24h | 7d | 30d

CVE-2025-38617

Overview

  • Linux
  • Linux
22 Aug 2025
Published
18 Mar 2026
Updated
CVSS
Pending
EPSS
0.01%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix are both similar to that of commit 15fe076edea7 ("net/packet: fix a race in packet_bind() and packet_notifier()"). There too the packet_notifier NETDEV_UP event managed to run while a po->bind_lock critical section had to be temporarily released. And the fix was similarly to temporarily set po->num to zero to keep the socket unhooked until the lock is retaken. The po->bind_lock in packet_set_ring and packet_notifier precede the introduction of git history.

Statistics

  • 1 Post
  • 5 Interactions
Last activity: 17 hours ago

Bluesky

Profile picture fallback
0xor0ne @0xor0ne.bsky.social
Exploiting a use-after-free vulnerability in the Linux kernel’s packet socket subsystem, caused by a race condition between packet_set_ring() and packet_notifier() (CVE-2025-38617) blog.calif.io/p/a-race-wit... #infosec
  • 2
  • 3
  • 0
  • 17h ago

CVE-2026-3888

Overview

  • snapd
17 Mar 2026
Published
18 Mar 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
0.00%
KEV

Description

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 14 hours ago

Fediverse

Profile picture fallback
fernand0 @fernand0

Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit thehackernews.com/2026/03/ubun

  • 1
  • 0
  • 1
  • 14h ago

CVE-2026-20079

Overview

  • Cisco
  • Cisco Secure Firewall Management Center (FMC)
04 Mar 2026
Published
05 Mar 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.06%
KEV

Description

A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute a variety of scripts and commands that allow root access to the device.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture fallback
Caitlin Condon @catc0n

After 2+ weeks of semi-painful exploit development, @yeslikethefood and team have a full RCA out for Cisco Secure Firewall Management Center (FMC) CVE-2026-20079.

The bug is a CVSS 10, but there are significant prerequisites that may limit exploitability in real-world scenarios. There are between 300 and 700 FMC systems on the public internet as of today.

vulncheck.com/blog/cisco-fmc-a

  • 0
  • 2
  • 0
  • 9h ago

CVE-2026-28760

Overview

  • RATOC Systems, Inc.
  • RATOC RAID Monitoring Manager for Windows
26 Mar 2026
Published
26 Mar 2026
Updated
CVSS v3.0
HIGH (7.8)
EPSS
0.01%
KEV

Description

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 23 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🛡️ HIGH-severity: CVE-2026-28760 in RATOC RAID Monitoring Manager for Windows (<2.00.009.260220) allows DLL hijacking — local attackers may run code as admin. Patch ASAP, restrict installer access, and audit installs. radar.offseq.com/threat/cve-20

  • 0
  • 1
  • 0
  • 23h ago

CVE-2026-33494

Overview

  • ory
  • oathkeeper
26 Mar 2026
Published
26 Mar 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
Pending
KEV

Description

ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Versions prior to 26.2.0 are vulnerable to an authorization bypass via HTTP path traversal. An attacker can craft a URL containing path traversal sequences (e.g. `/public/../admin/secrets`) that resolves to a protected path after normalization, but is matched against a permissive rule because the raw, un-normalized path is used during rule evaluation. Version 26.2.0 contains a patch.

Statistics

  • 1 Post
Last activity: 14 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

CRITICAL: ory oathkeeper (<26.2.0) vulnerable to path traversal (CVE-2026-33494). Attackers can bypass authorization via crafted URLs. Upgrade to 26.2.0+ immediately. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 14h ago

CVE-2026-3973

Overview

  • Tenda
  • W3
12 Mar 2026
Published
12 Mar 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.09%
KEV

Description

A vulnerability was determined in Tenda W3 1.0.0.3(2204). This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler. This manipulation of the argument ping1/ping2 causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

Statistics

  • 1 Post
Last activity: 21 hours ago

Bluesky

Profile picture fallback
SecQube | Harvey | AI Platform for MS Graph @secqube.com
CVE-2026-3973 - Tenda W3 POST Parameter setAutoPing formSetAutoPing stack-based overflow scq.ms/40tu8Zn
  • 0
  • 0
  • 0
  • 21h ago

CVE-2026-33152

Overview

  • TandoorRecipes
  • recipes
26 Mar 2026
Published
26 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
Pending
KEV

Description

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, Tandoor Recipes configures Django REST Framework with BasicAuthentication as one of the default authentication backends. The AllAuth rate limiting configuration (ACCOUNT_RATE_LIMITS: login: 5/m/ip) only applies to the HTML-based login endpoint at /accounts/login/. Any API endpoint that accepts authenticated requests can be targeted via Authorization: Basic headers with zero rate limiting, zero account lockout, and unlimited attempts. An attacker can perform high-speed password guessing against any known username. Version 2.6.0 patches the issue.

Statistics

  • 1 Post
Last activity: 12 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

⚠️ CVE-2026-33152: TandoorRecipes < 2.6.0 suffers CRITICAL vuln (CVSS 9.1). No rate limiting on API BasicAuth enables unlimited password guessing. Patch to 2.6.0 now! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 12h ago

CVE-2025-15605

Overview

  • TP-Link Systems Inc.
  • Archer NX600 v3.0
23 Mar 2026
Published
24 Mar 2026
Updated
CVSS v4.0
HIGH (8.5)
EPSS
0.01%
KEV

Description

A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the confidentiality and integrity of device configuration data.

Statistics

  • 1 Post
Last activity: 23 hours ago

Fediverse

Profile picture fallback
Klaus Frank @agowa338

@heisec

Außerdem, wenn man in die CVEs kuckt, habt ihr das komplett Falsch dargestellt.

feedly.com/cve/CVE-2026-15518 and feedly.com/cve/CVE-2026-15519: that allows unauthenticated attackers to decrypt sensitive device configurations

feedly.com/cve/CVE-2025-15605: An authenticated attacker with low privileges and adjacent network access

  • 0
  • 0
  • 0
  • 23h ago

CVE-2026-4926

Overview

  • path-to-regexp
  • path-to-regexp
26 Mar 2026
Published
26 Mar 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
Pending
KEV

Description

Impact: A bad regular expression is generated any time you have multiple sequential optional groups (curly brace syntax), such as `{a}{b}{c}:z`. The generated regex grows exponentially with the number of groups, causing denial of service. Patches: Fixed in version 8.4.0. Workarounds: Limit the number of sequential optional groups in route patterns. Avoid passing user-controlled input as route patterns.

Statistics

  • 2 Posts
Last activity: 13 hours ago

Fediverse

Profile picture fallback
Ulises Gascon @ulisesgascon

🚨 High-severity security fix in path-to-regexp@8.4.0 just released!

Patches CVE-2026-4926 — path-to-regexp vulnerable to Denial of Service via sequential optional groups

github.com/pillarjs/path-to-re

  • 0
  • 0
  • 1
  • 13h ago

CVE-2026-33728

Overview

  • DataDog
  • dd-trace-java
27 Mar 2026
Published
27 Mar 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
Pending
KEV

Description

dd-trace-java is a Datadog APM client for Java. In versions of dd-trace-java 0.40.0 through prior to 1.60.2, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK version 16 and earlier, an attacker with network access to a JMX or RMI port on an instrumented JVM could exploit this to potentially achieve remote code execution. All three of the following conditions must be true to exploit this vulnerability: First, dd-trace-java is attached as a Java agent (`-javaagent`) on Java 16 or earlier. Second, a JMX/RMI port has been explicitly configured via `-Dcom.sun.management.jmxremote.port` and is network-reachable, Third, a gadget-chain-compatible library is present on the classpath. For JDK >= 17, no action is required, but upgrading is strongly encouraged. For JDK >= 8u121 < JDK 17, upgrade to dd-trace-java version 1.60.3 or later. For JDK < 8u121 and earlier where serialization filters are not available, apply the workaround. The workaround is to set the following environment variable to disable the RMI integration: `DD_INTEGRATION_RMI_ENABLED=false`.

Statistics

  • 1 Post
Last activity: 6 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

⚠️ CRITICAL: CVE-2026-33728 in DataDog dd-trace-java (0.40.0 - <1.60.3) allows unauth RCE via unsafe deserialization if JMX/RMI port is exposed on JDK ≤16. Upgrade to 1.60.3+ & restrict access! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 6h ago
Showing 11 to 20 of 59 CVEs