CVE-2026-2441

Overview

Google
Chrome

13 Feb 2026

Published

14 Feb 2026

Updated

CVSS

Pending

EPSS

0.04%

MITRE

KEV

Description

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Statistics

11 Posts
2 Interactions

Last activity: 1 hour ago

Fediverse

Miguel Afonso Caetano @remixtures

RT @TheHackersNews
🚨 Google patched Chrome zero-day CVE-2026-2441, a CVSS 8.8 bug already exploited in attacks.

The CSS use-after-free flaw allows sandboxed remote code execution via malicious pages.

🔗 Read → https://thehackernews.com/2026/02/new-chrome-zero-day-cve-2026-2441-under.html

First active Chrome zero-day fixed this year. Update now.

1
1
0
1h ago

Anonymous :verified: @youranonnewsirc

Recent reports confirm Google issued an urgent patch for an actively exploited Chrome zero-day vulnerability (CVE-2026-2441). Geopolitically, the Munich Security Conference 2026 highlighted cyber threats as a leading risk for G7 nations. In technology news, India is currently hosting the AI Impact Summit 2026, convening global leaders to discuss the future of AI.

#AnonNews_irc #Cybersecurity #News

0
0
0
1h ago

Bluesky

セキュリティ対策Lab @securitylab-jp.bsky.social

Google、Chrome へ緊急アップデート、CSSのUse-after-freeの脆弱性を修正（CVE-2026-2441）既に悪用確認 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews

0
0
0
7h ago

Information Security Briefly @infosecbriefly.bsky.social

Google patched an actively exploited high-severity CSS use-after-free zero-day (CVE-2026-2441) in Chrome and advises updating to the latest versions.

0
0
0
3h ago

GuardingPearSoftware @guardingpearsof.bsky.social

Google has released security updates for its Chrome browser to address a security flaw that it said has been exploited in the wild. https://thehackernews.com/2026/02/new-chrome-zero-day-cve-2026-2441-under.html

0
0
1
3h ago

Ninja Owl @ninjaowl.ai

New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
3h ago

Information Security Briefly @infosecbriefly.bsky.social

An actively exploited high-severity use-after-free vulnerability in Chrome's CSS component (CVE-2026-2441) has been patched in emergency updates for Windows, Mac, and Linux.

0
0
0
2h ago

Bitnewsbot @bitnewsbot.bsky.social

Google issued an emergency Chrome patch for an actively exploited zero-day vulnerability, tracked as CVE-2026-2441. The high-severity flaw is a […]

0
0
0
2h ago

Opera Privacy and Security Team @opera-security.bsky.social

Important security update: Opera's browsers have received a security fix for Chromium's latest 0-day: CVE-2026-2441 Update now: Opera One: 127.0.5778.64 Opera GX: 127.0.5778.67 Opera Air: 127.0.5778.66 Opera Neon: 127.0.5778.65 Opera for Android: 95.1 blogs.opera.com/security/202...

0
0
0
1h ago

Help Net Security @helpnetsecurity.com

Google patches Chrome vulnerability with in-the-wild exploit (CVE-2026-2441) 📖 Read more: www.helpnetsecurity.com/2026/02/16/g... #cybersecurity #cybersecuritynews #Chrome #vulnerability

0
0
0
1h ago

CVE-2026-1731

Overview

BeyondTrust
Remote Support(RS) & Privileged Remote Access(PRA)

06 Feb 2026

Published

14 Feb 2026

Updated

CVSS v4.0

CRITICAL (9.9)

EPSS

61.38%

MITRE

KEV

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Statistics

9 Posts
2 Interactions

Last activity: 4 hours ago

Fediverse

Patrick C Miller :donor: @patrickcmiller

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release https://securityaffairs.com/187962/uncategorized/attackers-exploit-beyondtrust-cve-2026-1731-within-hours-of-poc-release.html

0
0
1
17h ago

Anonymous :verified: @youranonnewsirc

Recent geopolitical discussions at the Munich Security Conference addressed EU strategic autonomy and India's commitment to cease Russian oil purchases. In technology, Microsoft released a Windows 11 update (KB5077181) fixing 58 critical flaws. The Pentagon is also reportedly reconsidering its AI partnership with Anthropic over military use restrictions. Cybersecurity concerns escalated as Gartner highlighted AI agents and quantum threats for 2026, and CISA warned of active exploitation of a BeyondTrust RCE vulnerability (CVE-2026-1731).

#AnonNews_irc #Cybersecurity #News

0
0
1
13h ago

Bluesky

Philippe Vynckier @pvynckier.bsky.social

Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731) - Help Net Security www.helpnetsecurity.com/2026/02/13/b...

0
2
0
23h ago

r/blueteamsec bot @r-blueteamsec.bsky.social

Threat Campaign Targeting BeyondTrust Remote Support Following CVE-2026-1731 PoC Availability

0
0
0
17h ago

キタきつね @kitafox.bsky.social

ハッカーが新たに修正されたBeyondTrustのRCE脆弱性（CVE-2026-1731）を調査し、悪用 Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731) #HelpNetSecurity (Feb 13) www.helpnetsecurity.com/2026/02/13/b...

0
0
0
10h ago

キタきつね @kitafox.bsky.social

CISAが既知の脆弱性1件をカタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Feb 13) CVE-2026-1731 BeyondTrust リモートサポート (RS) および特権リモートアクセス (PRA) OS コマンドインジェクションの脆弱性 www.cisa.gov/news-events/...

0
0
0
10h ago

OpsMatters @opsmatters.com

The latest update for #CyCognito includes "What is CVE-2026-1731?" and "Moving From Activity to Impact: How CTEM Refocuses Security KPIs". #cybersecurity #AttackSurfaceManagement #EASM https://opsmtrs.com/44Srq0X

0
0
0
4h ago

CVE-2024-43468

Overview

Microsoft
Microsoft Configuration Manager

08 Oct 2024

Published

12 Feb 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

87.46%

MITRE

KEV

Description

Microsoft Configuration Manager Remote Code Execution Vulnerability

Statistics

2 Posts
2 Interactions

Last activity: 17 hours ago

Fediverse

Anonymous :verified: @youranonnewsirc

Feb 14-15, 2026: The Munich Security Conference highlights deepening transatlantic tensions and calls for EU strategic autonomy, amid US-Greenland territorial friction. China debuted the first sodium-ion EV. CISA warned of an actively exploited SQL injection vulnerability in Microsoft Configuration Manager (CVE-2024-43468), urging immediate patching. "Agentic AI" is rapidly escalating cyber threats, with many CISOs unprepared for new attack surfaces and speeds.

#AnonNews_irc #Cybersecurity #News

0
0
0
20h ago

Bluesky

Pia @cecallihelper.bsky.social

CISA: "critical remote code execution vulnerability (CVE-2024-43468) in Microsoft Configuration Manager is being actively exploited" www.linkedin.com/posts/cisowh... #cybersec #natsec "What CISOs should do:"

1
1
0
17h ago

CVE-2026-20700

Overview

Apple
macOS

11 Feb 2026

Published

13 Feb 2026

Updated

CVSS

Pending

EPSS

0.13%

MITRE

KEV

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.

Statistics

2 Posts
2 Interactions

Last activity: 6 hours ago

Fediverse

PrivacyDigest @PrivacyDigest

#Apple Patches Decade-Old #IOS #ZeroDay , Possibly #Exploited By Commercial #Spyware

This week Apple patched iOS and #macOS against what it called "an extremely sophisticated attack against specific targeted individuals." #Security Week reports that the bugs "could be exploited for information exposure, denial-of-service ( #DoS ), arbitrary file write, privilege escalation, network traffic interception, sandbox escape, and code execution."
#CVE-2026-20700

https://apple.slashdot.org/story/26/02/15/018217/apple-patches-decade-old-ios-zero-day-possibly-exploited-by-commercial-spyware?utm_source=rss1.0mainlinkanon&utm_medium=feed

1
1
0
6h ago

Bluesky

azlab@uec @uecazlab.bsky.social

【UPDATE】mac, iPhone, iPad, apple watch, tv, visionの製品を利用の方は，アップデートの実施を！ゼロデイ脆弱性「CVE-2026-20700」はmacOS / tvOS / watchOS / visionOSにも影響．Appleがセキュリティ更新を実施 forest.watch.impress.co.jp/docs/news/20... #SecurityUpdate

0
0
0
16h ago

CVE-2026-25253

Overview

OpenClaw
OpenClaw

01 Feb 2026

Published

03 Feb 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.04%

MITRE

KEV

Description

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

Statistics

3 Posts

Last activity: 2 hours ago

Bluesky

Undercode Testing @undercode.bsky.social

The OpenClaw Nightmare: Why Giving AI Agents Root Access Is the 2026 Security Disaster We Deserved + Video Introduction The lines between human workflows and autonomous machine execution have officially blurred into a security horror show. Late January 2026 saw the disclosure of CVE-2026-25253, a…

0
0
0
14h ago

/r/netsec @r-netsec-bot.bsky.social

Architectural Isolation Tradeoffs in the OpenClaw Ecosystem After CVE-2026-25253

0
0
1
2h ago

CVE-2018-0802

Overview

Microsoft Corporation
Equation Editor

10 Jan 2018

Published

21 Oct 2025

Updated

CVSS

Pending

EPSS

93.89%

MITRE

KEV

Description

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.

Statistics

1 Post
1 Interaction

Last activity: 23 hours ago

Bluesky

Philippe Vynckier @pvynckier.bsky.social

New XWorm RAT Campaign Leverages Phishing and CVE-2018-0802 Excel Exploit to Bypass Detection gbhackers.com/new-xworm-ra...

0
1
0
23h ago

CVE-2026-25753

Overview

Praskla-Technology
assessment-placipy

06 Feb 2026

Published

09 Feb 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

0.06%

MITRE

KEV

Description

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password for all newly created student accounts. This results in mass account takeover, allowing any attacker to log in as any student once the password is known.

Statistics

1 Post
1 Interaction

Last activity: 23 hours ago

Bluesky

Undercode Testing @undercode.bsky.social

CVE-2026-25753 Exposed: How a Simple Credential Flaw Can Lead to Mass Account Takeover + Video Introduction: In the ever-evolving landscape of web application security, the authentication mechanism remains the most targeted barrier between an attacker and sensitive data. A recently disclosed…

0
1
0
23h ago

CVE-2025-64712

Overview

Unstructured-IO
unstructured

04 Feb 2026

Published

04 Feb 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.08%

MITRE

KEV

Description

The unstructured library provides open-source components for ingesting and pre-processing images and text documents, such as PDFs, HTML, Word docs, and many more. Prior to version 0.18.18, a path traversal vulnerability in the partition_msg function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments. This issue has been patched in version 0.18.18.

Statistics

1 Post
1 Interaction

Last activity: 23 hours ago

Bluesky

Philippe Vynckier @pvynckier.bsky.social

CVE-2025-64712 in Unstructured.io Puts Amazon, Google, and Tech Giants at Risk of Remote Code Execution gbhackers.com/cve-2025-647...

0
1
0
23h ago

CVE-2026-2538

Overview

Flos Freeware
Notepad2

16 Feb 2026

Published

16 Feb 2026

Updated

CVSS v4.0

HIGH (7.3)

EPSS

Pending

MITRE

KEV

Description

A security flaw has been discovered in Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25. Affected is an unknown function in the library Msimg32.dll. Performing a manipulation results in uncontrolled search path. Attacking locally is a requirement. The attack's complexity is rated as high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

1 Post

Last activity: 2 hours ago

Fediverse

Offensive Sequence @offseq

🚩 CVE-2026-2538: High-severity vuln in Notepad2 (v4.2.22 – 4.2.25). Uncontrolled search path in Msimg32.dll lets local users execute code or escalate privileges. No patch yet — restrict local access & monitor endpoints. https://radar.offseq.com/threat/cve-2026-2538-uncontrolled-search-path-in-flos-fre-d9540b5b #OffSeq #Vulnerability #Notepad2

0
0
0
2h ago

CVE-2026-2517

Overview

Open5GS

15 Feb 2026

Published

15 Feb 2026

Updated

CVSS v4.0

MEDIUM (6.9)

EPSS

Pending

MITRE

KEV

Description

A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogs_gtp2_parse_tft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf[0].content.length results in denial of service. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Statistics

1 Post

Last activity: 20 hours ago

Fediverse

Offensive Sequence @offseq

CVE-2026-2517: MEDIUM severity DoS in Open5GS SMF (2.7.0 – 2.7.6). Remote, unauthenticated crash via malformed GTPv2 traffic. Exploit is public — patch & monitor GTPv2 now! https://radar.offseq.com/threat/cve-2026-2517-denial-of-service-in-open5gs-08313086 #OffSeq #Open5GS #CVE20262517 #DoS #5G

0
0
0
20h ago