home.social

#secdb — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #secdb, aggregated by home.social.

  1. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0521] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-34291 (secdb.nttzen.cloud/cve/detail/)
    - Name: Langflow Origin Validation Error Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Langflow
    - Product: Langflow
    - Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/langflow-ai/langflow ; github.com/langflow-ai/langflo; github.com/langflow-ai/langflo ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-34926 (secdb.nttzen.cloud/cve/detail/)
    - Name: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Trend Micro
    - Product: Apex One
    - Notes: success.trendmicro.com/en-US/s ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260521 #cisa20260521 #cve_2025_34291 #cve_2026_34926 #cve202534291 #cve202634926

    #secdb #infosec #cve #cisa_kev #cisa_20260521 #cisa20260521
  2. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0521] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-34291 (secdb.nttzen.cloud/cve/detail/)
    - Name: Langflow Origin Validation Error Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Langflow
    - Product: Langflow
    - Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/langflow-ai/langflow ; github.com/langflow-ai/langflo; github.com/langflow-ai/langflo ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-34926 (secdb.nttzen.cloud/cve/detail/)
    - Name: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Trend Micro
    - Product: Apex One
    - Notes: success.trendmicro.com/en-US/s ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260521 #cisa20260521 #cve_2025_34291 #cve_2026_34926 #cve202534291 #cve202634926

    #cve202634926 #cve202534291 #cve_2026_34926 #cve_2025_34291 #cisa20260521 #cisa_20260521
  3. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0521] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-34291 (secdb.nttzen.cloud/cve/detail/)
    - Name: Langflow Origin Validation Error Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Langflow
    - Product: Langflow
    - Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/langflow-ai/langflow ; github.com/langflow-ai/langflo; github.com/langflow-ai/langflo ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-34926 (secdb.nttzen.cloud/cve/detail/)
    - Name: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Trend Micro
    - Product: Apex One
    - Notes: success.trendmicro.com/en-US/s ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260521 #cisa20260521 #cve_2025_34291 #cve_2026_34926 #cve202534291 #cve202634926

    #secdb #infosec #cve #cisa_kev #cisa_20260521 #cisa20260521
  4. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-45585 (YellowKey)

    Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices.
    We are issuing this CVE to provide mitigation guidance that can be implemented to protect against this vulnerability until the security update is made available.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #yellowkey #microsoft #bitlocker #cve202645585

    #nttdata #zen #secdb #infosec #yellowkey #microsoft
  5. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-45585 (YellowKey)

    Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices.
    We are issuing this CVE to provide mitigation guidance that can be implemented to protect against this vulnerability until the security update is made available.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #yellowkey #microsoft #bitlocker #cve202645585

    #nttdata #zen #secdb #infosec #yellowkey #microsoft
  6. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-45585 (YellowKey)

    Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices.
    We are issuing this CVE to provide mitigation guidance that can be implemented to protect against this vulnerability until the security update is made available.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #yellowkey #microsoft #bitlocker #cve202645585

    #cve202645585 #bitlocker #microsoft #yellowkey #infosec #secdb
  7. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-31635 (DirtyDecrypt / DirtyCBC)

    rxrpc: fix oversized RESPONSE authenticator length check

    rxgk_verify_response() decodes auth_len from the packet and is supposed
    to verify that it fits in the remaining bytes. The existing check is
    inverted, so oversized RESPONSE authenticators are accepted and passed
    to rxgk_decrypt_skb(), which can later reach skb_to_sgvec() with an
    impossible length and hit BUG_ON(len).

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #dirtydecrypt #dirtycbc #linux #kernel #lpe #cve202631635

    #nttdata #zen #secdb #infosec #dirtydecrypt #dirtycbc
  8. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-31635 (DirtyDecrypt / DirtyCBC)

    rxrpc: fix oversized RESPONSE authenticator length check

    rxgk_verify_response() decodes auth_len from the packet and is supposed
    to verify that it fits in the remaining bytes. The existing check is
    inverted, so oversized RESPONSE authenticators are accepted and passed
    to rxgk_decrypt_skb(), which can later reach skb_to_sgvec() with an
    impossible length and hit BUG_ON(len).

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #dirtydecrypt #dirtycbc #linux #kernel #lpe # cve202631635

    #lpe #kernel #linux #dirtycbc #dirtydecrypt #infosec
  9. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-42945 (NGINX Rift)

    NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, for systems with Address Space Layout Randomization (ASLR ) disabled, code execution is possible. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #nginxrift #cve202642945 #nginx

    #nttdata #zen #secdb #infosec #nginxrift #cve202642945
  10. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-42945 (NGINX Rift)

    NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, for systems with Address Space Layout Randomization (ASLR ) disabled, code execution is possible. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #nginxrift #cve202642945 #nginx

    #nginx #cve202642945 #nginxrift #infosec #secdb #zen
  11. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-46333 (ssh-keysign-pwn)

    In the Linux kernel, the following vulnerability has been resolved:

    ptrace: slightly saner 'get_dumpable()' logic

    The 'dumpability' of a task is fundamentally about the memory image of
    the task - the concept comes from whether it can core dump or not - and
    makes no sense when you don't have an associated mm.

    And almost all users do in fact use it only for the case where the task
    has a mm pointer.

    But we have one odd special case: ptrace_may_access() uses 'dumpable' to
    check various other things entirely independently of the MM (typically
    explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for
    threads that no longer have a VM (and maybe never did, like most kernel
    threads).

    It's not what this flag was designed for, but it is what it is.

    The ptrace code does check that the uid/gid matches, so you do have to
    be uid-0 to see kernel thread details, but this means that the
    traditional "drop capabilities" model doesn't make any difference for
    this all.

    Make it all make a bit more sense by saying that if you don't have a
    MM pointer, we'll use a cached "last dumpability" flag if the thread
    ever had a MM (it will be zero for kernel threads since it is never
    set), and require a proper CAP_SYS_PTRACE capability to override.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #sshkeysignpwn #cve202646333 #linux #kernel

    #nttdata #zen #secdb #infosec #sshkeysignpwn #cve202646333
  12. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-46333 (ssh-keysign-pwn)

    In the Linux kernel, the following vulnerability has been resolved:

    ptrace: slightly saner 'get_dumpable()' logic

    The 'dumpability' of a task is fundamentally about the memory image of
    the task - the concept comes from whether it can core dump or not - and
    makes no sense when you don't have an associated mm.

    And almost all users do in fact use it only for the case where the task
    has a mm pointer.

    But we have one odd special case: ptrace_may_access() uses 'dumpable' to
    check various other things entirely independently of the MM (typically
    explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for
    threads that no longer have a VM (and maybe never did, like most kernel
    threads).

    It's not what this flag was designed for, but it is what it is.

    The ptrace code does check that the uid/gid matches, so you do have to
    be uid-0 to see kernel thread details, but this means that the
    traditional "drop capabilities" model doesn't make any difference for
    this all.

    Make it all make a bit more sense by saying that if you don't have a
    MM pointer, we'll use a cached "last dumpability" flag if the thread
    ever had a MM (it will be zero for kernel threads since it is never
    set), and require a proper CAP_SYS_PTRACE capability to override.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #sshkeysignpwn #cve202646333 #linux #kernel

    #nttdata #zen #secdb #infosec #sshkeysignpwn #cve202646333
  13. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-46333 (ssh-keysign-pwn)

    In the Linux kernel, the following vulnerability has been resolved:

    ptrace: slightly saner 'get_dumpable()' logic

    The 'dumpability' of a task is fundamentally about the memory image of
    the task - the concept comes from whether it can core dump or not - and
    makes no sense when you don't have an associated mm.

    And almost all users do in fact use it only for the case where the task
    has a mm pointer.

    But we have one odd special case: ptrace_may_access() uses 'dumpable' to
    check various other things entirely independently of the MM (typically
    explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for
    threads that no longer have a VM (and maybe never did, like most kernel
    threads).

    It's not what this flag was designed for, but it is what it is.

    The ptrace code does check that the uid/gid matches, so you do have to
    be uid-0 to see kernel thread details, but this means that the
    traditional "drop capabilities" model doesn't make any difference for
    this all.

    Make it all make a bit more sense by saying that if you don't have a
    MM pointer, we'll use a cached "last dumpability" flag if the thread
    ever had a MM (it will be zero for kernel threads since it is never
    set), and require a proper CAP_SYS_PTRACE capability to override.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #sshkeysignpwn #cve202646333 #linux #kernel

    #kernel #linux #cve202646333 #sshkeysignpwn #infosec #secdb
  14. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0514] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2026-20182 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlined in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260514 #cisa20260514 #cve_2026_20182 #cve202620182

    #secdb #infosec #cve #cisa_kev #cisa_20260514 #cisa20260514
  15. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0514] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2026-20182 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlined in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260514 #cisa20260514 #cve_2026_20182 #cve202620182

    #cve202620182 #cve_2026_20182 #cisa20260514 #cisa_20260514 #cisa_kev #cve
  16. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-45185 (Dead.Letter)

    Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitrary code.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #deadletter #cve202645185 #exim #gnutls

    #nttdata #zen #secdb #infosec #deadletter #cve202645185
  17. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-45185 (Dead.Letter)

    Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitrary code.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #deadletter #cve202645185 #exim #gnutls

    #nttdata #zen #secdb #infosec #deadletter #cve202645185
  18. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-45185 (Dead.Letter)

    Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitrary code.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #deadletter #cve202645185 #exim #gnutls

    #gnutls #exim #cve202645185 #deadletter #infosec #secdb
  19. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0430] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2026-41940 (secdb.nttzen.cloud/cve/detail/)
    - Name: WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: WebPros
    - Product: cPanel & WHM and WP2 (WordPress Squared)
    - Notes: support.cpanel.net/hc/en-us/ar ; docs.cpanel.net/release-notes/ ; docs.wpsquared.com/changelogs/ ; nvd.nist.gov/vuln/detail/CVE-2;

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260430 #cisa20260430 #cve_2026_41940 #cve202641940

    #secdb #infosec #cve #cisa_kev #cisa_20260430 #cisa20260430
  20. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0430] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2026-41940 (secdb.nttzen.cloud/cve/detail/)
    - Name: WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: WebPros
    - Product: cPanel & WHM and WP2 (WordPress Squared)
    - Notes: support.cpanel.net/hc/en-us/ar ; docs.cpanel.net/release-notes/ ; docs.wpsquared.com/changelogs/ ; nvd.nist.gov/vuln/detail/CVE-2;

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260430 #cisa20260430 #cve_2026_41940 #cve202641940

    #cve202641940 #cve_2026_41940 #cisa20260430 #cisa_20260430 #cisa_kev #cve
  21. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0428] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2024-1708 (secdb.nttzen.cloud/cve/detail/)
    - Name: ConnectWise ScreenConnect Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: ConnectWise
    - Product: ScreenConnect
    - Notes: connectwise.com/company/trust/ ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-32202 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows Protection Mechanism Failure Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260428 #cisa20260428 #cve_2024_1708 #cve_2026_32202 #cve20241708 #cve202632202

    #secdb #infosec #cve #cisa_kev #cisa_20260428 #cisa20260428
  22. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0428] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2024-1708 (secdb.nttzen.cloud/cve/detail/)
    - Name: ConnectWise ScreenConnect Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: ConnectWise
    - Product: ScreenConnect
    - Notes: connectwise.com/company/trust/ ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-32202 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows Protection Mechanism Failure Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260428 #cisa20260428 #cve_2024_1708 #cve_2026_32202 #cve20241708 #cve202632202

    #cve202632202 #cve20241708 #cve_2026_32202 #cve_2024_1708 #cisa20260428 #cisa_20260428
  23. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-41651 (Pack2TheRoot)

    PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root

    PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #pack2theroot #cve2026411651 #packagekit #toctou

    #nttdata #zen #secdb #infosec #pack2theroot #cve2026411651
  24. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-41651 (Pack2TheRoot)

    PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root

    PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #pack2theroot #cve2026411651 #packagekit #toctou

    #nttdata #zen #secdb #infosec #pack2theroot #cve2026411651
  25. ZEN SecDB @[email protected] ·

    🚨 CVE-2026-41651 (Pack2TheRoot)

    PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root

    PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5.

    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/

    #nttdata #zen #secdb #infosec
    #pack2theroot #cve2026411651 #packagekit #toctou

    #toctou #packagekit #cve2026411651 #pack2theroot #infosec #secdb
  26. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1110] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-21042 (secdb.nttzen.cloud/cve/detail/)
    - Name: Samsung Mobile Devices Out-of-Bounds Write Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Samsung
    - Product: Mobile Devices
    - Notes: security.samsungmobile.com/sec ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251110 #cisa20251110 #cve_2025_21042 #cve202521042

    #secdb #infosec #cve #cisa_kev #cisa_20251110 #cisa20251110
  27. ZEN SecDB @[email protected] ·

    [CISA-2025:0923] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    CVE-2025-10585 (secdb.nttzen.cloud/cve/detail/)
    - Name: Google Chromium V8 Type Confusion Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Google
    - Product: Chromium V8
    - Notes: chromereleases.googleblog.com/ ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CISA_KEV #cisa_20250923 #cve_2025_10585

    #secdb #infosec #cisa_kev #cisa_20250923 #cve_2025_10585
  28. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1110] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-21042 (secdb.nttzen.cloud/cve/detail/)
    - Name: Samsung Mobile Devices Out-of-Bounds Write Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Samsung
    - Product: Mobile Devices
    - Notes: security.samsungmobile.com/sec ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251110 #cisa20251110 #cve_2025_21042 #cve202521042

    #secdb #infosec #cve #cisa_kev #cisa_20251110 #cisa20251110
  29. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1110] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-21042 (secdb.nttzen.cloud/cve/detail/)
    - Name: Samsung Mobile Devices Out-of-Bounds Write Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Samsung
    - Product: Mobile Devices
    - Notes: security.samsungmobile.com/sec ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251110 #cisa20251110 #cve_2025_21042 #cve202521042

    #cve202521042 #cve_2025_21042 #cisa20251110 #cisa_20251110 #cisa_kev #cve
  30. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1014] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2016-7836 (secdb.nttzen.cloud/cve/detail/)
    - Name: SKYSEA Client View Improper Authentication Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: SKYSEA
    - Product: Client View
    - Notes: skyseaclientview.net/news/1612 ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-24990 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows Untrusted Pointer Dereference Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-47827 (secdb.nttzen.cloud/cve/detail/)
    - Name: IGEL OS Use of a Key Past its Expiration Date Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: IGEL
    - Product: IGEL OS
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-59230 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows Improper Access Control Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-6264 (secdb.nttzen.cloud/cve/detail/)
    - Name: Rapid7 Velociraptor Incorrect Default Permissions Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Rapid7
    - Product: Velociraptor
    - Notes: docs.velociraptor.app/announce ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251014 #cisa20251014 #cve_2016_7836 #cve_2025_24990 #cve_2025_47827 #cve_2025_59230 #cve_2025_6264 #cve20167836 #cve202524990 #cve202547827 #cve202559230 #cve20256264

    #secdb #infosec #cve #cisa_kev #cisa_20251014 #cisa20251014
  31. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1014] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2016-7836 (secdb.nttzen.cloud/cve/detail/)
    - Name: SKYSEA Client View Improper Authentication Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: SKYSEA
    - Product: Client View
    - Notes: skyseaclientview.net/news/1612 ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-24990 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows Untrusted Pointer Dereference Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-47827 (secdb.nttzen.cloud/cve/detail/)
    - Name: IGEL OS Use of a Key Past its Expiration Date Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: IGEL
    - Product: IGEL OS
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-59230 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows Improper Access Control Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-6264 (secdb.nttzen.cloud/cve/detail/)
    - Name: Rapid7 Velociraptor Incorrect Default Permissions Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Rapid7
    - Product: Velociraptor
    - Notes: docs.velociraptor.app/announce ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251014 #cisa20251014 #cve_2016_7836 #cve_2025_24990 #cve_2025_47827 #cve_2025_59230 #cve_2025_6264 #cve20167836 #cve202524990 #cve202547827 #cve202559230 #cve20256264

    #cve20256264 #cve202559230 #cve202547827 #cve202524990 #cve20167836 #cve_2025_6264
  32. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1024] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-54236 (secdb.nttzen.cloud/cve/detail/)
    - Name: Adobe Commerce and Magento Improper Input Validation Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Adobe
    - Product: Commerce and Magento
    - Notes: experienceleague.adobe.com/en/ ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-59287 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251024 #cisa20251024 #cve_2025_54236 #cve_2025_59287 #cve202554236 #cve202559287

    #secdb #infosec #cve #cisa_kev #cisa_20251024 #cisa20251024
  33. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1024] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-54236 (secdb.nttzen.cloud/cve/detail/)
    - Name: Adobe Commerce and Magento Improper Input Validation Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Adobe
    - Product: Commerce and Magento
    - Notes: experienceleague.adobe.com/en/ ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-59287 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251024 #cisa20251024 #cve_2025_54236 #cve_2025_59287 #cve202554236 #cve202559287

    #secdb #infosec #cve #cisa_kev #cisa_20251024 #cisa20251024
  34. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1024] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-54236 (secdb.nttzen.cloud/cve/detail/)
    - Name: Adobe Commerce and Magento Improper Input Validation Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Adobe
    - Product: Commerce and Magento
    - Notes: experienceleague.adobe.com/en/ ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-59287 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251024 #cisa20251024 #cve_2025_54236 #cve_2025_59287 #cve202554236 #cve202559287

    #cve202559287 #cve202554236 #cve_2025_59287 #cve_2025_54236 #cisa20251024 #cisa_20251024
  35. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0420] CISA Adds 8 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2023-27351 (secdb.nttzen.cloud/cve/detail/)
    - Name: PaperCut NG/MF Improper Authentication Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: PaperCut
    - Product: NG/MF
    - Notes: papercut.com/kb/Main/PO-1216-a ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2024-27199 (secdb.nttzen.cloud/cve/detail/)
    - Name: JetBrains TeamCity Relative Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: JetBrains
    - Product: TeamCity
    - Notes: jetbrains.com/privacy-security ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-2749 (secdb.nttzen.cloud/cve/detail/)
    - Name: Kentico Xperience Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Kentico
    - Product: Kentico Xperience
    - Notes: devnet.kentico.com/download/ho ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-32975 (secdb.nttzen.cloud/cve/detail/)
    - Name: Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Quest
    - Product: KACE Systems Management Appliance (SMA)
    - Notes: support.quest.com/kb/4379499/q ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-48700 (secdb.nttzen.cloud/cve/detail/)
    - Name: Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Synacor
    - Product: Zimbra Collaboration Suite (ZCS)
    - Notes: wiki.zimbra.com/wiki/Zimbra_Se ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-20122 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manger
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/ CVE-2026-20122

    ⚠️ CVE-2026-20128 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manager
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-20133 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manager
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260420 #cisa20260420 #cve_2023_27351 #cve_2024_27199 #cve_2025_2749 #cve_2025_32975 #cve_2025_48700 #cve_2026_20122 #cve_2026_20128 #cve_2026_20133 #cve202327351 #cve202427199 #cve20252749 #cve202532975 #cve202548700 #cve202620122 #cve202620128 #cve202620133

    #secdb #infosec #cve #cisa_kev #cisa_20260420 #cisa20260420
  36. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0420] CISA Adds 8 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2023-27351 (secdb.nttzen.cloud/cve/detail/)
    - Name: PaperCut NG/MF Improper Authentication Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: PaperCut
    - Product: NG/MF
    - Notes: papercut.com/kb/Main/PO-1216-a ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2024-27199 (secdb.nttzen.cloud/cve/detail/)
    - Name: JetBrains TeamCity Relative Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: JetBrains
    - Product: TeamCity
    - Notes: jetbrains.com/privacy-security ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-2749 (secdb.nttzen.cloud/cve/detail/)
    - Name: Kentico Xperience Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Kentico
    - Product: Kentico Xperience
    - Notes: devnet.kentico.com/download/ho ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-32975 (secdb.nttzen.cloud/cve/detail/)
    - Name: Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Quest
    - Product: KACE Systems Management Appliance (SMA)
    - Notes: support.quest.com/kb/4379499/q ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-48700 (secdb.nttzen.cloud/cve/detail/)
    - Name: Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Synacor
    - Product: Zimbra Collaboration Suite (ZCS)
    - Notes: wiki.zimbra.com/wiki/Zimbra_Se ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-20122 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manger
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/ CVE-2026-20122

    ⚠️ CVE-2026-20128 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manager
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-20133 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manager
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260420 #cisa20260420 #cve_2023_27351 #cve_2024_27199 #cve_2025_2749 #cve_2025_32975 #cve_2025_48700 #cve_2026_20122 #cve_2026_20128 #cve_2026_20133 #cve202327351 #cve202427199 #cve20252749 #cve202532975 #cve202548700 #cve202620122 #cve202620128 #cve202620133

    #secdb #infosec #cve #cisa_kev #cisa_20260420 #cisa20260420
  37. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0420] CISA Adds 8 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2023-27351 (secdb.nttzen.cloud/cve/detail/)
    - Name: PaperCut NG/MF Improper Authentication Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: PaperCut
    - Product: NG/MF
    - Notes: papercut.com/kb/Main/PO-1216-a ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2024-27199 (secdb.nttzen.cloud/cve/detail/)
    - Name: JetBrains TeamCity Relative Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: JetBrains
    - Product: TeamCity
    - Notes: jetbrains.com/privacy-security ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-2749 (secdb.nttzen.cloud/cve/detail/)
    - Name: Kentico Xperience Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Kentico
    - Product: Kentico Xperience
    - Notes: devnet.kentico.com/download/ho ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-32975 (secdb.nttzen.cloud/cve/detail/)
    - Name: Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Quest
    - Product: KACE Systems Management Appliance (SMA)
    - Notes: support.quest.com/kb/4379499/q ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-48700 (secdb.nttzen.cloud/cve/detail/)
    - Name: Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Synacor
    - Product: Zimbra Collaboration Suite (ZCS)
    - Notes: wiki.zimbra.com/wiki/Zimbra_Se ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-20122 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manger
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/ CVE-2026-20122

    ⚠️ CVE-2026-20128 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manager
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-20133 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manager
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260420 #cisa20260420 #cve_2023_27351 #cve_2024_27199 #cve_2025_2749 #cve_2025_32975 #cve_2025_48700 #cve_2026_20122 #cve_2026_20128 #cve_2026_20133 #cve202327351 #cve202427199 #cve20252749 #cve202532975 #cve202548700 #cve202620122 #cve202620128 #cve202620133

    #cve202620133 #cve202620128 #cve202620122 #cve202548700 #cve202532975 #cve20252749
  38. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0420] CISA Adds 8 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2023-27351 (secdb.nttzen.cloud/cve/detail/)
    - Name: PaperCut NG/MF Improper Authentication Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: PaperCut
    - Product: NG/MF
    - Notes: papercut.com/kb/Main/PO-1216-a ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2024-27199 (secdb.nttzen.cloud/cve/detail/)
    - Name: JetBrains TeamCity Relative Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: JetBrains
    - Product: TeamCity
    - Notes: jetbrains.com/privacy-security ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-2749 (secdb.nttzen.cloud/cve/detail/)
    - Name: Kentico Xperience Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Kentico
    - Product: Kentico Xperience
    - Notes: devnet.kentico.com/download/ho ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-32975 (secdb.nttzen.cloud/cve/detail/)
    - Name: Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Quest
    - Product: KACE Systems Management Appliance (SMA)
    - Notes: support.quest.com/kb/4379499/q ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-48700 (secdb.nttzen.cloud/cve/detail/)
    - Name: Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Synacor
    - Product: Zimbra Collaboration Suite (ZCS)
    - Notes: wiki.zimbra.com/wiki/Zimbra_Se ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-20122 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manger
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/ CVE-2026-20122

    ⚠️ CVE-2026-20128 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manager
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2026-20133 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
    - Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Catalyst SD-WAN Manager
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260420 #cisa20260420 #cve_2023_27351 #cve_2024_27199 #cve_2025_2749 #cve_2025_32975 #cve_2025_48700 #cve_2026_20122 #cve_2026_20128 #cve_2026_20133 #cve202327351 #cve202427199 #cve20252749 #cve202532975 #cve202548700 #cve202620122 #cve202620128 #cve202620133

    #secdb #infosec #cve #cisa_kev #cisa_20260420 #cisa20260420
  39. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0424] CISA Adds 4 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 4 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2024-57726 (secdb.nttzen.cloud/cve/detail/)
    - Name: SimpleHelp Missing Authorization Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: SimpleHelp
    - Product: SimpleHelp
    - Notes: simple-help.com/kb---security- ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2024-57728 (secdb.nttzen.cloud/cve/detail/)
    - Name: SimpleHelp Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: SimpleHelp
    - Product: SimpleHelp
    - Notes: simple-help.com/kb---security- ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2024-7399 (secdb.nttzen.cloud/cve/detail/)
    - Name: Samsung MagicINFO 9 Server Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Samsung
    - Product: MagicINFO 9 Server
    - Notes: security.samsungtv.com/securit ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-29635 (secdb.nttzen.cloud/cve/detail/)
    - Name: D-Link DIR-823X Command Injection Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: D-Link
    - Product: DIR-823X
    - Notes: supportannouncement.us.dlink.c ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260424 #cisa20260424 #cve_2024_57726 #cve_2024_57728 #cve_2024_7399 #cve_2025_29635 #cve202457726 #cve202457728 #cve20247399 #cve202529635

    #secdb #infosec #cve #cisa_kev #cisa_20260424 #cisa20260424
  40. ZEN SecDB @[email protected] ·

    🚨 [CISA-2026:0424] CISA Adds 4 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 4 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2024-57726 (secdb.nttzen.cloud/cve/detail/)
    - Name: SimpleHelp Missing Authorization Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: SimpleHelp
    - Product: SimpleHelp
    - Notes: simple-help.com/kb---security- ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2024-57728 (secdb.nttzen.cloud/cve/detail/)
    - Name: SimpleHelp Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: SimpleHelp
    - Product: SimpleHelp
    - Notes: simple-help.com/kb---security- ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2024-7399 (secdb.nttzen.cloud/cve/detail/)
    - Name: Samsung MagicINFO 9 Server Path Traversal Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Samsung
    - Product: MagicINFO 9 Server
    - Notes: security.samsungtv.com/securit ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-29635 (secdb.nttzen.cloud/cve/detail/)
    - Name: D-Link DIR-823X Command Injection Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: D-Link
    - Product: DIR-823X
    - Notes: supportannouncement.us.dlink.c ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260424 #cisa20260424 #cve_2024_57726 #cve_2024_57728 #cve_2024_7399 #cve_2025_29635 #cve202457726 #cve202457728 #cve20247399 #cve202529635

    #cve202529635 #cve20247399 #cve202457728 #cve202457726 #cve_2025_29635 #cve_2024_7399
  41. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1112] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-12480 (secdb.nttzen.cloud/cve/detail/)
    - Name: Gladinet Triofox Improper Access Control Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Gladinet
    - Product: Triofox
    - Notes: access.triofox.com/releases_hi ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-62215 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows Race Condition Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-9242 (secdb.nttzen.cloud/cve/detail/)
    - Name: WatchGuard Firebox Out-of-Bounds Write Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: WatchGuard
    - Product: Firebox
    - Notes: watchguard.com/wgrd-psirt/advi ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251112 #cisa20251112 #cve_2025_12480 #cve_2025_62215 #cve_2025_9242 #cve202512480 #cve202562215 #cve20259242

    #secdb #infosec #cve #cisa_kev #cisa_20251112 #cisa20251112
  42. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1112] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-12480 (secdb.nttzen.cloud/cve/detail/)
    - Name: Gladinet Triofox Improper Access Control Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Gladinet
    - Product: Triofox
    - Notes: access.triofox.com/releases_hi ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-62215 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows Race Condition Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-9242 (secdb.nttzen.cloud/cve/detail/)
    - Name: WatchGuard Firebox Out-of-Bounds Write Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: WatchGuard
    - Product: Firebox
    - Notes: watchguard.com/wgrd-psirt/advi ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251112 #cisa20251112 #cve_2025_12480 #cve_2025_62215 #cve_2025_9242 #cve202512480 #cve202562215 #cve20259242

    #cve20259242 #cve202562215 #cve202512480 #cve_2025_9242 #cve_2025_62215 #cve_2025_12480
  43. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1020] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2022-48503 (secdb.nttzen.cloud/cve/detail/)
    - Name: Apple Multiple Products Unspecified Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Apple
    - Product: Multiple Products
    - Notes: support.apple.com/en-us/HT2133 ; support.apple.com/en-us/HT2133 ; support.apple.com/en-us/HT2133 ; support.apple.com/en-us/HT2133 ; support.apple.com/en-us/HT2133 ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-2746 (secdb.nttzen.cloud/cve/detail/)
    - Name: Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Kentico
    - Product: Xperience CMS
    - Notes: devnet.kentico.com/download/ho ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-2747 (secdb.nttzen.cloud/cve/detail/)
    - Name: Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Kentico
    - Product: Xperience CMS
    - Notes: devnet.kentico.com/download/ho ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-33073 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows SMB Client Improper Access Control Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-61884 (secdb.nttzen.cloud/cve/detail/)
    - Name: Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Oracle
    - Product: E-Business Suite
    - Notes: oracle.com/security-alerts/ale ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251020 #cisa20251020 #cve_2022_48503 #cve_2025_2746 #cve_2025_2747 #cve_2025_33073 #cve_2025_61884 #cve202248503 #cve20252746 #cve20252747 #cve202533073 #cve202561884

    #secdb #infosec #cve #cisa_kev #cisa_20251020 #cisa20251020
  44. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1020] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2022-48503 (secdb.nttzen.cloud/cve/detail/)
    - Name: Apple Multiple Products Unspecified Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Apple
    - Product: Multiple Products
    - Notes: support.apple.com/en-us/HT2133 ; support.apple.com/en-us/HT2133 ; support.apple.com/en-us/HT2133 ; support.apple.com/en-us/HT2133 ; support.apple.com/en-us/HT2133 ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-2746 (secdb.nttzen.cloud/cve/detail/)
    - Name: Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Kentico
    - Product: Xperience CMS
    - Notes: devnet.kentico.com/download/ho ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-2747 (secdb.nttzen.cloud/cve/detail/)
    - Name: Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Kentico
    - Product: Xperience CMS
    - Notes: devnet.kentico.com/download/ho ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-33073 (secdb.nttzen.cloud/cve/detail/)
    - Name: Microsoft Windows SMB Client Improper Access Control Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Microsoft
    - Product: Windows
    - Notes: msrc.microsoft.com/update-guid ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-61884 (secdb.nttzen.cloud/cve/detail/)
    - Name: Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Oracle
    - Product: E-Business Suite
    - Notes: oracle.com/security-alerts/ale ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251020 #cisa20251020 #cve_2022_48503 #cve_2025_2746 #cve_2025_2747 #cve_2025_33073 #cve_2025_61884 #cve202248503 #cve20252746 #cve20252747 #cve202533073 #cve202561884

    #cve202561884 #cve202533073 #cve20252747 #cve20252746 #cve202248503 #cve_2025_61884
  45. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:0929] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2021-21311 (secdb.nttzen.cloud/cve/detail/)
    - Name: Adminer Server-Side Request Forgery Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Adminer
    - Product: Adminer
    - Notes: github.com/vrana/adminer/secur ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-10035 (secdb.nttzen.cloud/cve/detail/)
    - Name: Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Fortra
    - Product: GoAnywhere MFT
    - Notes: fortra.com/security/advisories ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-20352 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco IOS and IOS XE Stack-based Buffer Overflow Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: IOS and IOS XE
    - Notes: sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-32463 (secdb.nttzen.cloud/cve/detail/)
    - Name: Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Sudo
    - Product: Sudo
    - Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: sudo.ws/security/advisories/ch ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-59689 (secdb.nttzen.cloud/cve/detail/)
    - Name: Libraesva Email Security Gateway Command Injection Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Libraesva
    - Product: Email Security Gateway
    - Notes: docs.libraesva.com/knowledgeba ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20250929 #cisa20250929 #cve_2021_21311 #cve_2025_10035 #cve_2025_20352 #cve_2025_32463 #cve_2025_59689 #cve202121311 #cve202510035 #cve202520352 #cve202532463 #cve202559689

    #secdb #infosec #cve #cisa_kev #cisa_20250929 #cisa20250929
  46. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:0929] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2021-21311 (secdb.nttzen.cloud/cve/detail/)
    - Name: Adminer Server-Side Request Forgery Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Adminer
    - Product: Adminer
    - Notes: github.com/vrana/adminer/secur ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-10035 (secdb.nttzen.cloud/cve/detail/)
    - Name: Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Fortra
    - Product: GoAnywhere MFT
    - Notes: fortra.com/security/advisories ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-20352 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco IOS and IOS XE Stack-based Buffer Overflow Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: IOS and IOS XE
    - Notes: sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-32463 (secdb.nttzen.cloud/cve/detail/)
    - Name: Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Sudo
    - Product: Sudo
    - Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: sudo.ws/security/advisories/ch ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-59689 (secdb.nttzen.cloud/cve/detail/)
    - Name: Libraesva Email Security Gateway Command Injection Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Libraesva
    - Product: Email Security Gateway
    - Notes: docs.libraesva.com/knowledgeba ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20250929 #cisa20250929 #cve_2021_21311 #cve_2025_10035 #cve_2025_20352 #cve_2025_32463 #cve_2025_59689 #cve202121311 #cve202510035 #cve202520352 #cve202532463 #cve202559689

    #cve202559689 #cve202532463 #cve202520352 #cve202510035 #cve202121311 #cve_2025_59689
  47. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:0925] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-20333 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability
    - Action: The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendor’s instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; cisa.gov/eviction-strategies-t ; sec.cloudapps.cisco.com/securi ; sec.cloudapps.cisco.com/securi ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-20362 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability
    - Action: The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendor’s instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; cisa.gov/eviction-strategies-t ; sec.cloudapps.cisco.com/securi ; sec.cloudapps.cisco.com/securi ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20250925 #cisa20250925 #cve_2025_20333 #cve_2025_20362 #cve202520333 #cve202520362

    #secdb #infosec #cve #cisa_kev #cisa_20250925 #cisa20250925
  48. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:0925] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-20333 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability
    - Action: The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendor’s instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; cisa.gov/eviction-strategies-t ; sec.cloudapps.cisco.com/securi ; sec.cloudapps.cisco.com/securi ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    ⚠️ CVE-2025-20362 (secdb.nttzen.cloud/cve/detail/)
    - Name: Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability
    - Action: The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendor’s instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Cisco
    - Product: Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
    - Notes: CISA Mitigation Instructions: cisa.gov/news-events/directive ; cisa.gov/news-events/directive ; cisa.gov/eviction-strategies-t ; sec.cloudapps.cisco.com/securi ; sec.cloudapps.cisco.com/securi ; sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20250925 #cisa20250925 #cve_2025_20333 #cve_2025_20362 #cve202520333 #cve202520362

    #cve202520362 #cve202520333 #cve_2025_20362 #cve_2025_20333 #cisa20250925 #cisa_20250925
  49. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1119] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-13223 (secdb.nttzen.cloud/cve/detail/)
    - Name: Google Chromium V8 Type Confusion Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Google
    - Product: Chromium V8
    - Notes: chromereleases.googleblog.com/ ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251119 #cisa20251119 #cve_2025_13223 #cve202513223

    #secdb #infosec #cve #cisa_kev #cisa_20251119 #cisa20251119
  50. ZEN SecDB @[email protected] ·

    🚨 [CISA-2025:1119] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

    ⚠️ CVE-2025-13223 (secdb.nttzen.cloud/cve/detail/)
    - Name: Google Chromium V8 Type Confusion Vulnerability
    - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
    - Known To Be Used in Ransomware Campaigns? Unknown
    - Vendor: Google
    - Product: Chromium V8
    - Notes: chromereleases.googleblog.com/ ; nvd.nist.gov/vuln/detail/CVE-2

    #SecDB #InfoSec #CVE #CISA_KEV #cisa_20251119 #cisa20251119 #cve_2025_13223 #cve202513223

    #cve202513223 #cve_2025_13223 #cisa20251119 #cisa_20251119 #cisa_kev #cve