Activity

Vulnerability name

Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability

Product

Dell RecoverPoint for Virtual Machines (RP4VMs)

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.

Vulnerability name

GitLab Server-Side Request Forgery (SSRF) Vulnerability

Product

GitLab GitLab

When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled

Vulnerability name

Google Chromium CSS Use-After-Free Vulnerability

Product

Google Chromium

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Vulnerability name

TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability

Product

TeamT5 ThreatSonar Anti-Ransomware

CVE-2024-7694 describes a file upload vulnerability found in TeamT5's ThreatSonar Anti-Ransomware. The core of this vulnerability lies in the product's insufficient validation of uploaded file content. This flaw enables remote attackers who possess administrator privileges on the product platform to upload malicious files. Once a malicious file is uploaded, it can be leveraged to execute arbitrary system commands on the affected server. This vulnerability has been added to the CISA Known Exploited Vulnerabilities (KEV) Catalog, indicating that it has been actively exploited in real-world scenarios.

Vulnerability name

Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability

Product

Synacor Zimbra Collaboration Suite

CVE-2020-7796 is a Server-Side Request Forgery (SSRF) vulnerability identified in Zimbra Collaboration Suite (ZCS) versions prior to 8.8.15 Patch 7. This flaw specifically arises when the WebEx zimlet is installed and the zimlet JSP is enabled within the ZCS environment. Exploitation of this vulnerability allows an attacker to send unauthorized requests to a server. This can potentially enable access to sensitive information or resources that would typically be protected by firewalls or other security measures.

Vulnerability name

Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability

Product

Microsoft Windows

Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."

Vulnerability name

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability

Product

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)

CVE-2026-1731 is identified as a pre-authentication remote code execution vulnerability impacting BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) products. This flaw, categorized as an operating system command injection, allows an unauthenticated remote attacker to execute operating system commands in the context of the site user. The vulnerability can be exploited by sending specially crafted requests, and successful exploitation does not require any user interaction or prior authentication. BeyondTrust has released updates to address this issue, with patches available for Remote Support versions 25.3.2 and later, and Privileged Remote Access versions 25.1.1 and later.

Vulnerability name

SolarWinds Web Help Desk Security Control Bypass Vulnerability

Product

SolarWinds Web Help Desk

CVE-2025-40536 is a security control bypass vulnerability affecting SolarWinds Web Help Desk (WHD) software. This flaw enables an unauthenticated attacker to circumvent security measures and access functionalities that are typically restricted to authenticated users. Specifically, the vulnerability allows for the bypass of Cross-Site Request Forgery (CSRF) protections by injecting a particular URI parameter, which then grants access to restricted WebObjects components. This bypass can be a component in a chain of vulnerabilities, potentially leading to more significant compromises, such as unauthenticated remote code execution, when combined with other identified flaws in the software.

Vulnerability name

Apple Multiple Buffer Overflow Vulnerability

Product

Apple Multiple Products

CVE-2026-20700 is a memory corruption vulnerability found within Apple's `dyld` component, which is the Dynamic Link Editor responsible for loading dynamic libraries into memory and bridging application code with system frameworks. This flaw could enable an attacker with memory write capabilities to execute arbitrary code on affected devices. Apple addressed this issue through improved state management in updates for watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3, and iPadOS 26.3. Reports indicate that this vulnerability may have been exploited in "extremely sophisticated attacks" targeting specific individuals on versions of iOS preceding iOS 26. Google's Threat Analysis Group is credited with discovering and reporting the vulnerability.

Vulnerability name

Notepad++ Download of Code Without Integrity Check Vulnerability

Product

Notepad++ Notepad++

CVE-2025-15556 describes an update integrity verification vulnerability present in Notepad++ versions prior to 8.8.9. This flaw specifically affects the WinGUp updater component, which fails to cryptographically verify downloaded update metadata and installers. An attacker capable of intercepting or redirecting update traffic can exploit this vulnerability. By doing so, they can cause the WinGUp updater to download and execute a malicious, attacker-controlled installer. This ultimately results in arbitrary code execution with the privileges of the user.

Vulnerability name

Microsoft Configuration Manager SQL Injection Vulnerability

Product

Microsoft Configuration Manager

CVE-2024-43468 is a SQL injection vulnerability affecting Microsoft Configuration Manager (SCCM). It allows an unauthenticated attacker with network access to a Management Point to execute arbitrary SQL queries on the site database. The vulnerability stems from the lack of proper sanitization of externally influenced input when constructing SQL commands. Successful exploitation grants the attacker unauthorized access to the SQL server database with the same privileges as the SCCM process, potentially leading to remote code execution, malware deployment, credential theft, and lateral movement within the network.