Aggregator

Cyber threats stubbornly resist confinement within the tidy taxonomies of orthodox malice—be it malware, credential exfiltration, or infrastructural

The post Identity is the New Exploit: Flashpoint Unveils the Rise of Agentic AI in its 2026 Threat Report appeared first on Penetration Testing Tools.

A vulnerability categorized as problematic has been discovered in libexif up to 0.6.25. This issue affects the function exif_mnote_data_get_value of the component MakerNotes Decoder. Such manipulation leads to integer underflow. This vulnerability is uniquely identified as CVE-2026-32775. Local access is required to approach this attack. No exploit exists.

A vulnerability classified as critical has been found in thermalright TR-VISION HOME up to 2.0.4 on Windows. This impacts an unknown function. This manipulation causes inclusion of functionality from untrusted control sphere. This vulnerability is tracked as CVE-2026-4255. The attack is restricted to local execution. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in CMS Made Simple up to 2.2.21. Impacted is an unknown function of the file admin/listusers.php of the component User Management Module. Performing a manipulation of the argument Message results in cross site scripting. This vulnerability is reported as CVE-2026-4225. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability classified as critical was found in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub_44E8D0 of the file /goform/get_virtual_cfg. Executing a manipulation can lead to stack-based buffer overflow. This vulnerability appears as CVE-2026-4226. The attack may be performed from remote. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, has been found in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub_44D844 of the file /goform/get_hidessid_cfg. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2026-4227. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, was found in LB-LINK BL-WR9000 2.4.9. This affects the function sub_458754 of the file /goform/set_wifi. The manipulation results in command injection. This vulnerability is known as CVE-2026-4228. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

让每一只“龙虾”都能安全可控

A vulnerability classified as critical has been found in iText 7.1.17. This vulnerability affects the function ByteBuffer.append of the component PDF File Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2022-24197. The attack is possible to be carried out remotely. No exploit exists. To fix this issue, it is recommended to deploy a patch.

A vulnerability was found in Oracle Retail Xstore Point of Service 17.0.6/18.0.5/19.0.4/20.0.3/21.0.2 and classified as critical. The impacted element is an unknown function of the component Xenvironment. Such manipulation leads to time-of-check time-of-use. This vulnerability is documented as CVE-2022-23181. The attack needs to be performed locally. There is not any exploit available.

A vulnerability has been found in Oracle Financial Services Crime and Compliance Management Studio 8.0.8.2.0/8.0.8.3.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Studio. The manipulation leads to time-of-check time-of-use. This vulnerability is uniquely identified as CVE-2022-23181. Local access is required to approach this attack. No exploit exists. The affected component should be upgraded.

A vulnerability marked as critical has been reported in Oracle Communications Instant Messaging Server 10.0.1.6.0. Affected is an unknown function of the component Installation. The manipulation leads to time-of-check time-of-use. This vulnerability is uniquely identified as CVE-2022-23181. Local access is required to approach this attack. No exploit exists.

A vulnerability described as critical has been identified in Oracle Financial Services Model Management and Governance 8.0.8.0/8.1.0.0/8.1.1.0. This affects an unknown part of the component Installer/Configuration. Executing a manipulation can lead to time-of-check time-of-use. This vulnerability is registered as CVE-2022-23181. The attack needs to be launched locally. No exploit is available.

Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo's LAB52 threat intelligence team. The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry Bear (aka UAC-0190 or Void Blizzard) aimed at Ukrainian defense forces with a malware

Взломщик ByteToBreach опубликовал внутренности шведских госуслуг.

A vulnerability classified as problematic was found in SAP NetWeaver Application Server for ABAP up to 816. This vulnerability affects unknown code. The manipulation results in missing authorization. This vulnerability is reported as CVE-2026-24310. The attack can be launched remotely. No exploit exists. It is best practice to apply a patch to resolve this issue.

A vulnerability, which was classified as problematic, has been found in Python CPython up to 3.14.x. This affects an unknown function of the component Tarfile Module. This manipulation causes incorrect comparison. This vulnerability appears as CVE-2025-13462. The attack requires local access. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability identified as problematic has been detected in Cisco Secure Endpoint. This vulnerability affects unknown code of the component ClamAV. The manipulation leads to uncaught exception. This vulnerability is documented as CVE-2026-20031. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability was found in thejoshwolfe yauzl up to 3.2.0. It has been declared as problematic. This affects the function getLastModDate of the component ZIP File Handler. Such manipulation leads to off-by-one. This vulnerability is traded as CVE-2026-31988. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.