24h | 7d | 30d

Overview

  • Google
  • Chrome

12 Mar 2026
Published
14 Mar 2026
Updated

CVSS
Pending
EPSS
27.12%

Description

Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Statistics

  • 5 Posts
  • 7 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback

CISA still lists CVE-2026-3909 as a zero-day, even if Google removed it from its Chrome patch notes

So I presume it's still a zero-day, but patches are coming next week... instead of not being a zero-day in the first place

cisa.gov/news-events/alerts/20

chromereleases.googleblog.com/

  • 4
  • 3
  • 1
  • 19h ago
Profile picture fallback

Google Chrome: Zero-Day Exploits 2 und 3 (2026)

Dritter Monat, dritte bereits angegriffene Zero-Day Schwachstelle in Chrome. Wenn wir das extrapolieren, müssten in diesem Jahr zwölf solcher Fälle auftreten. - Google hat gerade Notfall-Updates für Chrome veröffentlicht und das NIST hat die US-Behörden angewiesen, die Updates bis spätestens zum 27. März zu installieren. Beide Sicherheitslücken können bereits beim Besuch einer präparierten Website eine Infektion auslösen, die schlimmstenfalls zu einer vollständigen Übernahme des Systems durch den Angreifer führt.

Die Lücke CVE-2026-3909 steckt in der Grafik-Komponente von Chrome. Deshalb betrifft sie Chrome auf sämtlichen

pc-fluesterer.info/wordpress/2

#Empfehlung #Warnung #0day #browser #chrome #exploits #google #sicherheit #zeroday

  • 0
  • 0
  • 0
  • Last hour

Bluesky

Profile picture fallback
Google、Chrome緊急アップデート公開 2件の高深刻度脆弱性を修正、いずれも既に悪用を確認(CVE-2026-3909,CVE-2026-3910) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 12h ago
Profile picture fallback
CISAが既知の悪用された脆弱性2件をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Mar 13) CVE-2026-3909 Google Skia 境界外書き込みの脆弱性 CVE-2026-3910 Google Chromium V8 特定されていない脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 10h ago

Overview

  • Veeam
  • Backup and Replication

12 Mar 2026
Published
13 Mar 2026
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
0.37%

KEV

Description

A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.

Statistics

  • 2 Posts

Last activity: 6 hours ago

Bluesky

Profile picture fallback
📢 Veeam corrige 4 failles RCE critiques dans Backup & Replication et appelle à une mise à jour immédiate 📝 Source: BleepingCompu… https://cyberveille.ch/posts/2026-03-15-veeam-corrige-4-failles-rce-critiques-dans-backup-replication-et-appelle-a-une-mise-a-jour-immediate/ #CVE_2026_21666 #Cyberveille
  • 0
  • 0
  • 0
  • 19h ago
Profile picture fallback
Veeam Backup & Replicationに複数の脆弱性 12系と13系で緊急修正(CVE-2026-21666,CVE-2026-21667,CVE-2026-21668) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 6h ago

Overview

  • kernel

25 Mar 2022
Published
02 Aug 2024
Updated

CVSS
Pending
EPSS
20.50%

KEV

Description

An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.

Statistics

  • 1 Post
  • 7 Interactions

Last activity: 21 hours ago

Bluesky

Profile picture fallback
Exploiting CVE-2022-0995 (Linux kernel OOB write in watch_queue) using the PageJack technique to create a page level UAF and overwrite struct file to gain LPE. blog.quarkslab.com/pagejack-in-... Credits Jean Vincent #infosec
  • 2
  • 5
  • 0
  • 21h ago

Overview

  • Foswiki

21 Feb 2026
Published
16 Mar 2026
Updated

CVSS v4.0
MEDIUM (6.9)
EPSS
0.06%

KEV

Description

A vulnerability was detected in Foswiki up to 2.1.10. The affected element is an unknown function of the component Changes/Viewfile/Oops. The manipulation results in information disclosure. It is possible to launch the attack remotely. The exploit is now public and may be used. Upgrading to version 2.1.11 is sufficient to fix this issue. The patch is identified as 31aeecb58b64/d8ed86b10e46. Upgrading the affected component is recommended.

Statistics

  • 1 Post
  • 3 Interactions

Last activity: 21 hours ago

Fediverse

Profile picture fallback

Foswi­ki 2.1.11 is now avail­able to be down­loaded. This re­lease came ear­li­er than ex­pect­ed due to the se­vere se­cu­ri­ty is­sues found in pre­vi­ous ver­sions, as de­tailed in CVE-2026-2861.

#foswiki #wiki #perl #opensource #release #cve #security

foswiki.org/Blog/Foswiki2111Is

  • 1
  • 2
  • 0
  • 21h ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 2 Posts
  • 2 Interactions

Last activity: 6 hours ago

Fediverse

Profile picture fallback

Your phone's "off" switch was never a lock.
CVE-2025-20435: 875M Android devices.
USB in. 60 seconds. PIN cracked, encryption stripped, before the OS even blinks.
Check your MediaTek chip. Patch now. Or hand-deliver your secrets.
forbes.com/sites/daveywinder/2

  • 1
  • 1
  • 1
  • 6h ago

Overview

  • OpenClaw
  • OpenClaw

01 Feb 2026
Published
03 Feb 2026
Updated

CVSS v3.1
HIGH (8.8)
EPSS
0.07%

KEV

Description

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 9 hours ago

Bluesky

Profile picture fallback
AWS Launches Managed Openclaw on Lightsail Amid Critical Security Vulnerabilities AWS launched managed OpenClaw on Lightsail for AI agent deployment while security concerns mount. The 250k-star GitHub project is affected by CVE-2026-25253, which enables one-click RCE,… Telegram AI Digest #ai #news
  • 0
  • 2
  • 0
  • 9h ago

Overview

  • NaturalIntelligence
  • fast-xml-parser

26 Feb 2026
Published
26 Feb 2026
Updated

CVSS v4.0
LOW (2.7)
EPSS
0.05%

KEV

Description

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with `preserveOrder:true`. Version 5.3.8 fixes the issue. As a workaround, use XML builder with `preserveOrder:false` or check the input data before passing to builder.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 23 hours ago

Bluesky

Profile picture fallback
🔍 Lambda Watchdog detected that CVE-2026-27942 is no longer present in latest AWS Lambda base image scans. https://github.com/aws/aws-lambda-base-images/issues/430 #AWS #Lambda #Security #CVE #DevOps #SecOps
  • 0
  • 1
  • 0
  • 23h ago

Overview

  • Tiandy
  • Easy7 Integrated Management Platform

15 Mar 2026
Published
15 Mar 2026
Updated

CVSS v4.0
MEDIUM (6.9)
EPSS
Pending

KEV

Description

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 15 hours ago

Fediverse

Profile picture fallback

⚠️ MEDIUM severity: Tiandy Easy7 Integrated Management Platform 7.17.0 has a missing authentication bug (CVE-2026-4187) in Device Identifier Handler. Public exploit exists. No vendor fix yet — review exposure & restrict access. radar.offseq.com/threat/cve-20

  • 0
  • 1
  • 0
  • 15h ago

Overview

  • Microsoft
  • Windows Server 2008 R2 Service Pack 1

13 Jan 2026
Published
26 Feb 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.08%

KEV

Description

Improper access control in Windows Deployment Services allows an unauthorized attacker to execute code over an adjacent network.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 2 hours ago

Bluesky

Profile picture fallback
Microsoft is discontinuing automatic Windows network deployments via WDS and Unattend.xml due to security vulnerability CVE-2026-0386 that allows attackers to execute unauthorized code and steal credentials.
  • 0
  • 1
  • 0
  • 2h ago

Overview

  • TRENDnet
  • TEW-632BRP

15 Mar 2026
Published
15 Mar 2026
Updated

CVSS v4.0
HIGH (8.6)
EPSS
0.04%

KEV

Description

A vulnerability was detected in TRENDnet TEW-632BRP 1.010B32. This affects an unknown part of the file /ping_response.cgi of the component HTTP POST Request Handler. The manipulation of the argument ping_ipaddr results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 21 hours ago

Fediverse

Profile picture fallback

🚩 HIGH severity: CVE-2026-4172 in TRENDnet TEW-632BRP (v1.010B32) — stack-based buffer overflow in /ping_response.cgi (ping_ipaddr). Public exploit, no patch. Isolate, restrict access, and monitor now! radar.offseq.com/threat/cve-20

  • 0
  • 1
  • 0
  • 21h ago
Showing 1 to 10 of 50 CVEs