Mastodawn

🚨 [CISA-2026:0327] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0327)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2025-53521 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-53521)
- Name: F5 BIG-IP Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: F5
- Product: BIG-IP
- Notes: Please adhere to F5’s guidelines to assess exposure and mitigate risks. Check for signs of potential compromise on all internet accessible F5 products affected by this vulnerability. For more information please see: https://my.f5.com/manage/s/article/K000156741 ; https://my.f5.com/manage/s/article/K000160486 ; https://my.f5.com/manage/s/article/K11438344 ; https://nvd.nist.gov/vuln/detail/CVE-2025-53521

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260327 #cisa20260327 #cve_2025_53521 #cve202553521

[CISA-2026:0327] CISA Adds One Known Exploited Vulnerability to Catalog - Advisory | ZEN SecDB Portal

CISA-2026:0327 - CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

ZEN SecDB 3d ago

🚨 [CISA-2026:0326] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0326)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-33634 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-33634)
- Name: Aquasecurity Trivy Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Aquasecurity
- Product: Trivy
- Notes: This vulnerability involves a supply‑chain compromise in a product that may be used across multiple products and environments. Additional vendor‑provided guidance must be followed to ensure full remediation. For more information, please see: https://github.com/advisories/GHSA-69fq-xp46-6x23 ; https://nvd.nist.gov/vuln/detail/CVE-2026-33634

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260326 #cisa20260326 #cve_2026_33634 #cve202633634

[CISA-2026:0326] CISA Adds One Known Exploited Vulnerability to Catalog - Advisory | ZEN SecDB Portal

CISA-2026:0326 - CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

ZEN SecDB Feb 20

🚨 [CISA-2026:0218] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0218)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2021-22175 (https://secdb.nttzen.cloud/cve/detail/CVE-2021-22175)
- Name: GitLab Server-Side Request Forgery (SSRF) Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: GitLab
- Product: GitLab
- Notes: https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22175.json ; https://nvd.nist.gov/vuln/detail/CVE-2021-22175

⚠️ CVE-2026-22769 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- Name: Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Dell
- Product: RecoverPoint for Virtual Machines (RP4VMs)
- Notes: https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079 ; https://www.dell.com/support/kbdoc/en-us/000426742/recoverpoint-for-vms-apply-the-remediation-script-for-dsa ; https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day ; https://nvd.nist.gov/vuln/detail/CVE-2026-22769

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260218 #cisa20260218 #cve_2021_22175 #cve_2026_22769 #cve202122175 #cve202622769

[CISA-2026:0218] CISA Adds 2 Known Exploited Vulnerabilities to Catalog - Advisory | ZEN SecDB Portal

CISA-2026:0218 - CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

ZEN SecDB Nov 10

🚨 [CISA-2025:1110] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:1110)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2025-21042 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-21042)
- Name: Samsung Mobile Devices Out-of-Bounds Write Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Samsung
- Product: Mobile Devices
- Notes: https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21042

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20251110 #cisa20251110 #cve_2025_21042 #cve202521042

[CISA-2025:1110] CISA Adds One Known Exploited Vulnerability to Catalog - Advisory | ZEN SecDB Portal

CISA-2025:1110 - CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

ZEN SecDB Sep 23, 2025

[CISA-2025:0923] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:0923)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

CVE-2025-10585 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-10585)
- Name: Google Chromium V8 Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Google
- Product: Chromium V8
- Notes: https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-10585

#SecDB #InfoSec #CISA_KEV #cisa_20250923 #cve_2025_10585

[CISA-2025:0923] CISA Adds One Known Exploited Vulnerability to Catalog - Advisory | ZEN SecDB Portal

CISA-2025:0923 - CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

ZEN SecDB Sep 23, 2025

[CISA-2025:0923] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:0923)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

CVE-2025-10585 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-10585)
- Name: Google Chromium V8 Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns?:</b> Unknown
- Vendor: Google
- Product: Chromium V8
- Notes: https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-10585

#SecDB #InfoSec #CISA_KEV #cisa_20250923 cve_2025_10585

[CISA-2025:0923] CISA Adds One Known Exploited Vulnerability to Catalog - Advisory | ZEN SecDB Portal

CISA-2025:0923 - CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

Giuseppe Di Terlizzi Sep 22, 2025

New IOCs detected in last 7 days
See more at SecDB (https://secdb.nttzen.cloud)

CVE-2021-44228 +2 IOCs
CVE-2021-4034 +2 IOCs
CVE-2012-0056 +1 IOCs
CVE-2010-3850 +1 IOCs
CVE-2010-3849 +1 IOCs
CVE-2017-11882
- AgentTesla +9 IOCs
- Amadey +6 IOCs
- AmosStealer +3 IOCs
- AsyncRAT +3 IOCs
- DarkCloud +6 IOCs
- Formbook +6 IOCs
- MassLogger +3 IOCs
- Mirai +12 IOCs
- SnakeKeylogger +3 IOCs
- VIPKeylogger +3 IOCs
- XWorm +3 IOCs

Follow the Telegram channel: https://t.me/secdbportal_feed
#SecDB #InfoSec

Home | ZEN SecDB Portal

powered by YaVS - YaVS Ain't Vulnerability Scanner...

ZEN SecDB Portal

Giuseppe Di Terlizzi Sep 22, 2025

📈 CVE Published in last 7 days (2025-09-15 - 2025-09-22)
See more at SecDB (https://secdb.nttzen.cloud/dashboard)

Total CVEs: 1316

Severity
- Critical: 66
- High: 191
- Medium: 342
- Low: 39
- None: 678

Status
- UNKNOWN: 21
- Analyzed: 163
- Awaiting Analysis: 836
- Received: 78
- Rejected: 112
- Undergoing Analysis: 106

Top CNAs
- kernel.org: 639
- VulDB: 118
- MITRE: 83

Follow Telegram channel: https://t.me/secdbportal_feed

#SecDB #InfoSec

Security Dashboard | ZEN SecDB Portal

powered by YaVS - YaVS Ain't Vulnerability Scanner...

ZEN SecDB Portal