24h | 7d | 30d

CVE-2026-40620

Overview

  • SenseLive
  • X3050
24 Apr 2026
Published
24 Apr 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
Pending
KEV

Description

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted modification of critical configuration parameters, operational modes, and device state through a vendor-supplied or compatible client.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 10 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

SenseLive X3050 V1.523 is at CRITICAL risk (CVE-2026-40620, CVSS 9.3): missing auth lets remote attackers gain admin access. No patch yet — restrict management access, monitor logs, and follow vendor updates. radar.offseq.com/threat/cve-20

  • 1
  • 0
  • 0
  • 10h ago

CVE-2026-34621

Overview

  • Adobe
  • Acrobat Reader
11 Apr 2026
Published
14 Apr 2026
Updated
CVSS v3.1
HIGH (8.6)
EPSS
7.60%
KEV

Description

Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 19 hours ago

Bluesky

Profile picture fallback
/r/netsec @r-netsec-bot.bsky.social
CVE-2026-34621: Adobe Acrobat Reader zero-day was on VirusTotal for 136 days before Adobe named it a CVE
  • 0
  • 1
  • 1
  • 19h ago

CVE-2026-21841

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 19 hours ago

Bluesky

Profile picture fallback
Eyal Estrin ☁️ @eyalestrin.bsky.social
Critical vulnerability in Anthropic Mythos and reported NSA adoption (CVE-2026-21841) #machinelearning #ai
  • 0
  • 1
  • 0
  • 19h ago

CVE-2026-20133

Overview

  • Cisco
  • Cisco Catalyst SD-WAN Manager
25 Feb 2026
Published
22 Apr 2026
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
1.39%
KEV

Description

A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.

Statistics

  • 1 Post
Last activity: 18 hours ago

Bluesky

Profile picture fallback
CrowdCyber @crowdcyber.bsky.social
In the Wild: Information Disclosure (CVE-2026-20133) Exploited in Cisco SD-WAN Manager
  • 0
  • 0
  • 0
  • 18h ago

CVE-2026-40630

Overview

  • SenseLive
  • X3050
23 Apr 2026
Published
23 Apr 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
Pending
KEV

Description

A vulnerability in  SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper access control enforcement. An attacker with network access to the device may be able to bypass the intended authentication mechanism and directly interact with sensitive configuration functions.

Statistics

  • 1 Post
Last activity: 13 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

🚨 CRITICAL: SenseLive X3050 v1.523 is vulnerable to authentication bypass (CVE-2026-40630) via alternate paths. No fix yet — restrict device network access and monitor closely. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 13h ago

CVE-2026-25172

Overview

  • Microsoft
  • Windows 10 Version 1607
10 Mar 2026
Published
14 Apr 2026
Updated
CVSS v3.1
HIGH (8.0)
EPSS
0.04%
KEV

Description

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Statistics

  • 1 Post
Last activity: 16 hours ago

Bluesky

Profile picture fallback
NEWSTECNICAS | Tecnología , IA y Gaming @newstecnicas.info.ve
🛡️ CVE-2026-25172: El 'Hotpatch' urgente de Microsoft para Windows 11 que debes aplicar ya (Sin reiniciar) www.newstecnicas.info.ve/2026/04/cve-...
  • 0
  • 0
  • 0
  • 16h ago

CVE-2026-39462

Overview

  • SenseLive
  • X3050
23 Apr 2026
Published
23 Apr 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
Pending
KEV

Description

A vulnerability exists in SenseLive X3050’s web management interface in which password updates are not reliably applied due to improper handling of credential changes on the backend. After the device undergoes a factory restore using the SenseLive Config 2.0 tool, the interface may indicate that the password update was successful; however, the system may continue to accept the previous or default credentials, demonstrating that the password-change process is not consistently enforced. Even after a factory reset, attempted password changes may fail to propagate correctly.

Statistics

  • 1 Post
Last activity: 7 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

CVE-2026-39462 (CRITICAL): SenseLive X3050 V1.523 lets attackers bypass password changes after factory reset — device may accept old or default creds. No fix yet. Limit reliance on resets and monitor for updates. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 7h ago

CVE-2026-21445

Overview

  • langflow-ai
  • langflow
02 Jan 2026
Published
26 Feb 2026
Updated
CVSS v4.0
HIGH (8.8)
EPSS
6.97%
KEV

Description

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal data and system operations that should require proper authorization. Version 1.7.0.dev45 contains a patch.

Statistics

  • 1 Post
Last activity: 22 hours ago

Bluesky

Profile picture fallback
CyberVeille @cyberveille-ch.bsky.social
📢 CVE-2026-21445 : Exploitation active d'un bypass d'authentification critique dans Langflow 📝 ## 🔍 Contexte Source : CrowdSec VulnTracking R… https://cyberveille.ch/posts/2026-04-23-cve-2026-21445-exploitation-active-d-un-bypass-d-authentification-critique-dans-langflow/ #AI_framework #Cyberveille
  • 0
  • 0
  • 0
  • 22h ago

CVE-2026-1952

Overview

  • DeltaWW
  • AS320T
24 Apr 2026
Published
24 Apr 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
Pending
KEV

Description

Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability.

Statistics

  • 1 Post
Last activity: 4 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

⚠️ CRITICAL: CVE-2026-1952 in DeltaWW AS320T (CVSS 9.8) enables denial of service via hidden subfunction (CWE-912). Vendor patch is available for this cloud-hosted service — confirm your instance is protected. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 4h ago

CVE-2026-32202

Overview

  • Microsoft
  • Windows 10 Version 1607
14 Apr 2026
Published
24 Apr 2026
Updated
CVSS v3.1
MEDIUM (4.3)
EPSS
Pending
KEV

Description

Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.

Statistics

  • 1 Post
Last activity: Last hour

Bluesky

Profile picture fallback
780th Military Intelligence Brigade (Cyber) @780thmibdecyber.bsky.social
A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202 Akamai www.akamai.com/blog/securit...
  • 0
  • 0
  • 0
  • Last hour
Showing 11 to 20 of 43 CVEs