve-2026-20965-azure-windows-admin-center-tenant-wide-rce/

‼️ 40,000 WordPress Sites Exposed to Risk Due to Modular DS Admin Bypass Vulnerability

CVE-2026-23550: Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

CVSS: 10
CVE Published: January 14th, 2026

Attacking IP Addresses:

45[.]11[.]89[.]19
185[.]196[.]0[.]11

Reference: https://help.modulards.com/en/article/modular-ds-security-release-modular-connector-252-dm3mv0/

Exploit Code Public for Critical FortiSIEM Command Injection Flaw
https://www.bleepingcomputer.com/news/security/exploit-code-public-for-critical-fortisiem-command-injection-flaw/
Technical details and public exploit code have been released for a critical vulnerability affecting Fortinet’s FortiSIEM platform, enabling a remote, unauthenticated attacker to execute arbitrary commands or code.
The vulnerability, tracked as CVE-2025-25256, combines two flaws that allow arbitrary file writes with administrative privileges and subsequent privilege escalation to root access.
Researchers at penetration testing firm Horizon3.ai disclosed the issue in mid-August 2025. Fortinet addressed the vulnerability in early November across four of the five active development branches and announced this week that all affected versions have now been fully patched.
Fortinet described CVE-2025-25256 as an improper neutralization of special elements in an operating system command, which could allow an unauthenticated attacker to execute unauthorized commands or code through crafted TCP requests.
According to Horizon3.ai, the root cause is the exposure of dozens of command handlers within the phMonitor service that can be invoked remotely without authentication, significantly increasing the risk of exploitation.

The vulnerability is tracked as CVE-2025-25256, and is a combination of two issues that permit arbitrary write with admin permissions and privilege escalation to root access. https://www.bleepingcomputer.com/news/security/exploit-code-public-for-critical-fortisiem-command-injection-flaw/

📢⚠️ Years-old vulnerable Apache Struts 2 versions were downloaded 387K+ times in one week, despite a high-severity CVE-2025-68493 flaw - Patch to 6.1.1 now!

Read: https://hackread.com/years-old-vulnerable-apache-struts-2-downloads/

#Cybersecurity #ApacheStruts #Vulnerability #InfoSec #DevSecOps

⚠️ Microsoft’s first Patch Tuesday of 2026 fixes 114 Windows flaws, including one exploited in the wild.

CVE-2026-20805 is a local info-leak in Desktop Window Manager that can expose memory addresses and weaken ASLR.

🔗 Read → https://thehackernews.com/2026/01/microsoft-fixes-114-windows-flaws-in.html

🟠 CVE-2026-22774 - High (7.5)

Svelte devalue is a JavaScript library that serializes values into strings when JSON.stringify isn't sufficient for the job. From 5.3.0 to 5.6.1, certain inputs can cause devalue.parse to consume excessive CPU time and/or memory, potentially leadi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22774/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack