24h | 7d | 30d

Overview

  • Fortinet
  • FortiProxy

27 Jan 2026
Published
28 Jan 2026
Updated

CVSS v3.1
CRITICAL (9.4)
EPSS
16.45%

Description

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18, FortiProxy 7.6.0 through 7.6.4, FortiProxy 7.4.0 through 7.4.12, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.

Statistics

  • 26 Posts
  • 53 Interactions

Last activity: 2 hours ago

Fediverse

Profile picture

CVE-2026-24858

..... Allows an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts.....

fortiguard.fortinet.com/psirt/

  • 8
  • 10
  • 0
  • 14h ago
Profile picture

Fortinet hat ein Advisory zu einer neuen Schwachstelle CVE-2026-24858 in der FortiCloud-SSO-Implementierung veröffentlicht. Diese erlaubt es Angreifern mit einem FortiCloud-Konto und einem registrierten Gerät, sich bei anderen Geräten anzumelden, welche anderen Konten zugeordnet sind, sofern die FortiCloud-SSO-Authentifizierung auf diesen aktiviert wurde.
Patches sollten zeitnah installiert werden (sobald verfügbar). Das BSI hat entsprechend seinen Sicherheitshinweis aktualisiert.

  • 5
  • 7
  • 0
  • 7h ago
Profile picture

‼️CVE-2026-24858: Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability

Severity: Critical
CVSS: 9.8
Zero Day: Yes
CVE Published: January 27th, 2026

Advisory: github.com/advisories/GHSA-2x3

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS 7.6.0 through 7.6.5, FortiOS 7.4.0 through 7.4.10, FortiOS 7.2.0 through 7.2.12, FortiOS 7.0.0 through 7.0.18 may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.

  • 1
  • 3
  • 0
  • 21h ago
Profile picture

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager 7.4.0 through 7.4.9, FortiManager 7.2.0 through 7.2.11, FortiManager 7.0.0 through 7.0.15, FortiOS ...

🔗 db.gcve.eu/vuln/cve-2026-24858

#fortinet #vulnerabilitymanagement #cybersecurity

  • 0
  • 0
  • 0
  • 15h ago
Profile picture

CVE-2026-24858
An attacker with basic FortiCloud account and a registered device can log into other Fortinet devices. No, not their own devices. Devices registered to entirely different FortiCloud accounts.

  • 0
  • 0
  • 0
  • 11h ago
Profile picture

Fortinet confirms active exploitation of FortiCloud SSO auth bypass (CVE-2026-24858, CVSS 9.4).
Cross-customer access via trusted SSO paths observed.

SSO now blocked for vulnerable versions - patching required.

technadu.com/fortinet-temporar

  • 0
  • 0
  • 0
  • 6h ago
Profile picture

Here's a summary of recent important global, technology, and cybersecurity news:

Global: India has contained a Nipah virus outbreak (Jan 28, 2026). The EU approved a ban on Russian gas imports, effective from 2027 (Jan 27, 2026).

Technology: The EU is pressing Google to share AI and search data under new regulations (Jan 27, 2026). Samsung is nearing Nvidia approval for advanced HBM4 AI memory chips (Jan 27, 2026). Fujitsu developed AI for space weather prediction (Jan 28, 2026).

Cybersecurity: Microsoft issued emergency patches for an actively exploited Office zero-day vulnerability (CVE-2026-21509) (Jan 27, 2026). Fortinet patched a critical FortiOS SSO authentication bypass (CVE-2026-24858) under active exploitation (Jan 28, 2026). AI-powered polymorphic phishing attacks are also a growing concern (Jan 28, 2026).

#News #Anonymous #AnonNews_irc

  • 0
  • 0
  • 0
  • 11h ago

Bluesky

Profile picture
Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks by blocking FortiCloud SSO connections from devices running vulnerable firmware versions.
  • 6
  • 6
  • 0
  • 21h ago
Profile picture
CVE-2026-24858, a Fortinet authentication bypass vulnerability affecting multiple Fortinet products with FortiCloud SSO enabled, has been added by CISA to the KEV catalog. We share exposed Fortinet instances with FortiCloud SSO enabled daily in our feeds (~10 000 seen)
  • 3
  • 3
  • 0
  • 2h ago
Profile picture
#CISA Cyber Security Alerts & Advisories includes 26 Jan 2026 "five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog" & 27 Jan. Fortinet "CVE-2026-24858 Multiple Products Authentication Bypass" www.cisa.gov/news-events/... #cybersec #natsec #tech policy
  • 1
  • 0
  • 0
  • 4h ago
Profile picture
~Cisa~ CISA added a critical, actively exploited Fortinet authentication bypass vulnerability (CVE-2026-24858) to its KEV catalog. - IOCs: CVE-2026-24858 - #CVE202624858 #Fortinet #ThreatIntel
  • 0
  • 0
  • 1
  • 17h ago
Profile picture
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...
  • 0
  • 0
  • 0
  • 16h ago
Profile picture
A critical FortiOS SSO authentication-bypass (CVE-2026-24858) is actively exploited, affecting FortiOS, FortiManager, FortiAnalyzer; Fortinet is releasing updates and mitigating access.
  • 0
  • 0
  • 0
  • 15h ago
Profile picture
Vulnerabilità Fortinet CVE-2026-24858: Hacker Dentro le Reti con Credenziali Legittime 📌 Link all'articolo : www.redhotcyber.com/post/vul... A cura di Bajram Zeqiri #redhotcyber #news #cybersecurity #hacking #forticloud #sso #vulnerabilita #sicurezzainformatica
  • 0
  • 0
  • 0
  • 14h ago
Profile picture
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected https://thehackernews.com/2026/01/fortinet-patches-cve-2026-24858-after.html
  • 0
  • 0
  • 0
  • 14h ago
Profile picture
A FortiCloud SSO authentication bypass (CVE-2026-24858) was exploited in the wild; Fortinet released emergency patches for FortiOS, FortiManager, and FortiAnalyzer.
  • 0
  • 0
  • 0
  • 12h ago
Profile picture
🛑 Fortinet coupe le SSO en attendant les patchs pour la nouvelle faille zero-day : CVE-2026-24858 Les patchs arrivent.... ⌛ Tous les détails par ici 👇 - www.it-connect.fr/fortinet-cou... #infosec #fortinet #cybersecurite
  • 0
  • 0
  • 0
  • 12h ago
Profile picture
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected - https://mwyr.es/SlufrYmg #thn #infosec
  • 0
  • 0
  • 0
  • 11h ago
Profile picture
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected reconbee.com/fortinet-pat... #fortninet #FortiOS #SSO #cybersecurity #cyberattack
  • 0
  • 0
  • 0
  • 8h ago
Profile picture
Fortinet disabled FortiCloud SSO after confirming active exploitation of a critical auth bypass (CVE-2026-24858). Attackers abused SSO trust to access unrelated customer devices. Upgrades are now mandatory for SSO use. #CyberSecurity #Fortinet #CVE #InfoSec
  • 0
  • 0
  • 0
  • 5h ago
Profile picture
Fortinet's FortiCloud SSO has a critical authentication-bypass (CVE-2026-24858) exploited in the wild; patches are incomplete and customers must upgrade or disable vulnerable SSO connections.
  • 0
  • 0
  • 0
  • 4h ago
Profile picture
Title: Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858
  • 0
  • 0
  • 1
  • 2h ago

Overview

  • Microsoft
  • Microsoft Office 2019

26 Jan 2026
Published
27 Jan 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
13.01%

Description

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.

Statistics

  • 16 Posts
  • 7 Interactions

Last activity: 3 hours ago

Fediverse

Profile picture
[RSS] Micropatches Released for Microsoft Office Security Feature Bypass Vulnerability (CVE-2026-21509)

https://blog.0patch.com/2026/01/micropatches-released-for-microsoft.html
  • 1
  • 1
  • 0
  • 3h ago
Profile picture

Microsoft has rushed out an emergency security update for Office (CVE‑2026‑21509) after confirming the flaw is already being exploited in the wild. 🔐

The high‑severity security feature bypass lets attackers bypass OLE protections and run malicious code via specially crafted Office files. 📄⚠️

👉 Microsoft issues emergency fix for actively exploited Office flaw:
cyberinsider.com/microsoft-iss
#Microsoft #Office #Security #CVE202621509 #PatchNow

Threre is also #OnlyOffice

onlyoffice.com/download-desktop

  • 1
  • 0
  • 0
  • 12h ago
Profile picture

Here's a summary of recent important global, technology, and cybersecurity news:

Global: India has contained a Nipah virus outbreak (Jan 28, 2026). The EU approved a ban on Russian gas imports, effective from 2027 (Jan 27, 2026).

Technology: The EU is pressing Google to share AI and search data under new regulations (Jan 27, 2026). Samsung is nearing Nvidia approval for advanced HBM4 AI memory chips (Jan 27, 2026). Fujitsu developed AI for space weather prediction (Jan 28, 2026).

Cybersecurity: Microsoft issued emergency patches for an actively exploited Office zero-day vulnerability (CVE-2026-21509) (Jan 27, 2026). Fortinet patched a critical FortiOS SSO authentication bypass (CVE-2026-24858) under active exploitation (Jan 28, 2026). AI-powered polymorphic phishing attacks are also a growing concern (Jan 28, 2026).

#News #Anonymous #AnonNews_irc

  • 0
  • 0
  • 0
  • 11h ago

Bluesky

Profile picture
‼️Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation Microsoft has issued an out-of-band emergency patch for a high-severity Microsoft Office zero-day, CVE-2026-21509 (CVSS 7.8), which is being actively exploited.
  • 1
  • 3
  • 1
  • 13h ago
Profile picture
攻撃を受けている:Microsoft、実環境で悪用されたOfficeゼロデイ脆弱性(CVE-2026-21509)を修正 Under Attack: Microsoft Patches Office Zero-Day (CVE-2026-21509) Exploited in the Wild #DailyCyberSecurity (Jan 27) securityonline.info/under-attack...
  • 0
  • 0
  • 0
  • 23h ago
Profile picture
マイクロソフト、Office のゼロデイ脆弱性を積極的に悪用される脆弱性を公開、緊急修正を提供 (CVE-2026-21509) Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509) #HelpNetSecurity (Jan 27) www.helpnetsecurity.com/2026/01/27/m...
  • 0
  • 0
  • 0
  • 23h ago
Profile picture
Microsoft Office ゼロデイ脆弱性 (CVE-2026-21509) - アクティブな悪用に対する緊急パッチがリリースされました Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation #HackerNews (Jan 27) thehackernews.com/2026/01/micr...
  • 0
  • 0
  • 0
  • 23h ago
Profile picture
Microsoft、1月のアップデート後不具合やOfficeへのゼロデイ脆弱性を修正(CVE-2026-21509) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #サイバー攻撃 #CybersecurityNews
  • 0
  • 0
  • 0
  • 22h ago
Profile picture
CVE-2026-21509 allows attackers to bypass Microsoft Office OLE security, enabling execution of embedded COM/OLE components via malicious documents, prompting emergency out-of-band updates.
  • 0
  • 0
  • 0
  • 22h ago
Profile picture
Microsoft on Monday issued out-of-band security patches for a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The vulnerability, tracked as CVE-2026-21509, carries a CVSS score of 7.8 out of 10.0.
  • 0
  • 0
  • 0
  • 13h ago
Profile picture
Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued For Active Exploitation - https://mwyr.es/NBH7EDof #thn #infosec
  • 0
  • 0
  • 1
  • 12h ago
Profile picture
~Sophos~ A high-severity Microsoft Office vulnerability is being actively exploited in the wild to bypass OLE security mitigations. - IOCs: CVE-2026-21509 - #CVE202621509 #MicrosoftOffice #ThreatIntel
  • 0
  • 0
  • 0
  • 8h ago
Profile picture
[RSS] Micropatches Released for Microsoft Office Security Feature Bypass Vulnerability (CVE-2026-21509) blog.0patch.com -> Original->
  • 0
  • 0
  • 0
  • 3h ago
Profile picture
SIGNALS WEEKLY: KEV speedrun of the week 🏁: Office CVE-2026-21509 + WinRAR CVE-2025-8088. Patch anyway… then protect sessions 🍪 (Teams QR/callback lures 📱, SSO/SAML token abuse). Read/subscribe: blog.alphahunt.io/signals-week... #AlphaHunt #KEV #WinRAR #Office
  • 0
  • 0
  • 0
  • 5h ago

Overview

  • win.rar GmbH
  • WinRAR

08 Aug 2025
Published
21 Oct 2025
Updated

CVSS v4.0
HIGH (8.4)
EPSS
2.98%

Description

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.

Statistics

  • 12 Posts
  • 2 Interactions

Last activity: 2 hours ago

Fediverse

Profile picture

WinRAR-Schwachstelle CVE-2025-8088: Staatsakteure und Cyberkriminelle nutzen Sicherheitslücke massiv aus

Bei CVE-2025-8088 handelt es sich um eine hochriskante Path-Traversal-Schwachstelle, die Angreifer durch Manipulation von Alternate Data Streams (ADS) ausnutzen können.

all-about-security.de/winrar-s

#ads
#cve #WinRAR #cybersecurity

  • 0
  • 0
  • 0
  • 7h ago

Bluesky

Profile picture
Espionage and financially motivated threat actors are exploiting critical WinRAR vulnerability CVE-2025-8088.
  • 0
  • 1
  • 0
  • 13h ago
Profile picture
Google’s Threat Intelligence Group warns WinRAR CVE-2025-8088 is still being exploited for initial access and payload delivery by both state-backed and financially motivated actors. The exploitation method allows files to be dropped into the Windows Startup folder. cloud.google.com/blog/topics/...
  • 0
  • 1
  • 0
  • 11h ago
Profile picture
Google Mandiant says the recent WinRAR flaw (CVE-2025-8088) is being widely exploited by a growing range of threat actors, expanding from Russian state-linked groups to Chinese espionage actors and financially motivated cybercriminals cloud.google.com/blog/topics/...
  • 0
  • 0
  • 0
  • 20h ago
Profile picture
WinRAR Vulnerability Actively Exploited by State and Criminal Hackers Multiple threat actors, including state-sponsored groups and financially motivated cybercriminals, are actively exploiting a high-severity WinRAR vulnerability tracked as CVE-2025-8088, according to new findings from the Google…
  • 0
  • 0
  • 0
  • 18h ago
Profile picture
A WinRAR path traversal vulnerability (CVE-2025-8088) enables arbitrary code execution via crafted RAR archives and has been widely exploited by state-sponsored and criminal actors.
  • 0
  • 0
  • 0
  • 11h ago
Profile picture
Attackers exploit WinRAR CVE-2025-8088 path-traversal flaw to drop payloads into Windows Startup for persistence, enabling varied malware and ransomware deployments.
  • 0
  • 0
  • 0
  • 10h ago
Profile picture
WinRAR-Schwachstelle CVE-2025-8088: Staatsakteure und Cyberkriminelle nutzen Sicherheitslücke massiv aus - . Die Lücke ermöglicht das Schreiben von Dateien an beliebige Systemorte beim Öffnen präparierter RAR-Archive mit anfälligen WinRAR-Versionen. www.all-about-security.de/winrar-schwa...
  • 0
  • 0
  • 0
  • 7h ago
Profile picture
⚙️🧠 CVE-2025-8088 abuses path traversal + Alternate Data Streams to drop files into the Windows Startup folder. Open archive → persistence on reboot. No zero-day. Just visibility gaps. #InfoSec #Malware #AttackTechniques #WindowsSecurity #CyberShield
  • 0
  • 0
  • 0
  • 6h ago
Profile picture
🚨Google confirms large-scale exploitation of a *known* WinRAR vulnerability (CVE-2025-8088) — months after a patch was released. Attackers still win when updates lag. Read our breakdown 👇 basefortify.eu/posts/2026/0... #CyberSecurity #ThreatIntel #WinRAR #CVE2025 #CyberShield
  • 0
  • 0
  • 0
  • 6h ago
Profile picture
CVE-2025-8088, a patched WinRAR path traversal flaw, continues to be exploited by state-aligned actors and criminals to deliver malware including RATs.
  • 0
  • 0
  • 0
  • 2h ago
Profile picture
SIGNALS WEEKLY: KEV speedrun of the week 🏁: Office CVE-2026-21509 + WinRAR CVE-2025-8088. Patch anyway… then protect sessions 🍪 (Teams QR/callback lures 📱, SSO/SAML token abuse). Read/subscribe: blog.alphahunt.io/signals-week... #AlphaHunt #KEV #WinRAR #Office
  • 0
  • 0
  • 0
  • 5h ago

Overview

  • OpenSSL
  • OpenSSL

27 Jan 2026
Published
27 Jan 2026
Updated

CVSS
Pending
EPSS
0.12%

KEV

Description

Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.

Statistics

  • 5 Posts
  • 3 Interactions

Last activity: 8 hours ago

Fediverse

Profile picture

Yes, there's RCE in 3.x, but thankfully it isn't in the HTTPS side of things:

"Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."

openssl-library.org/news/vulne

  • 1
  • 2
  • 0
  • 8h ago

Bluesky

Profile picture
OpenSSL patched twelve vulnerabilities including a high-severity stack buffer overflow (CVE-2025-15467) that can cause DoS or remote code execution.
  • 0
  • 0
  • 0
  • 13h ago
Profile picture
OpenSSL: 12 bug di sicurezza rilevati tra i quali una vulnerabilità critica 📌 Link all'articolo : www.redhotcyber.com/post/ope... A cura di Bajram Zeqiri #redhotcyber #news #cybersecurity #hacking #vulnerabilita #opessl #sicurezzainformatica #cve202515467
  • 0
  • 0
  • 0
  • 11h ago
Profile picture
https://openssl-library.org/news/vulnerabilities/#CVE-2025-15467 OpenSSLのセキュリティ脆弱性に関する情報を提供しています。 脆弱性の詳細、影響を受けるバージョン、修正方法などが記載されています。 最新のOpenSSLバージョンへのアップデートを推奨しています。
  • 0
  • 0
  • 0
  • 10h ago
Profile picture
OpenSSLの脆弱性(High: CVE-2025-15467, Moderate: CVE-2025-11187, Low: CVE-2025-15468等, CVE-2026-22795, CVE-2026-22796)と新バージョン(3.6.1, 3.5.5, 3.4.4, 3.3.6, 3.0.19) #sios_tech #security #vulnerability #セキュリティ #脆弱性 #ssl #openssl security.sios.jp/vulnerabilit...
  • 0
  • 0
  • 0
  • 21h ago

Overview

  • GNU
  • Inetutils

21 Jan 2026
Published
27 Jan 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
34.45%

Description

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

Statistics

  • 5 Posts
  • 23 Interactions

Last activity: Last hour

Fediverse

Profile picture

Nearly 800,000 #Telnet servers exposed to remote attacks

The security flaw (CVE-2026-24061) already has a proof-of-concept exploit, impacts GNU InetUtils versions 1.9.3 (released in 2015) through 2.7, and was patched in version 2.8 (released on January 20).

bleepingcomputer.com/news/secu

  • 10
  • 9
  • 0
  • Last hour
Profile picture

🚨 Critical #Telnet Authentication Bypass Vulnerability Discovered #CVE202624061 #cybersecurity #infosec #DevOps #security

🔓 #GNU Inetutils telnetd through version 2.7 allows remote authentication bypass via "-f root" USER environment variable

⚡ The exploit is shockingly simple: attackers send "-f root" as the USER value, triggering /usr/bin/login -f root which skips password authentication entirely

🧵 👇

  • 1
  • 2
  • 1
  • 2h ago
Profile picture

✅ Immediate action required: Update to GNU Inetutils 2.8+ or migrate to #SSH for secure remote access

nvd.nist.gov/vuln/detail/CVE-2

  • 0
  • 0
  • 0
  • 2h ago

Overview

  • nyariv
  • SandboxJS

27 Jan 2026
Published
28 Jan 2026
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
0.16%

KEV

Description

SandboxJS is a JavaScript sandboxing library. Versions prior to 0.8.26 have a sandbox escape vulnerability due to `AsyncFunction` not being isolated in `SandboxFunction`. The library attempts to sandbox code execution by replacing the global `Function` constructor with a safe, sandboxed version (`SandboxFunction`). This is handled in `utils.ts` by mapping `Function` to `sandboxFunction` within a map used for lookups. However, before version 0.8.26, the library did not include mappings for `AsyncFunction`, `GeneratorFunction`, and `AsyncGeneratorFunction`. These constructors are not global properties but can be accessed via the `.constructor` property of an instance (e.g., `(async () => {}).constructor`). In `executor.ts`, property access is handled. When code running inside the sandbox accesses `.constructor` on an async function (which the sandbox allows creating), the `executor` retrieves the property value. Since `AsyncFunction` was not in the safe-replacement map, the `executor` returns the actual native host `AsyncFunction` constructor. Constructors for functions in JavaScript (like `Function`, `AsyncFunction`) create functions that execute in the global scope. By obtaining the host `AsyncFunction` constructor, an attacker can create a new async function that executes entirely outside the sandbox context, bypassing all restrictions and gaining full access to the host environment (Remote Code Execution). Version 0.8.26 patches this vulnerability.

Statistics

  • 3 Posts
  • 1 Interaction

Last activity: 5 hours ago

Fediverse

Profile picture

🔴 CVE-2026-23830 - Critical (10)

SandboxJS is a JavaScript sandboxing library. Versions prior to 0.8.26 have a sandbox escape vulnerability due to `AsyncFunction` not being isolated in `SandboxFunction`. The library attempts to sandbox code execution by replacing the global `Func...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 1
  • 0
  • 0
  • 20h ago

Bluesky

Profile picture
見てる: "SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor · CVE-2026-23830 · GitHub Advisory Database" https://github.com/advisories/GHSA-wxhw-j4hc-fmq6
  • 0
  • 0
  • 0
  • 21h ago
Profile picture
Escaping the Matrix: A Deep Dive into SandboxJS RCE (CVE-2026–23830) https://medium.com/@meysam_bal-afkan/escaping-the-matrix-a-deep-dive-into-sandboxjs-rce-cve-2026-23830-1fbbca3f46fc?source=rss------bug_bounty-5
  • 0
  • 0
  • 0
  • 5h ago

Overview

  • VMware vCenter Server

18 Jun 2024
Published
24 Jan 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
79.02%

Description

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

Statistics

  • 2 Posts
  • 2 Interactions

Last activity: 5 hours ago

Bluesky

Profile picture
VMware vCenter Server ciblé par CVE-2024-37079, la CISA confirme une exploitation active - IT SOCIAL itsocial.fr/cybersecurit...
  • 0
  • 2
  • 0
  • 5h ago
Profile picture
VMware vCenter Serverの1年前の脆弱性(CVE-2024-37079)がKEVに追加 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #サイバー攻撃 #CybersecurityNews
  • 0
  • 0
  • 0
  • 20h ago

Overview

  • SolarWinds
  • Web Help Desk

28 Jan 2026
Published
28 Jan 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
0.87%

KEV

Description

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

Statistics

  • 3 Posts

Last activity: 4 hours ago

Fediverse

Profile picture

🔴 CVE-2025-40551 - Critical (9.8)

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without au...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 11h ago

Bluesky

Profile picture
CVE-2025-40551: SolarWinds WebHelpDesk RCE Deep-Dive and Indicators of Compromise
  • 0
  • 0
  • 1
  • 4h ago

Overview

  • checkpoint
  • Hramony SASE

14 Jan 2026
Published
14 Jan 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.01%

KEV

Description

A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory.

Statistics

  • 3 Posts

Last activity: Last hour

Fediverse

Profile picture

Check Point Harmony Secure Access Service Edge Has A Critical Local Privilege Escalation Flaw

Researchers have uncovered a critical privilege-escalation vulnerability, in Check Point’s Harmony Secure Access Service Edge Windows client software, tracked as CVE-2025-9142, that enables hackers to write or delete files outside the certificate working directory that could compromise systems. More info can be here: Jim Routh, Chief Trust Officer at Saviynt, commented: “This…

itnerd.blog/2026/01/28/check-p

  • 0
  • 0
  • 1
  • 1h ago

Bluesky

Profile picture
Advisory - Check Point Harmony Local Privilege Escalation (CVE-2025-9142)
  • 0
  • 0
  • 0
  • Last hour

Overview

  • Oracle Corporation
  • Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in

20 Jan 2026
Published
28 Jan 2026
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
0.04%

KEV

Description

Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Proxy Plug-in for IIS). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in. While the vulnerability is in Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in accessible data as well as unauthorized access to critical data or complete access to all Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in accessible data. Note: Affected version for Weblogic Server Proxy Plug-in for IIS is 12.2.1.4.0 only. CVSS 3.1 Base Score 10.0 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N).

Statistics

  • 2 Posts

Last activity: Last hour

Fediverse

Profile picture

Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop? isc.sans.edu/diary/rss/32662

  • 0
  • 0
  • 0
  • Last hour

Bluesky

Profile picture
Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop? https://isc.sans.edu/diary/32662
  • 0
  • 0
  • 0
  • 5h ago
Showing 1 to 10 of 82 CVEs