CVE-2026-21513

Overview

Microsoft
Windows 10 Version 1607

10 Feb 2026

Published

27 Feb 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

4.12%

MITRE

KEV

Description

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

Statistics

6 Posts
1 Interaction

Last activity: 2 hours ago

Fediverse

The Financial Standard @thefinancialstandard

Urgent APT28 Cyber Attack Tied to MSHTML 0-Day

APT28 linked to CVE-2026-21513 MSHTML 0-day exploit. Urgent action is needed to mitigate cyber attack risks and protect sensitive data.

#finance #cybersecurity #fintech #news

1
0
0
9h ago

Jim Guckin @JimGuckin

APT28 (Fancy Bear) is exploiting a Windows zero-day (CVE-2026-21513) using malicious LNK files.

Zero-day + phishing = still one of the most reliable attack paths.

All it takes is one wrong click to ruin your day!

https://thehackernews.com/2026/03/apt28-tied-to-cve-2026-21513-mshtml-0.html

#CyberSecurity #ZeroDay #ThreatIntel

0
0
0
2h ago

Bluesky

Information Security Briefly @infosecbriefly.bsky.social

Microsoft patched CVE-2026-21513, a high-severity MSHTML Framework vulnerability exploited as a zero-day by Russia-linked APT28, allowing attackers to bypass security features and achieve code execution through malicious files.

0
0
0
9h ago

Rene Robichaud @neroqc.bsky.social

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday thehackernews.com/2026/03/apt2...

0
0
1
5h ago

Jim Guckin @jimguckin.bsky.social

APT28 (Fancy Bear) is exploiting a Windows zero-day (CVE-2026-21513) using malicious LNK files. Zero-day + phishing = still one of the most reliable attack paths. All it takes is one wrong click to ruin your day! thehackernews.com/2026/03/apt2... #CyberSecurity #ZeroDay #ThreatIntel

0
0
0
2h ago

CVE-2026-0628

Overview

Google
Chrome

06 Jan 2026

Published

26 Feb 2026

Updated

CVSS

Pending

EPSS

0.02%

MITRE

KEV

Description

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

Statistics

3 Posts

Last activity: Last hour

Bluesky

piggo @pigondrugs.bsky.social

~Paloalto~ A high-severity vulnerability (CVE-2026-0628) in Chrome's Gemini feature allowed malicious extensions to hijack the side panel, enabling privilege escalation. - IOCs: CVE-2026-0628 - #CVE20260628 #Chrome #ThreatIntel

0
0
0
8h ago

Information Security Briefly @infosecbriefly.bsky.social

A patched Chrome vulnerability (CVE-2026-0628) allowed malicious extensions to escalate privileges and access local files, camera, microphone, and screenshots through insufficient WebView policy enforcement.

0
0
0
3h ago

Bitnewsbot @bitnewsbot.bsky.social

Google Chrome patched a critical privilege escalation flaw (CVE-2026-0628) in its browser in January 2026. The vulnerability allowed specially crafted […]

0
0
0
Last hour

CVE-2026-3000

Overview

Changing
IDExpert Windows Logon Agent

02 Mar 2026

Published

02 Mar 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

0.10%

MITRE

KEV

Description

IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to force the system to download arbitrary DLL files from a remote source and execute them.

Statistics

2 Posts
2 Interactions

Last activity: 11 hours ago

Fediverse

Offensive Sequence @offseq

🚨 CVE-2026-3000 (CRITICAL): IDExpert Windows Logon Agent v2.7.3.230719 allows unauthenticated remote code execution via malicious DLL download. Disable agent, monitor for unusual activity, restrict outbound traffic. https://radar.offseq.com/threat/cve-2026-3000-cwe-494-download-of-code-without-int-6f96a540 #OffSeq #Cybersecurity #RCE #CVE

1
0
0
11h ago

Bluesky

SecQube | Harvey | AI Platform for MS Graph @secqube.com

🚨🔒 Attention all users! 📢 A new vulnerability has been identified: CVE-2026-3000 - Changing IDExpert Windows Logon Agent. This critical flaw allows for remote code execution, posing serious security risks to your systems. scq.ms/4sn9kic

1
0
0
12h ago

CVE-2026-0714

Overview

Moxa
UC-1200A Series

05 Feb 2026

Published

05 Feb 2026

Updated

CVSS v4.0

HIGH (7.0)

EPSS

0.01%

MITRE

KEV

Description

A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible.

Statistics

2 Posts
2 Interactions

Last activity: 9 hours ago

Fediverse

benzogaga33 :verified: @benzogaga33

TPM-Sniffing LUKS Keys on an Embedded Linux Device [CVE-2026-0714] https://www.cyloq.se/en/research/cve-2026-0714-tpm-sniffing-luks-keys-on-an-embedded-device

0
0
0
14h ago

DragonJAR @dragonjar

En las últimas 24 horas se identificaron graves vulnerabilidades en dispositivos Linux con TPM que permiten extraer claves cifradas, fallas en OpenClaw que comprometían agentes de IA y explotaciones masivas en Sangoma FreePBX mediante inyección de comandos; la actualización y parches son esenciales para proteger tus sistemas. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática:

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 02/03/26 📆 |====

🔐 VULNERABILIDAD CRÍTICA EN DISPOSITIVOS LINUX CON TPM Y CIFRADO LUKS

Investigadores han revelado una falla de seguridad (CVE-2026-0714) que permite a atacantes con acceso físico extraer claves de cifrado almacenadas en chips TPM 2.0 mediante la interceptación de datos en la interfaz SPI. Este método pone en riesgo la protección de sistemas industriales, IoT y dispositivos embebidos que utilizan cifrado LUKS, subrayando la necesidad de reforzar la seguridad física y lógica de estos entornos. Protege tus sistemas y conoce los detalles técnicos esenciales para mitigar esta amenaza. Descubre más sobre esta vulnerabilidad en https://djar.co/8u4GOt

🛡️ PARCHE DISPONIBLE PARA LA VULNERABILIDAD "CLAWJACKED" EN OPENCLAW

La reciente vulnerabilidad "ClawJacked" permitía a sitios web maliciosos tomar control de agentes de inteligencia artificial de OpenClaw para robar información sensible de los usuarios. Esta falla ha sido corregida con el lanzamiento del parche 2026.2.26, que fortalece la protección contra estas formas avanzadas de secuestro de datos. Actualizar a la última versión es vital para mantener la integridad y privacidad de tus datos en entornos AI. Protege tu información y conoce cómo aplicar el parche aquí https://djar.co/G7w8x5

🚨 EXPLOTACIÓN MASIVA DE LA VULNERABILIDAD CVE-2025-64328 EN SANGOMA FREEPBX

Más de 900 instancias de Sangoma FreePBX han sido comprometidas debido a una vulnerabilidad de inyección de comandos que permitió a los atacantes instalar shells web maliciosos. Esta brecha grave expone sistemas de comunicación empresarial a accesos no autorizados y posible robo de información. La actualización inmediata y la implementación de medidas de monitoreo son imprescindibles para evitar intrusiones. Infórmate sobre la amenaza y cómo proteger tu sistema en https://djar.co/NJJH

1
1
0
9h ago

CVE-2025-14500

Overview

IceWarp
IceWarp

23 Dec 2025

Published

30 Dec 2025

Updated

CVSS v3.0

CRITICAL (9.8)

EPSS

1.29%

MITRE

KEV

Description

IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the X-File-Operation header. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-27394.

Statistics

1 Post
4 Interactions

Last activity: 1 hour ago

Bluesky

The Shadowserver Foundation @shadowserver.bsky.social

We are scanning & reporting IceWarp CVE-2025-14500 (CVSS 9.8, pre-auth command injection RCE) instances. 1278 IPs seen 2026-03-01 (version based). Patch: support.icewarp.com/hc/en-us/com... IP data: www.shadowserver.org/what-we-do/n... World Map view: dashboard.shadowserver.org/statistics/c...

1
3
0
1h ago

CVE-2023-4911

Overview

glibc
glibc

03 Oct 2023

Published

13 Feb 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

57.16%

MITRE

KEV

Description

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

Statistics

1 Post
2 Interactions

Last activity: 13 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2026-002
Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation

A vulnerability has been identified in WAGO devices utilized in Endress+Hauser IoT solutions. WAGO has provided fixes for these vulnerabilities, which have been integrated into the solutions by Endress+Hauser.
#CVE CVE-2023-4911

https://certvde.com/en/advisories/vde-2026-002/
#oCSAF
#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-002.json

1
1
0
13h ago

CVE-2026-3399

Overview

Tenda
F453

01 Mar 2026

Published

02 Mar 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.05%

MITRE

KEV

Description

A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. The manipulation of the argument dips leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.

Statistics

1 Post
1 Interaction

Last activity: 19 hours ago

Fediverse

Offensive Sequence @offseq

🚨 HIGH severity: CVE-2026-3399 impacts Tenda F453 (v1.0.0.3) via buffer overflow in httpd's fromGstDhcpSetSer. Remotely exploitable, public exploit available. Patch or mitigate now to prevent device takeover! https://radar.offseq.com/threat/cve-2026-3399-buffer-overflow-in-tenda-f453-2372f90c #OffSeq #Vuln #Infosec #Router

1
0
0
19h ago

CVE-2026-27190

Overview

denoland
deno

20 Feb 2026

Published

24 Feb 2026

Updated

CVSS v3.1

HIGH (8.1)

EPSS

0.23%

MITRE

KEV

Description

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.6.8, a command injection vulnerability exists in Deno's node:child_process implementation. This vulnerability is fixed in 2.6.8.

Statistics

1 Post
1 Interaction

Last activity: 5 hours ago

Bluesky

CyberHub @cyberhub.blog

📌 CVE-2026-27190 - Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.6.8, a command injection vulnerability exists in Deno's node:child_process imple... https://www.cyberhub.blog/cves/CVE-2026-27190

0
1
0
5h ago

CVE-2026-25989

Overview

ImageMagick
ImageMagick

24 Feb 2026

Published

28 Feb 2026

Updated

CVSS v3.1

HIGH (7.5)

EPSS

0.06%

MITRE

KEV

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one boundary check (`>` instead of `>=`) that allows bypass the guard and reach an undefined `(size_t)` cast. Versions 7.1.2-15 and 6.9.13-40 contain a patch.

Statistics

1 Post
1 Interaction

Last activity: 15 hours ago

Bluesky

CyberHub @cyberhub.blog

📌 CVE-2026-25989 - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG... https://www.cyberhub.blog/cves/CVE-2026-25989

0
1
0
15h ago

CVE-2026-21859

Overview

axllent
mailpit

07 Jan 2026

Published

08 Jan 2026

Updated

CVSS v3.1

MEDIUM (5.8)

EPSS

1.13%

MITRE

KEV

Description

Mailpit is an email testing tool and API for developers. Versions 1.28.0 and below have a Server-Side Request Forgery (SSRF) vulnerability in the /proxy endpoint, allowing attackers to make requests to internal network resources. The /proxy endpoint validates http:// and https:// schemes, but it does not block internal IP addresses, enabling attackers to access internal services and APIs. This vulnerability is limited to HTTP GET requests with minimal headers. The issue is fixed in version 1.28.1.

Statistics

2 Posts
1 Interaction

Last activity: 8 hours ago

Bluesky

CrowdSec @crowdsec.bsky.social

🚨 This week’s CrowdSec Threat Alert: CVE-2026-21859, a critical SSRF vulnerability in Mailpit, is being actively exploited to map internal networks and access sensitive infrastructure. See more in our latest article 👉 www.crowdsec.net/vulntracking...

0
1
1
8h ago