24h | 7d | 30d

CVE-2025-47813

Overview

  • wftpserver
  • Wing FTP Server
10 Jul 2025
Published
17 Mar 2026
Updated
CVSS v3.1
MEDIUM (4.3)
EPSS
20.96%
KEV

Description

loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie.

Statistics

  • 7 Posts
  • 6 Interactions
Last activity: 10 hours ago

Fediverse

Profile picture fallback
TechNadu @technadu

New KEV addition by CISA:
CVE-2025-47813 (Wing FTP Server)
• Information disclosure flaw
• Actively exploited
• High remediation priority
KEV = real-world threat signal.

Source: cisa.gov/news-events/alerts/20

Follow @technadu for updates.

  • 1
  • 1
  • 0
  • 13h ago

Bluesky

Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
CISA warns that a year-old Wing FTP vulnerability (CVE-2025-47813) is being exploited in the wild, disclosing server installation paths that attackers can use to exploit critical remote code execution flaws.
  • 1
  • 1
  • 0
  • 16h ago
Profile picture fallback
Cybersecurity News Everyday @hendryadrian.bsky.social
CISA added CVE-2025-47813 to the Known Exploited Vulnerabilities catalog after active exploitation in Wing FTP. This info leak exposes server paths via an overlong UID cookie. Patch available in Wing FTP 7.4.4. #InfoLeak #WingFTP #USA
  • 0
  • 1
  • 0
  • 19h ago
Profile picture fallback
Calimeg @calimegai.bsky.social
🚨 La CISA signale une faille modérée dans Wing FTP (CVE-2025-47813) qui expose le chemin d’installation des serveurs, avec preuve d'exploitation active. Protégez-vous ! #CyberSecurity #Automatisation
  • 0
  • 1
  • 0
  • 10h ago
Profile picture fallback
Information Security Briefly @infosecbriefly.bsky.social
CISA added CVE-2025-47813, a medium-severity information disclosure vulnerability in Wing FTP Server, to its Known Exploited Vulnerabilities catalog due to active exploitation evidence.
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
ohhara @shiojiri.com
CVE-2025-47813 Wing FTP Server Information Disclosure Vulnerability
  • 0
  • 0
  • 0
  • 19h ago
Profile picture fallback
TechNadu @technadu.com
CISA adds CVE-2025-47813 to KEV Wing FTP Server vuln Actively exploited, info disclosure risk Patch priority ↑ Follow TechNadu #CyberSecurity #Infosec
  • 0
  • 0
  • 0
  • 13h ago

CVE-2026-3888

Overview

  • snapd
17 Mar 2026
Published
18 Mar 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
Pending
KEV

Description

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.

Statistics

  • 3 Posts
  • 4 Interactions
Last activity: 5 hours ago

Fediverse

Profile picture fallback
buherator @buherator
snap-confine + systemd-tmpfiles = root (CVE-2026-3888)

https://www.openwall.com/lists/oss-security/2026/03/17/8

Qualys just can't stop!
  • 1
  • 1
  • 0
  • 6h ago
Profile picture fallback
Ludovic Courtès @civodul

Looks like removing files from /tmp on a running system is racy and risky:
blog.qualys.com/vulnerabilitie

Someone on oss-sec shared a very similar issue from 2002 (‘tmpwatch’ instead of ‘systemd-tmpfiles’):
lcamtuf.coredump.cx/tmp_paper.

  • 0
  • 2
  • 0
  • 5h ago

Bluesky

Profile picture fallback
buherator @buherator.bsky.social
snap-confine + systemd-tmpfiles = root (CVE-2026-3888) www.openwall.com -> Qualys just can't stop! Original->
  • 0
  • 0
  • 0
  • 6h ago

CVE-2026-20643

Overview

  • Apple
  • macOS
17 Mar 2026
Published
17 Mar 2026
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2. Processing maliciously crafted web content may bypass Same Origin Policy.

Statistics

  • 1 Post
  • 9 Interactions
Last activity: 2 hours ago

Bluesky

Profile picture fallback
BleepingComputer @bleepingcomputer.com
Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade.
  • 2
  • 7
  • 0
  • 2h ago

CVE-2026-4258

Overview

  • sjcl
17 Mar 2026
Published
17 Mar 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.02%
KEV

Description

All versions of the package sjcl are vulnerable to Improper Verification of Cryptographic Signature due to missing point-on-curve validation in sjcl.ecc.basicKey.publicKey(). An attacker can recover a victim's ECDH private key by sending crafted off-curve public keys and observing ECDH outputs. The dhJavaEc() function directly returns the raw x-coordinate of the scalar multiplication result (no hashing), providing a plaintext oracle without requiring any decryption feedback.

Statistics

  • 1 Post
  • 3 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 CVE-2026-4258 (HIGH): All sjcl versions affected by lack of public key validation could let remote attackers recover ECDH private keys. No patch yet — audit sjcl use, validate keys, avoid dhJavaEc()! radar.offseq.com/threat/cve-20

  • 1
  • 2
  • 0
  • 19h ago

CVE-2026-23489

Overview

  • pluginsGLPI
  • fields
16 Mar 2026
Published
16 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.06%
KEV

Description

Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to version 1.23.3, it is possible to execute arbitrary PHP code from users that are allowed to create dropdowns. This issue has been patched in version 1.23.3.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 22 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 CVE-2026-23489 (CRITICAL, CVSS 9.1): GLPI 'fields' plugin (<1.23.3) allows privileged users to execute arbitrary PHP code (RCE risk). Patch to 1.23.3+, review permissions, and monitor activity. radar.offseq.com/threat/cve-20

  • 1
  • 1
  • 0
  • 22h ago

CVE-2026-3864

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 3 Posts
  • 2 Interactions
Last activity: 14 hours ago

Bluesky

Profile picture fallback
K8sContributors @kubernetes.dev
CVE-2026-3864: CSI Driver for NFS path traversal via subDir may delete unintended directories on the NFS server -
  • 1
  • 1
  • 2
  • 14h ago

CVE-2026-4252

Overview

  • Tenda
  • AC8
16 Mar 2026
Published
16 Mar 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.14%
KEV

Description

A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue is the function check_is_ipv6 of the component IPv6 Handler. The manipulation leads to reliance on ip address for authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 21 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚩 CRITICAL: CVE-2026-4252 impacts Tenda AC8 (16.03.50.11). IP-based auth in IPv6 Handler lets remote attackers bypass login. Exploit is public. Disable remote mgmt, restrict access, monitor traffic. Details: radar.offseq.com/threat/cve-20

  • 1
  • 1
  • 0
  • 21h ago

CVE-2026-32136

Overview

  • AdguardTeam
  • AdGuardHome
11 Mar 2026
Published
12 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.79%
KEV

Description

AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.73, an unauthenticated remote attacker can bypass all authentication in AdGuardHome by sending an HTTP/1.1 request that requests an upgrade to HTTP/2 cleartext (h2c). Once the upgrade is accepted, the resulting HTTP/2 connection is handled by the inner mux, which has no authentication middleware attached. All subsequent HTTP/2 requests on that connection are processed as fully authenticated, regardless of whether any credentials were provided. This vulnerability is fixed in 0.107.73.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 9 hours ago

Bluesky

Profile picture fallback
IT-Connect @it-connect.bsky.social
🛑 Votre AdGuard Home est vulnérable à une compromission totale : CVE-2026-32136 🔗 Toutes les infos dans mon article : www.it-connect.fr/votre-adguar... #cybersecurite #adguard #infosec #veilleIT
  • 1
  • 1
  • 0
  • 9h ago

CVE-2025-30201

Overview

  • wazuh
  • wazuh
21 Nov 2025
Published
26 Feb 2026
Updated
CVSS v3.1
HIGH (7.7)
EPSS
0.28%
KEV

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in various agent configuration settings, potentially leading NTLM relay attacks that would result privilege escalation and remote code execution. This issue has been patched in version 4.13.0.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 13 hours ago

Fediverse

Profile picture fallback
@moltenbit

Found a bypass in Wazuh's UNC path validation for Windows agents.

The existing mitigation (CVE-2025-30201) blocked standard UNC paths like \\server\share, but extended-length UNC paths using the \\?\UNC\ prefix slipped right through. This affects the OSQuery wodle's log_path and config_path fields.

Impact: An attacker who controls the centralized agent config can coerce domain-joined Windows agents into authenticating to an attacker-controlled SMB server, leaking the machine account's NetNTLMv2 hash. From there it's NTLM relay and potentially full Active Directory domain compromise.

Patched in Wazuh 4.14.3. CVSS 7.7 High.

Full writeup with technical details on my blog:
moltenbit.net/posts/wazuh-unc-mitigation-bypass-cve-2025-30201/

  • 0
  • 2
  • 0
  • 13h ago

CVE-2026-4312

Overview

  • DrangSoft
  • GCB/FCB Audit Software
17 Mar 2026
Published
17 Mar 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.13%
KEV

Description

GCB/FCB Audit Software developed by DrangSoft has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access certain APIs to create a new administrative account.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 18 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 CVE-2026-4312 (CRITICAL, CVSS 9.3) in DrangSoft GCB/FCB Audit Software: missing auth allows remote admin account creation & full compromise. No patch yet — restrict API access, monitor closely. radar.offseq.com/threat/cve-20

  • 0
  • 1
  • 0
  • 18h ago
Showing 1 to 10 of 27 CVEs