24h | 7d | 30d

CVE-2026-24061

Overview

  • GNU
  • Inetutils
21 Jan 2026
Published
23 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.36%
KEV

Description

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

Statistics

  • 7 Posts
  • 59 Interactions
Last activity: 3 hours ago

Fediverse

Profile picture
hrbrmstr 🇺🇦 🇬🇱 🇨🇦 @hrbrmstr

We caught a few (desperate) fiends trying to have their way with our vulnerable-to Telnetd -f Auth Bypass vuln (CVE-2026-24061) systems and I took a spelunk in the PCAPs:

Some of the least clever and least capable actors I've seen in a while.

"-f Around and Find Out: 18 Hours of Unsolicited Telnet Houseguests “ takes you on a deep dive into the packets.

labs.greynoise.io//grimoire/20

cc: @darses

  • 14
  • 18
  • 0
  • 17h ago
Profile picture
Jan Schaumann @jschauma

Trollolol, telnetd lets you log in without a password if you send the USER environment variable as "-f root" (which gets passed unsanitized to login(1)).

(Yes, yes, telnet, but still. :-)

openwall.com/lists/oss-securit

CVE-2026-24061

  • 7
  • 12
  • 0
  • 3h ago
Profile picture
Colin McMillen @colin_mcmillen

There is a critical auth bypass vulnerability in telnetd (nvd.nist.gov/vuln/detail/CVE-2) so I will need to update the surl-server Apple II proxy image. It has telnetd enabled (on localhost only, so is only accessible via the Apple II's serial port and you're probably already root on it)

  • 1
  • 3
  • 0
  • 11h ago
Profile picture
hrbrmstr 🇺🇦 🇬🇱 🇨🇦 @hrbrmstr

I shot a 📄 to the team to 👀 later today but we've seen some activity on the recent Inetutils Telnetd -f Auth Bypass vuln (CVE-2026-24061) — viz.greynoise.io/tags/inetutil

We stood up some full vulnerable systems and a cpl IPs only hit those, so the targeting precision was oddly fast.

If they don't do a main GN blog I'll post deets on the Labs blog (I'm OOO today).

Rly glad this was a nothingburger.

Spidey-sense says something yuge (not related to this) is coming soon tho. The internet feels “off”.

  • 1
  • 2
  • 0
  • 21h ago
Profile picture
Sam Stepanyan :verified: 🐘 @securestep9

: Critical telnetd CVE-2026-24061 Lets Attackers Bypass Login and Gain Root Access on systems running GNU InetUtils since version 1.9.3 up to and including version 2.7.

The vulnerability went unnoticed for nearly 11 years.

👇
thehackernews.com/2026/01/crit

  • 0
  • 0
  • 0
  • 7h ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
🚨 Debian Sysadmins & DevOps Engineers: Critical Alert! 🚨 A new security vulnerability (CVE-2026-24061) allows login bypass in Debian's telnetd. Read more: 👉 tinyurl.com/msu78nj8 #Debian #Securtity
  • 0
  • 1
  • 0
  • 16h ago
Profile picture
Information Security Briefly @infosecbriefly.bsky.social
A trivial argument-injection in GNU InetUtils telnetd (CVE-2026-24061) allows remote attackers to bypass authentication and gain root access; active exploitation observed.
  • 0
  • 0
  • 0
  • 16h ago

CVE-2025-59718

Overview

  • Fortinet
  • FortiOS
09 Dec 2025
Published
14 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
2.27%
KEV

Description

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

Statistics

  • 9 Posts
  • 10 Interactions
Last activity: 10 hours ago

Fediverse

Profile picture
benzogaga33 :verified: @benzogaga33

CVE-2025-59718 – Des firewalls FortiGate piratés malgré l’installation des derniers patchs it-connect.fr/cve-2025-59718-d #ActuCybersécurité #Cybersécurité #Vulnérabilité #Fortinet

  • 0
  • 0
  • 0
  • 18h ago
Profile picture
TechNadu @technadu

Fortinet FortiGate admins are observing exploitation patterns consistent with CVE-2025-59718 even on patched systems, suggesting incomplete mitigation in earlier updates.

Reports include SSO-based admin creation and activity aligned with previously documented attacks. Additional FortiOS releases are expected.

The situation reinforces the need for defense-in-depth around identity, logging, and privileged access.

Source: bleepingcomputer.com/news/secu

Follow @technadu for neutral, operationally focused security reporting.

  • 0
  • 0
  • 0
  • 16h ago
Profile picture
CERT.at @CERT_at

New Blogpost: Look at FortiCloud SSO Bypass Exploitation (CVE-2025-59718/59719)
cert.at/en/blog/2026/1/look-at

  • 0
  • 0
  • 0
  • 10h ago
Profile picture
CERT-Bund @certbund

Kritische Schwachstellen (CVE-2025-59718, CVE-2025-59719) in Fortinet Firewall-Systemen ermöglichen entfernten Angreifenden, eine Authentifizierung mittels FortiCloud SSO zu umgehend und darüber administrativen Zugriff auf die Konfiguration der Firewall-Systeme zu erlangen.

Berichten zufolge werden aktuell in größerem Umfang weiterhin Fortinet-Firewalls kompromittiert, da die am 09.12.2025 zur Verfügung gestellten Patches die Schwachstelle nicht vollständig schließen.

bleepingcomputer.com/news/secu

  • 6
  • 4
  • 0
  • 13h ago
Profile picture
:mastodon: decio @decio

Si vous administrez des FortiGate/FortiOS : des admins signalent un contournement du patch de la vulnérabilité critique CVE-2025-59718 (FortiCloud SSO fortiguard.fortinet.com/psirt/ ) → compromission possible même sur des firewalls « patchés » (ex. 7.4.9/7.4.10).

( reddit.com/r/fortinet/comments )

Préreq : “Allow administrative login using FortiCloud SSO” activé (souvent après enregistrement FortiCare).

Mitigation : désactiver admin-forticloud-sso-login + restreindre l’accès admin + vérifier logs/nouveaux comptes.

Chaîne d'exploitation: CVE-2025-59718 (+ CVE-2025-59719 côté FortiWeb) ➡️ envoi de messages SAML forgés ➡️ bypass de vérification de signature ➡️ accès admin non autorisé.

[Références]
"Fortinet admins report patched FortiGate firewalls getting hacked"
👇
bleepingcomputer.com/news/secu

( cyberveille.ch/posts/2026-01-2)

💬
⬇️
infosec.pub/post/40878137

  • 0
  • 0
  • 0
  • 21h ago

Bluesky

Profile picture
GuardingPearSoftware @guardingpearsof.bsky.social
Fortinet customers are reporting that attackers are exploiting a previously fixed vulnerability (CVE-2025-59718) to hack patched firewalls. https://www.bleepingcomputer.com/news/security/fortinet-admins-report-patched-fortigate-firewalls-getting-hacked/
  • 0
  • 0
  • 1
  • 21h ago
Profile picture
ohhara @shiojiri.com
パッチ済みのFortiGateがCVE-2025-59718経由で侵害された:管理者らが報告 | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/43521/
  • 0
  • 0
  • 0
  • 21h ago
Profile picture
Information Security Briefly @infosecbriefly.bsky.social
Automated attackers exploit Fortinet SSO vulnerabilities (CVE-2025-59718, CVE-2025-59719) to create accounts, enable VPN access, and exfiltrate firewall configurations.
  • 0
  • 0
  • 0
  • 22h ago

CVE-2026-22200

Overview

  • Enhancesoft
  • osTicket
12 Jan 2026
Published
22 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.22%
KEV

Description

Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficiently sanitized before being processed by the mPDF PDF generator during export. When the attacker exports the ticket to PDF, the generated PDF can embed the contents of attacker-selected files from the server filesystem as bitmap images, allowing disclosure of sensitive local files in the context of the osTicket application user. This issue is exploitable in default configurations where guests may create tickets and access ticket status, or where self-registration is enabled.

Statistics

  • 4 Posts
  • 9 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture
CERT-Bund @certbund

Die Schwachstelle CVE-2026-22200 in der Default-Konfiguration des Open-Source Ticket-Systems "osTicket" kann von entfernten Angreifenden durch Übermittlung eines speziell präparierten Tickets ausgenutzt werden, um ggf. sensible Daten aus dem Dateisystem des Servers auszuspähen.

Betroffen sind die Versionen 1.17.x < 1.17.7 und 1.18.x < 1.18.3.

CERT-Bund informiert deutsche Netzbetreiber ab heute zu verwundbaren Systemen in ihren Netzen. Aktuell sind uns rund 250 betroffene Systeme bekannt.

  • 4
  • 5
  • 0
  • 15h ago
Profile picture
geeknik @geeknik

Helpdesk prints your secrets as art: smuggle a php:// filter into a ticket, export PDF, peel the BMP, win the salt, forge every link. Patch? That’s just the receipt.
horizon3.ai/attack-research/at

  • 0
  • 0
  • 0
  • 10h ago
Profile picture
buherator @buherator
[RSS] Ticket to Shell: Exploiting PHP Filters and CNEXT in osTicket (CVE-2026-22200)

https://horizon3.ai/attack-research/attack-blogs/ticket-to-shell-exploiting-php-filters-and-cnext-in-osticket-cve-2026-22200/
  • 0
  • 0
  • 0
  • 9h ago

Bluesky

Profile picture
buherator @buherator.bsky.social
[RSS] Ticket to Shell: Exploiting PHP Filters and CNEXT in osTicket (CVE-2026-22200) horizon3.ai -> Original->
  • 0
  • 0
  • 0
  • 9h ago

CVE-2026-20045

Overview

  • Cisco
  • Cisco Unified Communications Manager
21 Jan 2026
Published
22 Jan 2026
Updated
CVSS v3.1
HIGH (8.2)
EPSS
1.76%
KEV

Description

A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM &amp; Presence Service (Unified CM IM&amp;P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker&nbsp;to execute arbitrary commands on the underlying operating system of an affected device.&nbsp; This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root.

Statistics

  • 4 Posts
Last activity: 12 hours ago

Bluesky

Profile picture
ohhara @shiojiri.com
Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex https://thehackernews.com/2026/01/cisco-fixes-actively-exploited-zero-day.html
  • 0
  • 0
  • 0
  • 21h ago
Profile picture
BaseFortify.eu @basefortify.bsky.social
🚨 Critical Cisco vulnerability uncovered: CVE-2026-20045 enables unauthenticated remote command execution on core Cisco UC systems. Full analysis: basefortify.eu/cve_reports/... #CVE #Cisco #Infosec #CyberSecurity 🔐
  • 0
  • 0
  • 0
  • 20h ago
Profile picture
Information Security Briefly @infosecbriefly.bsky.social
Critical zero-day CVE-2026-20045 in Cisco Unified Communications web management enables unauthenticated remote code execution and is being exploited; apply vendor fixes immediately.
  • 0
  • 0
  • 0
  • 18h ago
Profile picture
Information Security Briefly @infosecbriefly.bsky.social
Critical RCE vulnerability CVE-2026-20045 affects Cisco Unified Communications products, is actively exploited, and patches have been released; CISA added it to its exploited vulnerabilities catalog.
  • 0
  • 0
  • 0
  • 12h ago

CVE-2025-59719

Overview

  • Fortinet
  • FortiWeb
09 Dec 2025
Published
14 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.08%
KEV

Description

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

Statistics

  • 3 Posts
  • 10 Interactions
Last activity: 13 hours ago

Fediverse

Profile picture
CERT-Bund @certbund

Kritische Schwachstellen (CVE-2025-59718, CVE-2025-59719) in Fortinet Firewall-Systemen ermöglichen entfernten Angreifenden, eine Authentifizierung mittels FortiCloud SSO zu umgehend und darüber administrativen Zugriff auf die Konfiguration der Firewall-Systeme zu erlangen.

Berichten zufolge werden aktuell in größerem Umfang weiterhin Fortinet-Firewalls kompromittiert, da die am 09.12.2025 zur Verfügung gestellten Patches die Schwachstelle nicht vollständig schließen.

bleepingcomputer.com/news/secu

  • 6
  • 4
  • 0
  • 13h ago
Profile picture
:mastodon: decio @decio

Si vous administrez des FortiGate/FortiOS : des admins signalent un contournement du patch de la vulnérabilité critique CVE-2025-59718 (FortiCloud SSO fortiguard.fortinet.com/psirt/ ) → compromission possible même sur des firewalls « patchés » (ex. 7.4.9/7.4.10).

( reddit.com/r/fortinet/comments )

Préreq : “Allow administrative login using FortiCloud SSO” activé (souvent après enregistrement FortiCare).

Mitigation : désactiver admin-forticloud-sso-login + restreindre l’accès admin + vérifier logs/nouveaux comptes.

Chaîne d'exploitation: CVE-2025-59718 (+ CVE-2025-59719 côté FortiWeb) ➡️ envoi de messages SAML forgés ➡️ bypass de vérification de signature ➡️ accès admin non autorisé.

[Références]
"Fortinet admins report patched FortiGate firewalls getting hacked"
👇
bleepingcomputer.com/news/secu

( cyberveille.ch/posts/2026-01-2)

💬
⬇️
infosec.pub/post/40878137

  • 0
  • 0
  • 0
  • 21h ago

Bluesky

Profile picture
Information Security Briefly @infosecbriefly.bsky.social
Automated attackers exploit Fortinet SSO vulnerabilities (CVE-2025-59718, CVE-2025-59719) to create accounts, enable VPN access, and exfiltrate firewall configurations.
  • 0
  • 0
  • 0
  • 22h ago

CVE-2024-31884

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 20 hours ago

Fediverse

Profile picture
@teenigma

oss-sec: CVE-2024-31884 Ceph: Incorrect usage of certificate checking via Pybind

seclists.org/oss-sec/2026/q1/1

  • 2
  • 2
  • 0
  • 20h ago

CVE-2025-69766

Overview

  • Pending
21 Jan 2026
Published
22 Jan 2026
Updated
CVSS
Pending
EPSS
0.05%
KEV

Description

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remote code execution.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 13 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2025-69766 - Critical (9.8)

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remote code execution.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 2
  • 0
  • 0
  • 13h ago

CVE-2026-0920

Overview

  • choijun
  • LA-Studio Element Kit for Elementor
22 Jan 2026
Published
22 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.03%
KEV

Description

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajax_register_handle' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'lakit_bkrole' parameter during registration and gain administrator access to the site.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 21 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2026-0920 - Critical (9.8)

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajax_register_handle' function not restricting what user roles a user can...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 1
  • 1
  • 0
  • 21h ago

CVE-2025-48941

Overview

  • mybb
  • mybb
02 Jun 2025
Published
02 Jun 2025
Updated
CVSS v3.1
MEDIUM (5.3)
EPSS
0.05%
KEV

Description

MyBB is free and open source forum software. Prior to version 1.8.39, the search component does not validate permissions correctly, which allows attackers to determine the existence of hidden (draft, unapproved, or soft-deleted) threads containing specified text in the title. The visibility state (`mybb_threads.visible` integer column) of threads is not validated in internal search queries, whose result is used to output a general success or failure of the search. While MyBB validates permissions when displaying the final search results, a search operation that internally produces at least one result outputs a redirect response (as a HTTP redirect, or a success message page with delayed redirect, depending on configuration). On the other hand, a search operation that internally produces no results outputs a corresponding message in the response without a redirect. This allows a user to determine whether threads matching title search parameters exist, including draft threads (`visible` with a value of `-2`), soft-deleted threads (`visible` with a value of `-1`), and unapproved threads (`visible` with a value of `0`); in addition to displaying generally visible threads (`visible` with a value of `1`). This vulnerability does not affect other layers of permissions. In order to exploit the vulnerability, the user must have access to the search functionality, and general access to forums containing the thread(s). The vulnerability does not expose the message content of posts. MyBB 1.8.39 resolves this issue.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 19 hours ago

Fediverse

Profile picture
buherator @buherator
[RSS] ReDisclosure: New technique for exploiting Full-Text Search in MySQL (myBB case study)

https://exploit.az/posts/wor/

CVE-2025-48941
  • 1
  • 0
  • 0
  • 19h ago

CVE-2025-13928

Overview

  • GitLab
  • GitLab
22 Jan 2026
Published
22 Jan 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
Pending
KEV

Description

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to cause a denial of service condition by exploiting incorrect authorization validation in API endpoints.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 13 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2025-13928 - High (7.5)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to cause a denial of service condition by exploiting incorrec...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 1
  • 0
  • 0
  • 13h ago
Showing 1 to 10 of 59 CVEs