CVE-2026-21385

Overview

Qualcomm, Inc.
Snapdragon

02 Mar 2026

Published

04 Mar 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

0.02%

MITRE

KEV

Description

Memory corruption while using alignments for memory allocation.

Statistics

10 Posts
4 Interactions

Last activity: 2 hours ago

Fediverse

DragonJAR @dragonjar

En las últimas 24 horas, se ha descubierto una crítica vulnerabilidad en Google Chrome que permite espionaje a través de extensiones maliciosas, mientras que Android corrige una falla explotada en chipsets Qualcomm que podría comprometer dispositivos móviles; además, el Reino Unido alerta sobre ciberataques iraníes motivados por tensiones geopolíticas, destacando la urgencia de fortalecer la ciberseguridad. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática:

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 03/03/26 📆 |====

🔐 VULNERABILIDAD EN CHROME QUE PERMITE ESPIAR A TRAVÉS DE GEMINI LIVE

Se ha detectado una grave vulnerabilidad en Google Chrome que posibilita a extensiones maliciosas secuestrar la función Gemini Live, diseñada para asistencia en el navegador, con el fin de espiar a los usuarios y acceder a archivos sensibles almacenados en sus dispositivos. Esta brecha pone en riesgo la privacidad y seguridad de millones de usuarios, por lo que se recomienda extremar precauciones al instalar extensiones y mantener el navegador actualizado con los últimos parches de seguridad. Protege tu información y mantente alerta. Descubre más detalles sobre esta amenaza y cómo protegerte aquí 👉 https://djar.co/PlaRM

📱 GOOGLE CONFIRMA FALLA CRÍTICA EN COMPONENTE DE QUALCOMM EXPLOTADA EN ANDROID

La actualización de seguridad de marzo de 2026 para Android aborda 129 vulnerabilidades, entre ellas una falla crítica y ya explotada en dispositivos con chipsets Qualcomm, identificada como CVE-2026-21385. Esta vulnerabilidad permite ejecución remota de código, poniendo en riesgo la integridad de los dispositivos móviles. Se recomienda a todos los usuarios actualizar sus dispositivos de inmediato para protegerse contra posibles ataques que podrían comprometer datos personales y corporativos. Infórmate sobre esta actualización fundamental y cómo aplicarla en tu equipo aquí 👉 https://djar.co/h1BDO

⚠️ ALERTA EN EL REINO UNIDO POR AMENAZAS DE CIBERATAQUES IRANÍES EN CONTEXTO DE CONFLICTO EN ORIENTE MEDIO

El Centro Nacional de Seguridad Cibernética del Reino Unido ha emitido una advertencia urgente ante el aumento de riesgo de ciberataques dirigidos por grupos vinculados a Irán, motivados por las tensiones en Oriente Medio. Las organizaciones británicas deben fortalecer sus defensas y estar preparadas para enfrentar posibles intentos de intrusión, campañas de desinformación y sabotajes digitales. Esta situación subraya la importancia de mantener una postura de ciberseguridad proactiva en entornos geopolíticos inestables. Conoce las recomendaciones oficiales para proteger tu infraestructura crítica aquí 👉 https://djar.co/jmrIn

1
2
0
19h ago

Jeff Hall - PCIGuru :verified: @jbhall56

The exploited flaw, tracked as CVE-2026-21385 (CVSS score of 7.8) and impacting the graphics component of over 200 Qualcomm chipsets, is described as an integer overflow or wraparound issue leading to memory corruption while using alignments for memory allocation. https://www.securityweek.com/android-update-patches-exploited-qualcomm-zero-day/

0
0
1
17h ago

Bluesky

softfantw.bsky.social @softfantw.bsky.social

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited thehackernews.com/2026/03/goog...

1
0
1
22h ago

Information Security Briefly @infosecbriefly.bsky.social

Google disclosed a high-severity Qualcomm Graphics component vulnerability (CVE-2026-21385) being exploited in Android devices, with March 2026 patches addressing 129 total vulnerabilities including critical remote code execution and privilege escalation flaws.

0
0
0
21h ago

Ninja Owl @ninjaowl.ai

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
12h ago

Packet Storm News @packetstorm.bsky.social

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited https://packetstorm.news/news/view/40625 #news

0
0
0
7h ago

piggo @pigondrugs.bsky.social

~Cisa~ CISA added actively exploited Qualcomm and VMware Aria vulnerabilities to its KEV catalog. - IOCs: CVE-2026-21385, CVE-2026-22719 - #CISA #KEV #ThreatIntel

0
0
0
10h ago

キタきつね @kitafox.bsky.social

CISAが2つの既知の脆弱性をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Mar 3) CVE-2026-21385 Qualcomm の複数のチップセットにおけるメモリ破損の脆弱性 CVE-2026-22719 Broadcom VMware Aria Operations コマンドインジェクション脆弱性 www.cisa.gov/news-events/...

0
0
0
2h ago

CVE-2026-22719

Overview

VMware
Aria Operations
vmware-aria-operations

25 Feb 2026

Published

04 Mar 2026

Updated

CVSS v3.1

HIGH (8.1)

EPSS

0.47%

MITRE

KEV

Description

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001 Workarounds for CVE-2026-22719 are documented in the 'Workarounds' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001

Statistics

5 Posts
5 Interactions

Last activity: Last hour

Bluesky

BleepingComputer @bleepingcomputer.com

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks.

0
5
0
6h ago

Information Security Briefly @infosecbriefly.bsky.social

CISA added CVE-2026-22719, a high-severity command injection vulnerability in Broadcom VMware Aria Operations, to its Known Exploited Vulnerabilities catalog due to active exploitation in the wild.

0
0
0
Last hour

Ninja Owl @ninjaowl.ai

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
Last hour

piggo @pigondrugs.bsky.social

~Cisa~ CISA added actively exploited Qualcomm and VMware Aria vulnerabilities to its KEV catalog. - IOCs: CVE-2026-21385, CVE-2026-22719 - #CISA #KEV #ThreatIntel

0
0
0
10h ago

キタきつね @kitafox.bsky.social

CISAが2つの既知の脆弱性をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Mar 3) CVE-2026-21385 Qualcomm の複数のチップセットにおけるメモリ破損の脆弱性 CVE-2026-22719 Broadcom VMware Aria Operations コマンドインジェクション脆弱性 www.cisa.gov/news-events/...

0
0
0
2h ago

CVE-2026-2256

Overview

ModelScope
ms-agent

02 Mar 2026

Published

03 Mar 2026

Updated

CVSS

Pending

EPSS

0.13%

MITRE

KEV

Description

A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input.

Statistics

3 Posts

Last activity: 2 hours ago

Bluesky

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-2256 in ModelScope MS-Agent framework allows arbitrary OS command execution through inadequate input sanitization in the Shell tool using regex-based blacklist filtering.

0
0
0
19h ago

CrowdCyber @crowdcyber.bsky.social

CVE-2026-2256: Unpatched Flaw in MS-Agent Lets Hackers Hijack AI Assistants

0
0
0
11h ago

キタきつね @kitafox.bsky.social

CVE-2026-2256: MS-Agentの未修正の脆弱性により、ハッカーがAIアシスタントを乗っ取ることができる CVE-2026-2256: Unpatched Flaw in MS-Agent Lets Hackers Hijack AI Assistants #DailyCyberSecurity (Mar 3) securityonline.info/cve-2026-225...

0
0
0
2h ago

CVE-2026-21513

Overview

Microsoft
Windows 10 Version 1607

10 Feb 2026

Published

27 Feb 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

4.76%

MITRE

KEV

Description

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

Statistics

3 Posts

Last activity: 11 hours ago

Bluesky

CyberHub @cyberhub.blog

📌 APT28 Linked to High-Severity MSHTML Security Flaw CVE-2026-21513 https://www.cyberhub.blog/article/20646-apt28-linked-to-high-severity-mshtml-security-flaw-cve-2026-21513

0
0
0
20h ago

Sami Laiho @samilaiho.com

Inside the Fix: Analysis of In-the-Wild Exploit of CVE-2026-21513 www.akamai.com/blog/securit...

0
0
0
18h ago

Commonwealth Sentinel Cyber Security @cwealthsentinel.bsky.social

Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch securityaffairs.com/188782/secur...

0
0
0
11h ago

CVE-2026-0628

Overview

Google
Chrome

06 Jan 2026

Published

26 Feb 2026

Updated

CVSS

Pending

EPSS

0.04%

MITRE

KEV

Description

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

Statistics

3 Posts
1 Interaction

Last activity: 12 hours ago

Fediverse

Jeff Hall - PCIGuru :verified: @jbhall56

The flaw, tracked as CVE-2026-0628, was uncovered by researchers at Palo Alto Networks' Unit 42 who found that rogue Chrome extensions could manipulate how the browser handled requests to the embedded Gemini Live side panel. https://www.theregister.com/2026/03/03/google_chrome_bug_gemini/

0
0
1
16h ago

Bluesky

Tech-News @technology-news.bsky.social

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and surveillance.

0
1
0
12h ago

CVE-2026-20127

Overview

Cisco
Cisco Catalyst SD-WAN Manager

25 Feb 2026

Published

26 Feb 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

2.60%

MITRE

KEV

Description

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. 

Statistics

3 Posts

Last activity: 11 hours ago

Bluesky

PCI Guru @jbhall56.bsky.social

The maximum-severity vulnerability CVE-2026-20127 was exploited by an unknown but sophisticated threat actor who left very little evidence behind. www.darkreading.com/vulnerabilit...

0
0
1
16h ago

Undercode Testing @undercode.bsky.social

Cisco Zero-Day CVE-2026-20127 and the EU’s CRA Shockwave: How Railway Cybersecurity Just Changed Forever + Video Introduction: The convergence of a maximum-severity zero-day exploit and the European Commission’s first official Cyber Resilience Act (CRA) guidance has created a critical juncture for…

0
0
0
11h ago

CVE-2026-0714

Overview

Moxa
UC-1200A Series

05 Feb 2026

Published

05 Feb 2026

Updated

CVSS v4.0

HIGH (7.0)

EPSS

0.01%

MITRE

KEV

Description

A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible.

Statistics

1 Post
3 Interactions

Last activity: 22 hours ago

Fediverse

Martin Boller :debian: :tux: :freebsd: :windows: :mastodon: @itisiboller

https://www.cyloq.se/en/research/cve-2026-0714-tpm-sniffing-luks-keys-on-an-embedded-device

#Moxa #TPM #SPI #LogicAnalyzer #Keys #Cleartext

2
1
0
22h ago

CVE-2026-27495

Overview

n8n-io
n8n

25 Feb 2026

Published

26 Feb 2026

Updated

CVSS v4.0

CRITICAL (9.4)

EPSS

0.06%

MITRE

KEV

Description

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On instances using internal Task Runners (default runner mode), this could result in full compromise of the n8n host. On instances using external Task Runners, the attacker might gain access to or impact other task executed on the Task Runner. Task Runners must be enabled using `N8N_RUNNERS_ENABLED=true`. The issue has been fixed in n8n versions 2.10.1, 2.9.3, and 1.123.22. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations. Limit workflow creation and editing permissions to fully trusted users only, and/or use external runner mode (`N8N_RUNNERS_MODE=external`) to limit the blast radius. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

Statistics

2 Posts
9 Interactions

Last activity: 17 hours ago

Bluesky

The Shadowserver Foundation @shadowserver.bsky.social

We are continuing to expand our n8n RCE vulnerability scanning - most recently adding CVE-2026-27495 (CVSS 9.4) tagging as well. You can track our various n8n scan results here for the most well known critical vulns: dashboard.shadowserver.org/statistics/c... Top affected: US, Germany & France.

1
6
0
17h ago

The Shadowserver Foundation @shadowserver.bsky.social

IP data on vulnerable instances is tagged 'n8n' & with a cve tag (like cve-2026-27495) in our Vulnerable HTTP reporting www.shadowserver.org/what-we-do/n... Latest n8n critical RCE vulns (all covered with above tag): github.com/n8n-io/n8n/s... github.com/n8n-io/n8n/s... github.com/n8n-io/n8n/s...

0
2
0
17h ago

CVE-2022-0847

Overview

kernel

07 Mar 2022

Published

21 Oct 2025

Updated

CVSS

Pending

EPSS

83.44%

MITRE

KEV

Description

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

Statistics

1 Post
1 Interaction

Last activity: 10 hours ago

Bluesky

piggo @pigondrugs.bsky.social

~Elastic~ Elastic details the evolution of Linux rootkits, covering userland, LKM, eBPF, and emerging io_uring hooking techniques. - IOCs: CVE-2022-0847 - #Linux #Rootkit #ThreatIntel

0
1
0
10h ago

CVE-2025-58440

Overview

Pending

Pending

Published

05 Sep 2025

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

The unisharp/laravel-filemanager is a separate project, unrelated to laravel-filemanager.

Statistics

1 Post
1 Interaction

Last activity: 21 hours ago

Bluesky

Undercode Testing @undercode.bsky.social

CVE-2025-58440: Remote Code Execution via Polyglot File Attack in Laravel FileManager – A Deep Dive + Video Introduction A newly disclosed vulnerability in the popular `unisharp/laravel-filemanager` package (versions ≤ 2.11) allows unauthenticated remote code execution (RCE) through a clever…

0
1
0
21h ago