24h | 7d | 30d

Overview

  • Barracuda
  • Barracuda Email Security Gateway

24 May 2023
Published
21 Oct 2025
Updated

CVSS v3.1
CRITICAL (9.4)
EPSS
90.02%

Description

A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives).ย The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product.ย This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.

Statistics

  • 1 Post

Last activity: 17 hours ago

Fediverse

Profile picture fallback

The latest Wrapup is here! ๐ŸŽ‰ This week brings enhanced SMB NTLM relaying for better client compatibility (including smbclient), plus new modules for RCE in Eclipse Che (CVE-2025-12548), Barracuda ESG command injection (CVE-2023-2868), and an ESC/POS printer injector.

Check it out at rapid7.com/blog/post/pt-metasp

  • 0
  • 0
  • 0
  • 17h ago

Overview

  • aquasecurity
  • setup-trivy

23 Mar 2026
Published
27 Mar 2026
Updated

CVSS v4.0
CRITICAL (9.4)
EPSS
26.61%

Description

Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 version tags in `aquasecurity/trivy-action` to credential-stealing malware, and replace all 7 tags in `aquasecurity/setup-trivy` with malicious commits. This incident is a continuation of the supply chain attack that began in late February 2026. Following the initial disclosure on March 1, credential rotation was performed but was not atomic (not all credentials were revoked simultaneously). The attacker could have use a valid token to exfiltrate newly rotated secrets during the rotation window (which lasted a few days). This could have allowed the attacker to retain access and execute the March 19 attack. Affected components include the `aquasecurity/trivy` Go / Container image version 0.69.4, the `aquasecurity/trivy-action` GitHub Action versions 0.0.1 โ€“ 0.34.2 (76/77), and the`aquasecurity/setup-trivy` GitHub Action versions 0.2.0 โ€“ 0.2.6, prior to the recreation of 0.2.6 with a safe commit. Known safe versions include versions 0.69.2 and 0.69.3 of the Trivy binary, version 0.35.0 of trivy-action, and version 0.2.6 of setup-trivy. Additionally, take other mitigations to ensure the safety of secrets. If there is any possibility that a compromised version ran in one's environment, all secrets accessible to affected pipelines must be treated as exposed and rotated immediately. Check whether one's organization pulled or executed Trivy v0.69.4 from any source. Remove any affected artifacts immediately. Review all workflows using `aquasecurity/trivy-action` or `aquasecurity/setup-trivy`. Those who referenced a version tag rather than a full commit SHA should check workflow run logs from March 19โ€“20, 2026 for signs of compromise. Look for repositories named `tpcp-docs` in one's GitHub organization. The presence of such a repository may indicate that the fallback exfiltration mechanism was triggered and secrets were successfully stolen. Pin GitHub Actions to full, immutable commit SHA hashes, don't use mutable version tags.

Statistics

  • 1 Post

Last activity: 23 hours ago

Fediverse

Profile picture fallback

๐Ÿ“ฐ CISA KEV Alert: Actively Exploited Flaws in Langflow AI Framework and Trivy Scanner

๐Ÿ“ข CISA KEV UPDATE: Two flaws now under active exploitation! A critical RCE in Langflow AI framework (CVE-2026-33017) and a supply-chain attack via Trivy scanner (CVE-2026-33634). Patch now! โš ๏ธ #KEV #CyberSecurity #RCE

๐Ÿ”— cyber.netsecops.io/articles/ci

  • 0
  • 0
  • 0
  • 23h ago

Overview

  • Red Hat
  • Red Hat OpenShift Dev Spaces (RHOSDS) 3.22
  • devspaces/code-rhel9

13 Jan 2026
Published
21 Jan 2026
Updated

CVSS
Pending
EPSS
44.19%

KEV

Description

A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration (SSH keys, tokens, etc.) from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API exposed on TCP port 3333.

Statistics

  • 1 Post

Last activity: 17 hours ago

Fediverse

Profile picture fallback

The latest Wrapup is here! ๐ŸŽ‰ This week brings enhanced SMB NTLM relaying for better client compatibility (including smbclient), plus new modules for RCE in Eclipse Che (CVE-2025-12548), Barracuda ESG command injection (CVE-2023-2868), and an ESC/POS printer injector.

Check it out at rapid7.com/blog/post/pt-metasp

  • 0
  • 0
  • 0
  • 17h ago

Overview

  • FreeBSD
  • FreeBSD

26 Mar 2026
Published
27 Mar 2026
Updated

CVSS
Pending
EPSS
0.15%

KEV

Description

Each RPCSEC_GSS data packet is validated by a routine which checks a signature in the packet. This routine copies a portion of the packet into a stack buffer, but fails to ensure that the buffer is sufficiently large, and a malicious client can trigger a stack overflow. Notably, this does not require the client to authenticate itself first. As kgssapi.ko's RPCSEC_GSS implementation is vulnerable, remote code execution in the kernel is possible by an authenticated user that is able to send packets to the kernel's NFS server while kgssapi.ko is loaded into the kernel. In userspace, applications which have librpcgss_sec loaded and run an RPC server are vulnerable to remote code execution from any client able to send it packets. We are not aware of any such applications in the FreeBSD base system.

Statistics

  • 1 Post

Last activity: 22 hours ago

Bluesky

Profile picture fallback
~Cybergcca~ Security updates released for WatchGuard, Siemens, FreeBSD (RCE), and Ericsson. - IOCs: CVE-2026-4747, CVE-2026-4266, CVE-2026-4652 - #Patch #ThreatIntel #Vulnerability
  • 0
  • 0
  • 0
  • 22h ago

Overview

  • FreeBSD
  • FreeBSD

26 Mar 2026
Published
26 Mar 2026
Updated

CVSS
Pending
EPSS
0.05%

KEV

Description

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine.

Statistics

  • 1 Post

Last activity: 22 hours ago

Bluesky

Profile picture fallback
~Cybergcca~ Security updates released for WatchGuard, Siemens, FreeBSD (RCE), and Ericsson. - IOCs: CVE-2026-4747, CVE-2026-4266, CVE-2026-4652 - #Patch #ThreatIntel #Vulnerability
  • 0
  • 0
  • 0
  • 22h ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post

Last activity: 22 hours ago

Bluesky

Profile picture fallback
~Cybergcca~ Security updates released for WatchGuard, Siemens, FreeBSD (RCE), and Ericsson. - IOCs: CVE-2026-4747, CVE-2026-4266, CVE-2026-4652 - #Patch #ThreatIntel #Vulnerability
  • 0
  • 0
  • 0
  • 22h ago
Showing 31 to 36 of 36 CVEs