Overview
- NetScaler
- ADC
23 Mar 2026
Published
24 Mar 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.02%
KEV
Description
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread
Statistics
- 8 Posts
- 3 Interactions
Last activity: 5 hours ago
Fediverse
CVE-2026-3055 : appliquez ce patch Citrix avant qu’il ne soit trop tard https://www.it-connect.fr/cve-2026-3055-appliquez-ce-patch-citrix-avant-quil-ne-soit-trop-tard/ #ActuCybersécurité #Vulnérabilités #Cybersécurité
March 26 Advisory: Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability [CVE-2026-3055] - Censys
Bluesky
🔐 CVE-2026-3055 : faille NetScaler ADC/Gateway similaire à Citrix Bleed, vol de jetons de session sans privilèges. Patch immédiat recommandé. Comment priorisez-vous ce type de correctif ? [lire]
🚨CVE-2026-3055 (CVSS 9.3) Unauth OOB read in Citrix NetScaler (SAML IDP)
🔎 #CensysARC observes 173K exposed Web Properties
⚠️ Attackers could read sensitive memory contents
🛠️ Patch now https://censys.com/advisory/cve-2026-3055/
📢 Citrix corrige deux vulnérabilités critiques dans NetScaler ADC et NetScaler Gateway
📝 ## 🛡️ Contexte
Publié le 26 mars 2026 par The Hacker New…
https://cyberveille.ch/posts/2026-03-26-citrix-corrige-deux-vulnerabilites-critiques-dans-netscaler-adc-et-netscaler-gateway/ #CVE_2026_3055 #Cyberveille
CVE-2026-3055: The CitrixBleed Sequel That Will Unleash Ransomware Chaos—Patch Now or Perish + Video
Introduction: History is repeating itself with terrifying precision. Just as the industry struggled to contain the fallout from CitrixBleed (CVE-2023-4966), a new memory overread vulnerability,…
Articles about Citrix NetScaler vulnerabilities CVE-2026-3055 and CVE-2026-4368 (26.3.2026) #patchmanagement
Overview
Description
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses attacker-controlled flow data (containing arbitrary Python code in node definitions) instead of the stored flow data from the database. This code is passed to exec() with zero sandboxing, resulting in unauthenticated remote code execution. This is distinct from CVE-2025-3248, which fixed /api/v1/validate/code by adding authentication. The build_public_tmp endpoint is designed to be unauthenticated (for public flows) but incorrectly accepts attacker-supplied flow data containing arbitrary executable code. This issue has been fixed in version 1.9.0.
Statistics
- 5 Posts
- 10 Interactions
Last activity: 8 hours ago
Fediverse
Bluesky
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework for building AI agents.
CISA reports active exploitation of CVE-2026-33017, a critical code injection flaw in Langflow AI-agent framework enabling unauthenticated remote Python code execution. Upgrade to Langflow 1.9.0 recommended. #Langflow #CISA #USA
Overview
Description
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.
This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root.
Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced.
Statistics
- 4 Posts
Last activity: 14 hours ago
Fediverse
Cisco Secure FMC: Schwachstelle CVE-2026-20131 erlaubt Remote-Codeausführung – Updates verfügbar
Eine Sicherheitslücke mit dem höchstmöglichen CVSS-Wert von 10,0 betrifft Ciscos Secure Firewall Management Center (FMC). Angreifer können ohne Authentifizierung aus der Ferne beliebigen Code ausführen.
📰 Cisco Firewall Zero-Day Exploited by Interlock Ransomware for Over a Month Before Patch
🚨 ZERO-DAY: A critical Cisco Firewall flaw (CVE-2026-20131) was exploited by Interlock ransomware for 36 days before a patch. CISA has added it to the KEV catalog. Patch now and restrict management interface access! #0day #Ransomware #Cisco
Bluesky
Overview
- Oracle Corporation
- Oracle Identity Manager
20 Mar 2026
Published
24 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.06%
KEV
Description
Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: REST WebServices) and Oracle Web Services Manager product of Oracle Fusion Middleware (component: Web Services Security). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Identity Manager and Oracle Web Services Manager. Successful attacks of this vulnerability can result in takeover of Oracle Identity Manager and Oracle Web Services Manager. Note: Oracle Web Services Manager is installed with an Oracle Fusion Middleware Infrastructure. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Statistics
- 2 Posts
Last activity: 10 hours ago
Bluesky
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
thehackernews.com/2026/03/orac...
Overview
- GNU
- inetutils
13 Mar 2026
Published
23 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.03%
KEV
Description
telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.
Statistics
- 2 Posts
Last activity: 17 hours ago
Fediverse
A 32-Year-Old Bug Walks Into A Telnet Server (GNU inetutils Telnetd CVE-2026-32746 Pre-Auth RCE) https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746/
Bluesky
Overview
- strongSwan
- strongSwan
23 Mar 2026
Published
25 Mar 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.12%
KEV
Description
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the failure to validate AVP length fields before subtraction to trigger excessive memory allocation or NULL pointer dereference, crashing the charon IKE daemon.
Statistics
- 2 Posts
Last activity: 8 hours ago
Fediverse
strongSwan CVE-2026-25075: Integer Underflow in VPN Authentication
https://bishopfox.com/blog/strongswan-cve-2026-25075-integer-underflow-in-vpn-authentication
Short summary: https://hackerworkspace.com/article/strongswan-cve-2026-25075-integer-underflow-in-vpn-authentication
Overview
- Grassroots
- Grassroots DICOM (GDCM)
26 Mar 2026
Published
26 Mar 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
Pending
KEV
Description
A memory leak exists in the Grassroots DICOM library (GDCM). The bug occurs when parsing malformed DICOM files with non-standard VR types in file meta information. The vulnerability leads to vast memory allocations and resource depletion, triggering a denial-of-service condition. A maliciously crafted file can fill the heap in a single read operation without properly releasing it.
Statistics
- 2 Posts
Last activity: 18 hours ago
Fediverse
CVE-2026-3650 in Grassroots DICOM (GDCM):
• Memory leak via malformed DICOM parsing
• CVSS 7.5 → DoS risk
• No patch, no maintainer response
• Impacts healthcare imaging pipelines
Mitigate via isolation + strict input controls.
Source: https://www.hipaajournal.com/grassroots-dicom-vulnerability-march-2026/
Follow @technadu for more.
Overview
Description
In the Linux kernel, the following vulnerability has been resolved:
net/packet: fix a race in packet_set_ring() and packet_notifier()
When packet_set_ring() releases po->bind_lock, another thread can
run packet_notifier() and process an NETDEV_UP event.
This race and the fix are both similar to that of commit 15fe076edea7
("net/packet: fix a race in packet_bind() and packet_notifier()").
There too the packet_notifier NETDEV_UP event managed to run while a
po->bind_lock critical section had to be temporarily released. And
the fix was similarly to temporarily set po->num to zero to keep
the socket unhooked until the lock is retaken.
The po->bind_lock in packet_set_ring and packet_notifier precede the
introduction of git history.
Statistics
- 1 Post
- 5 Interactions
Last activity: 15 hours ago
Overview
- open-telemetry
- opentelemetry-java-instrumentation
27 Mar 2026
Published
27 Mar 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
Pending
KEV
Description
OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.26.1, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK version 16 and earlier, an attacker with network access to a JMX or RMI port on an instrumented JVM could exploit this to potentially achieve remote code execution. All three of the following conditions must be true to exploit this vulnerability: First, OpenTelemetry Java instrumentation is attached as a Java agent (`-javaagent`) on Java 16 or earlier. Second, JMX/RMI port has been explicitly configured via `-Dcom.sun.management.jmxremote.port` and is network-reachable. Third, gadget-chain-compatible library is present on the classpath. This results in arbitrary remote code execution with the privileges of the user running the instrumented JVM. For JDK >= 17, no action is required, but upgrading is strongly encouraged. For JDK < 17, upgrade to version 2.26.1 or later. As a workaround, set the system property `-Dotel.instrumentation.rmi.enabled=false` to disable the RMI integration.
Statistics
- 1 Post
- 3 Interactions
Last activity: 3 hours ago
Fediverse
🚨 CRITICAL: CVE-2026-33701 affects opentelemetry-java-instrumentation <2.26.1. Unauthenticated RCE possible on Java ≤16 via unsafe RMI deserialization. Upgrade to 2.26.1+ or disable RMI now! Details: https://radar.offseq.com/threat/cve-2026-33701-cwe-502-deserialization-of-untruste-08578920 #OffSeq #Java #RCE #Vuln
Overview
Description
Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.
Statistics
- 2 Posts
- 1 Interaction
Last activity: 12 hours ago
Fediverse
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit https://thehackernews.com/2026/03/ubuntu-cve-2026-3888-bug-lets-attackers.html