CVE-2026-1340

Overview

Ivanti
Endpoint Manager Mobile

29 Jan 2026

Published

30 Jan 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

40.23%

MITRE

KEV

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

Statistics

2 Posts

Last activity: Last hour

Bluesky

Cyber Threat Feeds @montxt.bsky.social

Critical Vulnerabilities in Ivanti EPMM Exploited https://unit42.paloaltonetworks.com/ivanti-cve-2026-1281-cve-2026-1340/

0
0
0
5h ago

OpsMatters @opsmatters.com

The latest update for #Indusface includes "CVE-2026-1357: #WordPress Plugin RCE Exposes Sites to Full Takeover" and "CVE-2026-1281 & CVE-2026-1340: Actively Exploited Pre-Authentication RCE in Ivanti EPMM". #cybersecurity #infosec https://opsmtrs.com/3ySs2VF

0
0
0
Last hour

CVE-2025-38111

Overview

Linux
Linux

03 Jul 2025

Published

03 Nov 2025

Updated

CVSS

Pending

EPSS

0.02%

MITRE

KEV

Description

In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed to the ioctl and it accepts any mdio address. Currently there is support for 32 addresses in kernel via PHY_MAX_ADDR define, but it is possible to pass higher value than that via ioctl. While read/write operation should generally fail in this case, mdiobus provides stats array, where wrong address may allow out-of-bounds read/write. Fix that by adding address verification before read/write operation. While this excludes this access from any statistics, it improves security of read/write operation.

Statistics

1 Post

Last activity: 15 hours ago

Bluesky

ferramentaslinux.bsky.social @ferramentaslinux.bsky.social

🚨 URGENT: #SUSE Linux Kernel Update! 🚨 SUSE-SU-2026:0565-1 patches 4 HIGH-severity flaws in SLE 15 SP4, including CVE-2023-53321 (Wi-Fi driver) & CVE-2025-38111 (Memory corruption). R ead more: 👉 tinyurl.com/52u328c5 #Security

0
0
0
15h ago

CVE-2024-7694

Overview

TeamT5
ThreatSonar Anti-Ransomware

12 Aug 2024

Published

17 Feb 2026

Updated

CVSS v3.1

HIGH (7.2)

EPSS

Pending

MITRE

KEV

Description

ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server.

Statistics

1 Post

Last activity: Last hour

Bluesky

piggo @pigondrugs.bsky.social

~Cisa~ CISA added four actively exploited vulnerabilities affecting Microsoft, Zimbra, TeamT5, and Chromium to its KEV catalog, requiring urgent remediation. - IOCs: CVE-2026-2441, CVE-2024-7694, CVE-2020-7796 - #CISA #KEV #PatchNow #ThreatIntel

0
0
0
Last hour

CVE-2025-61100

Overview

Pending

27 Oct 2025

Published

28 Oct 2025

Updated

CVSS

Pending

EPSS

0.08%

MITRE

KEV

Description

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions.

Statistics

1 Post

Last activity: 6 hours ago

Bluesky

ferramentaslinux.bsky.social @ferramentaslinux.bsky.social

🚨 Critical patch for #openSUSE Tumbleweed! FRR routing suite updated to 10.2.1-4.1. This addresses three security issues (CVE-2025-61099, CVE-2025-61100, CVE-2025-61104) that could impact BGP stability. Read more: 👉 tinyurl.com/2hk7tfed #Security

0
0
0
6h ago

CVE-2025-61104

Overview

Pending

28 Oct 2025

Published

28 Oct 2025

Updated

CVSS

Pending

EPSS

0.08%

MITRE

KEV

Description

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_unknown_tlv function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.

Statistics

1 Post

Last activity: 6 hours ago

Bluesky

ferramentaslinux.bsky.social @ferramentaslinux.bsky.social

🚨 Critical patch for #openSUSE Tumbleweed! FRR routing suite updated to 10.2.1-4.1. This addresses three security issues (CVE-2025-61099, CVE-2025-61100, CVE-2025-61104) that could impact BGP stability. Read more: 👉 tinyurl.com/2hk7tfed #Security

0
0
0
6h ago

CVE-2025-61099

Overview

Pending

27 Oct 2025

Published

28 Oct 2025

Updated

CVSS

Pending

EPSS

0.08%

MITRE

KEV

Description

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet.

Statistics

1 Post

Last activity: 6 hours ago

Bluesky

ferramentaslinux.bsky.social @ferramentaslinux.bsky.social

🚨 Critical patch for #openSUSE Tumbleweed! FRR routing suite updated to 10.2.1-4.1. This addresses three security issues (CVE-2025-61099, CVE-2025-61100, CVE-2025-61104) that could impact BGP stability. Read more: 👉 tinyurl.com/2hk7tfed #Security

0
0
0
6h ago

CVE-2020-7796

Overview

Pending

18 Feb 2020

Published

17 Feb 2026

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled.

Statistics

1 Post

Last activity: Last hour

Bluesky

piggo @pigondrugs.bsky.social

~Cisa~ CISA added four actively exploited vulnerabilities affecting Microsoft, Zimbra, TeamT5, and Chromium to its KEV catalog, requiring urgent remediation. - IOCs: CVE-2026-2441, CVE-2024-7694, CVE-2020-7796 - #CISA #KEV #PatchNow #ThreatIntel

0
0
0
Last hour