home.social
Sign in Create account

#offseq — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #offseq, aggregated by home.social.

  1. OffSequence @[email protected] ·

    ⚠️ CRITICAL: OPNsense core < 26.1.7 vulnerable to argument injection (CVE-2026-44193). Remote code execution possible via XMLRPC method. Update to 26.1.7+ now! radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #RCE

    #offseq #opnsense #vuln #rce
  2. OffSequence @[email protected] ·

    ⚠️ CRITICAL: OPNsense core < 26.1.7 vulnerable to argument injection (CVE-2026-44193). Remote code execution possible via XMLRPC method. Update to 26.1.7+ now! radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #RCE

    #offseq #opnsense #vuln #rce
  3. OffSequence @[email protected] ·

    ⚠️ CRITICAL: OPNsense core < 26.1.7 vulnerable to argument injection (CVE-2026-44193). Remote code execution possible via XMLRPC method. Update to 26.1.7+ now! radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #RCE

    #rce #vuln #opnsense #offseq
  4. OffSequence @[email protected] ·

    ⚠️ CRITICAL: OPNsense core < 26.1.7 vulnerable to argument injection (CVE-2026-44193). Remote code execution possible via XMLRPC method. Update to 26.1.7+ now! radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #RCE

    #offseq #opnsense #vuln #rce
  5. OffSequence @[email protected] ·

    🚨 CVE-2026-44194 (CVSS 9.1): OPNsense core <26.1.8 is vulnerable to OS command injection via sync_user.php. Authenticated users with user-management rights can gain root. Update to 26.1.8 ASAP. radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #BlueTeam

    #offseq #opnsense #vuln #blueteam
  6. OffSequence @[email protected] ·

    🚨 CVE-2026-44194 (CVSS 9.1): OPNsense core <26.1.8 is vulnerable to OS command injection via sync_user.php. Authenticated users with user-management rights can gain root. Update to 26.1.8 ASAP. radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #BlueTeam

    #offseq #opnsense #vuln #blueteam
  7. OffSequence @[email protected] ·

    🚨 CVE-2026-44194 (CVSS 9.1): OPNsense core <26.1.8 is vulnerable to OS command injection via sync_user.php. Authenticated users with user-management rights can gain root. Update to 26.1.8 ASAP. radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #BlueTeam

    #blueteam #vuln #opnsense #offseq
  8. OffSequence @[email protected] ·

    🚨 CVE-2026-44194 (CVSS 9.1): OPNsense core <26.1.8 is vulnerable to OS command injection via sync_user.php. Authenticated users with user-management rights can gain root. Update to 26.1.8 ASAP. radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #BlueTeam

    #offseq #opnsense #vuln #blueteam
  9. OffSequence @[email protected] ·

    🚨 CRITICAL: OPNsense core < 26.1.8 has CVE-2026-45158 — command injection in DHCP config allows root RCE. Upgrade to 26.1.8+ now to prevent full system compromise. Details: radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #Cybersecurity

    #offseq #opnsense #vuln #cybersecurity
  10. OffSequence @[email protected] ·

    🚨 CRITICAL: OPNsense core < 26.1.8 has CVE-2026-45158 — command injection in DHCP config allows root RCE. Upgrade to 26.1.8+ now to prevent full system compromise. Details: radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #Cybersecurity

    #offseq #opnsense #vuln #cybersecurity
  11. OffSequence @[email protected] ·

    🚨 CRITICAL: OPNsense core < 26.1.8 has CVE-2026-45158 — command injection in DHCP config allows root RCE. Upgrade to 26.1.8+ now to prevent full system compromise. Details: radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #Cybersecurity

    #cybersecurity #vuln #opnsense #offseq
  12. OffSequence @[email protected] ·

    🚨 CRITICAL: OPNsense core < 26.1.8 has CVE-2026-45158 — command injection in DHCP config allows root RCE. Upgrade to 26.1.8+ now to prevent full system compromise. Details: radar.offseq.com/threat/cve-20 #OffSeq #OPNsense #Vuln #Cybersecurity

    #offseq #opnsense #vuln #cybersecurity
  13. OffSequence @[email protected] ·

    🔥 CRITICAL: SUSE Rancher Fleet Helm deployer (0.11.0 – 0.15.0) has a major auth flaw (CVE-2026-41050). Tenants with git push access can read secrets from any namespace in downstream clusters. Restrict access & monitor closely! radar.offseq.com/threat/cve-20 #OffSeq #SUSE #Kubernetes

    #offseq #suse #kubernetes
  14. OffSequence @[email protected] ·

    🔥 CRITICAL: SUSE Rancher Fleet Helm deployer (0.11.0 – 0.15.0) has a major auth flaw (CVE-2026-41050). Tenants with git push access can read secrets from any namespace in downstream clusters. Restrict access & monitor closely! radar.offseq.com/threat/cve-20 #OffSeq #SUSE #Kubernetes

    #offseq #suse #kubernetes
  15. OffSequence @[email protected] ·

    🔥 CRITICAL: SUSE Rancher Fleet Helm deployer (0.11.0 – 0.15.0) has a major auth flaw (CVE-2026-41050). Tenants with git push access can read secrets from any namespace in downstream clusters. Restrict access & monitor closely! radar.offseq.com/threat/cve-20 #OffSeq #SUSE #Kubernetes

    #kubernetes #suse #offseq
  16. OffSequence @[email protected] ·

    🔥 CRITICAL: SUSE Rancher Fleet Helm deployer (0.11.0 – 0.15.0) has a major auth flaw (CVE-2026-41050). Tenants with git push access can read secrets from any namespace in downstream clusters. Restrict access & monitor closely! radar.offseq.com/threat/cve-20 #OffSeq #SUSE #Kubernetes

    #offseq #suse #kubernetes
  17. OffSequence @[email protected] ·

    🔴 CVE-2026-8072 (CRITICAL, 9.2): Ingeteam Ingecon Sun EMS Board uses weak hashing for SAT access credentials, risking privilege escalation. No mitigation yet — review access and monitor for updates. radar.offseq.com/threat/cve-20 #OffSeq #ICS #Vulnerability

    #offseq #ics #vulnerability
  18. OffSequence @[email protected] ·

    🔴 CVE-2026-8072 (CRITICAL, 9.2): Ingeteam Ingecon Sun EMS Board uses weak hashing for SAT access credentials, risking privilege escalation. No mitigation yet — review access and monitor for updates. radar.offseq.com/threat/cve-20 #OffSeq #ICS #Vulnerability

    #offseq #ics #vulnerability
  19. OffSequence @[email protected] ·

    🔴 CVE-2026-8072 (CRITICAL, 9.2): Ingeteam Ingecon Sun EMS Board uses weak hashing for SAT access credentials, risking privilege escalation. No mitigation yet — review access and monitor for updates. radar.offseq.com/threat/cve-20 #OffSeq #ICS #Vulnerability

    #vulnerability #ics #offseq
  20. OffSequence @[email protected] ·

    🔴 CVE-2026-8072 (CRITICAL, 9.2): Ingeteam Ingecon Sun EMS Board uses weak hashing for SAT access credentials, risking privilege escalation. No mitigation yet — review access and monitor for updates. radar.offseq.com/threat/cve-20 #OffSeq #ICS #Vulnerability

    #offseq #ics #vulnerability
  21. OffSequence @[email protected] ·

    ⚠️ HIGH severity: CVE-2026-5084 in WebDyne::Session ≤2.075 creates predictable session IDs (MD5, rand()). Risk: session hijacking. No patch yet — use secure session management & monitor vendor updates. radar.offseq.com/threat/cve-20 #OffSeq #Infosec #CVE20265084 #Perl

    #offseq #infosec #cve20265084 #perl
  22. OffSequence @[email protected] ·

    ⚠️ HIGH severity: CVE-2026-5084 in WebDyne::Session ≤2.075 creates predictable session IDs (MD5, rand()). Risk: session hijacking. No patch yet — use secure session management & monitor vendor updates. radar.offseq.com/threat/cve-20 #OffSeq #Infosec #CVE20265084 #Perl

    #offseq #infosec #cve20265084 #perl
  23. OffSequence @[email protected] ·

    ⚠️ HIGH severity: CVE-2026-5084 in WebDyne::Session ≤2.075 creates predictable session IDs (MD5, rand()). Risk: session hijacking. No patch yet — use secure session management & monitor vendor updates. radar.offseq.com/threat/cve-20 #OffSeq #Infosec #CVE20265084 #Perl

    #offseq #infosec #cve20265084 #perl
  24. OffSequence @[email protected] ·

    ⚠️ HIGH severity: CVE-2026-5084 in WebDyne::Session ≤2.075 creates predictable session IDs (MD5, rand()). Risk: session hijacking. No patch yet — use secure session management & monitor vendor updates. radar.offseq.com/threat/cve-20 #OffSeq #Infosec #CVE20265084 #Perl

    #perl #cve20265084 #infosec #offseq
  25. OffSequence @[email protected] ·

    ⚠️ HIGH severity: CVE-2026-5084 in WebDyne::Session ≤2.075 creates predictable session IDs (MD5, rand()). Risk: session hijacking. No patch yet — use secure session management & monitor vendor updates. radar.offseq.com/threat/cve-20 #OffSeq #Infosec #CVE20265084 #Perl

    #offseq #infosec #cve20265084 #perl
  26. OffSequence @[email protected] ·

    🚩 CRITICAL: CVE-2026-6722 in PHP SOAP (8.2 – 8.5) allows unauthenticated RCE via use-after-free. No patch confirmed — restrict SOAP access or disable if not needed. Details: radar.offseq.com/threat/cve-20 #OffSeq #PHP #Vuln #RCE #InfoSec

    #offseq #php #vuln #rce #infosec
  27. OffSequence @[email protected] ·

    🔎 CVE-2026-42246 (HIGH): ruby net-imap (<0.3.10, <0.4.24, <0.5.14, <0.6.4) fails to report TLS handshake errors, risking plaintext IMAP traffic under MITM. Patch now to protect email integrity! radar.offseq.com/threat/cve-20 #OffSeq #Ruby #Infosec #EmailSecurity

    #offseq #ruby #infosec #emailsecurity
  28. OffSequence @[email protected] ·

    🔎 CVE-2026-42246 (HIGH): ruby net-imap (<0.3.10, <0.4.24, <0.5.14, <0.6.4) fails to report TLS handshake errors, risking plaintext IMAP traffic under MITM. Patch now to protect email integrity! radar.offseq.com/threat/cve-20 #OffSeq #Ruby #Infosec #EmailSecurity

    #offseq #ruby #infosec #emailsecurity
  29. OffSequence @[email protected] ·

    🔎 CVE-2026-42246 (HIGH): ruby net-imap (<0.3.10, <0.4.24, <0.5.14, <0.6.4) fails to report TLS handshake errors, risking plaintext IMAP traffic under MITM. Patch now to protect email integrity! radar.offseq.com/threat/cve-20 #OffSeq #Ruby #Infosec #EmailSecurity

    #emailsecurity #infosec #ruby #offseq
  30. OffSequence @[email protected] ·

    🔎 CVE-2026-42246 (HIGH): ruby net-imap (<0.3.10, <0.4.24, <0.5.14, <0.6.4) fails to report TLS handshake errors, risking plaintext IMAP traffic under MITM. Patch now to protect email integrity! radar.offseq.com/threat/cve-20 #OffSeq #Ruby #Infosec #EmailSecurity

    #offseq #ruby #infosec #emailsecurity
  31. OffSequence @[email protected] ·

    🚨 CVE-2026-42193 (CVSS 9.1, CRITICAL): useplunk plunk < 0.9.0 fails to verify SNS signatures at /webhooks/sns, allowing spoofed webhook attacks. Patched in 0.9.0 — verify your version & check vendor advisory. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #EmailSecurity #CVE202642193

    #offseq #vuln #emailsecurity #cve202642193
  32. OffSequence @[email protected] ·

    🚨 CVE-2026-42193 (CVSS 9.1, CRITICAL): useplunk plunk < 0.9.0 fails to verify SNS signatures at /webhooks/sns, allowing spoofed webhook attacks. Patched in 0.9.0 — verify your version & check vendor advisory. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #EmailSecurity #CVE202642193

    #offseq #vuln #emailsecurity #cve202642193
  33. OffSequence @[email protected] ·

    🚨 CVE-2026-42193 (CVSS 9.1, CRITICAL): useplunk plunk < 0.9.0 fails to verify SNS signatures at /webhooks/sns, allowing spoofed webhook attacks. Patched in 0.9.0 — verify your version & check vendor advisory. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #EmailSecurity #CVE202642193

    #cve202642193 #emailsecurity #vuln #offseq
  34. OffSequence @[email protected] ·

    🚨 CVE-2026-42193 (CVSS 9.1, CRITICAL): useplunk plunk < 0.9.0 fails to verify SNS signatures at /webhooks/sns, allowing spoofed webhook attacks. Patched in 0.9.0 — verify your version & check vendor advisory. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #EmailSecurity #CVE202642193

    #offseq #vuln #emailsecurity #cve202642193
  35. OffSequence @[email protected] ·

    🌐 CVE-2026-42368 | CRITICAL privilege escalation in GeoVision GV-LPC2011/LPC2211 v1.10. Remote attackers can gain full control via crafted HTTP requests. No patch — restrict web interface access & monitor traffic. Details: radar.offseq.com/threat/cve-20 #OffSeq #Vuln #IoT #CyberSecurity

    #offseq #vuln #iot #cybersecurity
  36. OffSequence @[email protected] ·

    🚨 CVE-2026-39804 (HIGH): mtrudel bandit <1.11.0 allows remote DoS via memory exhaustion if WebSocket permessage-deflate is enabled. Disable compression to mitigate. Affects only non-default configs. Details: radar.offseq.com/threat/cve-20 #OffSeq #Vuln #DoS #Elixir

    #offseq #vuln #dos #elixir
  37. OffSequence @[email protected] ·

    🔥 HIGH severity: CVE-2026-7548 hits Totolink NR1800X (9.1.0u.6279_B20210910) — remote command injection via setUssd in /cgi-bin/cstecgi.cgi. Exploit is public, no patch yet. Disable remote management ASAP! radar.offseq.com/threat/cve-20 #OffSeq #infosec #vuln #IoT

    #offseq #infosec #vuln #iot
  38. OffSequence @[email protected] ·

    ⚠️ HIGH severity: Tenda HG10 (HG7_HG9_HG10re_300001138_en_xpon) buffer overflow via Boa Service (formRoute). Remote RCE/DoS risk. Exploit public, patch pending. Restrict access & monitor Tenda updates. CVE-2026-6988 radar.offseq.com/threat/cve-20 #OffSeq #IoT #Vuln

    #offseq #iot #vuln
  39. OffSequence @[email protected] ·

    🚨 CRITICAL: CVE-2026-6911 in AWS Ops Wheel — missing JWT signature checks allow unauth access & admin control over all tenants. Patch by redeploying from the updated repo! Details: radar.offseq.com/threat/cve-20 #OffSeq #AWS #Vuln #JWT

    #offseq #aws #vuln #jwt
  40. OffSequence @[email protected] ·

    🚨 CRITICAL: CVE-2026-6911 in AWS Ops Wheel — missing JWT signature checks allow unauth access & admin control over all tenants. Patch by redeploying from the updated repo! Details: radar.offseq.com/threat/cve-20 #OffSeq #AWS #Vuln #JWT

    #offseq #aws #vuln #jwt
  41. OffSequence @[email protected] ·

    🚨 CRITICAL: CVE-2026-6911 in AWS Ops Wheel — missing JWT signature checks allow unauth access & admin control over all tenants. Patch by redeploying from the updated repo! Details: radar.offseq.com/threat/cve-20 #OffSeq #AWS #Vuln #JWT

    #jwt #vuln #aws #offseq
  42. OffSequence @[email protected] ·

    🚨 CRITICAL: CVE-2026-6911 in AWS Ops Wheel — missing JWT signature checks allow unauth access & admin control over all tenants. Patch by redeploying from the updated repo! Details: radar.offseq.com/threat/cve-20 #OffSeq #AWS #Vuln #JWT

    #offseq #aws #vuln #jwt
  43. OffSequence @[email protected] ·

    🛡️ CrowdStrike LogScale CRITICAL vuln (CVE-2026-40050): unauth path traversal — remote file read risk for self-hosted users. Tenable Nessus for Windows: HIGH vuln (CVE-2026-33694), file deletion & privilege escalation. Patch ASAP! radar.offseq.com/threat/vulner #OffSeq #Vuln #CrowdStrike #Tenable

    #offseq #vuln #crowdstrike #tenable
  44. OffSequence @[email protected] ·

    🛡️ CrowdStrike LogScale CRITICAL vuln (CVE-2026-40050): unauth path traversal — remote file read risk for self-hosted users. Tenable Nessus for Windows: HIGH vuln (CVE-2026-33694), file deletion & privilege escalation. Patch ASAP! radar.offseq.com/threat/vulner #OffSeq #Vuln #CrowdStrike #Tenable

    #offseq #vuln #crowdstrike #tenable
  45. OffSequence @[email protected] ·

    🛡️ CrowdStrike LogScale CRITICAL vuln (CVE-2026-40050): unauth path traversal — remote file read risk for self-hosted users. Tenable Nessus for Windows: HIGH vuln (CVE-2026-33694), file deletion & privilege escalation. Patch ASAP! radar.offseq.com/threat/vulner #OffSeq #Vuln #CrowdStrike #Tenable

    #tenable #crowdstrike #vuln #offseq
  46. OffSequence @[email protected] ·

    🛡️ CrowdStrike LogScale CRITICAL vuln (CVE-2026-40050): unauth path traversal — remote file read risk for self-hosted users. Tenable Nessus for Windows: HIGH vuln (CVE-2026-33694), file deletion & privilege escalation. Patch ASAP! radar.offseq.com/threat/vulner #OffSeq #Vuln #CrowdStrike #Tenable

    #offseq #vuln #crowdstrike #tenable
  47. OffSequence @[email protected] ·

    🚨 CRITICAL: OpenAEV-Platform (<2.0.13) uses non-expiring, 8-digit password reset tokens. Unauthenticated attackers can take over any account — including admins. Upgrade to 2.0.13 ASAP. CVE-2026-24467 radar.offseq.com/threat/cve-20 #OffSeq #Vuln #AppSec #PasswordSecurity

    #offseq #vuln #appsec #passwordsecurity
  48. OffSequence @[email protected] ·

    🚨 CRITICAL: OpenAEV-Platform (<2.0.13) uses non-expiring, 8-digit password reset tokens. Unauthenticated attackers can take over any account — including admins. Upgrade to 2.0.13 ASAP. CVE-2026-24467 radar.offseq.com/threat/cve-20 #OffSeq #Vuln #AppSec #PasswordSecurity

    #offseq #vuln #appsec #passwordsecurity
  49. OffSequence @[email protected] ·

    🚨 CRITICAL: OpenAEV-Platform (<2.0.13) uses non-expiring, 8-digit password reset tokens. Unauthenticated attackers can take over any account — including admins. Upgrade to 2.0.13 ASAP. CVE-2026-24467 radar.offseq.com/threat/cve-20 #OffSeq #Vuln #AppSec #PasswordSecurity

    #passwordsecurity #appsec #vuln #offseq
  50. OffSequence @[email protected] ·

    🚨 CRITICAL: OpenAEV-Platform (<2.0.13) uses non-expiring, 8-digit password reset tokens. Unauthenticated attackers can take over any account — including admins. Upgrade to 2.0.13 ASAP. CVE-2026-24467 radar.offseq.com/threat/cve-20 #OffSeq #Vuln #AppSec #PasswordSecurity

    #offseq #vuln #appsec #passwordsecurity