Overview
Description
loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie.
Statistics
- 9 Posts
- 6 Interactions
Last activity: 1 hour ago
Fediverse
New KEV addition by CISA:
CVE-2025-47813 (Wing FTP Server)
• Information disclosure flaw
• Actively exploited
• High remediation priority
KEV = real-world threat signal.
Follow @technadu for updates.
Bluesky
CISA warns that a year-old Wing FTP vulnerability (CVE-2025-47813) is being exploited in the wild, disclosing server installation paths that attackers can use to exploit critical remote code execution flaws.
CISA added CVE-2025-47813 to the Known Exploited Vulnerabilities catalog after active exploitation in Wing FTP. This info leak exposes server paths via an overlong UID cookie. Patch available in Wing FTP 7.4.4. #InfoLeak #WingFTP #USA
🚨 La CISA signale une faille modérée dans Wing FTP (CVE-2025-47813) qui expose le chemin d’installation des serveurs, avec preuve d'exploitation active. Protégez-vous ! #CyberSecurity #Automatisation
~Cisa~
CISA added CVE-2025-47813, an actively exploited Wing FTP Server info disclosure flaw, to its KEV catalog.
-
IOCs: CVE-2025-47813
-
#CISA #CVE202547813 #ThreatIntel
CISAが既知の悪用された脆弱性を1件カタログに追加
CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Mar 16)
CVE-2025-47813 Wing FTPサーバーの情報漏洩の脆弱性
www.cisa.gov/news-events/...
CISA added CVE-2025-47813, a medium-severity information disclosure vulnerability in Wing FTP Server, to its Known Exploited Vulnerabilities catalog due to active exploitation evidence.
Overview
- Ubuntu
- openssh
- openssh
12 Mar 2026
Published
14 Mar 2026
Updated
CVSS v4.0
LOW (2.7)
EPSS
0.06%
KEV
Description
Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does not terminate the process, allows an attacker to send an unexpected GSSAPI message type during the GSSAPI key exchange to the server, which will call the underlying function and continue the execution of the program without setting the related connection variables. As the variables are not initialized to NULL the code later accesses those uninitialized variables, accessing random memory, which could lead to undefined behavior. The recommended workaround is to use ssh_packet_disconnect() instead, which does terminate the process. The impact of the vulnerability depends heavily on the compiler flag hardening configuration.
Statistics
- 2 Posts
Last activity: 16 hours ago
Bluesky
Overview
- jellyfin
- code-quality.yml
11 Mar 2026
Published
11 Mar 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.10%
KEV
Description
Jellyfin is an open-source media system. The code-quality.yml GitHub Actions workflow in jellyfin/jellyfin-ios is vulnerable to arbitrary code execution via pull requests from forked repositories. Due to the workflow's elevated permissions (nearly all write permissions), this vulnerability enables full repository takeover of jellyfin/jellyfin-ios, exfiltration of highly privileged secrets, Apple App Store supply chain attack, GitHub Container Registry (ghcr.io) package poisoning, and full jellyfin organization compromise via cross-repository token usage. Note: This is not a code vulnerability, but a vulnerability in the GitHub Actions workflows. No new version is required for this GHSA and end users do not need to take any actions.
Statistics
- 1 Post
- 6 Interactions
Last activity: 23 hours ago
Overview
Description
Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Statistics
- 1 Post
- 3 Interactions
Last activity: 23 hours ago
Overview
- pluginsGLPI
- fields
16 Mar 2026
Published
16 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.06%
KEV
Description
Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to version 1.23.3, it is possible to execute arbitrary PHP code from users that are allowed to create dropdowns. This issue has been patched in version 1.23.3.
Statistics
- 1 Post
- 2 Interactions
Last activity: 13 hours ago
Fediverse
🚨 CVE-2026-23489 (CRITICAL, CVSS 9.1): GLPI 'fields' plugin (<1.23.3) allows privileged users to execute arbitrary PHP code (RCE risk). Patch to 1.23.3+, review permissions, and monitor activity. https://radar.offseq.com/threat/cve-2026-23489-cwe-20-improper-input-validation-in-9483a14f #OffSeq #GLPI #CVE202623489 #infosec
Overview
Description
This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.
Statistics
- 3 Posts
- 2 Interactions
Last activity: 5 hours ago
Overview
Description
A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue is the function check_is_ipv6 of the component IPv6 Handler. The manipulation leads to reliance on ip address for authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
Statistics
- 1 Post
- 2 Interactions
Last activity: 12 hours ago
Fediverse
🚩 CRITICAL: CVE-2026-4252 impacts Tenda AC8 (16.03.50.11). IP-based auth in IPv6 Handler lets remote attackers bypass login. Exploit is public. Disable remote mgmt, restrict access, monitor traffic. Details: https://radar.offseq.com/threat/cve-2026-4252-reliance-on-ip-address-for-authentic-a9de4650 #OffSeq #CVE #RouterSecurity #Infosec
Overview
- MediaTek, Inc.
- MT2737, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6813, MT6833, MT6853, MT6855, MT6877, MT6878, MT6879, MT6880, MT6885, MT6886, MT6890, MT6893, MT6895, MT6897, MT6983, MT6985, MT6989, MT6990, MT6993, MT8169, MT8186, MT8188, MT8370, MT8390, MT8676, MT8678, MT8696, MT8793
02 Mar 2026
Published
02 Mar 2026
Updated
CVSS
Pending
EPSS
0.01%
KEV
Description
In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS10607099; Issue ID: MSV-6118.
Statistics
- 1 Post
- 2 Interactions
Last activity: 19 hours ago
Overview
Description
In the Linux kernel, the following vulnerability has been resolved:
net/packet: fix a race in packet_set_ring() and packet_notifier()
When packet_set_ring() releases po->bind_lock, another thread can
run packet_notifier() and process an NETDEV_UP event.
This race and the fix are both similar to that of commit 15fe076edea7
("net/packet: fix a race in packet_bind() and packet_notifier()").
There too the packet_notifier NETDEV_UP event managed to run while a
po->bind_lock critical section had to be temporarily released. And
the fix was similarly to temporarily set po->num to zero to keep
the socket unhooked until the lock is retaken.
The po->bind_lock in packet_set_ring and packet_notifier precede the
introduction of git history.
Statistics
- 1 Post
- 2 Interactions
Last activity: 16 hours ago
Overview
Description
All versions of the package sjcl are vulnerable to Improper Verification of Cryptographic Signature due to missing point-on-curve validation in sjcl.ecc.basicKey.publicKey(). An attacker can recover a victim's ECDH private key by sending crafted off-curve public keys and observing ECDH outputs. The dhJavaEc() function directly returns the raw x-coordinate of the scalar multiplication result (no hashing), providing a plaintext oracle without requiring any decryption feedback.
Statistics
- 1 Post
- 2 Interactions
Last activity: 10 hours ago
Fediverse
🚨 CVE-2026-4258 (HIGH): All sjcl versions affected by lack of public key validation could let remote attackers recover ECDH private keys. No patch yet — audit sjcl use, validate keys, avoid dhJavaEc()! https://radar.offseq.com/threat/cve-2026-4258-improper-verification-of-cryptograph-603f7543 #OffSeq #Vuln #sjcl #Cryptography #Infosec