24h | 7d | 30d

Overview

  • OpenAEV-Platform
  • openaev

20 Apr 2026
Published
20 Apr 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.18%

KEV

Description

OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.0.0 and prior to version 2.0.13, OpenAEV's password reset implementation contains multiple security weaknesses that together allow reliable account takeover. The primary issue is that password reset tokens do not expire. Once a token is generated, it remains valid indefinitely, even if significant time has passed or if newer tokens are issued for the same account. This allows an attacker to accumulate valid password reset tokens over time and reuse them at any point in the future to reset a victim’s password. A secondary weakness is that password reset tokens are only 8 digits long. While an 8-digit numeric token provides 100,000,000 possible combinations (which is secure enough), the ability to generate large numbers of valid tokens drastically reduces the required number of attempts to guess a valid password reset token. For example, if an attacker generates 2,000 valid tokens, the brute-force effort is reduced to approximately 50,000 attempts, which is a trivially achievable number of requests for an automated attack. (100 requests per second can mathematically find a valid password reset token in 500 seconds.) By combining these flaws, an attacker can mass-generate valid password reset tokens and then brute-force them efficiently until a match is found, allowing the attacker to reset the victim’s password to a value of their choosing. The original password is not required, and the attack can be performed entirely without authentication. This vulnerability enables full account takeover that leads to platform compromise. An unauthenticated remote attacker can reset the password of any registered user account and gain complete access without authentication. Because user email addresses are exposed to other users by design, a single guessed or observed email address is sufficient to compromise even administrator accounts with non-guessable email addresses. This design flaw results in a reliable and scalable account takeover vulnerability that affects any registered user account in the system. Note: The vulnerability does not require OpenAEV to have the email service configured. The exploit does not depend on the target email address to be a real email address. It just needs to be registered to OpenAEV. Successful exploitation allows an unauthenticated remote attacker to access sensitive data (such as the Findings section of a simulation), modify payloads executed by deployed agents to compromise all hosts where agents are installed (therefore the Scope is changed). Users should upgrade to version 2.0.13 to receive a fix.

Statistics

  • 1 Post

Last activity: 23 hours ago

Fediverse

Profile picture fallback

🚨 CRITICAL: OpenAEV-Platform (<2.0.13) uses non-expiring, 8-digit password reset tokens. Unauthenticated attackers can take over any account — including admins. Upgrade to 2.0.13 ASAP. CVE-2026-24467 radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 23h ago

Overview

  • axios
  • axios

10 Apr 2026
Published
16 Apr 2026
Updated

CVSS v3.1
MEDIUM (4.8)
EPSS
0.04%

KEV

Description

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.3.1, the Axios library is vulnerable to a specific "Gadget" attack chain that allows Prototype Pollution in any third-party dependency to be escalated into Remote Code Execution (RCE) or Full Cloud Compromise (via AWS IMDSv2 bypass). This vulnerability is fixed in 1.15.0 and 0.3.1.

Statistics

  • 1 Post

Last activity: 23 hours ago

Bluesky

Profile picture fallback
https://www.itmedia.co.jp/enterprise/articles/2604/20/news033.html Axiosの脆弱性CVE-2026-40175は、Node.js環境では攻撃成立が困難と判明しました。 当初重大とされた攻撃シナリオも、ランタイムの仕様で不正なヘッダが遮断されます。 脆弱性自体は修正済みで、最新版への更新を推奨。スコア解釈の重要性も解説しています。
  • 0
  • 0
  • 0
  • 23h ago

Overview

  • Siemens
  • Solid Edge SE2025

08 Jul 2025
Published
08 Jul 2025
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.02%

KEV

Description

A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Statistics

  • 1 Post

Last activity: 10 hours ago

Fediverse

Profile picture fallback

Graph Construction Complete: 21 nodes, 12 edges.
Primary Drivers: ['CVE-2025-40739', 'CVE-2025-40740', 'CVE-2025-3508']

#GraphTheory #NetworkSecurity #TechnicalDebt #Audit
2/2

  • 0
  • 0
  • 0
  • 10h ago

Overview

  • HP Inc.
  • Certain HP DesignJet products

25 Jul 2025
Published
25 Jul 2025
Updated

CVSS v4.0
MEDIUM (6.0)
EPSS
0.05%

KEV

Description

Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information.

Statistics

  • 1 Post

Last activity: 10 hours ago

Fediverse

Profile picture fallback

Graph Construction Complete: 21 nodes, 12 edges.
Primary Drivers: ['CVE-2025-40739', 'CVE-2025-40740', 'CVE-2025-3508']

#GraphTheory #NetworkSecurity #TechnicalDebt #Audit
2/2

  • 0
  • 0
  • 0
  • 10h ago

Overview

  • Siemens
  • Solid Edge SE2025

08 Jul 2025
Published
08 Jul 2025
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.02%

KEV

Description

A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

Statistics

  • 1 Post

Last activity: 10 hours ago

Fediverse

Profile picture fallback

Graph Construction Complete: 21 nodes, 12 edges.
Primary Drivers: ['CVE-2025-40739', 'CVE-2025-40740', 'CVE-2025-3508']

#GraphTheory #NetworkSecurity #TechnicalDebt #Audit
2/2

  • 0
  • 0
  • 0
  • 10h ago

Overview

  • Cisco
  • Cisco Catalyst SD-WAN Manager

25 Feb 2026
Published
21 Apr 2026
Updated

CVSS v3.1
MEDIUM (5.4)
EPSS
1.12%

Description

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This vulnerability is due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system&nbsp;and gain vmanage user privileges.

Statistics

  • 1 Post

Last activity: 22 hours ago

Bluesky

Profile picture fallback
~Cisa~ CISA added eight actively exploited vulnerabilities to its KEV catalog, urging immediate remediation. - IOCs: CVE-2023-27351, CVE-2024-27199, CVE-2026-20122 - #CISA #KEV #ThreatIntel
  • 0
  • 0
  • 0
  • 22h ago

Overview

  • JetBrains
  • TeamCity

04 Mar 2024
Published
21 Apr 2026
Updated

CVSS v3.1
HIGH (7.3)
EPSS
92.02%

Description

In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible

Statistics

  • 1 Post

Last activity: 22 hours ago

Bluesky

Profile picture fallback
~Cisa~ CISA added eight actively exploited vulnerabilities to its KEV catalog, urging immediate remediation. - IOCs: CVE-2023-27351, CVE-2024-27199, CVE-2026-20122 - #CISA #KEV #ThreatIntel
  • 0
  • 0
  • 0
  • 22h ago

Overview

  • PaperCut
  • NG

20 Apr 2023
Published
21 Apr 2026
Updated

CVSS v3.0
HIGH (8.2)
EPSS
87.73%

Description

This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper implementation of the authentication algorithm. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19226.

Statistics

  • 1 Post

Last activity: 22 hours ago

Bluesky

Profile picture fallback
~Cisa~ CISA added eight actively exploited vulnerabilities to its KEV catalog, urging immediate remediation. - IOCs: CVE-2023-27351, CVE-2024-27199, CVE-2026-20122 - #CISA #KEV #ThreatIntel
  • 0
  • 0
  • 0
  • 22h ago

Overview

  • Google
  • Chrome

15 Apr 2026
Published
16 Apr 2026
Updated

CVSS
Pending
EPSS
0.05%

KEV

Description

Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Statistics

  • 1 Post

Last activity: 4 hours ago

Bluesky

Profile picture fallback
Google、Chrome 147で31件の脆弱性を修正、Criticalは5件(CVE-2026-6296、CVE-2026-6297、CVE-2026-6298、CVE-2026-6299、CVE-2026-6358を) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews
  • 0
  • 0
  • 0
  • 4h ago

Overview

  • Google
  • Chrome

15 Apr 2026
Published
15 Apr 2026
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Critical)

Statistics

  • 1 Post

Last activity: 4 hours ago

Bluesky

Profile picture fallback
Google、Chrome 147で31件の脆弱性を修正、Criticalは5件(CVE-2026-6296、CVE-2026-6297、CVE-2026-6298、CVE-2026-6299、CVE-2026-6358を) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews
  • 0
  • 0
  • 0
  • 4h ago
Showing 31 to 40 of 43 CVEs