24h | 7d | 30d

Overview

  • InternLM
  • lmdeploy

20 Apr 2026
Published
21 Apr 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.03%

KEV

Description

LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery (SSRF) vulnerability in LMDeploy's vision-language module. The `load_image()` function in `lmdeploy/vl/utils.py` fetches arbitrary URLs without validating internal/private IP addresses, allowing attackers to access cloud metadata services, internal networks, and sensitive resources. Version 0.12.3 patches the issue.

Statistics

  • 6 Posts
  • 19 Interactions

Last activity: 2 hours ago

Fediverse

Profile picture fallback

An SSRF bug in an LLM deployment server got exploited 12 hours after it was patched

sysdig.com/blog/cve-2026-33626

  • 7
  • 6
  • 0
  • 17h ago
Profile picture fallback

⚠️ LMDeploy flaw exploited within 12.5 hours of disclosure.

The SSRF bug let attackers hit AWS metadata, Redis, and internal services via the image loader to scan networks and access data.

WordPress plugin bugs are also being used for full site takeovers.

🔗 Read → thehackernews.com/2026/04/lmde

  • 0
  • 1
  • 0
  • 4h ago

Bluesky

Profile picture fallback
Une faille critique (CVE-2026-33626, CVSS 7.5) dans LMDeploy, un outil open-source pour le déploiement de LLMs, est activement exploitée dans la nature moins de 13h après sa divulgation ! Il s’agit d’une vulnérabilité SSRF permettant l’accès à des données sensibles thehackernews.com/2026/04/lmde...
  • 3
  • 2
  • 0
  • 2h ago
Profile picture fallback
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure https://thehackernews.com/2026/04/lmdeploy-cve-2026-33626-flaw-exploited.html
  • 0
  • 0
  • 1
  • 5h ago
Profile picture fallback
Threat actors exploited the critical SSRF bug in LMDeploy toolkit just 12 hours after its public disclosure. The vulnerability, CVE-2026-33626, […]
  • 0
  • 0
  • 0
  • 4h ago

Overview

  • Microsoft
  • Windows 10 Version 1607

14 Apr 2026
Published
24 Apr 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
0.10%

KEV

Description

Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.

Statistics

  • 6 Posts
  • 9 Interactions

Last activity: 2 hours ago

Fediverse

Profile picture fallback

CVE-2026-33824: Remote Code Execution in Windows IKEv2 - the folks from TrendAI Research break down this wormable bug that was patched last week. The show root cause & offer detection guidance. Read the details as zerodayinitiative.com/blog/202

  • 7
  • 0
  • 1
  • 22h ago
Profile picture fallback

En las últimas 24 horas, se reveló Fast16, un malware sigiloso con impacto nuclear histórico, mientras una grave falla en Windows IKEv2 fue parcheada urgentemente; además, una cadena de suministro comprometida afectó a Bitwarden CLI, un masivo robo de datos sacudió Francia, y avanzan ataques sofisticados con suplantación en Microsoft Teams y uso malicioso de software legítimo por Tropic Trooper. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática:

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 24/04/26 📆 |====

🔓 MALWARE FAST16 DESCIFRADO: AMENAZA SILENCIOSA AL PROGRAMA NUCLEAR DE IRÁN

Investigadores revelan Fast16, un código malicioso de 2005 capaz de manipular software de simulación crítica. Se sospecha que pudo haber sido empleado por EE. UU. o aliados para sabotajes encubiertos, precediendo a Stuxnet. Entender su funcionamiento permite fortalecer defensas contra malware avanzado y ataques dirigidos. Descubre todos los detalles sobre esta amenaza histórica y su impacto en la ciberseguridad nuclear. Conoce más sobre Fast16 y su análisis completo aquí 👉 djar.co/f2tf5

🛡️ CADENA DE SUMINISTRO COMPROMETIDA AFECTA A BITWARDEN CLI

Una campaña maliciosa aprovechó la plataforma Checkmarx para infiltrar malware en la versión 2026.4.0 de Bitwarden CLI, exponiendo secretos y distribuyendo código malicioso a usuarios confiables. Este incidente resalta la importancia crítica de auditar y proteger las cadenas de suministro de software, clave para la seguridad integral. Aprende cómo detectar y mitigar riesgos derivados de ataques en la cadena de suministro y protege tus credenciales. Más información relevante en 👉 djar.co/nYZn

⚠️ VULNERABILIDAD CRÍTICA EN WINDOWS IKEV2 (CVE-2026-33824) PERMITÍA EJECUCIÓN REMOTA DE CÓDIGO

Se identificó una falla grave en el servicio IKEv2 de Windows que posibilitaba la ejecución de código remoto, poniendo en riesgo la integridad de miles de sistemas. Microsoft lanzó un parche urgente que debe aplicarse de inmediato para evitar explotación activa. Descubre cómo funciona esta vulnerabilidad y las mejores prácticas para mantener tu entorno seguro frente a amenazas similares. Revisa el aviso de seguridad oficial aquí 👉 djar.co/qhEL

🇫🇷 INCIDENTE EN FRANCIA EXPONE DATOS PERSONALES DE 18 MILLONES DE CIUDADANOS

La Agencia Nacional de Seguridad Documental de Francia confirmó un acceso no autorizado que comprometió documentos de identidad y datos sensibles de millones de personas. Este incidente enfatiza la necesidad de reforzar controles y medidas de protección sobre bases de datos críticas a nivel estatal. Descubre el alcance del evento, las medidas adoptadas y consejos para proteger tus datos personales en escenarios de brechas masivas. Detalles completos en 👉 djar.co/VXYXb

👥 SUSTRACCIÓN DE DATOS CON SUPLANTACIÓN EN MICROSOFT TEAMS: MALWARE SNOW DE UNC6692

El grupo UNC6692 utilizó técnicas de impersonación en Microsoft Teams para engañar a empleados, desplegar el malware SNOW y exfiltrar información confidencial. Esta táctica demuestra la sofisticación en la ingeniería social y la explotación de plataformas de colaboración. Aprende a identificar señales de ataques de suplantación y cómo fortalecer la seguridad en entornos colaborativos para evitar filtraciones. Amplía la información y recomendaciones aquí 👉 djar.co/kQat

🐉 TROPIC TROOPER EMPLEA VERSIONES TROYANIZADAS DE SUMATRAPDF Y GITHUB PARA DESPLEGAR ADAPTIXC2

En 2024, el grupo Tropic Trooper desplegó el malware AdaptixC2 utilizando versiones manipuladas del lector SumatraPDF junto con canales de comando en GitHub, permitiendo acceso encubierto y persistente en redes comprometidas. Este caso resalta la amenaza que representan herramientas legítimas convertidas en vectores de ataque avanzados. Descubre cómo identificar y defenderte de estas campañas sofisticadas que combinan ingeniería de software y abuso de plataformas confiables. Conoce todos los detalles aquí 👉 djar.co/SnJilf

  • 1
  • 1
  • 0
  • 2h ago
Profile picture fallback
  • 0
  • 0
  • 0
  • 20h ago

Bluesky

Profile picture fallback
ZDIによる今月のWU、IKEv2脆弱性の解析。基本的にFWでブロックし、既知でIKE、NAT-TネゴするところはIP指定で制限したほうがよい、と:Zero Day Initiative — CVE-2026-33824: Remote Code Execution in Windows IKEv2 https://www.zerodayinitiative.com/blog/2026/4/22/cve-2026-33824-remote-code-execution-in-windows-ikev2
  • 0
  • 0
  • 0
  • 12h ago
Profile picture fallback
Zero Day Initiative — CVE-2026-33824: Remote Code Execution in Windows IKEv2 https://www.zerodayinitiative.com/blog/2026/4/22/cve-2026-33824-remote-code-execution-in-windows-ikev2
  • 0
  • 0
  • 0
  • 6h ago

Overview

  • PackageKit
  • PackageKit

22 Apr 2026
Published
22 Apr 2026
Updated

CVSS v3.1
HIGH (8.8)
EPSS
0.02%

KEV

Description

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5. A local unprivileged user can install arbitrary RPM packages as root, including executing RPM scriptlets, without authentication. The vulnerability is a TOCTOU race condition on `transaction->cached_transaction_flags` combined with a silent state-machine guard that discards illegal backward transitions while leaving corrupted flags in place. Three bugs exist in `src/pk-transaction.c`: 1. Unconditional flag overwrite (line 4036): `InstallFiles()` writes caller-supplied flags to `transaction->cached_transaction_flags` without checking whether the transaction has already been authorized/started. A second call blindly overwrites the flags even while the transaction is RUNNING. 2. Silent state-transition rejection (lines 873–882): `pk_transaction_set_state()` silently discards backward state transitions (e.g. `RUNNING` → `WAITING_FOR_AUTH`) but the flag overwrite at step 1 already happened. The transaction continues running with corrupted flags. 3. Late flag read at execution time (lines 2273–2277): The scheduler's idle callback reads cached_transaction_flags at dispatch time, not at authorization time. If flags were overwritten between authorization and execution, the backend sees the attacker's flags.

Statistics

  • 5 Posts
  • 4 Interactions

Last activity: 7 hours ago

Fediverse

Profile picture fallback

Here's a harmless little for the LPE vulnerability (CVE-2026-41651), by @br3zel and myself: codeberg.org/hillu/cve-2026-41
It was a lot of fun to piece together.

  • 0
  • 1
  • 0
  • 20h ago

Bluesky

Profile picture fallback
🧵Pack2TheRoot (CVE-2026-41651): nova vulnerabilitat crítica que afecta la majoria de distribucions Linux. Qualsevol usuari local sense privilegis pot obtenir accés root en cas d'explotar exitosament aquesta vulnerabilitat. Com? 👇🏾
  • 1
  • 2
  • 0
  • 7h ago
Profile picture fallback
📢 CVE-2026-41651 : Élévation de privilèges locale cross-distro via PackageKit (Pack2TheRoot) 📝 ## 🔍 Contexte Publié le 22 avril 2026 par l'éq… https://cyberveille.ch/posts/2026-04-23-cve-2026-41651-elevation-de-privileges-locale-cross-distro-via-packagekit-pack2theroot/ #CVE_2026_41651 #Cyberveille
  • 0
  • 0
  • 0
  • 22h ago
Profile picture fallback
🔴 Linux Alert — #Pack2TheRoot (CVE-2026-41651) A serious Linux flaw "Pack2TheRoot," lets any user a root access — with no password needed. It affects Ubuntu, Debian, Fedora, Rocky #Linux, and more. Read Details- www.cyberkendra.com/2026/04/pack... #security #infosec
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
Com solucionar-ho Actualitza PackageKit a la versió 1.3.5 o al backport específic de la teva distro: Versions de pedaç per distro: • Fedora 42–44: PackageKit-1.3.4-3 • Debian: tracker CVE-2026-41651 • Ubuntu: Launchpad CVE-2026-41651
  • 0
  • 0
  • 0
  • 7h ago

Overview

  • Microsoft
  • ASP.NET Core 10.0

21 Apr 2026
Published
24 Apr 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.04%

KEV

Description

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.

Statistics

  • 4 Posts

Last activity: 10 hours ago

Bluesky

Profile picture fallback
🛑 Microsoft a publié un patch pour une vulnérabilité dans ASP .NET CVE-2026-40372 - Faille de sécurité critique La nouvelle version remplace celle publiée il y a quelques jours lors du Patch Tuesday. Plus d'infos 👇 - www.it-connect.fr/microsoft-a-... #infosec #cybersecurite #windows
  • 0
  • 0
  • 0
  • 22h ago
Profile picture fallback
The latest update for #CyCognito includes "Emerging Threat: (CVE-2026-40372) ASP.NET Core Privilege Escalation via Signature Bypass" and "Emerging Threat: (CVE-2026-29145) Apache Tomcat Authentication Bypass". #cybersecurity #AttackSurfaceManagement #EASM https://opsmtrs.com/44Srq0X
  • 0
  • 0
  • 0
  • 10h ago

Overview

  • Apple
  • iOS and iPadOS

22 Apr 2026
Published
23 Apr 2026
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2. Notifications marked for deletion could be unexpectedly retained on the device.

Statistics

  • 2 Posts
  • 7 Interactions

Last activity: 11 hours ago

Fediverse

Profile picture fallback

Apple Patches iOS Notification Flaw (CVE-2026-28950) That Let the FBI Read Deleted Signal Messages
#CyberSecurity
securebulletin.com/apple-patch

  • 4
  • 0
  • 0
  • 22h ago
Profile picture fallback

Apple issues iOS/iPadOS 26.4.2 to fix a Notification Services bug (CVE-2026-28950) that could retain deleted-app notification previews — Signal says preserved fragments will be removed after users update. Install now: cyberinsider.com/apple-fixes-i 🔒📱 #iOS #Privacy #Security

  • 2
  • 1
  • 0
  • 11h ago

Overview

  • marimo-team
  • marimo

09 Apr 2026
Published
24 Apr 2026
Updated

CVSS v4.0
CRITICAL (9.3)
EPSS
45.53%

Description

marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSocket endpoints (e.g., /ws) that correctly call validate_auth() for authentication, the /terminal/ws endpoint only checks the running mode and platform support before accepting connections, completely skipping authentication verification. This vulnerability is fixed in 0.23.0.

Statistics

  • 3 Posts

Last activity: 9 hours ago

Fediverse

Profile picture fallback

Five critical self-hosted flaws landed April 20-22. Marimo pre-auth remote takeover (CVE-2026-39987, CVSS 9.3), exploited in 10 hours. Apache Airflow XCom. Spinnaker Echo. Jellystat SQL injection to takeover (CVE-2026-41167, 9.1). OpenVPN 2.7.2 fixed two. Three trace to injection. Across 14 compliant platforms I have architected, the audit finding is patch cadence, not availability. A 10-hour window makes quarterly cadence a breach timeline.

#CyberSecurity #SelfHosted #OpenSource #InfoSec

  • 0
  • 0
  • 0
  • 22h ago

Bluesky

Profile picture fallback
~Cisa~ CISA added CVE-2026-39987, a Marimo RCE vulnerability, to its KEV catalog due to active exploitation. - IOCs: CVE-2026-39987 - #CISA #CVE2026_39987 #ThreatIntel
  • 0
  • 0
  • 0
  • 17h ago
Profile picture fallback
CISAが既知の悪用された脆弱性を1件カタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Apr 23) CVE-2026-39987 Marimoのリモートコード実行の脆弱性 www.cisa.gov/news-events/...
  • 0
  • 0
  • 0
  • 9h ago

Overview

  • Cisco
  • Cisco Secure Firewall Adaptive Security Appliance (ASA) Software

25 Sep 2025
Published
26 Feb 2026
Updated

CVSS v3.1
MEDIUM (6.5)
EPSS
50.69%

Description

Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions. Cisco strongly recommends that all customers upgrade to the fixed software releases that are listed in the Fixed Software ["#fs"] section of this advisory. A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.

Statistics

  • 5 Posts
  • 2 Interactions

Last activity: 3 hours ago

Bluesky

Profile picture fallback
FIRESTARTER BackdoorはFirewallそのものを永続的な侵入基盤に変える攻撃です。 ・ファームウェア更新では除去されない ・ログに残らない ・ハード電源断でしか除去不可 CVE-2025-20333(認可不備) CVE-2025-20362(バッファオーバーフロー) 対象機器の特定(最優先) ・Cisco ASA / Firepower / FTD ・インターネット公開機器 パッチだけでは不十分 ・侵害前提で評価 ・過去に露出していたかが重要 フォレンジック前提 ・core dump取得 ・メモリ解析 ・YARA適用
  • 1
  • 1
  • 0
  • 3h ago
Profile picture fallback
~Cisa~ APT actors use the FIRESTARTER backdoor for persistent access on Cisco Firepower and Secure Firewall devices. - IOCs: CVE-2025-20333, CVE-2025-20362, FIRESTARTER - #Cisco #FIRESTARTER #ThreatIntel
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
~Talos~ UAT-4356 exploits Cisco Firepower n-days to deploy the FIRESTARTER backdoor. - IOCs: CVE-2025-20333, CVE-2025-20362, FIRESTARTER - #FIRESTARTER #ThreatIntel #UAT4356
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
UAT-4356 exploits FXOS n-day vulnerabilities CVE-2025-20333 and CVE-2025-20362 in Cisco Firepower devices to deploy the custom backdoor FIRESTARTER, enabling shellcode injection and persistent access. #FIRESTARTER #CiscoFXOS #USA
  • 0
  • 0
  • 0
  • 19h ago
Profile picture fallback
~Talos~ Phishing leads Q1 access vectors via AI tools, while UAT-4356 exploits Cisco Firepower to deploy FIRESTARTER. - IOCs: CVE-2025-20333, CVE-2025-20362, FIRESTARTER - #Malware #Phishing #ThreatIntel
  • 0
  • 0
  • 0
  • 17h ago

Overview

  • Cisco
  • Cisco Secure Firewall Adaptive Security Appliance (ASA) Software

25 Sep 2025
Published
26 Feb 2026
Updated

CVSS v3.1
CRITICAL (9.9)
EPSS
41.43%

Description

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device.

Statistics

  • 5 Posts
  • 2 Interactions

Last activity: 3 hours ago

Bluesky

Profile picture fallback
FIRESTARTER BackdoorはFirewallそのものを永続的な侵入基盤に変える攻撃です。 ・ファームウェア更新では除去されない ・ログに残らない ・ハード電源断でしか除去不可 CVE-2025-20333(認可不備) CVE-2025-20362(バッファオーバーフロー) 対象機器の特定(最優先) ・Cisco ASA / Firepower / FTD ・インターネット公開機器 パッチだけでは不十分 ・侵害前提で評価 ・過去に露出していたかが重要 フォレンジック前提 ・core dump取得 ・メモリ解析 ・YARA適用
  • 1
  • 1
  • 0
  • 3h ago
Profile picture fallback
~Cisa~ APT actors use the FIRESTARTER backdoor for persistent access on Cisco Firepower and Secure Firewall devices. - IOCs: CVE-2025-20333, CVE-2025-20362, FIRESTARTER - #Cisco #FIRESTARTER #ThreatIntel
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
~Talos~ UAT-4356 exploits Cisco Firepower n-days to deploy the FIRESTARTER backdoor. - IOCs: CVE-2025-20333, CVE-2025-20362, FIRESTARTER - #FIRESTARTER #ThreatIntel #UAT4356
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
UAT-4356 exploits FXOS n-day vulnerabilities CVE-2025-20333 and CVE-2025-20362 in Cisco Firepower devices to deploy the custom backdoor FIRESTARTER, enabling shellcode injection and persistent access. #FIRESTARTER #CiscoFXOS #USA
  • 0
  • 0
  • 0
  • 19h ago
Profile picture fallback
~Talos~ Phishing leads Q1 access vectors via AI tools, while UAT-4356 exploits Cisco Firepower to deploy FIRESTARTER. - IOCs: CVE-2025-20333, CVE-2025-20362, FIRESTARTER - #Malware #Phishing #ThreatIntel
  • 0
  • 0
  • 0
  • 17h ago

Overview

  • Pending

23 Jun 2025
Published
21 Apr 2026
Updated

CVSS
Pending
EPSS
20.00%

Description

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 and 10.0 and 10.1. A Cross-Site Scripting (XSS) vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information. This issue arises from insufficient sanitization of HTML content, specifically involving crafted tag structures and attribute values that include an @import directive and other script injection vectors. The vulnerability is triggered when a user views a crafted e-mail message in the Classic UI, requiring no additional user interaction.

Statistics

  • 2 Posts
  • 5 Interactions

Last activity: 4 hours ago

Bluesky

Profile picture fallback
We are scanning/reporting daily Zimbra Collaboration Suite instances vulnerable to CVE-2025-48700, that can allow unauthorized access to sensitive information. This vulnerability is exploited in the wild and on US CISA KEV. We see over 10.5K IPs unpatched 2026-04-23.
  • 2
  • 3
  • 0
  • 4h ago
Profile picture fallback
CVE-2025-48700 Tracker: dashboard.shadowserver.org/statistics/c... #CyberCivilDefense
  • 0
  • 0
  • 0
  • 4h ago

Overview

  • Microsoft
  • Microsoft Defender Antimalware Platform

14 Apr 2026
Published
24 Apr 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
3.82%

Description

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 22 hours ago

Fediverse

Profile picture fallback

🛡️ Microsoft Defender Elevation of Privilege Vulnerability
Description

🛡️ Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

cve.org/CVERecord?id=CVE-2026-

#Cybersecurity #CISA #Security #Microsoft

  • 1
  • 1
  • 0
  • 22h ago
Showing 1 to 10 of 43 CVEs