24h | 7d | 30d

CVE-2025-6218

Overview

  • RARLAB
  • WinRAR
21 Jun 2025
Published
26 Feb 2026
Updated
CVSS v3.0
HIGH (7.8)
EPSS
5.69%
KEV

Description

RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198.

Statistics

  • 1 Post
Last activity: 22 hours ago

Fediverse

Profile picture fallback
паляниця 🇺🇦 @palianytsia_200

PSA for anyone with Ukrainian-org exposure: Pterodo Wave-2 droppers chain CVE-2025-8088 + CVE-2025-6218 (WinRAR ADS path-traversal + co-exploit). Both patched in WinRAR 7.13.

A lot of UA orgs run WinRAR like a "forever tool" — installed 5 years ago, never updated. That's the soft target for this campaign.

Audit your endpoint inventory. WinRAR ≤7.12 is not a "next sprint" item.

Signatures: ESET `VBS/Pterodo.CTH trojan` on the dropped VBS implant. Florian Roth's `SUSP_RAR_NTFS_ADS` YARA on the archive itself.

  • 0
  • 0
  • 0
  • 22h ago

CVE-2025-8088

Overview

  • win.rar GmbH
  • WinRAR
08 Aug 2025
Published
26 Feb 2026
Updated
CVSS v4.0
HIGH (8.4)
EPSS
9.10%
KEV

Description

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.

Statistics

  • 1 Post
Last activity: 22 hours ago

Fediverse

Profile picture fallback
паляниця 🇺🇦 @palianytsia_200

PSA for anyone with Ukrainian-org exposure: Pterodo Wave-2 droppers chain CVE-2025-8088 + CVE-2025-6218 (WinRAR ADS path-traversal + co-exploit). Both patched in WinRAR 7.13.

A lot of UA orgs run WinRAR like a "forever tool" — installed 5 years ago, never updated. That's the soft target for this campaign.

Audit your endpoint inventory. WinRAR ≤7.12 is not a "next sprint" item.

Signatures: ESET `VBS/Pterodo.CTH trojan` on the dropped VBS implant. Florian Roth's `SUSP_RAR_NTFS_ADS` YARA on the archive itself.

  • 0
  • 0
  • 0
  • 22h ago

CVE-2026-43500

Overview

  • Linux
  • Linux
11 May 2026
Published
20 May 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
1.71%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.

Statistics

  • 1 Post
  • 10 Interactions
Last activity: 20 hours ago

Fediverse

Profile picture fallback
Joseph Zikusooka (ZIK) @jzik

Just pushed a fresh round of updates to Jambula OS Linux including fixes and mitigations for:

✅ dirty frag (CVE-2026-43284/CVE-2026-43500)
✅ fragnesia (CVE-2026-46300)
✅ ssh-keysign-pwn (CVE-2026-46333)

Are you running a Raspberry Pi 5? This is a great time to try Jambula OS - a lightweight, secure, CLI-focused Linux platform built around a local-first service architecture.

Download image & learn more at:

jambula.org

#JambulaOS #Linux #OpenSource #RaspberryPi #SmartHome #HomeLab

  • 5
  • 5
  • 0
  • 20h ago

CVE-2026-29146

Overview

  • Apache Software Foundation
  • Apache Tomcat
09 Apr 2026
Published
10 Apr 2026
Updated
CVSS
Pending
EPSS
12.92%
KEV

Description

Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from 9.0.13 through 9..115, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109. Users are recommended to upgrade to version 11.0.19, 10.1.53 and 9.0.116, which fixes the issue.

Statistics

  • 1 Post
Last activity: 13 hours ago

Bluesky

Profile picture fallback
GCP Weekly @gcpweekly.bsky.social
Tomcat Vulnerability Mitigation: Upgraded Apache Tomcat to version 9.0.117 to address several high-severity vulnerabilities, including CVE-2026-24734, CVE-2026-34487, and CVE-2026-29146
  • 0
  • 0
  • 0
  • 13h ago

CVE-2026-24734

Overview

  • Apache Software Foundation
  • Apache Tomcat Native
17 Feb 2026
Published
11 Mar 2026
Updated
CVSS
Pending
EPSS
0.09%
KEV

Description

Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypassed. This issue affects Apache Tomcat Native:  from 1.3.0 through 1.3.4, from 2.0.0 through 2.0.11; Apache Tomcat: from 11.0.0-M1 through 11.0.17, from 10.1.0-M7 through 10.1.51, from 9.0.83 through 9.0.114. The following versions were EOL at the time the CVE was created but are known to be affected: from 1.1.23 through 1.1.34, from 1.2.0 through 1.2.39. Older EOL versions are not affected. Apache Tomcat Native users are recommended to upgrade to versions 1.3.5 or later or 2.0.12 or later, which fix the issue. Apache Tomcat users are recommended to upgrade to versions 11.0.18 or later, 10.1.52 or later or 9.0.115 or later which fix the issue.

Statistics

  • 1 Post
Last activity: 13 hours ago

Bluesky

Profile picture fallback
GCP Weekly @gcpweekly.bsky.social
Tomcat Vulnerability Mitigation: Upgraded Apache Tomcat to version 9.0.117 to address several high-severity vulnerabilities, including CVE-2026-24734, CVE-2026-34487, and CVE-2026-29146
  • 0
  • 0
  • 0
  • 13h ago

CVE-2026-34487

Overview

  • Apache Software Foundation
  • Apache Tomcat
09 Apr 2026
Published
10 Apr 2026
Updated
CVSS
Pending
EPSS
0.09%
KEV

Description

Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.13 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the issue.

Statistics

  • 1 Post
Last activity: 13 hours ago

Bluesky

Profile picture fallback
GCP Weekly @gcpweekly.bsky.social
Tomcat Vulnerability Mitigation: Upgraded Apache Tomcat to version 9.0.117 to address several high-severity vulnerabilities, including CVE-2026-24734, CVE-2026-34487, and CVE-2026-29146
  • 0
  • 0
  • 0
  • 13h ago
Showing 61 to 66 of 66 CVEs