24h | 7d | 30d

CVE-2026-21509

Overview

  • Microsoft
  • Microsoft Office 2019
26 Jan 2026
Published
30 Jan 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
2.91%
KEV

Description

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.

Statistics

  • 6 Posts
  • 4 Interactions
Last activity: Last hour

Fediverse

Profile picture
Anonymous :verified: @youranonnewsirc

Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).

In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.

#News #Anonymous #AnonNews_irc

  • 0
  • 0
  • 0
  • 21h ago

Bluesky

Profile picture
BleepingComputer @bleepingcomputer.com
Ukraine's Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office.
  • 1
  • 3
  • 0
  • 2h ago
Profile picture
Blacky @coldblacksun.bsky.social
Ukraine’s Computer Emergency Response Team has warned of a new wave of targeted cyberattacks exploiting a critical MS Office vulnerability (CVE-2026-21509) disclosed on January 26, 2026 cert.gov.ua/article/6287...
  • 0
  • 0
  • 0
  • 7h ago
Profile picture
r/blueteamsec bot @r-blueteamsec.bsky.social
CERT-UA Danger Bulletin": UAC-0001 (APT28) carries out cyberattacks against Ukraine and EU countries using the CVE-2026-21509 exploit (CERT-UA#19542)
  • 0
  • 0
  • 0
  • 4h ago
Profile picture
piggo @pigondrugs.bsky.social
~Zscaler~ APT28 is actively exploiting CVE-2026-21509 via malicious RTF files to deploy backdoors against targets in Central and Eastern Europe. - IOCs: CVE-2026-21509 - #APT28 #CVE202621509 #ThreatIntel
  • 0
  • 0
  • 0
  • 3h ago
Profile picture
Javvad Malik @j4vv4d.com
Microsoft Office Zero-Day Vulnerability, CVE-2026-21509, Under Active Exploitation cybersec.xmcyber.com/s/microsoft-...
  • 0
  • 0
  • 0
  • Last hour

CVE-2026-25253

Overview

  • OpenClaw
  • OpenClaw
01 Feb 2026
Published
02 Feb 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.04%
KEV

Description

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

Statistics

  • 3 Posts
  • 3 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture
HackerWorkspace @hackerworkspace

depthfirst | 1-Click RCE To Steal Your Moltbot Data and Keys (CVE-2026-25253)

depthfirst.com/post/1-click-rc

  • 2
  • 1
  • 0
  • 1h ago
Profile picture
Anonymous :verified: @youranonnewsirc

Here's a summary of the latest global, technology, and cybersecurity news from the last 24-48 hours:

**Global:** US-Iran talks on a nuclear deal are progressing, though Iran warned of regional war if attacked (Feb 1-2). A Russian drone strike killed 15 mineworkers in Dnipro, Ukraine (Feb 1).

**Tech/Cybersecurity:** ETSI launched a new, globally applicable cybersecurity standard for AI models (ETSI EN 304 223, Feb 2). A critical remote code execution (RCE) flaw in the OpenClaw AI assistant (CVE-2026-25253) was disclosed (Feb 2). AI-driven cyber threats are escalating, and Microsoft's extensive AI infrastructure spending is raising Wall Street concerns (Jan 30 - Feb 2).

#News #Anonymous #AnonNews_irc

  • 0
  • 0
  • 0
  • 3h ago

Bluesky

Profile picture
0xacb @0xacb.com
💥 One click could completely compromise a OpenClaw / Moltbot / Clawdbot (CVE-2026-25253) The vulnerability is now fixed, but here's how it worked:
  • 0
  • 0
  • 0
  • 14h ago

CVE-2026-25201

Overview

  • Samsung Electronics
  • MagicINFO 9 Server
02 Feb 2026
Published
02 Feb 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.07%
KEV

Description

An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server. This issue affects MagicINFO 9 Server: less than 21.1090.1.

Statistics

  • 2 Posts
Last activity: 13 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2026-25201 - High (8.8)

An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server.
This issue affects MagicINFO 9 Server: less than 21.1090.1.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 18h ago

Bluesky

Profile picture
BaseFortify.eu @basefortify.bsky.social
🚨 Critical Samsung MagicINFO flaw disclosed: CVE-2026-25201 allows unauthenticated attackers to upload arbitrary files, leading to remote code execution on MagicINFO 9 Server. Full report: basefortify.eu/cve_reports/... #CVE #Samsung #MagicINFO 🔐
  • 0
  • 0
  • 0
  • 13h ago

CVE-2025-47397

Overview

  • Qualcomm, Inc.
  • Snapdragon
02 Feb 2026
Published
02 Feb 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
Pending
KEV

Description

Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.

Statistics

  • 3 Posts
Last activity: 3 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2025-47397 - High (7.8)

Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 7h ago
Profile picture
Zhuowei Zhang @zhuowei

Qualcomm released the security bulletin for February 2026: CVE-2025-47397 is the GPU IOMMU issue mentioned in 39c3’s Build a Fake Phone, Find Real Bugs session. (at the 28 minute mark) The presenter said that they’ll “update the presentation’s repository with the technical details once the CVE is shared publicly”, Looking forward to reading that…

  • 0
  • 0
  • 0
  • 4h ago
Profile picture
Zhuowei Zhang @zhuowei

Qualcomm’s CVE-2025-47397 patch doesn’t make sense on kernel 5.10: 5.10 isn’t vulnerable to the issue in the first place!

The bug was only introduced in kernel 5.15.

(Interestingly, some poor dev at MediaTek hit the exact same bug in 2022: searching for “iommu_map_sg cve” gives me this fix commit)

  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-1281

Overview

  • Ivanti
  • Endpoint Manager Mobile
29 Jan 2026
Published
30 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
13.12%
KEV

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

Statistics

  • 4 Posts
  • 3 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture
Christoph Schmees @PC_Fluesterer

Ivanti: Notfall-Update gegen Zero-Days

Wieder einmal fällt der US-Hersteller Ivanti mit gefährlichen (9,8 von 10) Sicherheitslücken auf, die zum Zeitpunkt der Updates bereits angegriffen werden. Sagte ich wieder einmal? Ja, einige vergangene Meldungen: hier, hier, hier oder hier. Die beiden Sicherheitslücken CVE-2026-1281 und CVE-2026-1340 wurden mit Notfall-Updates geschlossen. Angeblich kann der Hersteller nicht sagen, welche Schwäche genau angegriffen wird, da zu wenige bekannte Angriffe vorlägen. Ach ja, aber flicken konnte man die unbekannten Schwächen? Glaubwürdigkeit gleich null. Da drängt

pc-fluesterer.info/wordpress/2

#Allgemein #Empfehlung #Hintergrund #Warnung #0day #closedsource #cybercrime #exploits #foss #hintertür #politik #UnplugTrump #usa #vorbeugen #vorfälle #wissen #zeroday

  • 3
  • 0
  • 0
  • 8h ago
Profile picture
Anonymous :verified: @youranonnewsirc

Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).

In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.

#News #Anonymous #AnonNews_irc

  • 0
  • 0
  • 0
  • 21h ago

Bluesky

Profile picture
セキュリティ対策Lab @securitylab-jp.bsky.social
Ivanti、EPMMの重大RCE 脆弱性2件を公表 ゼロデイ悪用も確認(CVE-2026-1281,CVE-2026-1340)-JPCERTも注意喚起 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 23h ago
Profile picture
キタきつね @kitafox.bsky.social
Ivanti Endpoint Manager Mobile(EPMM)の脆弱性(CVE-2026-1281、CVE-2026-1340)に関する注意喚起 #JPCERTCC (Jan 30) www.jpcert.or.jp/at/2026/at26...
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-1340

Overview

  • Ivanti
  • Endpoint Manager Mobile
29 Jan 2026
Published
30 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.14%
KEV

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

Statistics

  • 4 Posts
  • 3 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture
Christoph Schmees @PC_Fluesterer

Ivanti: Notfall-Update gegen Zero-Days

Wieder einmal fällt der US-Hersteller Ivanti mit gefährlichen (9,8 von 10) Sicherheitslücken auf, die zum Zeitpunkt der Updates bereits angegriffen werden. Sagte ich wieder einmal? Ja, einige vergangene Meldungen: hier, hier, hier oder hier. Die beiden Sicherheitslücken CVE-2026-1281 und CVE-2026-1340 wurden mit Notfall-Updates geschlossen. Angeblich kann der Hersteller nicht sagen, welche Schwäche genau angegriffen wird, da zu wenige bekannte Angriffe vorlägen. Ach ja, aber flicken konnte man die unbekannten Schwächen? Glaubwürdigkeit gleich null. Da drängt

pc-fluesterer.info/wordpress/2

#Allgemein #Empfehlung #Hintergrund #Warnung #0day #closedsource #cybercrime #exploits #foss #hintertür #politik #UnplugTrump #usa #vorbeugen #vorfälle #wissen #zeroday

  • 3
  • 0
  • 0
  • 8h ago
Profile picture
Anonymous :verified: @youranonnewsirc

Critical cybersecurity updates from February 1-2, 2026: Microsoft patched an actively exploited Office zero-day (CVE-2026-21509), and Fortinet fixed a critical FortiCloud SSO flaw (CVE-2026-24858). Ivanti released fixes for two exploited EPMM zero-days (CVE-2026-1281, CVE-2026-1340) by February 1, and Bitdefender reported Android RAT malware distributed via Hugging Face (February 2).

In technology, Apple overhauled its online Mac store for a "build-it-yourself" experience (February 1), and Google extended the Fitbit data migration deadline to Google accounts until May 2026.

#News #Anonymous #AnonNews_irc

  • 0
  • 0
  • 0
  • 21h ago

Bluesky

Profile picture
セキュリティ対策Lab @securitylab-jp.bsky.social
Ivanti、EPMMの重大RCE 脆弱性2件を公表 ゼロデイ悪用も確認(CVE-2026-1281,CVE-2026-1340)-JPCERTも注意喚起 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 23h ago
Profile picture
キタきつね @kitafox.bsky.social
Ivanti Endpoint Manager Mobile(EPMM)の脆弱性(CVE-2026-1281、CVE-2026-1340)に関する注意喚起 #JPCERTCC (Jan 30) www.jpcert.or.jp/at/2026/at26...
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-24061

Overview

  • GNU
  • Inetutils
21 Jan 2026
Published
29 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
29.55%
KEV

Description

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

Statistics

  • 2 Posts
Last activity: 4 hours ago

Fediverse

Profile picture
const_data @const_data

#infosec #linux #vulnerability

Un fallo de seguridad (exploit) encontrado recientemente expuso casi 800.000 servicios a Telnet a nivel mundial.

Según la Base de Datos de Vulnerabilidad Nacional (NVD) el exploit CVE-2026-24061 afecta a las versiones 1.9.3 a 2.7.

Estás versiones permiten al cliente pasar un valor de la variable de entorno USER al servidor e iniciar sesión como usuario root omitiendo la autenticación.

1/2

  • 0
  • 0
  • 0
  • 4h ago

Bluesky

Profile picture
OpsMatters @opsmatters.com
The latest update for #CyCognito includes "Emerging Threat: CVE-2025-15467 – OpenSSL CMS AuthEnvelopedData Stack-Based Buffer Overflow" and "Emerging Threat: CVE-2026-24061 – Telnet Authentication Bypass in GNU Inetutils". #cybersecurity #AttackSurfaceManagement #EASM https://opsmtrs.com/44Srq0X
  • 0
  • 0
  • 0
  • 19h ago

CVE-2025-15467

Overview

  • OpenSSL
  • OpenSSL
27 Jan 2026
Published
29 Jan 2026
Updated
CVSS
Pending
EPSS
0.39%
KEV

Description

Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.

Statistics

  • 2 Posts
Last activity: 8 hours ago

Bluesky

Profile picture
CyberVeille @cyberveille-ch.bsky.social
📢 OpenSSL: débordement de pile CVE-2025-15467 exposant à une exécution de code (RCE) 📝 Selon JFrog Security Research (research.jfrog.com), une nouvelle v… https://cyberveille.ch/posts/2026-02-02-openssl-debordement-de-pile-cve-2025-15467-exposant-a-une-execution-de-code-rce/ #CMS_PKCS_7 #Cyberveille
  • 0
  • 0
  • 0
  • 8h ago
Profile picture
OpsMatters @opsmatters.com
The latest update for #CyCognito includes "Emerging Threat: CVE-2025-15467 – OpenSSL CMS AuthEnvelopedData Stack-Based Buffer Overflow" and "Emerging Threat: CVE-2026-24061 – Telnet Authentication Bypass in GNU Inetutils". #cybersecurity #AttackSurfaceManagement #EASM https://opsmtrs.com/44Srq0X
  • 0
  • 0
  • 0
  • 19h ago

CVE-2023-38346

Overview

  • Pending
22 Sep 2023
Published
25 Sep 2024
Updated
CVSS
Pending
EPSS
1.23%
KEV

Description

An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the "tarExtract" function may expect that the function will strip leading slashes from absolute paths or stop processing when encountering relative paths that are outside of the extraction path, unless otherwise forced. This could lead to unexpected and undocumented behavior, which in general could result in a directory traversal, and associated unexpected behavior.

Statistics

  • 1 Post
  • 5 Interactions
Last activity: 2 hours ago

Fediverse

Profile picture
floyd aka floyd_ch @floyd

RE: mastodon.social/@bagder/116001

My CVEs are still at 0 medals, but thanks to VxWorks I was able to achieve a CVE on Mars (#Curiosity rover, CVE-2023-38346) 😉

Btw. if anyone from #NASA could confirm curiosity was/is really affected (but probably without attack vector so no impact I guess), that would mean a lot to me

  • 3
  • 2
  • 0
  • 2h ago

CVE-2026-24070

Overview

  • Native Instruments
  • Native Access
02 Feb 2026
Published
02 Feb 2026
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

During the installation of the Native Access application, a privileged helper `com.native-instruments.NativeAccess.Helper2`, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC service of the privileged helper is only allowed if the client process is signed with the corresponding certificate and fulfills the following code signing requirement: "anchor trusted and certificate leaf[subject.CN] = \"Developer ID Application: Native Instruments GmbH (83K5EG6Z9V)\"" The Native Access application was found to be signed with the `com.apple.security.cs.allow-dyld-environment-variables` and `com.apple.security.cs.disable-library-validation` entitlements leading to DYLIB injection and therefore command execution in the context of this application. A low privileged user can exploit the DYLIB injection to trigger functions of the privileged helper XPC service resulting in privilege escalation by first deleting the /etc/sudoers file and then copying a malicious version of that file to /etc/sudoers.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 5 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2026-24070 - High (8.8)

During the installation of the Native Access application, a privileged helper `com.native-instruments.NativeAccess.Helper2`, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is de...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 1
  • 0
  • 0
  • 5h ago
Showing 1 to 10 of 51 CVEs