CVE-2026-3783

Overview

curl
curl

11 Mar 2026

Published

11 Mar 2026

Updated

CVSS

Pending

EPSS

0.02%

MITRE

KEV

Description

When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with either of the `machine` or `default` keywords, curl would pass on the bearer token set for the first host also to the second one.

Statistics

2 Posts
6 Interactions

Last activity: 13 hours ago

Fediverse

daniel:// stenberg:// @bagder

CVE-2026-3783: token leak with redirect and netrc

When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances.

3
3
0
21h ago

Bluesky

ferramentaslinux.bsky.social @ferramentaslinux.bsky.social

Critical curl vulnerabilities patched in #Ubuntu today. The update (USN-8084-1) addresses five CVEs, including a high-impact OAuth2 bearer token leak (CVE-2026-3783) and potential SMB heap overflow. Read more: 👉 tinyurl.com/bdhrsx9m #Security

0
0
0
13h ago

CVE-2026-3805

Overview

curl
curl

11 Mar 2026

Published

11 Mar 2026

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.

Statistics

2 Posts
7 Interactions

Last activity: 20 hours ago

Fediverse

daniel:// stenberg:// @bagder

CVE-2026-3805: use after free in SMB connection reuse

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.

https://curl.se/docs/CVE-2026-3805.html

2
4
0
21h ago

Nad @Nadsec

Found this bug on the weekend :)
https://curl.se/docs/CVE-2026-3805.html

Curl is cool. For the love of the game..

0
1
0
20h ago

CVE-2026-30226

Overview

sveltejs
devalue

11 Mar 2026

Published

11 Mar 2026

Updated

CVSS v4.0

MEDIUM (6.3)

EPSS

Pending

MITRE

KEV

Description

Svelte devalue is a JavaScript library that serializes values into strings when JSON.stringify isn't sufficient for the job. In devalue v5.6.3 and earlier, devalue.parse and devalue.unflatten were susceptible to prototype pollution via maliciously crafted payloads. Successful exploitation could lead to Denial of Service (DoS) or type confusion. This vulnerability is fixed in 5.6.4.

Statistics

2 Posts
8 Interactions

Last activity: 8 hours ago

Fediverse

Joachim Viide @jviide

Okay, so it turns out that this is really, really slow.

Which led to CVE-2026-30226: https://github.com/sveltejs/devalue/security/advisories/GHSA-cfw5-2vxh-hr84

0
0
0
8h ago

Bluesky

Joachim Viide @jviide.iki.fi

Okay, so it turns this is really, really slow. Which led to CVE-2026-30226: github.com/sveltejs/dev... Thanks to @ell.iott.dev and the rest of the @svelte.dev team for a well-handled vuln process, a pleasure as always 🫡

0
8
0
8h ago

CVE-2026-0230

Overview

Palo Alto Networks
Cortex XDR Agent

11 Mar 2026

Published

11 Mar 2026

Updated

CVSS v4.0

MEDIUM (4.0)

EPSS

Pending

MITRE

KEV

Description

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection.

Statistics

2 Posts

Last activity: 9 hours ago

Fediverse

HackerWorkspace @hackerworkspace

CVE-2026-0230 Cortex XDR Agent: Local Administrator can disable the agent on macOS

https://security.paloaltonetworks.com/CVE-2026-0230

Short summary: https://hackerworkspace.com/article/cve-2026-0230-cortex-xdr-agent-local-administrator-can-disable-the-agent-on-macos

#cybersecurity #vulnerability #exploit

0
0
0
10h ago

Bluesky

ripjyr.bsky.social @ripjyr.bsky.social

Paloaltoの脆弱性情報「CVE-2026-0230 Cortex XDR Agent: Local Administrator can disable the agent on macOS (Severity: MEDIUM)」が公開されました。 → https://security.paloaltonetworks.com/CVE-2026-0230

0
0
0
9h ago

CVE-2025-68613

Overview

n8n-io
n8n

19 Dec 2025

Published

04 Mar 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

78.98%

MITRE

KEV

Description

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. This issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly advised to upgrade to a patched version, which introduces additional safeguards to restrict expression evaluation. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only; and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully eliminate the risk and should only be used as short-term measures.

Statistics

2 Posts

Last activity: 8 hours ago

Bluesky

キタきつね @kitafox.bsky.social

CISA、既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Mar 11) CVE-2025-68613 n8n 動的に管理されるコードリソースの不適切な制御の脆弱性 www.cisa.gov/news-events/...

0
0
0
8h ago

piggo @pigondrugs.bsky.social

~Cisa~ CISA added CVE-2025-68613, an actively exploited n8n code execution flaw, to its KEV catalog. - IOCs: CVE-2025-68613 - #CVE202568613 #ThreatIntel #n8n

0
0
0
8h ago

CVE-2026-21262

Overview

Microsoft
Microsoft SQL Server 2016 Service Pack 3 (GDR)

10 Mar 2026

Published

10 Mar 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.08%

MITRE

KEV

Description

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.

Statistics

2 Posts

Last activity: 2 hours ago

Bluesky

Undercode Testing @undercode.bsky.social

Microsoft SQL Server Zero-Day Exploit: The 88 Critical Privilege Escalation Threat You Must Patch Now + Video Introduction A critical zero-day vulnerability tracked as CVE-2026-21262 has been disclosed in Microsoft SQL Server, carrying a CVSS score of 8.8 and allowing authenticated attackers to…

0
0
0
2h ago

セキュリティ対策Lab @securitylab-jp.bsky.social

Microsoft 2026年3月の定例パッチで-公開済みゼロデイ2件とOffice・Excelの脆弱性が修正(CVE-2026-21262,CVE-2026-26127) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews

0
0
0
4h ago

CVE-2026-26144

Overview

Microsoft
Microsoft 365 Apps for Enterprise

10 Mar 2026

Published

11 Mar 2026

Updated

CVSS v3.1

HIGH (7.5)

EPSS

0.10%

MITRE

KEV

Description

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

Statistics

3 Posts
1 Interaction

Last activity: 8 hours ago

Fediverse

Christoph Schmees @PC_Fluesterer

Microsoft Flickentag 2026-03

Nach dem fetten Flickentag im Februar ist der für März wieder auf "normales" Maß geschrumpft. Mit den aktuellen Updates adressiert Microsoft (MS) 83 Sicherheitslücken. Von denen sind 8 als kritisch eingestuft. Von denen wiederum sticht eine (CVE-2026-26144) heraus. Ein führender Sicherheitsfachmann findet sie faszinierend. Es handelt sich um einen Fehler in Excel, nämlich "unzureichende Bereinigung von Eingaben". Der Leckerbissen besteht darin, dass ein Angreifer den Fehler nutzen kann, um mit Hilfe der KI Copilot von Ferne Informationen abzusaugen. Dafür sind keine Anmeldung oder Benutzerrechte

https://www.pc-fluesterer.info/wordpress/2026/03/11/microsoft-flickentag-2026-03/

#Empfehlung #Hintergrund #Warnung #0day #datenschutz #Microsoft #office #privacy #sicherheit #UnplugTrump #vorbeugen #unplugmicrosoft

1
0
0
18h ago

Bluesky

r/netsec bot @r-netsec.bsky.social

Common architectural pattern across four Q1 2026 AI assistant vulnerabilities (CVE-2026-26144, CVE-2026-0628, CVE-2026-24307, PleaseFix)

0
0
1
8h ago

CVE-2026-3784

Overview

curl
curl

11 Mar 2026

Published

11 Mar 2026

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection.

Statistics

1 Post
4 Interactions

Last activity: 21 hours ago

Fediverse

daniel:// stenberg:// @bagder

CVE-2026-3784: wrong proxy connection reuse with credentials

curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a server, even if the new request uses different credentials for the HTTP proxy. The proper behavior is to create or use a separate connection.

https://curl.se/docs/CVE-2026-3784.html

1
3
0
21h ago

CVE-2026-20127

Overview

Cisco
Cisco Catalyst SD-WAN Manager

25 Feb 2026

Published

26 Feb 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

2.60%

MITRE

KEV

Description

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. 

Statistics

1 Post
3 Interactions

Last activity: 12 hours ago

Bluesky

Stephen Fewer @stephenfewer.bsky.social

Check out the analysis by @cryptocat.me for CVE-2026-20127 in Cisco SD WAN. That other PoC posted last week exploits a totally different bug that doesn't match the reported IOCs (some kind of file upload due to path traversal in vManage maybe). We asses with high confidence this is CVE-2026-20127 🔥

1
2
0
12h ago

CVE-2026-0866

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

1 Post
3 Interactions

Last activity: 19 hours ago

Fediverse

:mastodon: decio @decio

[ #VULN ] "Zombie ZIP : cette technique d'évasion rend aveugles les antivirus"
CVE-2026-0866
⬇️
"Découverte par Chris Aziz, chercheur en sécurité chez Bombadil Systems, la technique Zombie ZIP abuse de la confiance accordée aux moteurs d'analyse à l'en-tête des fichiers ZIP. En effet, cette attaque consiste à manipuler l'en-tête du fichier ZIP de façon à altérer le champ déterminant la méthode de compression au sein de l'archive.

La technique Zombie ZIP consiste à indiquer que les données sont stockées sans aucune compression (méthode STORED ou Method=0), alors que c'est faux ! Le fichier malveillant est bel et bien compressé via l'algorithme standard DEFLATE."
👇
https://www.it-connect.fr/zombie-zip-cette-technique-devasion-rend-aveugles-les-antivirus/

(NDR yet another) " #ZIP format confusion technique that evades 98% of #antivirus engines."
⬇️
CVE-2026-0866 | VU#976247 | Published March 10, 2026
👇
https://github.com/bombadil-systems/zombie-zip?tab=readme-ov-file

💬
⬇️
https://infosec.pub/post/43258263

#CyberVeille #CVE_2026_0866

1
2
0
19h ago