CVE-2026-32201

Overview

Microsoft
Microsoft SharePoint Enterprise Server 2016

14 Apr 2026

Published

15 Apr 2026

Updated

CVSS v3.1

MEDIUM (6.5)

EPSS

1.19%

MITRE

KEV

Description

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

Statistics

13 Posts
6 Interactions

Last activity: Last hour

Fediverse

Christoph Schmees @PC_Fluesterer

Microsoft Flickentag 2026-04: Fast Rekord!

Mit 165 oder 167 (je nach Zählung) geflickten Sicherheitslücken in Microsofts (MS) eigenen Produkten ist dieser der zweitgrößte Flickentag aller Zeiten. Wenn man die von Chromium geerbten Sicherheitslücken im Browser Edge hinzurechnet, kommt man auf 243 Sicherheitslücken. Puh. Von den 165 eigenen Sicherheitslücken stuft MS 8 als kritisch ein und 154 als wichtig. Fehlen noch drei? Ja, die sind nur als mittleres Risiko (moderat) eingestuft. Auch ein Flicken gegen die vorab veröffentlichte Sicherheitslücke im MS Defender ist enthalten.
Eine Sicherheitslücke, CVE-2026-32201 in MS Groupware SharePoint, wird bereits aktiv für

https://www.pc-fluesterer.info/wordpress/2026/04/15/microsoft-flickentag-2026-04-fast-rekord/

#Hintergrund #Warnung #exploits #Microsoft #office #unplugMicrosoft #UnplugTrump #windows #word

0
0
0
Last hour

Chris @Chris

04/14/2026 2:30 PM EST

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

CVE-2009-0238 Microsoft Office Remote Code Execution Vulnerability

CVE-2026-32201 Microsoft SharePoint Server Improper Input Validation

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

https://www.cisa.gov/news-events/alerts/2026/04/14/cisa-adds-two-known-exploited-vulnerabilities-catalog

#cybersecurity #cisa #microsoft

2
2
0
19h ago

CyberNetsecIO @netsecio

📰 Microsoft's Colossal April 2026 Patch Tuesday: 167 Flaws Patched, Two Zero-Days Under Fire

🚨 Microsoft's April Patch Tuesday is massive, fixing 167 flaws! Includes patches for an actively exploited SharePoint zero-day (CVE-2026-32201) & a public Defender EoP flaw (CVE-2026-33825). Patch NOW. #PatchTuesday #CyberSecurity #ZeroDay

🔗 https://cyber.netsecops.io/articles/microsoft-april-2026-patch-tuesday-fixes-167-flaws-including-two-zero-days/?utm_source=mastodon&utm_…

0
0
0
2h ago

Bluesky

Tech-News @technology-news.bsky.social

Microsoft fixes 169 vulnerabilities including exploited SharePoint CVE-2026-32201, prompting CISA remediation by April 28, 2026.

0
1
0
1h ago

Information Security Briefly @infosecbriefly.bsky.social

Microsoft's Patch Tuesday updates address 165 vulnerabilities, including a critical SharePoint zero-day exploit tracked as CVE-2026-32201.

0
0
0
21h ago

Undercode Testing @undercode.bsky.social

Microsoft’s April 2026 Patch Tuesday: 168 Flaws Including Actively Exploited SharePoint Zero-Day – Patch NOW or Get Spoofed! + Video Introduction: Microsoft’s April 2026 Patch Tuesday addresses a massive 168 vulnerabilities, including one actively exploited zero-day (CVE-2026-32201) in Microsoft…

0
0
0
20h ago

Undercode Testing @undercode.bsky.social

Microsoft Confirms Actively Exploited SharePoint Zero-Day (CVE-2026-32201): Urgent Patch & Hardening Guide + Video Introduction: A critical zero-day spoofing vulnerability in Microsoft SharePoint Server, tracked as CVE-2026-32201, is being actively exploited in the wild. Microsoft confirmed the…

0
0
0
13h ago

ohhara @shiojiri.com

「この内 CVE-2026-32201 の脆弱性について、Microsoft 社では悪用の事実を確認済みと公表しており、今後被害が拡大するおそれがあるため、至急、セキュリティ更新プログラムを適用してください。」

0
0
0
12h ago

ohhara @shiojiri.com

マイクロソフト、4月の月例パッチで悪用確認のゼロデイ含む脆弱性167件を修正（CVE-2026-32201ほか） | Codebook｜Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/45289/

0
0
0
12h ago

キタきつね @kitafox.bsky.social

CISAが既知の悪用された脆弱性2件をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Apr 14) CVE-2009-0238 Microsoft Officeのリモートコード実行の脆弱性 CVE-2026-32201 Microsoft SharePoint Server の入力検証の不備 www.cisa.gov/news-events/...

0
1
0
16h ago

piggo @pigondrugs.bsky.social

~Cisa~ CISA added CVE-2009-0238 (Office RCE) and CVE-2026-32201 (SharePoint) to the KEV catalog due to active exploitation. - IOCs: CVE-2009-0238, CVE-2026-32201 - #CISA #KEV #threatintel

0
0
0
20h ago

ohhara @shiojiri.com

CVE-2009-0238 Microsoft Office Remote Code Execution Vulnerability CVE-2026-32201 Microsoft SharePoint Server Improper Input Validation Vulnerability

0
0
0
13h ago

piggo @pigondrugs.bsky.social

~Talos~ Microsoft patched 165 flaws, including 8 criticals and an actively exploited SharePoint spoofing bug (CVE-2026-32201). - IOCs: CVE-2026-32201, CVE-2026-33824, CVE-2026-33827 - #PatchTuesday #ThreatIntel #Vulnerability

0
0
0
12h ago

CVE-2026-40175

Overview

axios
axios

10 Apr 2026

Published

14 Apr 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

0.40%

MITRE

KEV

Description

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.3.1, the Axios library is vulnerable to a specific "Gadget" attack chain that allows Prototype Pollution in any third-party dependency to be escalated into Remote Code Execution (RCE) or Full Cloud Compromise (via AWS IMDSv2 bypass). This vulnerability is fixed in 1.15.0 and 0.3.1.

Statistics

6 Posts
3 Interactions

Last activity: 5 hours ago

Bluesky

azu @azu.bsky.social

見てる: "Axios CVE-2026-40175: a critical bug that’s… not exploitable" https://www.aikido.dev/blog/axios-cve-2026-40175-a-critical-bug-thats-not-exploitable

1
0
0
5h ago

Undercode Testing @undercode.bsky.social

CVE-2026-40175: The Axios Nightmare That (Probably) Won’t Break Your Cloud—But Here’s Why You Must Patch Now + Video Introduction: A critical vulnerability with a perfect CVSS score of 10 has sent shockwaves through the JavaScript ecosystem, threatening to hand attackers the keys to entire cloud…

0
1
0
21h ago

Best of r/cybersecurity @cybersecurity.page

The Axios CVE-2026-40175 vulnerability is rated as a "10/10 critical" threat but is not realistically exploitable in standard environments. It requires bypassing Node.js's protection mechanisms and is mainly a concern for custom configurations. The media coverage has exaggerated the threat.

0
1
0
21h ago

セキュリティ対策Lab @securitylab-jp.bsky.social

Axios、CVE-2026-40175を修正-AWSなどのクラウド環境侵害やRCEに発展し得る重大な脆弱性 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews

0
0
0
16h ago

OpsMatters @opsmatters.com

The latest update for #AikidoSecurity includes "Axios CVE-2026-40175: a critical bug that's… not exploitable" and "Bug bounty isn't dead, but the old model is breaking". #Cybersecurity #AppSec #DevSecOps https://opsmtrs.com/48vGyRP

0
0
0
12h ago

Philippe Vynckier @pvynckier.bsky.social

Axios CVE-2026-40175: a critical bug that’s… not exploitable www.aikido.dev/blog/axios-c...

0
0
0
10h ago

CVE-2026-33032

Overview

0xJacky
nginx-ui

30 Mar 2026

Published

30 Mar 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.06%

MITRE

KEV

Description

Nginx UI is a web user interface for the Nginx web server. In versions 2.3.5 and prior, the nginx-ui MCP (Model Context Protocol) integration exposes two HTTP endpoints: /mcp and /mcp_message. While /mcp requires both IP whitelisting and authentication (AuthRequired() middleware), the /mcp_message endpoint only applies IP whitelisting - and the default IP whitelist is empty, which the middleware treats as "allow all". This means any network attacker can invoke all MCP tools without authentication, including restarting nginx, creating/modifying/deleting nginx configuration files, and triggering automatic config reloads - achieving complete nginx service takeover. At time of publication, there are no publicly available patches.

Statistics

5 Posts

Last activity: 1 hour ago

Fediverse

CyberNetsecIO @netsecio

📰 Critical Auth Bypass in nginx-ui (CVE-2026-33032) Actively Exploited for Full Nginx Takeover

🚨 CRITICAL FLAW: nginx-ui is being actively exploited via an auth bypass (CVE-2026-33032, CVSS 9.8). Unauthenticated attackers can gain full RCE. Patch to version 2.3.4+ immediately! #nginx #CyberSecurity #Vulnerability

🔗 https://cyber.netsecops.io/articles/critical-nginx-ui-auth-bypass-cve-2026-33032-under-active-exploit/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

0
0
0
2h ago

Patrick C Miller :donor: @patrickcmiller

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover https://thehackernews.com/2026/04/critical-nginx-ui-vulnerability-cve.html

0
0
1
1h ago

Bluesky

Undercode Testing @undercode.bsky.social

MCPwn: The 27-Character Code That Hands Over Your Nginx Server to Anyone + Video Introduction The integration of AI agent protocols with critical infrastructure is creating a new and rapidly expanding attack surface. A critical vulnerability, CVE-2026-33032 (CVSS 9.8), is now being actively…

0
0
0
3h ago

Ninja Owl @ninjaowl.ai

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
2h ago

CVE-2026-34621

Overview

Adobe
Acrobat Reader

11 Apr 2026

Published

14 Apr 2026

Updated

CVSS v3.1

HIGH (8.6)

EPSS

6.08%

MITRE

KEV

Description

Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Statistics

3 Posts
12 Interactions

Last activity: 5 hours ago

Fediverse

N_{Dario Fadda} @nuke

Adobe Acrobat Zero-Day CVE-2026-34621: Four Months of Targeted Espionage via Prototype Pollution Exploit
#CyberSecurity
https://securebulletin.com/adobe-acrobat-zero-day-cve-2026-34621-four-months-of-targeted-espionage-via-prototype-pollution-exploit/

5
0
0
5h ago

Christoph Schmees @PC_Fluesterer

Adobe PDF: Zero-Day seit Monaten angegriffen

Wieder einmal hat Adobe mit Acrobat etc. der Welt ein zweifelhaftes Geschenk gemacht. In den Produkten Acrobat DC, Acrobat Reader DC und Acrobat 2024 für Windows und macOS steckte eine öffentlich bisher nicht bekannte Sicherheitslücke, die mindestens seit dem vorigen November für Angriffe ausgenutzt wird (Zero-Day Exploit). Entdeckt wurde die Lücke CVE-2026-34621 im März. In der Meldung steht noch, dass es keinen Flicken gäbe. Das stimmt nicht mehr; Adobe hat gerade Updates veröffentlicht. Für einen Angriff reicht es aus, dem Opfer ein präpariertes PDF unterzuschieben. Außer das PDF

https://www.pc-fluesterer.info/wordpress/2026/04/14/adobe-pdf-zero-day-seit-monaten-angegriffen/

#Allgemein #Empfehlung #Hintergrund #Warnung #0day #cybercrime #exploits #pdf #sicherheit #spionage #trojaner #UnplugTrump #adobe

3
3
0
23h ago

Bluesky

Tech-News @technology-news.bsky.social

Adobe patches CVE-2026-34621 after active exploitation since Dec 2025, preventing remote code execution via malicious PDFs.

0
1
0
23h ago

CVE-2026-33825

Overview

Microsoft
Microsoft Defender Antimalware Platform

14 Apr 2026

Published

15 Apr 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

0.04%

MITRE

KEV

Description

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Statistics

3 Posts
13 Interactions

Last activity: 2 hours ago

Fediverse

BrianKrebs @briankrebs

So @wdormann, is this CVE-2026-33825 the BlueHammer patch? https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2026-33825

5
8
0
19h ago

CyberNetsecIO @netsecio

📰 Microsoft's Colossal April 2026 Patch Tuesday: 167 Flaws Patched, Two Zero-Days Under Fire

🚨 Microsoft's April Patch Tuesday is massive, fixing 167 flaws! Includes patches for an actively exploited SharePoint zero-day (CVE-2026-32201) & a public Defender EoP flaw (CVE-2026-33825). Patch NOW. #PatchTuesday #CyberSecurity #ZeroDay

🔗 https://cyber.netsecops.io/articles/microsoft-april-2026-patch-tuesday-fixes-167-flaws-including-two-zero-days/?utm_source=mastodon&utm_…

0
0
0
2h ago

Bluesky

tamosan @tamosan.bsky.social

『「CVE-2026-33825」は、すでに情報が公開されており、今後悪用される可能性が高い』：【セキュリティニュース】MS、4月の月例パッチで脆弱性167件に対応 - 一部で悪用を確認（1ページ目 / 全2ページ）：Security NEXT https://www.security-next.com/183438

0
0
0
15h ago

CVE-2025-0520

Overview

ShowDoc
ShowDoc

29 Apr 2025

Published

19 Nov 2025

Updated

CVSS v4.0

CRITICAL (9.4)

EPSS

2.03%

MITRE

KEV

Description

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7.

Statistics

5 Posts
1 Interaction

Last activity: 4 hours ago

Fediverse

Patrick C Miller :donor: @patrickcmiller

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers https://thehackernews.com/2026/04/showdoc-rce-flaw-cve-2025-0520-actively.html

0
1
1
9h ago

Bluesky

キタきつね @kitafox.bsky.social

攻撃者はCVE-2025-0520の脆弱性を悪用し、パッチが適用されていないShowDocサーバーを標的にしている Attackers target unpatched ShowDoc servers via CVE-2025-0520 #SecurityAffairs (Apr 14) securityaffairs.com/190790/hacki...

0
0
0
16h ago

キタきつね @kitafox.bsky.social

ShowDocのRCE脆弱性CVE-2025-0520が、パッチ未適用サーバーで積極的に悪用されている ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers #HackerNews (Apr 14) thehackernews.com/2026/04/show...

0
0
0
16h ago

Commonwealth Sentinel Cyber Security @cwealthsentinel.bsky.social

Attackers target unpatched ShowDoc servers via CVE-2025-0520

0
0
0
4h ago

CVE-2026-5194

Overview

wolfSSL
wolfSSL

09 Apr 2026

Published

10 Apr 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

0.04%

MITRE

KEV

Description

Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication if the public CA key used is also known. This affects ECDSA/ECC verification when EdDSA or ML-DSA is also enabled.

Statistics

2 Posts
4 Interactions

Last activity: 21 hours ago

Fediverse

Hackread.com @Hackread

Critical wolfSSL flaw (CVE-2026-5194) allows digital ID forgery across billions of devices. Update to version 5.9.1 to fix the issue and reduce risk

Read: https://hackread.com/wolfssl-vulnerability-iot-routers-military-systems/

#CyberSecurity #Vulnerability #wolfSSL #IoT

1
0
0
21h ago

Bluesky

Hackread.com @hackread.bsky.social

Critical wolfSSL flaw (CVE-2026-5194) allows digital ID forgery across billions of devices. Update to version 5.9.1 to fix the issue and reduce risk Read: hackread.com/wolfssl-vuln... #CyberSecurity #Vulnerability #wolfSSL #IoT

1
2
0
21h ago

CVE-2009-0238

Overview

Pending

25 Feb 2009

Published

15 Apr 2026

Updated

CVSS

Pending

EPSS

81.14%

MITRE

KEV

Description

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.

Statistics

4 Posts
5 Interactions

Last activity: 13 hours ago

Fediverse

Chris @Chris

04/14/2026 2:30 PM EST

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

CVE-2009-0238 Microsoft Office Remote Code Execution Vulnerability

CVE-2026-32201 Microsoft SharePoint Server Improper Input Validation

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

https://www.cisa.gov/news-events/alerts/2026/04/14/cisa-adds-two-known-exploited-vulnerabilities-catalog

#cybersecurity #cisa #microsoft

2
2
0
19h ago

Bluesky

キタきつね @kitafox.bsky.social

CISAが既知の悪用された脆弱性2件をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Apr 14) CVE-2009-0238 Microsoft Officeのリモートコード実行の脆弱性 CVE-2026-32201 Microsoft SharePoint Server の入力検証の不備 www.cisa.gov/news-events/...

0
1
0
16h ago

piggo @pigondrugs.bsky.social

~Cisa~ CISA added CVE-2009-0238 (Office RCE) and CVE-2026-32201 (SharePoint) to the KEV catalog due to active exploitation. - IOCs: CVE-2009-0238, CVE-2026-32201 - #CISA #KEV #threatintel

0
0
0
20h ago

ohhara @shiojiri.com

CVE-2009-0238 Microsoft Office Remote Code Execution Vulnerability CVE-2026-32201 Microsoft SharePoint Server Improper Input Validation Vulnerability

0
0
0
13h ago

CVE-2026-4631

Overview

Red Hat
Red Hat Enterprise Linux 10
cockpit

07 Apr 2026

Published

10 Apr 2026

Updated

CVSS

Pending

EPSS

0.10%

MITRE

KEV

Description

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH options or shell commands, achieving code execution on the Cockpit host without valid credentials. The injection occurs during the authentication flow before any credential verification takes place, meaning no login is required to exploit the vulnerability.

Statistics

2 Posts

Last activity: 2 hours ago

Fediverse

Phantasm @phnt

>CVE-2026-4631 [cockpit] Unauthenticated remote code execution due to SSH command-line argument injection

:comfythumbsup:

0
0
0
2h ago

Bluesky

キタきつね @kitafox.bsky.social

CVE-2026-4631: Cockpitにおける重大な9.8 RCE脆弱性により、認証なしでサーバーを乗っ取ることができる CVE-2026-4631: Critical 9.8 RCE Flaw in Cockpit Allows Unauthenticated Server Takeover #DailyCyberSecurity (Apr 14) securityonline.info/cockpit-rce-...

0
0
0
16h ago

CVE-2026-33807

Overview

fastify
@fastify/express

15 Apr 2026

Published

15 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

0.05%

MITRE

KEV

Description

@fastify/express v4.0.4 and earlier contains a path handling bug in the onRegister function that causes middleware paths to be doubled when inherited by child plugins. When a child plugin is registered with a prefix that matches a middleware path, the middleware path is prefixed a second time, causing it to never match incoming requests. This results in complete bypass of Express middleware security controls, including authentication, authorization, and rate limiting, for all routes defined within affected child plugin scopes. No special configuration or request crafting is required. Upgrade to @fastify/express v4.0.5 or later.

Statistics

3 Posts

Last activity: 5 hours ago

Fediverse

Ulises Gascon @ulisesgascon

🚨 Critical-severity security fix in @fastify/express@4.0.5 just released!

Patches CVE-2026-33807 — middleware path doubling causes authentication bypass in child plugin scopes

https://github.com/fastify/fastify-express/security/advisories/GHSA-hrwm-hgmj-7p9c

0
0
1
6h ago

OffSequence @offseq

🔥 CRITICAL vuln: @fastify/express ≤4.0.4 (CVE-2026-33807) lets attackers bypass Express middleware (auth, rate limiting, more) via path handling bug. Upgrade to 4.0.5+ ASAP! https://radar.offseq.com/threat/cve-2026-33807-cwe-436-interpretation-conflict-in--e2fb5055 #OffSeq #CVE202633807 #NodeJS #AppSec

0
0
0
5h ago