24h | 7d | 30d

CVE-2026-1868

Overview

  • GitLab
  • GitLab AI Gateway
09 Feb 2026
Published
09 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.9)
EPSS
Pending
KEV

Description

GitLab has remediated a vulnerability in the Duo Workflow Service component of GitLab AI Gateway affecting all versions of the AI Gateway from 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0 in which AI Gateway was vulnerable to insecure template expansion of user supplied data via crafted Duo Agent Platform Flow definitions. This vulnerability could be used to cause Denial of Service or gain code execution on the Gateway. This has been fixed in versions 18.6.2, 18.7.1, and 18.8.1 of the GitLab AI Gateway.

Statistics

  • 4 Posts
  • 3 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 CRITICAL: CVE-2026-1868 in GitLab AI Gateway (18.1.6 – 18.8.0) allows remote code execution or DoS via Duo Workflow Service. Patch to 18.6.2, 18.7.1, or 18.8.1. Restrict workflow access & monitor for abuse! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 3h ago

Bluesky

Profile picture fallback
BaseFortify.eu @basefortify.bsky.social
🚨 Critical GitLab vulnerability disclosed: CVE-2026-1868 (CVSS 9.9). Insecure template expansion in GitLab AI Gateway can lead to denial of service or remote code execution in AI-powered DevOps pipelines. 🔥 basefortify.eu/cve_reports/... #CVE #GitLab #CyberSecurity #DevSecOps
  • 1
  • 1
  • 0
  • 1h ago
Profile picture fallback
BaseFortify.eu @basefortify.bsky.social
⚙️ CVE-2026-1868 affects GitLab AI Gateway versions up to 18.8.0. Authenticated attackers can abuse crafted Duo Agent Flow definitions (CWE-1336) to execute code or crash the gateway, posing serious enterprise risk. 🛠️ #Vulnerability #AppSec #CloudSecurity #AI
  • 0
  • 1
  • 0
  • 1h ago
Profile picture fallback
CrowdCyber @crowdcyber.bsky.social
CVE-2026-1868: Critical GitLab Gateway Flaw (CVSS 9.9) Allows RCE
  • 0
  • 0
  • 0
  • 12h ago

CVE-2026-1731

Overview

  • BeyondTrust
  • Remote Support(RS) & Privileged Remote Access(PRA)
06 Feb 2026
Published
06 Feb 2026
Updated
CVSS v4.0
CRITICAL (9.9)
EPSS
0.44%
KEV

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Statistics

  • 3 Posts
  • 1 Interaction
Last activity: 1 hour ago

Bluesky

Profile picture fallback
CrowdCyber @crowdcyber.bsky.social
CVE-2026-1731: Critical BeyondTrust Flaw (CVSS 9.9) Allows Pre-Auth RCE
  • 1
  • 0
  • 0
  • 10h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
Critical pre-authentication remote code execution vulnerability CVE-2026-1731 (CVSS 9.9) affects BeyondTrust RS ≤25.3.1 and PRA ≤24.3.4; patches released.
  • 0
  • 0
  • 0
  • 2h ago
Profile picture fallback
Bitnewsbot @bitnewsbot.bsky.social
BeyondTrust has patched a critical remote code execution flaw (CVE-2026-1731) in its Remote Support and Privileged Remote Access software. The […]
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-2152

Overview

  • D-Link
  • DIR-615
08 Feb 2026
Published
08 Feb 2026
Updated
CVSS v4.0
HIGH (8.6)
EPSS
Pending
KEV

Description

A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file adv_routing.php of the component Web Configuration Interface. Performing a manipulation of the argument dest_ip/ submask/ gw results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.

Statistics

  • 3 Posts
Last activity: 11 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🔥 CVE-2026-2152: HIGH-severity OS command injection in D-Link DIR-615 (v4.10, adv_routing.php). Remote, unauthenticated RCE possible; public exploits out. No patch — replace or isolate now! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
hbrpgm @hbrks

#Cve-2026-2152: Critical Command Injection in Legacy D-Link Router
A publicly exploitable, remote OS command injection flaw in the unmaintained D-Link #Dir-615 router poses a critical risk to consumer and small office networks.

🔗 p4u.xyz/ID_HW7Y74-Y/1 (🇩🇪🇺🇸🇫🇷)

#Cybersecurity #Security #Threatintel #Osint #Alert #Bot

  • 0
  • 0
  • 0
  • 11h ago
Profile picture fallback
hbrpgm @hbrks

✨ Alerte #Cve-2026-2152 : Injection de commandes critiques sur le routeur D-Link #Dir-615
Une vulnérabilité publique et exploitée sur un équipement non maintenu représente un risque de priorité 1 pour les réseaux hérités.

🔗 p4u.xyz/ID_HW7Y74-Y/1 (🇩🇪🇺🇸🇫🇷)

#Cybersecurity #Security #Threatintel #Osint #Alert #Bot

  • 0
  • 0
  • 0
  • 11h ago

CVE-2025-15467

Overview

  • OpenSSL
  • OpenSSL
27 Jan 2026
Published
29 Jan 2026
Updated
CVSS
Pending
EPSS
0.66%
KEV

Description

Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.

Statistics

  • 2 Posts
Last activity: 13 hours ago

Fediverse

Profile picture fallback
Clemens @neverpanic

@gehrke_test "nginx proxy manager" klingt jetzt nicht danach als würde es CMS überhaupt benutzen, und falls doch, ist CVE-2025-15467 auf Platformen mit Stack Canaries (i.e., alles was nicht ranziges embedded Zeug ist) ein denial of service, kein RCE.

  • 0
  • 0
  • 0
  • 13h ago

Bluesky

Profile picture fallback
Lambda Watchdog @lambdawatchdog.bsky.social
🚨 New HIGH CVE detected in AWS Lambda 🚨 CVE-2025-15467 impacts openssl-fips-provider-latest in 40 Lambda base images. Details: https://github.com/aws/aws-lambda-base-images/issues/406 More: https://lambdawatchdog.com/ #AWS #Lambda #CVE #CloudSecurity #Serverless
  • 0
  • 0
  • 0
  • 22h ago

CVE-2026-2185

Overview

  • Tenda
  • RX3
08 Feb 2026
Published
08 Feb 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
Pending
KEV

Description

A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used.

Statistics

  • 4 Posts
Last activity: 10 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 HIGH severity: Stack-based buffer overflow in Tenda RX3 (16.03.13.11) — CVE-2026-2185. Remote exploitation possible via MAC Filtering config. Public exploit released. Monitor and segment affected devices! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
hbrpgm @hbrks

#Cve-2026-2185: Kritische Schwachstelle in Tenda-Routern
Ein veröffentlichter Proof-of-Concept-#Exploit für einen Remote-Buffer-Overflow erhöht das Risiko für ungepatchte Netzwerke erheblich.

🔗 p4u.xyz/ID_M-276VQJ/1 (🇩🇪🇺🇸🇫🇷)

#Infosec #Vulnerability #Release #Offseq #Loi #Bot

  • 0
  • 0
  • 0
  • 10h ago
Profile picture fallback
hbrpgm @hbrks

#Cve-2026-2185: A High-Severity Threat to Network Infrastructure
A publicly released #Exploit for a critical buffer overflow in Tenda routers demands immediate action from network defenders.

🔗 p4u.xyz/ID_M-276VQJ/1 (🇩🇪🇺🇸🇫🇷)

#Infosec #Vulnerability #Release #Offseq #Loi #Bot

  • 0
  • 0
  • 0
  • 10h ago
Profile picture fallback
hbrpgm @hbrks

#Cve-2026-2185 : Vulnérabilité Critique dans les Routeurs Tenda RX3
Une faille de dépassement de tampon accessible à distance compromet l'intégrité des réseaux, avec un #Exploit public disponible.

🔗 p4u.xyz/ID_M-276VQJ/1 (🇩🇪🇺🇸🇫🇷)

#Infosec #Vulnerability #Release #Offseq #Loi #Bot

  • 0
  • 0
  • 0
  • 10h ago

CVE-2025-26399

Overview

  • SolarWinds
  • Web Help Desk
23 Sep 2025
Published
24 Sep 2025
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
12.86%
KEV

Description

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986.

Statistics

  • 1 Post
  • 12 Interactions
Last activity: 7 hours ago

Fediverse

Profile picture fallback
Huntress @huntress

Hat tip to @JohnHammond @gleeda @russianpanda9xx et al

huntress.com/blog/active-explo

  • 4
  • 8
  • 0
  • 7h ago

CVE-2025-11598

Overview

  • Centralny Ośrodek Informatyki
  • mObywatel
03 Feb 2026
Published
03 Feb 2026
Updated
CVSS v4.0
LOW (1.0)
EPSS
0.02%
KEV

Description

In mObywatel iOS application an unauthorized user can use the App Switcher to view the account owner's personal information in the minimized app window, even after the login session has ended (reopening the app would require the user to log in). The data exposed depends on the last application view displayed before the application was minimized This issue was fixed in version 4.71.0

Statistics

  • 1 Post
  • 3 Interactions
Last activity: 15 hours ago

Fediverse

Profile picture fallback
Agnieszka Serafinowicz @agnieszkaserafinowicz

Masz mObywatela na iPhone? Sprawdź wersję. CERT ostrzega przed „podglądaczem” w multitaskingu

To drobiazg, ale kluczowy dla prywatności. CERT Polska potwierdził podatność w rządowej aplikacji mObywatel na iOS. Jeśli nie zaktualizowałeś jej w ostatnich dniach, Twój PESEL może świecić z ekranu nawet po wyjściu z aplikacji.

O co chodzi?

Błąd oznaczony jako CVE-2025-11598 dotyczy mechanizmu App Switcher (przełączania aplikacji). Gdy minimalizujesz aplikację na iPhone (przesuwając palcem od dołu), system robi jej „zrzut ekranu”, by wyświetlić go na karcie podglądu. Dobre aplikacje bankowe (i rządowe) powinny w tym momencie automatycznie zamazywać ekran (blur), by nikt, kto weźmie Twój telefon do ręki i wejdzie w listę otwartych apek, nie zobaczył stanu konta czy danych dowodu.

Wersje mObywatela poniżej 4.71.0 tego nie robiły. Efekt? Nieuprawniona osoba mogła podejrzeć Twoje dane bez logowania, po prostu przeglądając otwarte w tle aplikacje. Oczywiście wymagało to i tak fizycznego dostępu do Twojego iPhone’a i odblokowanego ekranu, ale niemniej problem z bezpieczeństwem istniał.

Co zrobić?

Sprawa jest prosta: wejdź do App Store i upewnij się, że masz wersję 4.71.0 lub nowszą. Poprawka już tam jest. Ten błąd w starszej wersji mObywatela wykrył i przesłał ekipie CERT.pl Maciej Krakowiak z DSecure.me.

mObywatel wchodzi w 2026 rok z polskim AI

#aktualizacjaMObywatel #bezpieczeństwoIPhone #błądMObywatel #CERTPolska #CVE202511598 #mObywatelIOS
  • 3
  • 0
  • 0
  • 15h ago

CVE-2026-22904

Overview

  • WAGO
  • 0852-1322
09 Feb 2026
Published
09 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
Pending
KEV

Description

Improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution.

Statistics

  • 2 Posts
Last activity: Last hour

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 CVE-2026-22904 (CRITICAL, CVSS 9.8): WAGO 0852-1322 vulnerable to stack-based buffer overflow via oversized HTTP cookies. RCE & DoS possible. Isolate devices, monitor traffic, deploy WAF/IPS. No patch yet. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • Last hour
Profile picture fallback
CERT@VDE @certvde

VDE-2026-004
WAGO: Vulnerabilities in Managed Switch

Several vulnerabilities have been identified in the WAGO 852‑1328 device's web‑based management interface, which is implemented using a modified lighttpd server and custom CGI binaries. These issues include multiple stack buffer overflows, an authentication bypass, and insecure credential storage.
CVE-2026-22906, CVE-2026-22904, CVE-2026-22903, CVE-2026-22905

certvde.com/en/advisories/vde-

wago.csaf-tp.certvde.com/.well

  • 0
  • 0
  • 0
  • 2h ago

CVE-2026-22906

Overview

  • WAGO
  • 0852-1322
09 Feb 2026
Published
09 Feb 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
Pending
KEV

Description

User credentials are stored using AES‑ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and recover plaintext usernames and passwords, especially when combined with the authentication bypass.

Statistics

  • 2 Posts
Last activity: 1 hour ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 CVE-2026-22906 (CRITICAL, CVSS 9.8): WAGO 0852-1322 uses a hardcoded AES key, letting unauthenticated attackers decrypt credentials from config files. No patch yet. Restrict access, segment networks, monitor closely! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 1h ago
Profile picture fallback
CERT@VDE @certvde

VDE-2026-004
WAGO: Vulnerabilities in Managed Switch

Several vulnerabilities have been identified in the WAGO 852‑1328 device's web‑based management interface, which is implemented using a modified lighttpd server and custom CGI binaries. These issues include multiple stack buffer overflows, an authentication bypass, and insecure credential storage.
CVE-2026-22906, CVE-2026-22904, CVE-2026-22903, CVE-2026-22905

certvde.com/en/advisories/vde-

wago.csaf-tp.certvde.com/.well

  • 0
  • 0
  • 0
  • 2h ago

CVE-2026-1281

Overview

  • Ivanti
  • Endpoint Manager Mobile
29 Jan 2026
Published
30 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
16.41%
KEV

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 3 hours ago

Fediverse

Profile picture fallback
hrbrmstr 🇺🇦 🇬🇱 🇨🇦 @hrbrmstr

Orgs that still daftly run Ivanti kit and didn't patch for CVE-2026-1281 (which is likely most b/c if you're still running Ivanti you have no idea how to do cyber or IT) are gonna have a really bad day today or later this week once they realize what happened to them over the weekend.

  • 0
  • 1
  • 0
  • 3h ago
Showing 1 to 10 of 47 CVEs