Tag: cve
-
Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed
More than 1,300 internet-exposed SharePoint servers remain unpatched against CVE-2026-32201, a spoofing flaw Microsoft says was exploited as a zero-day. The post Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-1300-sharepoint-servers-unpatched-zero-day-flaw/
-
You’re Not Watching MCPs. Anthropic’s Vulnerability Shows Why You Should Be.
Tags: access, ai, api, attack, authentication, breach, control, credentials, cve, data, framework, hacker, infrastructure, injection, LLM, remote-code-execution, risk, saas, siem, supply-chain, threat, update, vulnerabilityLast week, researchers at OX Security published findings that should stop every security leader in their tracks. They discovered a critical vulnerability baked directly into Anthropic’s Model Context Protocol SDK, affecting every supported language: Python, TypeScript, Java, and Rust. The result: remote code execution on any system running a vulnerable MCP implementation, with direct access…
-
New Mirai campaign exploits RCE flaw in EoL D-Link routers
A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-mirai-campaign-exploits-rce-flaw-in-eol-d-link-routers/
-
Microsoft issues outband patch for critical security flaw in update to ASP.NET Core
UseCustomCryptographicAlgorithms API.A bug in the .NET 10.0.6 package, released as part of the Patch Tuesday updates on April 14, causes the ManagedAuthenticatedEncryptor library to compute the validation tag for the Hash-based Message Authentication Code (HMAC) using an incorrect offset.Incorrect calculation of security hashes results in the .AspNetCore application cookies and tokens being validated and trusted…
-
Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers
Mirai botnet is targeting old D-Link routers using CVE-2025-29635, a command injection flaw exploitable via crafted POST requests after public PoC disclosure. A Mirai botnet is actively exploiting a command injection vulnerability, tracked as CVE-2025-29635, in discontinued D-Link routers, Akamai reports. The flaw allows attackers to inject commands because an attacker-controlled value is copied without…
-
Over 1,300 SharePoint Servers Still Exposed to Actively Exploited Spoofing Flaw
Over 1,300 SharePoint servers remain unpatched against CVE-2026-32201, a spoofing flaw previously exploited as a zero-day. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/over-1300-sharepoint-servers-still-exposed-to-actively-exploited-spoofing-flaw/
-
CVE-2026-40372: Microsoft Patches ASP.NET Core Privilege Escalation Vulnerability
Microsoft patched an ASP.NET Core flaw (CVE-2026-40372) that could let attackers forge tokens and gain SYSTEM-level access. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cve-2026-40372-microsoft-patches-asp-net-core-privilege-escalation-vulnerability/
-
CVE-2026-40372: Microsoft Patches ASP.NET Core Privilege Escalation Vulnerability
Microsoft patched an ASP.NET Core flaw (CVE-2026-40372) that could let attackers forge tokens and gain SYSTEM-level access. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cve-2026-40372-microsoft-patches-asp-net-core-privilege-escalation-vulnerability/
-
Microsoft outband updates fixed critical ASP.NET Core privilege escalation flaw
Microsoft fixed critical ASP.NET Core vulnerability, tracked as CVE-2026-40372 (CVSS score of 9.1), that lets attackers escalate privileges. Microsoft released out-of-band updates to address a serious ASP.NET Core vulnerability tracked as CVE-2026-40372 (CVSS score of 9.1). Microsoft fixed the flaw in ASP.NET Core version 10.0.7. An attacker could exploit the flaw to gain SYSTEM-level privileges, access…
-
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges.The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It’s rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw.”Improper verification of cryptographic First…
-
Anthropic bets on EPSS for the coming bug surge
Tags: ai, cisco, ciso, cloud, crowdstrike, cve, cvss, cyber, data, exploit, flaw, government, Hardware, healthcare, infrastructure, network, update, vulnerabilitySecurity leaders weigh promise versus reality: Security vendors are increasingly incorporating EPSS scores into their systems.According to Roytman, EPSS has been incorporated into more than 120 security vendors’ products, including CrowdStrike, Cisco, Palo Alto Networks, Qualys, and Tenable platforms.”I do not think other CISOs realize how broadly EPSS has been adopted, but that adoption is…
-
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution.The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system.”Sandbox escape vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal,” according to First…
-
Oracle April 2026 Critical Patch Update Addresses 241 CVEs
Oracle addresses 241 CVEs in its second quarterly update of 2026 with 481 patches, including 34 critical updates. Key takeaways: The second Critical Patch Update (CPU) for 2026 contains fixes for 241 unique CVEs in 481 security updates 34 issues (7.1% of all patches) were assigned a critical severity rating Oracle Communications received the highest…
-
Apache Syncope RCE Vulnerability Detailed After Public Exploit Code Release
Tags: apache, cve, cvss, cyber, exploit, flaw, government, identity, open-source, rce, remote-code-execution, vulnerabilitySecurity researchers have released full technical details and a working proof-of-concept (PoC) exploit for CVE-2025-57738, a high-severity remote code execution (RCE) vulnerability in Apache Syncope, a widely deployed open-source identity management platform used across enterprise and government environments. Tracked as CVE-2025-57738 with a CVSS score of 7.2 (HIGH), the flaw exists in how Apache Syncope…
-
CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
Tags: authentication, cisa, cisco, cve, cybersecurity, exploit, flaw, infrastructure, kev, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, citing evidence of active exploitation.The list of vulnerabilities is as follows -CVE-2023-27351 (CVSS score: 8.2) – An improper authentication vulnerability in PaperCut First seen on thehackernews.com…
-
6,000+ Publicly Exposed Apache ActiveMQ Instances Found Vulnerable to CVE-2026-34197
Over 6,000 internet-facing Apache ActiveMQ servers are currently affected by a critical security flaw, leaving enterprise networks wide open to attack. The Shadowserver Foundation, a prominent nonprofit security research organization, reported finding exactly 6,364 vulnerable IP addresses during its daily network scans on April 19, 2026. This vulnerability, officially tracked as CVE-2026-34197, stems from an…
-
Malicious GGUF Models Could Trigger Remote Code Execution on SGLang Servers
Security researchers have uncovered a critical vulnerability in SGLang, a widely used framework for running large language models, that allows threat actors to compromise inference servers. Tracked as CVE-2026-5760, this flaw enables Remote Code Execution (RCE) when a server loads a maliciously crafted GGUF model file. By simply hosting a weaponized model on platforms like…
-
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
Tags: cve, cvss, exploit, injection, malicious, open-source, rce, remote-code-execution, vulnerabilityA critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems.The vulnerability, tracked as CVE-2026-5760, carries a CVSS score of 9.8 out of 10.0. It has been described as a case of command injection leading to the execution of arbitrary code.SGLang is a high-performance,…
-
NIST Scales Back Vulnerability Scoring in 2026 as CVE Volume Surges
NIST is scaling back NVD enrichment as CVE volumes surge, shifting more risk prioritization to organizations. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/nist-scales-back-vulnerability-scoring-in-2026-as-cve-volume-surges/
-
CVE-2023-33538 under attack for a year, but exploitation still unsuccessful
Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. Hackers have been trying for over a year to exploit a serious flaw, tracked as CVE-2023-33538 (CVSS score of 8.8), in outdated TP-Link routers, but so far without success. The vulnerability is a command…
-
Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet
FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mirai-variant-dvr-flaw-iot-botnet/
-
Claude Mythos ist der Hype gerechtfertigt?
Tags: ai, bug, cve, cybersecurity, data, exploit, linux, openai, sans, technology, update, vulnerabilityClaude Mythos wird derzeit von ausgesuchten Organisationen getestet in erster Linie großen Tech-Konzernen aus den USA.Anthropic | ScreenshotDer Hype um Anthropics Security-Modell Mythos bekommt erste Risse: Während KI-Konkurrent OpenAI plant, mit einem eigenen Cybersecurity-fokussierten KI-Modell ‘entgegenzuwirken”, stellen die Sicherheitsexperten von VulnCheck in einer aktuellen Untersuchung die praktischen Auswirkungen von Claude Mythos, respektive ‘Project Glasswing” in…
-
TBK DVR Vulnerability CVE-2024-3721 Exploited to Spread Nexcorium DDoS Malware
Hackers are actively exploiting a critical vulnerability in TBK digital video recorder (DVR) devices to deploy a new Mirai-based botnet called Nexcorium. The campaign leverages CVE-2024-3721, an OS command injection vulnerability, highlighting how poorly secured IoT devices continue to fuel large-scale distributed denial-of-service (DDoS) attacks. Threat actors exploit CVE-2024-3721 by manipulating the “mdb” and “mdc”…
-
NIST Adopts Risk-Based NVD Model as CVE Submissions Jump 263% Since 2020
According to a recent announcement from the National Institute of Standards and Technology (NIST), the agency is fundamentally restructuring how it manages the National Vulnerability Database (NVD). Driven by a massive 263% increase in Common Vulnerabilities and Exposures (CVE) submissions between 2020 and 2025, NIST is shifting from a comprehensive analysis approach to a targeted,…
-
Nexcorium Mirai Variant Weaponises TBK DVR Vulnerability in Fresh IoT Botnet Push
A newly discovered Mirai malware variant named Nexcorium is actively targeting unpatched Internet of Things (IoT) devices. According to recent threat research from FortiGuard Labs, attackers are exploiting a severe vulnerability in TBK DVR systems to build a massive botnet capable of launching destructive distributed denial-of-service (DDoS) attacks. The campaign primarily focuses on CVE-2024-3721, a…
-
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end”‘of”‘life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42.The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability affecting…
-
Surging CVE disclosures force NIST to shake up workflows
NIST announces big changes to the way it categorises and manages CVEs, set to have a big impact on how organisations manage patching and remediation. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641916/Surging-CVE-disclosures-force-NIST-to-shake-up-workflows
-
How NIST’s Cutback of CVE Handling Impacts Cyber Teams
Industry and ad hoc coalitions appear poised to help fill the gap created by NIST’s decision to cut back on CVE data enrichment. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/nist-cutbacks-nvd-handling-impacts-cyber-teams
-
National Vulnerability Database (NVD) Shifts to Selective Enrichment as CVE Volume Surges
Under a new model announced by the National Institute of Standards and Technology, NVD will no longer enrich every CVE. Instead, enrichment efforts will focus on a defined subset, including vulnerabilities in the CISA KEV catalog, software used by the federal government, and software designated as critical. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/national-vulnerability-database-nvd-shifts-to-selective-enrichment-as-cve-volume-surges/
-
NIST, Overrun by Massive Numbers of Submitted CVEs, Limits Analysis Work
NIST said it overwhelmed by the surge in the number of CVEs submissions in recent years, so it is paring back the analysis work it does on the dangerous security flaws. Security experts say the number of new vulnerabilities detected will only grow during the AI era and that the private sector will need to…