24h | 7d | 30d

CVE-2025-53521

Overview

  • F5
  • BIG-IP
15 Oct 2025
Published
28 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
19.16%
KEV

Description

When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution (RCE).   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Statistics

  • 6 Posts
  • 5 Interactions
Last activity: 8 hours ago

Bluesky

Profile picture fallback
Sami Laiho @samilaiho.com
F5 K000156741: BIG-IP APM vulnerability CVE-2025-53521 increased severity, active exploitation URL: my.f5.com/manage/s/art... Classification: Critical, Solution: Official Fix, Exploit Maturity: High, CVSSv4.0: 9.3
  • 1
  • 1
  • 0
  • 22h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cisa~ CISA added an actively exploited F5 BIG-IP RCE vulnerability to its KEV catalog. - IOCs: CVE-2025-53521 - #CVE2025_53521 #F5 #ThreatIntel
  • 1
  • 0
  • 0
  • 23h ago
Profile picture fallback
Undercode Testing @undercode.bsky.social
F5 BIG-IP APM Zero-Day Under Active Siege: CISA Mandates Emergency Patching for CVE-2025-53521 + Video Introduction: A recently reclassified vulnerability in F5’s BIG-IP Access Policy Manager (APM), tracked as CVE-2025-53521, has escalated from a mere denial-of-service (DoS) concern to a critical…
  • 1
  • 0
  • 0
  • 19h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
CISA adds CVE-2025-53521, a critical F5 BIG-IP APM flaw enabling pre-auth remote code execution (CVSS 9.3), to KEV after active exploitation. F5 updates TTPs and requires patches by 2026. #F5Security #Vulnerability #USA
  • 1
  • 0
  • 0
  • 15h ago
Profile picture fallback
r/blueteamsec bot @r-blueteamsec.bsky.social
K000156741: F5 BIG-IP APM vulnerability CVE-2025-53521 - from October - K000160486: Indicators of Compromise for c05d5254 from March
  • 0
  • 0
  • 0
  • 12h ago
Profile picture fallback
Ninja Owl @ninjaowl.ai
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
  • 0
  • 0
  • 0
  • 8h ago

CVE-2026-3055

Overview

  • NetScaler
  • ADC
23 Mar 2026
Published
24 Mar 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.02%
KEV

Description

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

Statistics

  • 9 Posts
  • 2 Interactions
Last activity: 6 hours ago

Bluesky

Profile picture fallback
Ninja Owl @ninjaowl.ai
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
  • 1
  • 1
  • 0
  • 16h ago
Profile picture fallback
Undercode Testing @undercode.bsky.social
CVE-2026-3055: NetScaler Under Active Reconnaissance—Patch Now Before Exploitation Goes Nuclear + Video Introduction: The window between attacker reconnaissance and active exploitation is shrinking to near-zero. Security researchers at watchTowr have detected active scanning campaigns targeting…
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
Undercode Testing @undercode.bsky.social
CVE-2026-3055: Critical Citrix NetScaler Flaw Under Active Exploitation – Patch Now! + Video Introduction: A newly disclosed vulnerability, CVE-2026-3055, with a CVSS score of 9.3, is currently being actively probed by attackers targeting Citrix NetScaler appliances. Threat actors are leveraging…
  • 0
  • 0
  • 0
  • 17h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Critical CVE-2026-3055 (CVSS 9.3) in Citrix NetScaler ADC & Gateway allows memory overread via /cgi/GetAuthMethods, enabling attackers to fingerprint auth methods and leak sensitive data. Patching advised. #NetScaler #CVE20263055 #USA
  • 0
  • 0
  • 0
  • 15h ago
Profile picture fallback
/r/netsec @r-netsec-bot.bsky.social
The Sequels Are Never As Good, But We're Still In Pain (Citrix NetScaler CVE-2026-3055 Memory Overread) - watchTowr Labs
  • 0
  • 0
  • 4
  • 6h ago

CVE-2026-33017

Overview

  • langflow-ai
  • langflow
20 Mar 2026
Published
26 Mar 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
5.65%
KEV

Description

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses attacker-controlled flow data (containing arbitrary Python code in node definitions) instead of the stored flow data from the database. This code is passed to exec() with zero sandboxing, resulting in unauthenticated remote code execution. This is distinct from CVE-2025-3248, which fixed /api/v1/validate/code by adding authentication. The build_public_tmp endpoint is designed to be unauthenticated (for public flows) but incorrectly accepts attacker-supplied flow data containing arbitrary executable code. This issue has been fixed in version 1.9.0.

Statistics

  • 3 Posts
Last activity: 14 hours ago

Fediverse

Profile picture fallback
Steele Fortress @steelefortress

CISA just added two critical vulnerabilities to its Known Exploited Vulnerabilities catalog and both deserve your immediate attention.

First up is CVE-2026-33017, a code injection flaw in Langflow, the open-source AI workflow builder that has exploded in popularity.

Read more: steelefortress.com/7448up

  • 0
  • 0
  • 0
  • 16h ago

Bluesky

Profile picture fallback
Eyal Estrin ☁️ @eyalestrin.bsky.social
Security Analysis and Intel: CVE-2026-33017 Langflow RCE (28.3.2026) #appsec
  • 0
  • 0
  • 0
  • 20h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
Critical flaws in PTC Windchill/FlexPLM exploited with mitigations but no patch; Langflow CVE-2026-33017 active for RCE, upgrade to 1.9.0. Ransomware targets energy firms; Nova Scotia Power breached. #Germany #Ransomware #Canada
  • 0
  • 0
  • 0
  • 14h ago

CVE-2026-27876

Overview

  • Grafana
  • Grafana Enterprise
27 Mar 2026
Published
28 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.08%
KEV

Description

A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the sqlExpressions feature toggle enabled are vulnerable.

Statistics

  • 2 Posts
  • 5 Interactions
Last activity: 12 hours ago

Fediverse

Profile picture fallback
Luca Hammer @luca

- Syncthing got a 2.0 release and switched from LevelDB to SQLite github.com/syncthing/syncthing
- macOS did that weird (a) Upgrade support.apple.com/de-de/126604 and is now at 2.6.4 with 8 (eight!) new emojis support.apple.com/en-us/122868
- Grafana security fix 12.4.1 -> 12.4.2 grafana.com/blog/grafana-secur
- TandoorRecipes got shared shopping lists and pantry inventory with 2.6.0 and an security update to 2.6.1 github.com/TandoorRecipes/reci
- Grist, qbittorrent and smokeping got updates for their containers. I haven't figured out what changed. hub.docker.com/r/gristlabs/gri github.com/linuxserver/docker- github.com/linuxserver/docker-
- Redis 8.6.2 with some bugfixes github.com/redis/redis/releases
- Home Assistant 2026.3.3 -> 2026.3.4. Nothing interesting. github.com/home-assistant/core
- oh-my-zsh with tiny changes github.com/ohmyzsh/ohmyzsh/com
- Next section is done by homebrew. I don't even know what half of the stuff is used for. Don't judge for having fish and zsh.
ffmpeg 8.0.1_4 -> 8.1
pandoc 3.9 -> 3.9.0.2
nghttp2 1.68.0_1 -> 1.68.1
simdjson 4.4.0 -> 4.4.2
freetype 2.14.2 -> 2.14.3
cryptography 46.0.5 -> 46.0.6
ipython 9.11.0 -> 9.12.0
libavif 1.4.0 -> 1.4.1
harfbuzz 13.1.1 -> 13.2.1
glib 2.86.4 -> 2.88.0
aom 3.13.1 -> 3.13.2
svt-av1 4.0.1 -> 4.1.0
libnghttp2 1.68.0 -> 1.68.1
openexr 3.4.6 -> 3.4.8
ca-certificates 2025-12-02 -> 2026-03-19
esphome 2026.2.4 -> 2026.3.1
jupyterlab 4.5.6 -> 4.5.6_1
ada-url 3.4.3 -> 3.4.4
node 25.8.1_1 -> 25.8.2
fish 4.5.0 -> 4.6.0
icu4c@78 78.2 -> 78.3
jpeg-turbo 3.1.3 -> 3.1.4
- tailscale 1.96.2 now with easy file transfers "taildrop" tailscale.com/changelog
- Xcode 26.4 developer.apple.com/documentat

I haven't touched my desktop yet and probably won't.

Edit 1
I missed the Nextcloud update because I use that weird Nextcloud All-In-One container. nextcloud.com/changelog/

Edit 2
How did I miss the Mastodon upgrade from 4.5.7 to 4.5.8. I may be gone for a moment. github.com/mastodon/mastodon/r

Edit 3
Why do I run a server in the garage?
evcc 0.209.6 -> 0.303.2 github.com/evcc-io/evcc/releas

  • 1
  • 4
  • 0
  • 15h ago

Bluesky

Profile picture fallback
r/blueteamsec bot @r-blueteamsec.bsky.social
Grafana security release: Critical and high severity security fixes for CVE-2026-27876 and CVE-2026-27880 | Grafana Labs
  • 0
  • 0
  • 0
  • 12h ago

CVE-2026-27880

Overview

  • Grafana
  • Grafana
27 Mar 2026
Published
27 Mar 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.01%
KEV

Description

The OpenFeature feature toggle evaluation endpoint reads unbounded values into memory, which can cause out-of-memory crashes.

Statistics

  • 2 Posts
  • 5 Interactions
Last activity: 12 hours ago

Fediverse

Profile picture fallback
Luca Hammer @luca

- Syncthing got a 2.0 release and switched from LevelDB to SQLite github.com/syncthing/syncthing
- macOS did that weird (a) Upgrade support.apple.com/de-de/126604 and is now at 2.6.4 with 8 (eight!) new emojis support.apple.com/en-us/122868
- Grafana security fix 12.4.1 -> 12.4.2 grafana.com/blog/grafana-secur
- TandoorRecipes got shared shopping lists and pantry inventory with 2.6.0 and an security update to 2.6.1 github.com/TandoorRecipes/reci
- Grist, qbittorrent and smokeping got updates for their containers. I haven't figured out what changed. hub.docker.com/r/gristlabs/gri github.com/linuxserver/docker- github.com/linuxserver/docker-
- Redis 8.6.2 with some bugfixes github.com/redis/redis/releases
- Home Assistant 2026.3.3 -> 2026.3.4. Nothing interesting. github.com/home-assistant/core
- oh-my-zsh with tiny changes github.com/ohmyzsh/ohmyzsh/com
- Next section is done by homebrew. I don't even know what half of the stuff is used for. Don't judge for having fish and zsh.
ffmpeg 8.0.1_4 -> 8.1
pandoc 3.9 -> 3.9.0.2
nghttp2 1.68.0_1 -> 1.68.1
simdjson 4.4.0 -> 4.4.2
freetype 2.14.2 -> 2.14.3
cryptography 46.0.5 -> 46.0.6
ipython 9.11.0 -> 9.12.0
libavif 1.4.0 -> 1.4.1
harfbuzz 13.1.1 -> 13.2.1
glib 2.86.4 -> 2.88.0
aom 3.13.1 -> 3.13.2
svt-av1 4.0.1 -> 4.1.0
libnghttp2 1.68.0 -> 1.68.1
openexr 3.4.6 -> 3.4.8
ca-certificates 2025-12-02 -> 2026-03-19
esphome 2026.2.4 -> 2026.3.1
jupyterlab 4.5.6 -> 4.5.6_1
ada-url 3.4.3 -> 3.4.4
node 25.8.1_1 -> 25.8.2
fish 4.5.0 -> 4.6.0
icu4c@78 78.2 -> 78.3
jpeg-turbo 3.1.3 -> 3.1.4
- tailscale 1.96.2 now with easy file transfers "taildrop" tailscale.com/changelog
- Xcode 26.4 developer.apple.com/documentat

I haven't touched my desktop yet and probably won't.

Edit 1
I missed the Nextcloud update because I use that weird Nextcloud All-In-One container. nextcloud.com/changelog/

Edit 2
How did I miss the Mastodon upgrade from 4.5.7 to 4.5.8. I may be gone for a moment. github.com/mastodon/mastodon/r

Edit 3
Why do I run a server in the garage?
evcc 0.209.6 -> 0.303.2 github.com/evcc-io/evcc/releas

  • 1
  • 4
  • 0
  • 15h ago

Bluesky

Profile picture fallback
r/blueteamsec bot @r-blueteamsec.bsky.social
Grafana security release: Critical and high severity security fixes for CVE-2026-27876 and CVE-2026-27880 | Grafana Labs
  • 0
  • 0
  • 0
  • 12h ago

CVE-2026-4987

Overview

  • brainstormforce
  • SureForms – Contact Form, Payment Form & Other Custom Form Builder
28 Mar 2026
Published
28 Mar 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.07%
KEV

Description

The SureForms – Contact Form, Payment Form & Other Custom Form Builder plugin for WordPress is vulnerable to Payment Amount Bypass in all versions up to, and including, 2.5.2. This is due to the create_payment_intent() function performing a payment validation solely based on the value of a user-controlled parameter. This makes it possible for unauthenticated attackers to bypass configured form payment-amount validation and create underpriced payment/subscription intents by setting form_id to 0.

Statistics

  • 2 Posts
Last activity: 3 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

CVE-2026-4987 (HIGH): SureForms for WordPress lets unauthenticated attackers bypass payment validation via form_id=0. All versions vulnerable — financial loss risk. Patch when available or apply server-side validation. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
Offensive Sequence @offseq

⚠️ CVE-2026-4987 (HIGH): SureForms plugin for WordPress lets attackers bypass payment amount validation by setting form_id to 0 — no auth needed, all versions <=2.5.2 at risk. Patch or mitigate now! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-1679

Overview

  • zephyrproject-rtos
  • Zephyr
  • Zephyr
27 Mar 2026
Published
27 Mar 2026
Updated
CVSS v3.1
HIGH (7.3)
EPSS
0.04%
KEV

Description

The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow `eswifi->buf`, corrupting kernel memory (CWE-120). Exploit requires local code that can call the socket send API; no remote attacker can reach it directly.

Statistics

  • 1 Post
Last activity: 19 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

CVE-2026-1679: HIGH severity buffer overflow in Zephyr RTOS (all versions). Local attackers can trigger kernel memory corruption via eswifi socket offload driver. Patch ASAP, enforce access controls. Details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 19h ago

CVE-2026-4851

Overview

  • CASIANO
  • GRID::Machine
  • GRID-Machine
29 Mar 2026
Published
29 Mar 2026
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

GRID::Machine versions through 0.127 for Perl allows arbitrary code execution via unsafe deserialization. GRID::Machine provides Remote Procedure Calls (RPC) over SSH for Perl. The client connects to remote hosts to execute code on them. A compromised or malicious remote host can execute arbitrary code back on the client through unsafe deserialization in the RPC protocol. read_operation() in lib/GRID/Machine/Message.pm deserialises values from the remote side using eval() $arg .= '$VAR1'; my $val = eval "no strict; $arg"; # line 40-41 $arg is raw bytes from the protocol pipe. A compromised remote host can embed arbitrary perl in the Dumper-formatted response: $VAR1 = do { system("..."); }; This executes on the client silently on every RPC call, as the return values remain correct. This functionality is by design but the trust requirement for the remote host is not documented in the distribution.

Statistics

  • 1 Post
Last activity: 1 hour ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

⚠️ CRITICAL: CVE-2026-4851 affects CASIANO GRID::Machine (≤0.127). Malicious remote hosts can trigger client-side RCE via unsafe eval() deserialization. Only connect to trusted hosts & review code paths. Details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-31962

Overview

  • samtools
  • htslib
18 Mar 2026
Published
18 Mar 2026
Updated
CVSS v4.0
HIGH (8.8)
EPSS
0.06%
KEV

Description

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. While most alignment records store DNA sequence and quality values, the format also allows them to omit this data in certain cases to save space. Due to some quirks of the CRAM format, it is necessary to handle these records carefully as they will actually store data that needs to be consumed and then discarded. Unfortunately the `cram_decode_seq()` did not handle this correctly in some cases. Where this happened it could result in reading a single byte from beyond the end of a heap allocation, followed by writing a single attacker-controlled byte to the same location. Exploiting this bug causes a heap buffer overflow. If a user opens a file crafted to exploit this issue, it could lead to the program crashing, or overwriting of data and heap structures in ways not expected by the program. It may be possible to use this to obtain arbitrary code execution. Versions 1.23.1, 1.22.2 and 1.21.1 include fixes for this issue. There is no workaround for this issue.

Statistics

  • 1 Post
Last activity: 11 hours ago

Bluesky

Profile picture fallback
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
Fedora 42 just pushed a critical update for Samtools to fix CVE-2026-31962 (heap buffer overflow). 🧬🔒 Read more: 👉 tinyurl.com/2udnjzha #Security
  • 0
  • 0
  • 0
  • 11h ago

CVE-2026-33696

Overview

  • n8n-io
  • n8n
25 Mar 2026
Published
25 Mar 2026
Updated
CVSS v4.0
CRITICAL (9.4)
EPSS
0.24%
KEV

Description

n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with permission to create or modify workflows could exploit a prototype pollution vulnerability in the XML and the GSuiteAdmin nodes. By supplying a crafted parameters as part of node configuration, an attacker could write attacker-controlled values onto `Object.prototype`. An attacker could use this prototype pollution to achieve remote code execution on the n8n instance. The issue has been fixed in n8n versions 2.14.1, 2.13.3, and 1.123.27. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only, and/or disable the XML node by adding `n8n-nodes-base.xml` to the `NODES_EXCLUDE` environment variable. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

Statistics

  • 1 Post
Last activity: 9 hours ago

Bluesky

Profile picture fallback
r/blueteamsec bot @r-blueteamsec.bsky.social
CVE-2026-33696 - n8n: Prototype Pollution in XML and GSuiteAdmin node parameters lead to RCE
  • 0
  • 0
  • 0
  • 9h ago
Showing 1 to 10 of 25 CVEs