24h | 7d | 30d

Overview

  • Microsoft
  • Windows 10 Version 1607

10 Mar 2026
Published
27 Mar 2026
Updated

CVSS v3.1
HIGH (8.0)
EPSS
0.07%

KEV

Description

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Statistics

  • 1 Post

Last activity: 13 hours ago

Bluesky

Profile picture fallback
Alerta Crítica CVE-2026-25172: Manual de aplicación del Hotpatch para RRAS en Windows 11 (+DETALLES) www.newstecnicas.info.ve/2026/03/micr...
  • 0
  • 0
  • 0
  • 13h ago

Overview

  • Fortinet
  • FortiClientEMS

06 Feb 2026
Published
31 Mar 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.07%

KEV

Description

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

Statistics

  • 2 Posts
  • 6 Interactions

Last activity: 10 hours ago

Bluesky

Profile picture fallback
Heads up FortiClient EMS users! CVE-2026-35616 (new) & CVE-2026-21643 - both unauthenticated RCE observed to be exploited in the wild! We fingerprint about 2000 instances globally, see public Dashboard: dashboard.shadowserver.org/statistics/i... Top affected: US & Germany
  • 1
  • 5
  • 0
  • 10h ago
Profile picture fallback
Patch info: CVE-2026-35616 (0day reported by Defused Cyber): fortiguard.fortinet.com/psirt/FG-IR-... CVE-2026-21643: fortiguard.fortinet.com/psirt/FG-IR-...
  • 0
  • 0
  • 0
  • 10h ago

Overview

  • Grafana
  • Grafana Enterprise

27 Mar 2026
Published
02 Apr 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.10%

KEV

Description

A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the sqlExpressions feature toggle enabled are vulnerable. Only instances in the following version ranges are affected: - 11.6.0 (inclusive) to 11.6.14 (exclusive): 11.6.14 has the fix. 11.5 and below are not affected. - 12.0.0 (inclusive) to 12.1.10 (exclusive): 12.1.10 has the fix. 12.0 did not receive an update, as it is end-of-life. - 12.2.0 (inclusive) to 12.2.8 (exclusive): 12.2.8 has the fix. - 12.3.0 (inclusive) to 12.3.6 (exclusive): 12.3.6 has the fix. - 12.4.0 (inclusive) to 12.4.2 (exclusive): 12.4.2 has the fix. 13.0.0 and above also have the fix: no v13 release is affected.

Statistics

  • 1 Post

Last activity: 1 hour ago

Bluesky

Profile picture fallback
The latest update for #CyCognito includes "Emerging Threat: (CVE-2026-20093) Cisco IMC Authentication Bypass" and "Emerging Threat: (CVE-2026-27876) Grafana Remote Code Execution via SQL Expressions". #cybersecurity #AttackSurfaceManagement #EASM https://opsmtrs.com/44Srq0X
  • 0
  • 0
  • 0
  • 1h ago
Showing 21 to 23 of 23 CVEs