24h | 7d | 30d

Overview

  • TP-Link Systems Inc.
  • AX53 v1.0

08 Apr 2026
Published
09 Apr 2026
Updated

CVSS v4.0
HIGH (8.5)
EPSS
0.42%

KEV

Description

An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow the attacker to modify device configuration, access sensitive information, or further compromise system integrity. This issue affects AX53 v1.0: before 1.7.1 Build 20260213.

Statistics

  • 1 Post

Last activity: 16 hours ago

Bluesky

Profile picture fallback
TP-Link Archer AX53に複数の脆弱性(CVE-2026-30815,CVE-2026-30818) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 16h ago

Overview

  • Microsoft
  • Windows 11 Version 24H2

11 Nov 2025
Published
13 Apr 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.19%

Description

Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.

Statistics

  • 2 Posts

Last activity: Last hour

Fediverse

Profile picture fallback

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CVE-2012-1854 Visual Basic for Applications Insecure Library Loading

CVE-2020-9715 Adobe Acrobat Use-After-Free

CVE-2023-21529 Microsoft Exchange Deserialization of Untrusted

CVE-2023-36424 Microsoft Windows Out-of-Bounds Read

CVE-2025-60710 Microsoft Windows Link Following

CVE-2026-21643 Fortinet SQL Injection

CVE-2026-34621 Adobe Acrobat Reader Prototype

cisa.gov/news-events/alerts/20

#cybersecurity #cisa #adobe #microsoft

  • 0
  • 0
  • 0
  • Last hour

Bluesky

Profile picture fallback
~Cisa~ CISA added 7 actively exploited vulnerabilities to the KEV catalog, urging immediate patching. - IOCs: CVE-2026-21643, CVE-2026-34621, CVE-2025-60710 - #CISA #KEV #threatintel
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • Fortinet
  • FortiClientEMS

06 Feb 2026
Published
13 Apr 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
13.70%

Description

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

Statistics

  • 2 Posts

Last activity: Last hour

Fediverse

Profile picture fallback

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CVE-2012-1854 Visual Basic for Applications Insecure Library Loading

CVE-2020-9715 Adobe Acrobat Use-After-Free

CVE-2023-21529 Microsoft Exchange Deserialization of Untrusted

CVE-2023-36424 Microsoft Windows Out-of-Bounds Read

CVE-2025-60710 Microsoft Windows Link Following

CVE-2026-21643 Fortinet SQL Injection

CVE-2026-34621 Adobe Acrobat Reader Prototype

cisa.gov/news-events/alerts/20

#cybersecurity #cisa #adobe #microsoft

  • 0
  • 0
  • 0
  • Last hour

Bluesky

Profile picture fallback
~Cisa~ CISA added 7 actively exploited vulnerabilities to the KEV catalog, urging immediate patching. - IOCs: CVE-2026-21643, CVE-2026-34621, CVE-2025-60710 - #CISA #KEV #threatintel
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • MB connect line
  • mbCONNECT24

02 Apr 2026
Published
02 Apr 2026
Updated

CVSS v3.1
HIGH (7.2)
EPSS
0.15%

KEV

Description

Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. This vulnerability can only be attacked if the attacker has some other way to write arbitrary data to the user table.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 10 hours ago

Fediverse

Profile picture fallback

VDE-2026-043
Helmholz: Multiple Vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual that could allow RCE, SQLi or information leakage.
CVE-2026-33615, CVE-2026-33616, CVE-2026-33614, CVE-2026-33613, CVE-2026-33617

certvde.com/en/advisories/vde-

helmholz.csaf-tp.certvde.com/.

  • 1
  • 1
  • 0
  • 10h ago

Overview

  • MB connect line
  • mbCONNECT24

02 Apr 2026
Published
02 Apr 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.06%

KEV

Description

An unauthenticated remote attacker can exploit an unauthenticated blind SQL Injection vulnerability in the mb24api endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 10 hours ago

Fediverse

Profile picture fallback

VDE-2026-043
Helmholz: Multiple Vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual that could allow RCE, SQLi or information leakage.
CVE-2026-33615, CVE-2026-33616, CVE-2026-33614, CVE-2026-33613, CVE-2026-33617

certvde.com/en/advisories/vde-

helmholz.csaf-tp.certvde.com/.

  • 1
  • 1
  • 0
  • 10h ago

Overview

  • MB connect line
  • mbCONNECT24

02 Apr 2026
Published
02 Apr 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
0.10%

KEV

Description

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 10 hours ago

Fediverse

Profile picture fallback

VDE-2026-043
Helmholz: Multiple Vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual that could allow RCE, SQLi or information leakage.
CVE-2026-33615, CVE-2026-33616, CVE-2026-33614, CVE-2026-33613, CVE-2026-33617

certvde.com/en/advisories/vde-

helmholz.csaf-tp.certvde.com/.

  • 1
  • 1
  • 0
  • 10h ago

Overview

  • MB connect line
  • mbCONNECT24

02 Apr 2026
Published
03 Apr 2026
Updated

CVSS v3.1
MEDIUM (5.3)
EPSS
0.04%

KEV

Description

An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these credentials.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 10 hours ago

Fediverse

Profile picture fallback

VDE-2026-043
Helmholz: Multiple Vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual that could allow RCE, SQLi or information leakage.
CVE-2026-33615, CVE-2026-33616, CVE-2026-33614, CVE-2026-33613, CVE-2026-33617

certvde.com/en/advisories/vde-

helmholz.csaf-tp.certvde.com/.

  • 1
  • 1
  • 0
  • 10h ago

Overview

  • MB connect line
  • mbCONNECT24

02 Apr 2026
Published
02 Apr 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.06%

KEV

Description

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getinfo endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 10 hours ago

Fediverse

Profile picture fallback

VDE-2026-043
Helmholz: Multiple Vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual that could allow RCE, SQLi or information leakage.
CVE-2026-33615, CVE-2026-33616, CVE-2026-33614, CVE-2026-33613, CVE-2026-33617

certvde.com/en/advisories/vde-

helmholz.csaf-tp.certvde.com/.

  • 1
  • 1
  • 0
  • 10h ago

Overview

  • Microsoft
  • Exchange Server 2019 Cumulative Update 12

14 Feb 2023
Published
02 Aug 2024
Updated

CVSS v3.1
HIGH (8.8)
EPSS
36.68%

Description

Microsoft Exchange Server Remote Code Execution Vulnerability

Statistics

  • 1 Post

Last activity: Last hour

Fediverse

Profile picture fallback

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CVE-2012-1854 Visual Basic for Applications Insecure Library Loading

CVE-2020-9715 Adobe Acrobat Use-After-Free

CVE-2023-21529 Microsoft Exchange Deserialization of Untrusted

CVE-2023-36424 Microsoft Windows Out-of-Bounds Read

CVE-2025-60710 Microsoft Windows Link Following

CVE-2026-21643 Fortinet SQL Injection

CVE-2026-34621 Adobe Acrobat Reader Prototype

cisa.gov/news-events/alerts/20

#cybersecurity #cisa #adobe #microsoft

  • 0
  • 0
  • 0
  • Last hour

Overview

  • Pending

10 Jul 2012
Published
13 Apr 2026
Updated

CVSS
Pending
EPSS
1.36%

Description

Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Visual Basic for Applications Insecure Library Loading Vulnerability," as exploited in the wild in July 2012.

Statistics

  • 1 Post

Last activity: Last hour

Fediverse

Profile picture fallback

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CVE-2012-1854 Visual Basic for Applications Insecure Library Loading

CVE-2020-9715 Adobe Acrobat Use-After-Free

CVE-2023-21529 Microsoft Exchange Deserialization of Untrusted

CVE-2023-36424 Microsoft Windows Out-of-Bounds Read

CVE-2025-60710 Microsoft Windows Link Following

CVE-2026-21643 Fortinet SQL Injection

CVE-2026-34621 Adobe Acrobat Reader Prototype

cisa.gov/news-events/alerts/20

#cybersecurity #cisa #adobe #microsoft

  • 0
  • 0
  • 0
  • Last hour
Showing 31 to 40 of 42 CVEs