ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
CVE-2026-1670 - Honeywell CCTV Products Missing Authentication for Critical Function
CVE ID : CVE-2026-1670 Published : Feb. 17, 2026, 11:16 p.m. | 46 minutes ago Description : The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely cha
Flaws in popular VSCode extensions expose developers to attacks
Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local files and execute code
Chinese hackers exploiting Dell zero-day flaw since mid-2024
A suspected Chinese state-backed hacking group has been quietly exploiting a critical Dell security flaw in zero-day attacks that started in mid-2024. [...]
CVE-2026-22769 - Dell RecoverPoint for Virtual Machines Hardcoded Credential Remote Authentication Bypass
CVE ID : CVE-2026-22769 Published : Feb. 17, 2026, 7:19 p.m. | 43 minutes ago Description : Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is
CVE-2025-65753 - Guardian Gryphon TLS Certification Command Execution
CVE ID : CVE-2025-65753 Published : Feb. 17, 2026, 4:20 p.m. | 1 hour, 42 minutes ago Description : An issue in the TLS certification mechanism of Guardian Gryphon v01.06.0006.22 allows attackers to execute commands a
Firefox v147.0.3 Released With Fix for Heap Buffer Overflow Vulnerability
Mozilla has released Firefox version 147.0.3, addressing a critical memory-related flaw that could allow attackers to execute arbitrary code by exploiting a heap buffer overflow issue in the browser’s media processing li
CVE-2025-65717 - Visual Studio Code Extensions Live Server File Exfiltration Vulnerability
CVE ID : CVE-2025-65717 Published : Feb. 16, 2026, 4:19 p.m. | 23 hours, 43 minutes ago Description : An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files via user interact
Single IP Dominates Exploitation Campaign Attacking Ivanti EPMM with RCE Vulnerability
A critical remote code execution (RCE) flaw in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281, is being heavily exploited. GreyNoise shows that 83% of observed attacks come from a single IP address: 193[
Joomla Novarain/Tassos Framework Vulnerabilities Enables SQL injection and Unauthenticated File Read
Websites running the Novarain/Tassos Framework are vulnerable to critical security flaws that allow unauthenticated file read, file deletion, and SQL injection attacks, potentially leading to remote code execution and fu
Critical Airleader Vulnerability Exposes Systems to Remote Code Execution Attacks
A newly disclosed vulnerability in an industrial control system (ICS) monitoring solution has raised concerns across multiple critical infrastructure sectors. Published by CISA under advisory code ICSA-26-043-10, the fla
FileZen File Transfer App Vulnerability Enables Arbitrary Command Execution
A critical vulnerability has been discovered in the file transfer solution from Soliton Systems K.K., potentially allowing attackers to execute arbitrary system commands on affected installations. The issue, tracked as C
CISA Warns of ZLAN ICS Devices Vulnerabilities Allows Complete Device Takeover
An alert regarding two critical vulnerabilities found in ZLAN Information Technology Co.’s ZLAN5143D industrial communication device. According to the advisory (ICSA-26-041-02), successful exploitation could allow attack
Critical BeyondTrust Vulnerability Exploited in the Wild to Gain Full Domain Control
A critical vulnerability tracked as CVE-2026-1731 is being actively exploited in the wild, enabling attackers to gain full domain control over affected systems. Threat actors are leveraging this flaw to execute operating
One threat actor responsible for 83% of recent Ivanti RCE attacks
Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-21962 and
CISA Warns of Microsoft Configuration Manager SQL Injection Vulnerability Exploited in Attacks
CISA has issued an urgent alert about a critical SQL injection vulnerability in Microsoft Configuration Manager (SCCM). Tracked as CVE-2024-43468, this flaw lets unauthenticated attackers run malicious commands on server
CVE-2026-26273 - Known affected by Account Takeover via Password Reset Token Leakage
CVE ID : CVE-2026-26273 Published : Feb. 13, 2026, 10:16 p.m. | 17 hours, 46 minutes ago Description : Known is a social publishing platform. Prior to 1.6.3, a Critical Broken Authentication vulnerability exists in Kn
CVE-2026-26190 - Milvus Allows Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise
CVE ID : CVE-2026-26190 Published : Feb. 13, 2026, 7:17 p.m. | 20 hours, 44 minutes ago Description : Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus e
CVE-2025-14349 - Business Logic Error in Universal Software's FlexCity/Kiosk
CVE ID : CVE-2025-14349 Published : Feb. 13, 2026, 2:16 p.m. | 1 day, 1 hour ago Description : Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software In
CISA flags critical Microsoft SCCM flaw as exploited in attacks
CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks. [...]
BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release
Exploitation attempts target CVE-2026-1731, a critical unauthenticated remote code execution flaw in BeyondTrust Remote Support. The post BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release appea