24h | 7d | 30d

CVE-2026-20133

Overview

  • Cisco
  • Cisco Catalyst SD-WAN Manager
25 Feb 2026
Published
21 Apr 2026
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
1.97%
KEV

Description

A vulnerability in Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system access restrictions. An attacker could exploit this vulnerability by accessing the API of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.

Statistics

  • 6 Posts
  • 3 Interactions
Last activity: 1 hour ago

Bluesky

Profile picture fallback
The IT Nerd @theitnerd.ca
The CISA adds eight Cisco SD-WAN flaws to KEV and gives organizations four days to fix them The CISA has added eight vulnerabilities to its KEV catalog, including CVE-2026-20133, another flaw affecting Cisco Catalyst SD-WAN Manager that Federal agencies have been given four days to secure their…
  • 1
  • 2
  • 1
  • 12h ago
Profile picture fallback
ohhara @shiojiri.com
CISA、シスコ製品やZimbraなどの脆弱性8件をKEVカタログに追加(CVE-2026-20133ほか) | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/45360/
  • 0
  • 0
  • 0
  • 23h ago
Profile picture fallback
Help Net Security @helpnetsecurity.com
CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133) 📖 Read more: www.helpnetsecurity.com/2026/04/21/c... #cybersecurity #cybersecuritynews #government @cisco.com @vulncheck.bsky.social #CISA
  • 0
  • 0
  • 0
  • 19h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
CISA orders federal agencies to patch CVE-2026-20133 in Cisco Catalyst SD-WAN Manager by April 24 after active exploitation found. Flaw allows unauthenticated access to sensitive OS data via API. #SDWANFlaw #CVE202620133 #USA
  • 0
  • 0
  • 0
  • 10h ago
Profile picture fallback
キタきつね @kitafox.bsky.social
CISAは、Cisco Catalyst SD-WAN Managerの別の脆弱性(CVE-2026-20133)が悪用されたことを警告した CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133) #HelpNetSecurity (Apr 21) www.helpnetsecurity.com/2026/04/21/c...
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-40372

Overview

  • Microsoft
  • ASP.NET Core 10.0
21 Apr 2026
Published
22 Apr 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
Pending
KEV

Description

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.

Statistics

  • 4 Posts
  • 10 Interactions
Last activity: 2 hours ago

Fediverse

Profile picture fallback
.NET @dotnet

📰 .NET 10.0.7 Out-of-Band Security Update

We are releasing .NET 10.0.7 as an out-of-band security update to address CVE-2026-40372.

devblogs.microsoft.com/dotnet/ #dotnet

  • 4
  • 3
  • 0
  • 12h ago
Profile picture fallback
Barret @barret

From the .NET blog...

In case you missed it earlier...

.NET 10.0.7 Out-of-Band Security Update
devblogs.microsoft.com/dotnet/ #dotnet #MaintenanceUpdates #NET10 #CVE202640372 #OOB #Security

  • 1
  • 1
  • 0
  • 4h ago
Profile picture fallback
Barret @barret

From the .NET blog...

.NET 10.0.7 Out-of-Band Security Update
devblogs.microsoft.com/dotnet/ #dotnet #MaintenanceUpdates #NET10 #CVE202640372 #OOB #Security

  • 1
  • 0
  • 0
  • 12h ago
Profile picture fallback
ekiledjian @edwardk

Microsoft has released an emergency .NET 10.0.7 update to fix a critical elevation of privilege vulnerability (CVE-2026-40372) in the Microsoft.AspNetCore.DataProtection NuGet package, affecting versions 10.0.0 through 10.0.6. This vulnerability could allow attackers to bypass integrity validation and escalate privileges, and Microsoft strongly advises immediate updating of the package.
cybersecuritynews.com/emergenc

  • 0
  • 0
  • 0
  • 2h ago

CVE-2026-34197

Overview

  • Apache Software Foundation
  • Apache ActiveMQ Broker
  • org.apache.activemq:activemq-broker
07 Apr 2026
Published
17 Apr 2026
Updated
CVSS
Pending
EPSS
59.64%
KEV

Description

Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits exec operations on all ActiveMQ MBeans (org.apache.activemq:*), including BrokerService.addNetworkConnector(String) and BrokerService.addConnector(String). An authenticated attacker can invoke these operations with a crafted discovery URI that triggers the VM transport's brokerConfig parameter to load a remote Spring XML application context using ResourceXmlApplicationContext. Because Spring's ResourceXmlApplicationContext instantiates all singleton beans before the BrokerService validates the configuration, arbitrary code execution occurs on the broker's JVM through bean factory methods such as Runtime.exec(). This issue affects Apache ActiveMQ Broker: before 5.19.4, from 6.0.0 before 6.2.3; Apache ActiveMQ All: before 5.19.4, from 6.0.0 before 6.2.3; Apache ActiveMQ: before 5.19.4, from 6.0.0 before 6.2.3. Users are recommended to upgrade to version 5.19.4 or 6.2.3, which fixes the issue

Statistics

  • 3 Posts
Last activity: 2 hours ago

Fediverse

Profile picture fallback
HackerWorkspace @hackerworkspace

CVE-2026-34197 ActiveMQ RCE via Jolokia API

horizon3.ai/attack-research/di

Read on HackerWorkspace: hackerworkspace.com/article/cv

  • 0
  • 0
  • 0
  • 15h ago
Profile picture fallback
ekiledjian @edwardk

Thousands of Apache ActiveMQ instances remain unpatched weeks after a critical remote code injection vulnerability (CVE-2026-34197) was discovered, highlighting a dangerous lag in security updates. Experts warn that with AI capable of rapidly weaponizing newly found bugs, slow patching cycles are a significant network security risk.
csoonline.com/article/4161532/

  • 0
  • 0
  • 0
  • 2h ago

Bluesky

Profile picture fallback
Kees - Nijkerk @keesnk.bsky.social
6000+ Apache ActiveMQ Instances Vulnerable to CVE-2026-34197 exposed Online: cybersecuritynews.com/apache-activ...
  • 0
  • 0
  • 0
  • 2h ago

CVE-2026-41316

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 2 Posts
  • 14 Interactions
Last activity: 10 hours ago

Fediverse

Profile picture fallback
k0kubun @k0kubun

Ruby 4.0.3 has been released. It updates ERB to 6.0.1.1 for CVE-2026-41316.

If your application calls Marshal.load on untrusted data AND has both erb and activesupport loaded, please update your ERB version. You may update Ruby to 4.0.3 to do so.

ruby-lang.org/en/news/2026/04/

  • 5
  • 7
  • 0
  • 22h ago
Profile picture fallback
Fernando Briano @picandocodigo

Ruby 4.0.3 Released
This release only contains ERB 6.0.1.1, which fixes CVE-2026-41316.

ruby-lang.org/en/news/2026/04/

#Ruby

  • 2
  • 0
  • 0
  • 10h ago

CVE-2026-32201

Overview

  • Microsoft
  • Microsoft SharePoint Enterprise Server 2016
14 Apr 2026
Published
21 Apr 2026
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
2.05%
KEV

Description

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

Statistics

  • 3 Posts
  • 12 Interactions
Last activity: Last hour

Fediverse

Profile picture fallback
ekiledjian @edwardk

Over 1,370 Microsoft SharePoint servers are exposed online to a spoofing vulnerability (CVE-2026-32201), which is actively exploited in the wild. This critical flaw, identified by The Shadowserver Foundation, allows unauthorized attackers to bypass security protocols and potentially compromise sensitive corporate data, highlighting a significant patch management problem for many organizations.
gbhackers.com/1370-microsoft-s

  • 0
  • 0
  • 0
  • Last hour

Bluesky

Profile picture fallback
The Shadowserver Foundation @shadowserver.bsky.social
We are also scanning & reporting Microsoft SharePoint CVE-2026-32201 (Improper input validation in SharePoint allows an unauthorized attacker to perform spoofing over a network). This vulnerability is known exploited in the wild & on US CISA KEV list. 1370 IPs seen unpatched. Top: US
  • 5
  • 7
  • 0
  • 12h ago
Profile picture fallback
The Shadowserver Foundation @shadowserver.bsky.social
CVE-2026-32201 tracker: dashboard.shadowserver.org/statistics/c... This is a version based scan. Microsoft Advisory: msrc.microsoft.com/update-guide...
  • 0
  • 0
  • 0
  • 12h ago

CVE-2023-33538

Overview

  • Pending
07 Jun 2023
Published
20 Dec 2025
Updated
CVSS
Pending
EPSS
89.90%
KEV

Description

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .

Statistics

  • 3 Posts
  • 5 Interactions
Last activity: 6 hours ago

Fediverse

Profile picture fallback
Patrick C Miller :donor: @patrickcmiller

CVE-2023-33538 under attack for a year, but exploitation still unsuccessful securityaffairs.com/191040/hac

  • 2
  • 3
  • 1
  • 6h ago
Profile picture fallback
Chris Short @ChrisShort

TP-Link router owners beware | A Deep Dive Into Attempted Exploitation of CVE-2023-33538 #devopsish unit42.paloaltonetworks.com/ex

  • 0
  • 0
  • 0
  • 7h ago

CVE-2026-41285

Overview

  • OpenBSD
  • OpenBSD
20 Apr 2026
Published
21 Apr 2026
Updated
CVSS v3.1
MEDIUM (4.3)
EPSS
0.01%
KEV

Description

In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery (ND) option (over a local network) with length zero, because of an "nd_opt_len * 8 - 2" expression with no preceding check for whether nd_opt_len is zero.

Statistics

  • 2 Posts
Last activity: 3 hours ago

Fediverse

Profile picture fallback
Nad @Nadsec

Another1 - CVE-2026-41285 - OpenBSD

nvd.nist.gov/vuln/detail/CVE-2

(Project asswing was not involved)

  • 0
  • 0
  • 0
  • 3h ago

Bluesky

Profile picture fallback
Nad @nadsec.online
Another1 - CVE-2026-41285 - OpenBSD nvd.nist.gov/vuln/detail/... (Project asswing was not involved)
  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-33825

Overview

  • Microsoft
  • Microsoft Defender Antimalware Platform
14 Apr 2026
Published
21 Apr 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
0.06%
KEV

Description

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Statistics

  • 2 Posts
Last activity: 2 hours ago

Fediverse

Profile picture fallback
ekiledjian @edwardk

Three publicly available exploits, BlueHammer, RedSun, and UnDefend, are being used to turn Microsoft Defender into an attacker tool, with two enabling SYSTEM-level access and one disrupting Defender's update mechanism. While a patch exists for BlueHammer (CVE-2026-33825), RedSun and UnDefend exploit separate flaws, allowing attackers to escalate privileges or weaken defenses with minimal modifications.
darkreading.com/cyberattacks-d

  • 0
  • 0
  • 0
  • 2h ago

Bluesky

Profile picture fallback
piggo @pigondrugs.bsky.social
~Huntress~ Nightmare-Eclipse LPE tools (BlueHammer/RedSun) are being actively exploited in the wild following FortiGate VPN compromise. - IOCs: staybud. dpdns. org, 78. 29. 48. 29, 179. 43. 140. 214 - #CVE202633825 #NightmareEclipse #threatintel
  • 0
  • 0
  • 0
  • 15h ago

CVE-2026-33032

Overview

  • 0xJacky
  • nginx-ui
30 Mar 2026
Published
16 Apr 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
7.55%
KEV

Description

Nginx UI is a web user interface for the Nginx web server. In versions 2.3.5 and prior, the nginx-ui MCP (Model Context Protocol) integration exposes two HTTP endpoints: /mcp and /mcp_message. While /mcp requires both IP whitelisting and authentication (AuthRequired() middleware), the /mcp_message endpoint only applies IP whitelisting - and the default IP whitelist is empty, which the middleware treats as "allow all". This means any network attacker can invoke all MCP tools without authentication, including restarting nginx, creating/modifying/deleting nginx configuration files, and triggering automatic config reloads - achieving complete nginx service takeover. At time of publication, there are no publicly available patches.

Statistics

  • 1 Post
  • 5 Interactions
Last activity: 22 hours ago

Fediverse

Profile picture fallback
N_{Dario Fadda} @nuke

Critical CVE-2026-33032 (MCPwn): Actively Exploited nginx-ui Flaw Enables Full Web Server Takeover in Two HTTP Requests
#CyberSecurity
securebulletin.com/critical-cv

  • 5
  • 0
  • 0
  • 22h ago

CVE-2025-26399

Overview

  • SolarWinds
  • Web Help Desk
23 Sep 2025
Published
10 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
29.28%
KEV

Description

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which in turn is a patch bypass of CVE-2024-28986.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 23 hours ago

Fediverse

Profile picture fallback
TechNadu @technadu

QEMU abuse rising 🚨
QEMU used for stealth VMs, SSH tunnels, persistence
CVE-2025-26399, CitrixBleed2 exploited
💬 Monitoring VM layer yet?

Source: securityweek.com/hackers-abuse

Follow TechNadu

  • 1
  • 0
  • 0
  • 23h ago
Showing 1 to 10 of 39 CVEs