CVE-2026-24858

Overview

Fortinet
FortiProxy

27 Jan 2026

Published

29 Jan 2026

Updated

CVSS v3.1

CRITICAL (9.4)

EPSS

3.33%

MITRE

KEV

Description

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18, FortiProxy 7.6.0 through 7.6.4, FortiProxy 7.4.0 through 7.4.12, FortiProxy 7.2.0 through 7.2.15, FortiProxy 7.0.0 through 7.0.22, FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.

Statistics

15 Posts
9 Interactions

Last activity: 1 hour ago

Fediverse

eSecurity Planet @esecurityplanet

Fortinet Confirms CVE-2026-24858 SSO Flaw Under Active Attack https://www.esecurityplanet.com/threats/fortinet-confirms-cve-2026-24858-sso-flaw-under-active-attack/

0
0
0
20h ago

AllAboutSecurity @allaboutsecurity

Fortinet schließt kritische Sicherheitslücke CVE-2026-24858 nach aktiver Ausnutzung

Eine neu entdeckte Schwachstelle in der FortiCloud-Infrastruktur hat Angreifern den Zugang zu Firewall-Systemen verschiedener Organisationen ermöglicht. Fortinet reagierte mit der vorübergehenden Abschaltung der Single-Sign-On-Funktionalität und veröffentlichte Handlungsempfehlungen für betroffene Nutzer.

https://www.all-about-security.de/fortinet-schliesst-kritische-sicherheitsluecke-cve-2026-24858-nach-aktiver-ausnutzung/

#cve #fortinet #update #FortiCloud

0
0
0
9h ago

Anonymous :verified: @youranonnewsirc

Here's a summary of the latest in global technology and cybersecurity from the last 24 hours:

Global tech giants are streamlining: Amazon announced 16,000 job cuts (Jan 28, 2026). Meanwhile, AI investment surges, with SoftBank nearing a $30B OpenAI investment (Jan 28, 2026). In cybersecurity, Fortinet addressed active exploitation of CVE-2026-24858 (Jan 28, 2026), and OpenSSL patched 12 flaws, including RCE (Jan 29, 2026). The Illinois Department of Human Services suffered a data breach impacting ~700,000 individuals (Jan 28, 2026).

#News #Anonymous #AnonNews_irc

0
0
0
5h ago

Aftershock Index @termsofsurrender

Fortinet SSO Is A Burning Trash Fire While Prague Bureaucrats Wait For Their Morning Fax
PANIC 88% | Lag 18.75h | Fortinet has released an emergency patch for CVE-2026-24858, a critical vulnerability in FortiOS Sin
#AfterShockIndex

Read: https://hodl.cz/as-102352

0
0
0
5h ago

Bluesky

The Shadowserver Foundation @shadowserver.bsky.social

CVE-2026-24858, a Fortinet authentication bypass vulnerability affecting multiple Fortinet products with FortiCloud SSO enabled, has been added by CISA to the KEV catalog. We share exposed Fortinet instances with FortiCloud SSO enabled daily in our feeds (~10 000 seen)

4
4
0
20h ago

Pia @cecallihelper.bsky.social

#CISA Cyber Security Alerts & Advisories includes 26 Jan 2026 "five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog" & 27 Jan. Fortinet "CVE-2026-24858 Multiple Products Authentication Bypass" www.cisa.gov/news-events/... #cybersec #natsec #tech policy

1
0
0
22h ago

Information Security Briefly @infosecbriefly.bsky.social

Fortinet's FortiCloud SSO has a critical authentication-bypass (CVE-2026-24858) exploited in the wild; patches are incomplete and customers must upgrade or disable vulnerable SSO connections.

0
0
0
22h ago

CYFI @cyfi-alerts.bsky.social

Title: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858

0
0
1
20h ago

キタきつね @kitafox.bsky.social

フォーティネット、認証バイパス脆弱性CVE-2026-24858の継続的な悪用に対処するためのガイダンスを発表 Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858 #CISA (Jan 28) www.cisa.gov/news-events/...

0
0
0
16h ago

OpsMatters @opsmatters.com

The latest update for #ArcticWolf includes "CVE-2026-24858: FortiCloud SSO Authentication Bypass Vulnerability Exploited". #cybersecurity #infosec #networks https://opsmtrs.com/2ZFbaTl

0
0
0
15h ago

Kees - Nijkerk @keesnk.bsky.social

Fortinet confirms Critical FortiCloud SSO Vulnerability(CVE-2026-24858) actively exploited in the Wild: cybersecuritynews.com/fortinet-for...

0
0
0
9h ago

All About Security @allaboutsecurity.bsky.social

Fortinet schließt kritische Sicherheitslücke CVE-2026-24858 nach aktiver Ausnutzung - Eine neu entdeckte Schwachstelle in der FortiCloud-Infrastruktur hat Angreifern den Zugang zu Firewall-Systemen verschiedener Organisationen ermöglicht..... www.all-about-security.de/fortinet-sch... #cve #security

0
0
0
9h ago

Modat @modat-io.bsky.social

⚠️ CISA added CVE-2026-24858 to its KEV catalog after active exploitation of Fortinet FortiOS via FortiCloud SSO. An auth bypass lets attackers with a FortiCloud account access other tenants’ devices, enabling admin access and config abuse. Patch now. Modat Magnify Query: os="FortiOS" product~"Forti"

0
0
0
3h ago

Sami Laiho @samilaiho.com

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected thehackernews.com/2026/01/fort...

0
0
0
1h ago

CVE-2025-8088

Overview

win.rar GmbH
WinRAR

08 Aug 2025

Published

21 Oct 2025

Updated

CVSS v4.0

HIGH (8.4)

EPSS

2.98%

MITRE

KEV

Description

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.

Statistics

10 Posts

Last activity: 5 hours ago

Bluesky

Information Security Briefly @infosecbriefly.bsky.social

CVE-2025-8088, a patched WinRAR path traversal flaw, continues to be exploited by state-aligned actors and criminals to deliver malware including RATs.

0
0
0
20h ago

キタきつね @kitafox.bsky.social

Google、WinRARの脆弱性CVE-2025-8088の積極的な悪用について警告 Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088 #HackerNews (Jan 28) thehackernews.com/2026/01/goog...

0
0
0
16h ago

セキュリティ対策Lab @securitylab-jp.bsky.social

圧縮・解凍ソフトのWinRAR、修正済みの脆弱性がサイバー攻撃へ悪用(CVE-2025-8088) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews

0
0
0
16h ago

Ninja Owl @ninjaowl.ai

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088 #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
15h ago

CyberHub @cyberhub.blog

📌 Russian and Chinese State Actors Exploit WinRAR Vulnerability CVE-2025-8088 Since July 2025 https://www.cyberhub.blog/article/18678-russian-and-chinese-state-actors-exploit-winrar-vulnerability-cve-2025-8088-since-july-2025

0
0
0
14h ago

Undercode Testing @undercode.bsky.social

The Silent Archive: How a Patched WinRAR Bug Became the Government Hacker’s Favorite Backdoor + Video Introduction: A critical vulnerability in the ubiquitous WinRAR archiving tool, designated CVE-2025-8088, is being actively exploited by sophisticated threat actors to seize control of Windows…

0
0
0
8h ago

Philippe Vynckier @pvynckier.bsky.social

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088 thehackernews.com/2026/01/goog...

0
0
0
5h ago

etguenni (Günter Born) borncity.com @etguenni.bsky.social

Die Schwachstelle cve-2025-8088 in WinRAR wurde im Juli 2025 gefixt, wird aber noch ausgenutzt. borncity.com/blog/2026/01...

0
0
1
5h ago

AlphaHunt Converge @alphahunt.io

SIGNALS WEEKLY: KEV speedrun of the week 🏁: Office CVE-2026-21509 + WinRAR CVE-2025-8088. Patch anyway… then protect sessions 🍪 (Teams QR/callback lures 📱, SSO/SAML token abuse). Read/subscribe: blog.alphahunt.io/signals-week... #AlphaHunt #KEV #WinRAR #Office

0
0
0
23h ago

CVE-2026-24061

Overview

GNU
Inetutils

21 Jan 2026

Published

27 Jan 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

24.86%

MITRE

KEV

Description

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

Statistics

7 Posts
35 Interactions

Last activity: 7 hours ago

Fediverse

stux⚡️ @stux

Nearly 800,000 #Telnet servers exposed to remote attacks

The security flaw (CVE-2026-24061) already has a proof-of-concept exploit, impacts GNU InetUtils versions 1.9.3 (released in 2015) through 2.7, and was patched in version 2.8 (released on January 20).

https://www.bleepingcomputer.com/news/security/nearly-800-000-telnet-servers-exposed-to-remote-attacks/

16
14
0
18h ago

michabbb @michabbb

🚨 Critical #Telnet Authentication Bypass Vulnerability Discovered #CVE202624061 #cybersecurity #infosec #DevOps #security

🔓 #GNU Inetutils telnetd through version 2.7 allows remote authentication bypass via "-f root" USER environment variable

⚡ The exploit is shockingly simple: attackers send "-f root" as the USER value, triggering /usr/bin/login -f root which skips password authentication entirely

🧵 👇

1
3
1
20h ago

Monte Freeman @montef

https://www.cve.org/CVERecord?id=CVE-2026-24061

#itsecurity #unix #linux #telnet #telnetd

1
0
0
20h ago

michabbb @michabbb

✅ Immediate action required: Update to GNU Inetutils 2.8+ or migrate to #SSH for secure remote access

https://nvd.nist.gov/vuln/detail/CVE-2026-24061

0
0
0
20h ago

Bluesky

OpsMatters @opsmatters.com

The latest update for #CyCognito includes "Emerging Threat: CVE-2026-24061 – Telnet Authentication Bypass in GNU Inetutils" and "Domain-to-IP Volatility at Scale: A Study of 4 Million Enterprise Domains". #cybersecurity #AttackSurfaceManagement #EASM https://opsmtrs.com/44Srq0X

0
0
0
13h ago

guardian360.bsky.social @guardian360.bsky.social

The flaw, tracked as CVE-2026-24061, has lingered in the open source program for more than a decade and, if exploited, could give attackers complete control of a device. www.darkreading.com/ics-ot-s...

0
0
0
7h ago

CVE-2026-21509

Overview

Microsoft
Microsoft Office 2019

26 Jan 2026

Published

27 Jan 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

4.74%

MITRE

KEV

Description

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.

Statistics

6 Posts
2 Interactions

Last activity: 5 hours ago

Fediverse

buherator @buherator

[RSS] Micropatches Released for Microsoft Office Security Feature Bypass Vulnerability (CVE-2026-21509)

https://blog.0patch.com/2026/01/micropatches-released-for-microsoft.html

1
1
0
21h ago

Günter Born @gborn

In allen Versionen von Microsoft Office gibt es die Schwachstelle CVE-2026-21509. Es ist nicht ganz klar, was Microsoft mit Notfall-Patches genau gemacht hat. ACROS Security hat mit 0patch das Übel bei der Wurzel gepackt und sperrt das OLE-Objekt.

https://borncity.com/blog/2026/01/29/0patch-micropatch-fuer-microsoft-office-schwachstelle-cve-2026-21509/

0
0
1
5h ago

Bluesky

buherator @buherator.bsky.social

[RSS] Micropatches Released for Microsoft Office Security Feature Bypass Vulnerability (CVE-2026-21509) blog.0patch.com -> Original->

0
0
0
21h ago

Philippe Vynckier @pvynckier.bsky.social

Microsoft publie un correctif hors cycle pour la vulnérabilité CVE-2026-21509 d’Office - IT SOCIAL itsocial.fr/cybersecurit...

0
0
0
5h ago

AlphaHunt Converge @alphahunt.io

SIGNALS WEEKLY: KEV speedrun of the week 🏁: Office CVE-2026-21509 + WinRAR CVE-2025-8088. Patch anyway… then protect sessions 🍪 (Teams QR/callback lures 📱, SSO/SAML token abuse). Read/subscribe: blog.alphahunt.io/signals-week... #AlphaHunt #KEV #WinRAR #Office

0
0
0
23h ago

CVE-2025-40551

Overview

SolarWinds
Web Help Desk

28 Jan 2026

Published

29 Jan 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.87%

MITRE

KEV

Description

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

Statistics

5 Posts
1 Interaction

Last activity: 5 hours ago

Fediverse

buherator @buherator

[RSS] CVE-2025-40551: Another Solarwinds Web Help Desk Deserialization Issue

https://horizon3.ai/attack-research/cve-2025-40551-another-solarwinds-web-help-desk-deserialization-issue/

1
0
0
5h ago

TheHackerWire @thehackerwire

SolarWinds has just announced four high-severity vulnerabilities in its Web Help Desk (WHD) software that could lead to full system takeover.

These flaws include unauthenticated Remote Code Execution (RCE) via insecure deserialization and multiple Authentication Bypasses, allowing attackers to execute protected methods without any credentials.

CVE-2025-40551 & CVE-2025-40553 (Unauthenticated RCE)
CVE-2025-40552 & CVE-2025-40554 (Auth Bypass)

https://www.thehackerwire.com/solarwinds-patches-critical-rce-and-auth-bypass-flaws-in-web-help-desk/

0
0
0
16h ago

Bluesky

/r/netsec @r-netsec-bot.bsky.social

CVE-2025-40551: SolarWinds WebHelpDesk RCE Deep-Dive and Indicators of Compromise

0
0
1
22h ago

buherator @buherator.bsky.social

[RSS] CVE-2025-40551: Another Solarwinds Web Help Desk Deserialization Issue horizon3.ai -> Original->

0
0
0
5h ago

CVE-2026-1470

Overview

n8n

27 Jan 2026

Published

27 Jan 2026

Updated

CVSS v3.1

CRITICAL (9.9)

EPSS

0.31%

MITRE

KEV

Description

n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations.

Statistics

4 Posts

Last activity: 4 hours ago

Fediverse

Rishi @rxerium

🚨 2 new vulnerability scripts created for the n8n vulnerabilities disclosed today:

CVE-2026-1470:
https://github.com/rxerium/rxerium-templates/blob/main/2026/CVE-2026-1470.yaml

CVE-2026-0863:
https://github.com/rxerium/rxerium-templates/blob/main/2026/CVE-2026-0863.yaml

Happy hunting.

0
0
0
8h ago

benzogaga33 :verified: @benzogaga33

n8n – CVE-2026-1470 et CVE-2026-0863 : deux nouvelles failles patchées, comment se protéger ? https://www.it-connect.fr/n8n-cve-2026-1470-et-cve-2026-0863-patchs-de-securite/ #ActuCybersécurité #Cybersécurité #Vulnérabilité

0
0
0
4h ago

Bluesky

Bitnewsbot @bitnewsbot.bsky.social

n8n contains two Sandbox-escape flaws that can lead to remote code execution for authenticated users. One issue, CVE-2026-1470, scores 9.9 […]

0
0
0
23h ago

IT-Connect @it-connect.bsky.social

n8n - CVE-2026-1470 et CVE-2026-0863 : deux nouvelles failles patchées, comment se protéger ? 👇 Les détails dans l'article de Florian : - www.it-connect.fr/n8n-cve-2026... #n8n #infosec #cybersecurite

0
0
0
8h ago

CVE-2025-14847

Overview

MongoDB Inc.
MongoDB Server

19 Dec 2025

Published

12 Jan 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

51.95%

MITRE

KEV

Description

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0.

Statistics

2 Posts
2 Interactions

Last activity: Last hour

Fediverse

InfoSecSherpa @InfoSecSherpa

MongoBleed (CVE-2025-14847) Information Leak Vulnerability Exploited in the Wild by Peled Eldan and Erez Hasson from XM Cyber - December 31, 2025.
https://cybersec.xmcyber.com/s/mongobleed-cve-2025-14847-information-leak-vulnerability-exploited-in-the-wild-24961

1
1
0
Last hour

Bluesky

InfoSecSherpa 🏔️ @infosecsherpa.bsky.social

MongoBleed (CVE-2025-14847) Information Leak Vulnerability Exploited in the Wild by Peled Eldan & Erez Hasson XM Cyber. Vulnerability is currently being exploited in the wild and was added to CISA’s Known Exploited Vulnerabilities Catalog on December 29, 2025. cybersec.xmcyber.com/s/mongobleed...

0
0
0
Last hour

CVE-2026-24423

Overview

SmarterTools
SmarterMail

23 Jan 2026

Published

24 Jan 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

0.12%

MITRE

KEV

Description

SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method. The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS command. This command will be executed by the vulnerable application.

Statistics

2 Posts
2 Interactions

Last activity: 17 hours ago

Fediverse

Caitlin Condon @catc0n

The VulnCheck research team found an unauth RCE vuln in SmarterMail that at least three other researchers discovered independently. VulnCheck canaries are also detecting in-the-wild exploitation of CVE-2026-24423. Lots of sudden attention on this software from researchers and adversaries.

https://www.vulncheck.com/blog/smartermail-connecttohub-rce-cve-2026-24423

1
1
0
20h ago

Bluesky

Sami Laiho @samilaiho.com

Street Smarts: SmarterMail ConnectToHub Unauthenticated RCE (CVE-2026-24423) www.vulncheck.com/blog/smarter...

0
0
0
17h ago

CVE-2025-55182

Overview

Meta
react-server-dom-webpack

03 Dec 2025

Published

11 Dec 2025

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

57.94%

MITRE

KEV

Description

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Statistics

2 Posts

Last activity: 14 hours ago

Fediverse

hackers-arise.official @hackers_arise

React2Shell: IoT Nightmare Unleashed!

CVE-2025-55182 allows attackers to take control of IoT devices and web servers with a single HTTP request due to flaws in React Server Components.

Dive into its origins and explore hands-on exploits!

Article on this topic https://hackers-arise.com/react2shell-vulnerability-exploited-to-build-massive-iot-botnet/
#cybersecurity #hacking #vulnerability #infosec #hackingtools

0
0
0
19h ago

Bluesky

セキュリティ対策Lab @securitylab-jp.bsky.social

React Server Components/Next.jsの脆弱性(React2Shell:CVE-2025-55182)がサイバー攻撃へ悪用-F5 Labsが警告 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews

0
0
0
14h ago

CVE-2025-9142

Overview

checkpoint
Hramony SASE

14 Jan 2026

Published

14 Jan 2026

Updated

CVSS v3.1

HIGH (7.5)

EPSS

0.01%

MITRE

KEV

Description

A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory.

Statistics

3 Posts

Last activity: 18 hours ago

Fediverse

The IT Nerd @The_IT_Nerd

Check Point Harmony Secure Access Service Edge Has A Critical Local Privilege Escalation Flaw

Researchers have uncovered a critical privilege-escalation vulnerability, in Check Point’s Harmony Secure Access Service Edge Windows client software, tracked as CVE-2025-9142, that enables hackers to write or delete files outside the certificate working directory that could compromise systems. More info can be here: Jim Routh, Chief Trust Officer at Saviynt, commented: “This…

https://itnerd.blog/2026/01/28/check-point-harmony-secure-access-service-edge-has-a-critical-local-privilege-escalation-flaw/

0
0
1
19h ago

Bluesky

r/blueteamsec bot @r-blueteamsec.bsky.social

Advisory - Check Point Harmony Local Privilege Escalation (CVE-2025-9142)

0
0
0
18h ago