ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
CVE-2026-0898 - An arbitrary file-write vulnerability in Pega Browser Extension (PBE) affects Pega Robot Studio developers who are automating Google Chrome and Microsoft Edge using either version 22.1 or R25.
CVE ID :CVE-2026-0898 Published : March 23, 2026, 7:16 p.m. | 1 hour, 17 minutes ago Description :An arbitrary file-write vulnerability in Pega Browser Extension (PBE) affects Pega Robot Studio developers who are a
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio
CVE-2026-20963
Currently trending CVE - Hype Score: 1 - Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-32194 - Microsoft Bing Images Remote Code Execution Vulnerability
CVE ID :CVE-2026-32194 Published : March 19, 2026, 9:21 p.m. | 53 minutes ago Description :None Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, a
CVE-2026-26137 - Microsoft 365 Copilot BizChat Elevation of Privilege Vulnerability
CVE ID :CVE-2026-26137 Published : March 19, 2026, 9:17 p.m. | 58 minutes ago Description :Server-side request forgery (ssrf) in Microsoft 365 Copilot's Business Chat allows an authorized attacker to elevate privil
CVE-2026-26139 - Microsoft Purview Elevation of Privilege Vulnerability
CVE ID :CVE-2026-26139 Published : March 19, 2026, 9:17 p.m. | 58 minutes ago Description :Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a networ
Critical Microsoft SharePoint flaw now exploited in attacks
A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned. [...]
CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability
The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared fi
CISA Warns of Microsoft SharePoint Vulnerability Exploited in Attacks
A critical security flaw in Microsoft SharePoint has been identified as actively exploited, and on March 18, 2026, the vulnerability was officially added to the Known Exploited Vulnerabilities (KEV) catalog. This additio
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, s
Microsoft Edge (Android): Schwachstelle ermöglicht Darstellen falscher Informationen
Es existiert eine Schwachstelle in Microsoft Edge für Android. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Benutzer zu täuschen. Dazu ist eine Interaktion des Benutzers erforderlich: Das Op
Microsoft to Block Windows 11 and Server 2025 Automated Installation After Critical RCE Vulnerability
Microsoft has announced a two-phase plan to disable the hands-free deployment feature in Windows Deployment Services (WDS) following the discovery of a critical remote code execution (RCE) vulnerability tracked as CVE-20
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through search engine optimization (SEO) poisoning techniques. "The campaign redirects us
Microsoft 365 Copilot und Edge: Schwachstelle ermöglicht Offenlegung von Informationen und Manipulation von Daten
Es existiert eine Schwachstelle in Microsoft 365 Copilot und Microsoft Edge für Android und iOS. Durch einen Fehler können Angreifer überzeugende Phishing-Inhalte innerhalb der vertrauenswürdigen Zusammenfassungsschnitts
Critical Microsoft Office Vulnerability Enables Remote Code Execution Attacks
On March 10, 2026, Microsoft released security updates to address a critical vulnerability in its widely used Office suite. Tracked as CVE-2026-26110, this security flaw allows an unauthorized attacker to execute malicio
CVE-2026-31979 - himmelblaud-tasks: local privilege escalation via /tmp symlink attack on Kerberos ccache
CVE ID :CVE-2026-31979 Published : March 11, 2026, 8:16 p.m. | 59 minutes ago Description :Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-
CVE-2026-31957 - Himmelblau unset domain configuration can allow any-tenant authentication at first login for remote deployments
CVE ID :CVE-2026-31957 Published : March 11, 2026, 8:16 p.m. | 59 minutes ago Description :Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 3.0.0 to before 3.1.0, if Himmelblau
Microsoft Patchday März 2026
Microsoft hat im März zahlreiche Schwachstellen in verschiedenen Produkten behoben.
Microsoft .NET 0-Day Vulnerability Enables Denial-of-Service Attacks
An emergency security update has been released to address a newly disclosed .NET Framework vulnerability, tracked as CVE-2026-26127. This security flaw allows unauthenticated, remote attackers to trigger a Denial-of-Serv
Microsoft SQL Server Zero-Day Vulnerability Allows Attackers to Escalate Privileges
Microsoft has disclosed a critical zero-day vulnerability in SQL Server that allows authenticated attackers to escalate their privileges to the highest administrative level on affected database systems. Tracked as CVE-20