CVE-2026-21513

Overview

Microsoft
Windows 10 Version 1607

10 Feb 2026

Published

27 Feb 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

4.76%

MITRE

KEV

Description

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

Statistics

7 Posts

Last activity: 2 hours ago

Bluesky

キタきつね @kitafox.bsky.social

ロシア関連のAPT28がパッチ適用前にMSHTMLのゼロデイ脆弱性CVE-2026-21513を悪用 Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch #SecurityAffairs (Mar 2) securityaffairs.com/188782/secur...

0
0
0
20h ago

Packet Storm News @packetstorm.bsky.social

Inside the Fix: Analysis of In-the-Wild Exploit of CVE-2026-21513 https://packetstorm.news/news/view/40608 #news

0
0
0
20h ago

piyokango @piyokango.bsky.social

ロシア関連のAPT28がパッチ適用前にMSHTMLのゼロデイ脆弱性CVE-2026-21513を悪用 #CybersecurityNews securityaffairs.com/188782/secur...

0
0
0
19h ago

CyberHub @cyberhub.blog

📌 APT28 Linked to High-Severity MSHTML Security Flaw CVE-2026-21513 https://www.cyberhub.blog/article/20646-apt28-linked-to-high-severity-mshtml-security-flaw-cve-2026-21513

0
0
0
11h ago

Sami Laiho @samilaiho.com

Inside the Fix: Analysis of In-the-Wild Exploit of CVE-2026-21513 www.akamai.com/blog/securit...

0
0
0
8h ago

Commonwealth Sentinel Cyber Security @cwealthsentinel.bsky.social

Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch securityaffairs.com/188782/secur...

0
0
0
2h ago

OpsMatters @opsmatters.com

The latest update for #Foresiet includes "CVE-2026-21513: APT28 Exploits MSHTML Zero-Day in Targeted Attacks" and "CVE-2026-20127: In-Depth Analysis of the Cisco Catalyst #SDWAN Authentication Bypass Vulnerability". #cybersecurity #infosec https://opsmtrs.com/3J3CMGz

0
0
0
16h ago

CVE-2026-21385

Overview

Qualcomm, Inc.
Snapdragon

02 Mar 2026

Published

03 Mar 2026

Updated

CVSS v3.1

HIGH (7.8)

EPSS

0.02%

MITRE

KEV

Description

Memory corruption while using alignments for memory allocation.

Statistics

8 Posts
4 Interactions

Last activity: Last hour

Fediverse

DragonJAR @dragonjar

En las últimas 24 horas, se ha descubierto una crítica vulnerabilidad en Google Chrome que permite espionaje a través de extensiones maliciosas, mientras que Android corrige una falla explotada en chipsets Qualcomm que podría comprometer dispositivos móviles; además, el Reino Unido alerta sobre ciberataques iraníes motivados por tensiones geopolíticas, destacando la urgencia de fortalecer la ciberseguridad. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática:

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 03/03/26 📆 |====

🔐 VULNERABILIDAD EN CHROME QUE PERMITE ESPIAR A TRAVÉS DE GEMINI LIVE

Se ha detectado una grave vulnerabilidad en Google Chrome que posibilita a extensiones maliciosas secuestrar la función Gemini Live, diseñada para asistencia en el navegador, con el fin de espiar a los usuarios y acceder a archivos sensibles almacenados en sus dispositivos. Esta brecha pone en riesgo la privacidad y seguridad de millones de usuarios, por lo que se recomienda extremar precauciones al instalar extensiones y mantener el navegador actualizado con los últimos parches de seguridad. Protege tu información y mantente alerta. Descubre más detalles sobre esta amenaza y cómo protegerte aquí 👉 https://djar.co/PlaRM

📱 GOOGLE CONFIRMA FALLA CRÍTICA EN COMPONENTE DE QUALCOMM EXPLOTADA EN ANDROID

La actualización de seguridad de marzo de 2026 para Android aborda 129 vulnerabilidades, entre ellas una falla crítica y ya explotada en dispositivos con chipsets Qualcomm, identificada como CVE-2026-21385. Esta vulnerabilidad permite ejecución remota de código, poniendo en riesgo la integridad de los dispositivos móviles. Se recomienda a todos los usuarios actualizar sus dispositivos de inmediato para protegerse contra posibles ataques que podrían comprometer datos personales y corporativos. Infórmate sobre esta actualización fundamental y cómo aplicarla en tu equipo aquí 👉 https://djar.co/h1BDO

⚠️ ALERTA EN EL REINO UNIDO POR AMENAZAS DE CIBERATAQUES IRANÍES EN CONTEXTO DE CONFLICTO EN ORIENTE MEDIO

El Centro Nacional de Seguridad Cibernética del Reino Unido ha emitido una advertencia urgente ante el aumento de riesgo de ciberataques dirigidos por grupos vinculados a Irán, motivados por las tensiones en Oriente Medio. Las organizaciones británicas deben fortalecer sus defensas y estar preparadas para enfrentar posibles intentos de intrusión, campañas de desinformación y sabotajes digitales. Esta situación subraya la importancia de mantener una postura de ciberseguridad proactiva en entornos geopolíticos inestables. Conoce las recomendaciones oficiales para proteger tu infraestructura crítica aquí 👉 https://djar.co/jmrIn

1
2
0
9h ago

Jeff Hall - PCIGuru :verified: @jbhall56

The exploited flaw, tracked as CVE-2026-21385 (CVSS score of 7.8) and impacting the graphics component of over 200 Qualcomm chipsets, is described as an integer overflow or wraparound issue leading to memory corruption while using alignments for memory allocation. https://www.securityweek.com/android-update-patches-exploited-qualcomm-zero-day/

0
0
1
7h ago

Bluesky

softfantw.bsky.social @softfantw.bsky.social

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited thehackernews.com/2026/03/goog...

1
0
1
13h ago

Information Security Briefly @infosecbriefly.bsky.social

Google disclosed a high-severity Qualcomm Graphics component vulnerability (CVE-2026-21385) being exploited in Android devices, with March 2026 patches addressing 129 total vulnerabilities including critical remote code execution and privilege escalation flaws.

0
0
0
12h ago

Ninja Owl @ninjaowl.ai

Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
0
0
3h ago

piggo @pigondrugs.bsky.social

~Cisa~ CISA added actively exploited Qualcomm and VMware Aria vulnerabilities to its KEV catalog. - IOCs: CVE-2026-21385, CVE-2026-22719 - #CISA #KEV #ThreatIntel

0
0
0
Last hour

CVE-2026-0628

Overview

Google
Chrome

06 Jan 2026

Published

26 Feb 2026

Updated

CVSS

Pending

EPSS

0.04%

MITRE

KEV

Description

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

Statistics

5 Posts
3 Interactions

Last activity: 2 hours ago

Fediverse

Jeff Hall - PCIGuru :verified: @jbhall56

The flaw, tracked as CVE-2026-0628, was uncovered by researchers at Palo Alto Networks' Unit 42 who found that rogue Chrome extensions could manipulate how the browser handled requests to the embedded Gemini Live side panel. https://www.theregister.com/2026/03/03/google_chrome_bug_gemini/

0
0
1
7h ago

Bluesky

Blockchain Report @blockchainreport.bsky.social

🚨 Chrome Security Alert! A vulnerability (CVE-2026-0628) allows malicious extensions to access your webcam, mic, screen & files via the Gemini Live panel. Google has patched it in Chrome v143.0.7499.192/.193 (Win/Mac) & v143.0.7499.192 (Linux). Update NOW! #Chrome #Security #Vulnerability

0
1
0
15h ago

Cryptovka | Новости Крипторынка и Блокчейна @cryptovkanews.bsky.social

🚨 Критическая уязвимость CVE-2026-0628 в Chrome угрожает криптокошелькам MetaMask, Phantom, Trust Wallet! 💰 Злоумышленники могут получить доступ к локальным файлам, камерам и микрофонам. Google выпустила патчи. 💻 Обновите браузер немедленно! Версия 143.0.7499.192/193. Источник: GoPlus.

0
1
0
15h ago

Tech-News @technology-news.bsky.social

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and surveillance.

0
1
0
2h ago

CVE-2026-20127

Overview

Cisco
Cisco Catalyst SD-WAN Manager

25 Feb 2026

Published

26 Feb 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

2.60%

MITRE

KEV

Description

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. 

Statistics

4 Posts

Last activity: 2 hours ago

Bluesky

PCI Guru @jbhall56.bsky.social

The maximum-severity vulnerability CVE-2026-20127 was exploited by an unknown but sophisticated threat actor who left very little evidence behind. www.darkreading.com/vulnerabilit...

0
0
1
7h ago

Undercode Testing @undercode.bsky.social

Cisco Zero-Day CVE-2026-20127 and the EU’s CRA Shockwave: How Railway Cybersecurity Just Changed Forever + Video Introduction: The convergence of a maximum-severity zero-day exploit and the European Commission’s first official Cyber Resilience Act (CRA) guidance has created a critical juncture for…

0
0
0
2h ago

OpsMatters @opsmatters.com

The latest update for #Foresiet includes "CVE-2026-21513: APT28 Exploits MSHTML Zero-Day in Targeted Attacks" and "CVE-2026-20127: In-Depth Analysis of the Cisco Catalyst #SDWAN Authentication Bypass Vulnerability". #cybersecurity #infosec https://opsmtrs.com/3J3CMGz

0
0
0
16h ago

CVE-2026-2628

Overview

cyberlord92
All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login

03 Mar 2026

Published

03 Mar 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.25%

MITRE

KEV

Description

The All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.2.5. This makes it possible for unauthenticated attackers to bypass authentication and log in as other users, including administrators.

Statistics

2 Posts
1 Interaction

Last activity: 9 hours ago

Fediverse

Offensive Sequence @offseq

⚠️ CVE-2026-2628: CRITICAL auth bypass in All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin (≤2.2.5). Attackers can access WP admin accounts with no credentials. Disable plugin or restrict logins until patched! https://radar.offseq.com/threat/cve-2026-2628-cwe-288-authentication-bypass-using--3ce6682b #OffSeq #WordPress #AzureAD

1
0
0
17h ago

Bluesky

BaseFortify.eu @basefortify.bsky.social

🚨 CVE-2026-2628 – CRITICAL (9.8) Authentication Bypass in Microsoft 365 / Azure AD SSO Plugin for WordPress. Unauthenticated attackers can log in as arbitrary users — including administrators. Full report: basefortify.eu/cve_reports/... #CVE #WordPress #SSO #CyberSecurity #InfoSec

0
0
0
9h ago

CVE-2026-2256

Overview

ModelScope
ms-agent

02 Mar 2026

Published

03 Mar 2026

Updated

CVSS

Pending

EPSS

0.13%

MITRE

KEV

Description

A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input.

Statistics

2 Posts

Last activity: 1 hour ago

Bluesky

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-2256 in ModelScope MS-Agent framework allows arbitrary OS command execution through inadequate input sanitization in the Shell tool using regex-based blacklist filtering.

0
0
0
10h ago

CrowdCyber @crowdcyber.bsky.social

CVE-2026-2256: Unpatched Flaw in MS-Agent Lets Hackers Hijack AI Assistants

0
0
0
1h ago

CVE-2026-21902

Overview

Juniper Networks
Junos OS Evolved

25 Feb 2026

Published

03 Mar 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.33%

MITRE

KEV

Description

An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated, network-based attacker to execute code as root. The On-Box Anomaly detection framework should only be reachable by other internal processes over the internal routing instance, but not over an externally exposed port. With the ability to access and manipulate the service to execute code as root a remote attacker can take complete control of the device. Please note that this service is enabled by default as no specific configuration is required. This issue affects Junos OS Evolved on PTX Series: * 25.4 versions before 25.4R1-S1-EVO, 25.4R2-EVO. This issue does not affect Junos OS Evolved versions before 25.4R1-EVO. This issue does not affect Junos OS.

Statistics

4 Posts

Last activity: 6 hours ago

Bluesky

セキュリティ対策Lab @securitylab-jp.bsky.social

Juniper、PTX ルーターに致命的な脆弱性(CVE-2026-21902) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews

0
0
0
16h ago

/r/netsec @r-netsec-bot.bsky.social

Sometimes, You Can Just Feel The Security In The Design (Junos OS Evolved CVE-2026-21902 RCE) - watchTowr Labs

0
0
2
6h ago

CVE-2026-0714

Overview

Moxa
UC-1200A Series

05 Feb 2026

Published

05 Feb 2026

Updated

CVSS v4.0

HIGH (7.0)

EPSS

0.01%

MITRE

KEV

Description

A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible.

Statistics

1 Post
3 Interactions

Last activity: 12 hours ago

Fediverse

Martin Boller :debian: :tux: :freebsd: :windows: :mastodon: @itisiboller

https://www.cyloq.se/en/research/cve-2026-0714-tpm-sniffing-luks-keys-on-an-embedded-device

#Moxa #TPM #SPI #LogicAnalyzer #Keys #Cleartext

2
1
0
12h ago

CVE-2026-27495

Overview

n8n-io
n8n

25 Feb 2026

Published

26 Feb 2026

Updated

CVSS v4.0

CRITICAL (9.4)

EPSS

0.06%

MITRE

KEV

Description

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On instances using internal Task Runners (default runner mode), this could result in full compromise of the n8n host. On instances using external Task Runners, the attacker might gain access to or impact other task executed on the Task Runner. Task Runners must be enabled using `N8N_RUNNERS_ENABLED=true`. The issue has been fixed in n8n versions 2.10.1, 2.9.3, and 1.123.22. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations. Limit workflow creation and editing permissions to fully trusted users only, and/or use external runner mode (`N8N_RUNNERS_MODE=external`) to limit the blast radius. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

Statistics

2 Posts
9 Interactions

Last activity: 8 hours ago

Bluesky

The Shadowserver Foundation @shadowserver.bsky.social

We are continuing to expand our n8n RCE vulnerability scanning - most recently adding CVE-2026-27495 (CVSS 9.4) tagging as well. You can track our various n8n scan results here for the most well known critical vulns: dashboard.shadowserver.org/statistics/c... Top affected: US, Germany & France.

1
6
0
8h ago

The Shadowserver Foundation @shadowserver.bsky.social

IP data on vulnerable instances is tagged 'n8n' & with a cve tag (like cve-2026-27495) in our Vulnerable HTTP reporting www.shadowserver.org/what-we-do/n... Latest n8n critical RCE vulns (all covered with above tag): github.com/n8n-io/n8n/s... github.com/n8n-io/n8n/s... github.com/n8n-io/n8n/s...

0
2
0
8h ago

CVE-2026-0006

Overview

Google
Android

02 Mar 2026

Published

03 Mar 2026

Updated

CVSS

Pending

EPSS

0.09%

MITRE

KEV

Description

In multiple locations, there is a possible out of bounds read and write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Statistics

1 Post
1 Interaction

Last activity: 20 hours ago

Fediverse

Offensive Sequence @offseq

🔴 CVE-2026-0006: CRITICAL RCE in Android 16 via heap buffer overflows. No user action or privileges needed — remote attackers can fully compromise devices. Patch urgently when available! https://radar.offseq.com/threat/cve-2026-0006-remote-code-execution-in-google-andr-79236030 #OffSeq #Android #RCE #Vulnerability

1
0
0
20h ago