24h | 7d | 30d

CVE-2026-22769

Overview

  • Dell
  • RecoverPoint for Virtual Machines
17 Feb 2026
Published
19 Feb 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.07%
KEV

Description

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.

Statistics

  • 22 Posts
  • 9 Interactions
Last activity: 3 hours ago

Fediverse

Profile picture fallback
:awesome:🐦‍🔥nemo™🐦‍⬛ 🇺🇦🍉 @nemo

Dell warns of a max-severity flaw (CVE-2026-22769) in RecoverPoint for VMs, already exploited for root access in the wild. 🔓💻 Security teams are urged to patch or apply mitigations immediately. Details: cyberinsider.com/dell-warns-of #cybersecurity #infosec #Dell #Newz

  • 2
  • 3
  • 0
  • 10h ago
Profile picture fallback
The Financial Standard @thefinancialstandard

Critical Dell RecoverPoint Exploit Exposed Since 2024

A zero-day Dell RecoverPoint exploit, CVE-2026-22769, has been actively exploited since mid-2024. Patch immediately to avoid data breaches.

Read more: thefinancialstandard.com/dell-

#finance #cybersecurity #fintech #news

  • 1
  • 0
  • 0
  • 13h ago
Profile picture fallback
Jeff Hall - PCIGuru :verified: @jbhall56

The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials affecting versions prior to 6.0.3.1 HF1. Other products, including RecoverPoint Classic, are not vulnerable to the flaw. thehackernews.com/2026/02/dell

  • 0
  • 0
  • 1
  • 19h ago
Profile picture fallback
Rishi @rxerium

🚨 Mandiant have identified zero-day exploitation of a high-risk vulnerability in Dell RecoverPoint for Virtual Machines, tracked as CVE-2026-22769.

RecoverPoint can be detected using this Nuclei template:
github.com/projectdiscovery/nu

Very limited exposure to the internet.

Dell recommends upgrading to version 6.0.3.1 HF1 or later. Mitigations are also available.

Mandiant report:
cloud.google.com/blog/topics/t

  • 0
  • 0
  • 0
  • 18h ago
Profile picture fallback
ekiledjian @edwardk

A suspected China-linked cyberespionage group, UNC6201, has been exploiting a Dell zero-day vulnerability (CVE-2026-22769) in RecoverPoint for Virtual Machines since mid-2024, deploying backdoors like BRICKSTORM and GRIMBOLT and a webshell called SLAYSTYLE. The attackers leveraged default credentials to gain access and deployed stealthy tactics, including novel methods to pivot into VMware virtual infrastructure.
helpnetsecurity.com/2026/02/18

  • 0
  • 0
  • 0
  • 15h ago
Profile picture fallback
Nistal Talson @niztal

⚠️ Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

thehackernews.com/2026/02/dell

#CyberSecurity #InfoSec

  • 0
  • 0
  • 1
  • 8h ago

Bluesky

Profile picture fallback
BaseFortify.eu @basefortify.bsky.social
🛡️ Are you affected? BaseFortify maps your installed components to CPEs and links them to CVEs like CVE-2026-22769 — instantly showing severity, exposure, and mitigation steps. See your real risk in minutes: basefortify.eu #VulnerabilityManagement #CyberResilience #BaseFortify #SMBsecurity
  • 1
  • 0
  • 0
  • 21h ago
Profile picture fallback
BaseFortify.eu @basefortify.bsky.social
🔎 Technical details: CVE-2026-22769 A hardcoded admin credential in the Tomcat Manager lets attackers deploy a malicious WAR file, execute commands as root, and maintain persistence. Threat actors reportedly used web shells + custom backdoors. #ZeroDay #ThreatIntel #BlueTeam #SecurityResearch
  • 1
  • 0
  • 0
  • 21h ago
Profile picture fallback
BaseFortify.eu @basefortify.bsky.social
🚨 CVSS 10.0 in Dell RecoverPoint for VMs. CVE-2026-22769 exposes a hardcoded credential that allows unauthenticated remote root access. The flaw has reportedly been exploited since mid-2024. Full breakdown 👇 basefortify.eu/posts/2026/0... #CVE2026 #CyberSecurity #VMware #Dell #Infosec
  • 1
  • 0
  • 0
  • 21h ago
Profile picture fallback
Ninja Owl @ninjaowl.ai
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024 #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
  • 0
  • 0
  • 0
  • 18h ago
Profile picture fallback
Help Net Security @helpnetsecurity.com
China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769) 📖 Read more: www.helpnetsecurity.com/2026/02/18/e... #cybersecurity #cybersecuritynews #0day #cyberespionage #backdoor @mandiant.com
  • 0
  • 0
  • 0
  • 17h ago
Profile picture fallback
Undercode Testing @undercode.bsky.social
Dell Zero-Day Under Active Attack: CVE-2026-22769 Puts VM Environments at Risk + Video Introduction: A critical zero-day vulnerability, identified as CVE-2026-22769, is currently being actively exploited in Dell RecoverPoint for Virtual Machines, with reports indicating malicious activity dating…
  • 0
  • 0
  • 0
  • 12h ago
Profile picture fallback
tamosan @tamosan.bsky.social
以前からか…『UNC6201がラテラルムーブメントのために悪用』:中国関連ハッカー、Dell製品のゼロデイを2024年半ばから悪用:CVE-2026-22769 | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/43921/
  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback
セキュリティ対策Lab @securitylab-jp.bsky.social
中国系ハッカーがDellのゼロデイ脆弱性を悪用しサイバー攻撃(CVE-2026-22769) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
Dell RecoverPoint for VMs のゼロデイ脆弱性 CVE-2026-22769 が 2024 年半ばから悪用される Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024 #HackerNews (Feb 18) thehackernews.com/2026/02/dell...
  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
中国関連のハッカーが2024年からDellのゼロデイ脆弱性を悪用(CVE-2026-22769) China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769) #HelpNetSecurity (Feb 18) www.helpnetsecurity.com/2026/02/18/e...
  • 0
  • 0
  • 0
  • 7h ago
Profile picture fallback
曖昧ナ犬 @aimainainnu.bsky.social
中国関連ハッカー、 #Dell 製品のゼロデイを2024年半ばから悪用:CVE-2026-22769 | Codebook Codebook|サイバーインテリジェンス/セキュリティNews - マキナレコード ... マルウェアを展開するために悪用していたとされる。初期アクセスの手段は確認されていないものの、UNC6201は初期アクセスのためにVPNコンセントレータなどの ... codebook.machinarecord.com/threatreport...
  • 0
  • 0
  • 0
  • 4h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cisa~ CISA adds actively exploited GitLab (CVE-2021-22175) and Dell (CVE-2026-22769) vulnerabilities to its KEV catalog. - IOCs: CVE-2021-22175, CVE-2026-22769 - #CISA #KEV #ThreatIntel
  • 0
  • 0
  • 0
  • 12h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが2つの既知の脆弱性をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Feb 18) CVE-2021-22175 GitLab サーバーサイドリクエストフォージェリ(SSRF)脆弱性 CVE-2026-22769 Dell RecoverPoint for Virtual Machines (RP4VMs) におけるハードコードされた資格情報の使用に関する脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback
ohhara @shiojiri.com
CVE-2021-22175 GitLab Server-Side Request Forgery (SSRF) Vulnerability CVE-2026-22769 Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability
  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-2441

Overview

  • Google
  • Chrome
13 Feb 2026
Published
18 Feb 2026
Updated
CVSS
Pending
EPSS
0.63%
KEV

Description

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Statistics

  • 15 Posts
  • 4 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
AkhIL @akhil

Яндекс браузер, похоже, уязвим.
Вот PoC: github.com/huseyinstif/CVE-202

  • 0
  • 1
  • 0
  • 15h ago
Profile picture fallback
Claudio C @cktodon

#Google corrige un zero-day de #Chrome (CVE-2026-2441) ya explotado en #ataques

unaaldia.hispasec.com/2026/02/

  • 0
  • 0
  • 0
  • 18h ago
Profile picture fallback
Deskmodder @Deskmodder

Microsoft Edge 145.0.3800.58 korrigiert CVE-2026-2441 und CVE-2026-0102 und weitere Änderungen

deskmodder.de/blog/2026/02/18/

  • 1
  • 0
  • 1
  • 23h ago

Bluesky

Profile picture fallback
Hacker News Top Stories @hackernewsbot.bsky.social
Zero-day CSS: CVE-2026-2441 exists in the wild | Discussion
  • 0
  • 1
  • 1
  • 14h ago
Profile picture fallback
Hackernews Top Stories @news.facts.dev
⚡ Hackernews Top story: Zero-day CSS: CVE-2026-2441 exists in the wild
  • 0
  • 1
  • 0
  • 10h ago
Profile picture fallback
HackerNewsTop5 @hackernewstop5.bsky.social
Zero-day CSS: CVE-2026-2441 exists in the wild #HackerNews https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html
  • 0
  • 0
  • 5
  • 15h ago
Profile picture fallback
HN Link Bot @hnews.southla.social
📰 Zero-day CSS: CVE-2026-2441 exists in the wild 💬 Exec: Chromium CSS use-after-free—yikes. Sentiment: negative/concerned; vibe: alarmed, curious about bounty/LLM. 😬 https://news.ycombinator.com/item?id=47062748
  • 0
  • 0
  • 0
  • 14h ago
Profile picture fallback
Calimeg @calimegai.bsky.social
🚨 CISA ajoute 4 failles actives à son catalogue KEV, dont CVE-2026-2441 (score 8.8) dans #GoogleChrome, exposant à des attaques à distance via use-after-free. #CyberSecurity #calimeg
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-2329

Overview

  • Grandstream
  • GXP1610
18 Feb 2026
Published
18 Feb 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
Pending
KEV

Description

An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. The vulnerability affects all six device models in the series: GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630.

Statistics

  • 6 Posts
  • 8 Interactions
Last activity: 11 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 CVE-2026-2329: CRITICAL stack buffer overflow in Grandstream GXP1610 series (all models) via /cgi-bin/api.values.get. Unauth RCE possible — restrict HTTP API access, segment devices, and monitor traffic. Patch ASAP when available. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 16h ago
Profile picture fallback
ekiledjian @edwardk

A critical security flaw (CVE-2026-2329) has been discovered in Grandstream GXP1600 series VoIP phones, enabling unauthenticated remote code execution with root privileges. This vulnerability, present in the device's web-based API, affects multiple models and has been addressed in a firmware update (version 1.0.7.81).
thehackernews.com/2026/02/gran

  • 0
  • 0
  • 0
  • 15h ago
Profile picture fallback
HackerWorkspace @hackerworkspace

CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED)

rapid7.com/blog/post/ve-cve-20

  • 0
  • 0
  • 0
  • 11h ago

Bluesky

Profile picture fallback
Stephen Fewer @stephenfewer.bsky.social
We have disclosed CVE-2026-2329, a critical unauth stack-based buffer overflow vuln affecting the Grandstream GXP1600 series of VoIP phones. Read our disclosure on the @rapid7.com blog, including technical details for unauth RCE, and accompanying @metasploit-r7.bsky.social modules: r-7.co/4tIzope
  • 4
  • 2
  • 0
  • 17h ago
Profile picture fallback
Rapid7 @rapid7.com
🚨 In conducting 0 day research against #Grandstream GXP1600 VoIP phones, Rapid7 Labs discovered CVE-2026-2329. The unauthenticated stack-based buffer overflow vulnerability ultimately allows an attacker to intercept phone calls and eavesdrop on audio. Read on: r-7.co/4tIzope
  • 1
  • 1
  • 0
  • 18h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
Unauthenticated stack-based buffer overflow (CVE-2026-2329) in Grandstream GXP1600 VoIP phones' /cgi-bin/api.values.get allows remote root code execution via malicious request parameter.
  • 0
  • 0
  • 0
  • 15h ago

CVE-2026-26119

Overview

  • Microsoft
  • Windows Admin Center
17 Feb 2026
Published
19 Feb 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.08%
KEV

Description

Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

Statistics

  • 2 Posts
  • 2 Interactions
Last activity: 7 hours ago

Bluesky

Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
A Windows Admin Center authentication flaw (CVE-2026-26119) lets authorized users escalate privileges across networks, potentially granting widespread administrative control.
  • 1
  • 1
  • 0
  • 7h ago
Profile picture fallback
Undercode Testing @undercode.bsky.social
CVE-2026-26119: The Windows Admin Center Flaw That Hands Attackers the Keys to Your Domain + Video Introduction: A newly disclosed critical vulnerability in Microsoft's Windows Admin Center (WAC) poses a severe threat to enterprise networks, potentially allowing a standard, low-privileged user to…
  • 0
  • 0
  • 0
  • 18h ago

CVE-2026-1426

Overview

  • berocket
  • Advanced AJAX Product Filters
18 Feb 2026
Published
18 Feb 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
Pending
KEV

Description

The Advanced AJAX Product Filters plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.9.6 via deserialization of untrusted input in the shortcode_check function within the Live Composer compatibility layer. This makes it possible for authenticated attackers, with Author-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. Note: This vulnerability requires the Live Composer plugin to also be installed and active.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 13 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🔒 CVE-2026-1426: HIGH severity PHP Object Injection in berocket Advanced AJAX Product Filters (WordPress, <=3.1.9.6). Requires Author access + Live Composer, and a gadget chain in another plugin/theme. Update or audit now! radar.offseq.com/threat/cve-20

  • 1
  • 0
  • 0
  • 13h ago

Bluesky

Profile picture fallback
CyberHub @cyberhub.blog
CVE Alert: CVE-2026-1426 - CVSS 8.8/10 The Advanced AJAX Product Filters plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.9.6 via deserialization of untrusted input in the shortc... https://www.cyberhub.blog/cves/CVE-2026-1426
  • 0
  • 0
  • 0
  • 16h ago

CVE-2026-1281

Overview

  • Ivanti
  • Endpoint Manager Mobile
29 Jan 2026
Published
30 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
39.20%
KEV

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

Statistics

  • 2 Posts
Last activity: 14 hours ago

Fediverse

Profile picture fallback
pentest-tools.com @pentesttools

🚨 Active exploitation confirmed for a new unauthenticated RCE in Ivanti - CVE-2026-1281

With a CVSS of 9.8 and part of CISA KEV, attackers need *zero* credentials to use this CVE and exploit legacy bash scripts and gain root access.

So we updated Pentest-Tools.com to help you confirm the risk:

📡 Network Scanner - detects exposed Ivanti EPMM instances on your perimeter.

🎯 Sniper Auto-Exploiter - safely demonstrates the RCE to prove the risk is real (and urgent).

Find more info for your rapid response flows here: pentest-tools.com/vulnerabilit

  • 0
  • 0
  • 0
  • 19h ago
Profile picture fallback
Darses @darses

The German BSI on the recently patched Ivanti Endpoint Manager Mobile (EPMM) vulnerability CVE-2026-1281: "the BSI has evidence that a exploitation of the vulnerability may have taken place at least since summer 2025." (Translated)

Kudo's to them for making this public.

#cybersecurity #vulnerability #CVE-2026-1281

  • 0
  • 0
  • 0
  • 14h ago

CVE-2021-22175

Overview

  • GitLab
  • GitLab
11 Jun 2021
Published
19 Feb 2026
Updated
CVSS v3.1
MEDIUM (6.8)
EPSS
52.88%
KEV

Description

When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled

Statistics

  • 4 Posts
  • 1 Interaction
Last activity: 3 hours ago

Fediverse

Profile picture fallback
Darses @darses

Gitlab vulnerability CVE-2021-22175 got added to the CISA KEV. But this vuln is just a more complete patch to CVE-2021-22214. Likewise CVE-2021-39935 covers even more case where the CI Lint function could be used without authentication. In fact, the exploit code identical for all vulnerabilites. CVE-2021-39935 was already on the list, CVE-2021-22175 got added today and CVE-2021-22214 is still missing.

#cybersecurity #vulnerability #circus

  • 1
  • 0
  • 0
  • 12h ago

Bluesky

Profile picture fallback
piggo @pigondrugs.bsky.social
~Cisa~ CISA adds actively exploited GitLab (CVE-2021-22175) and Dell (CVE-2026-22769) vulnerabilities to its KEV catalog. - IOCs: CVE-2021-22175, CVE-2026-22769 - #CISA #KEV #ThreatIntel
  • 0
  • 0
  • 0
  • 12h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAが2つの既知の脆弱性をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Feb 18) CVE-2021-22175 GitLab サーバーサイドリクエストフォージェリ(SSRF)脆弱性 CVE-2026-22769 Dell RecoverPoint for Virtual Machines (RP4VMs) におけるハードコードされた資格情報の使用に関する脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 8h ago
Profile picture fallback
ohhara @shiojiri.com
CVE-2021-22175 GitLab Server-Side Request Forgery (SSRF) Vulnerability CVE-2026-22769 Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability
  • 0
  • 0
  • 0
  • 3h ago

CVE-2025-45769

Overview

  • Pending
31 Jul 2025
Published
18 Feb 2026
Updated
CVSS
Pending
EPSS
0.01%
KEV

Description

php-jwt v6.11.0 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant to recommend an outcome for this CVE Record.

Statistics

  • 1 Post
  • 5 Interactions
Last activity: 4 hours ago

Fediverse

Profile picture fallback
Shawn Hooper (he/him) @shawnhooper

If you're using firebase/php-jwt v6, surprise!

GitHub Advisory GHSA for CVE-2025-45769 ignores NVD "Disputed" status, blocks all php-jwt v6 users.

Details here:

github.com/firebase/php-jwt/is

#PHP #CVE

  • 2
  • 3
  • 0
  • 4h ago

CVE-2025-41725

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 17 hours ago

Fediverse

Profile picture fallback
CERT@VDE @certvde

VDE-2026-0001
JBL: DoS vulnerability in Flip 4

Any attacker in radio range can send malicious messages to cause the device to crash.
CVE-2025-41725

certvde.com/en/advisories/vde-

harman.csaf-tp.certvde.com/.we

  • 1
  • 1
  • 0
  • 17h ago

CVE-2001-0144

Overview

  • Pending
07 May 2001
Published
08 Aug 2024
Updated
CVSS
Pending
EPSS
61.72%
KEV

Description

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 4 hours ago

Fediverse

Profile picture fallback
Tim Hergert @cjust

@TheBreadmonkey Fun fact: In the movie the The Matrix Reloaded - Trinity executes a real world exploit (CVE-2001-0144) against an SSH server using nmap.

Not So Fun Fact: There's probably some system somewhere exposed to Mr. Internet still running that vulnerable version of SSH

  • 0
  • 2
  • 0
  • 4h ago
Showing 1 to 10 of 54 CVEs