🚨 CVE-2026-45185 (Dead.Letter)

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitrary code.

ℹ️ Additional info on ZEN SecDB https://secdb.nttzen.cloud/cve/detail/CVE-2026-45185

#nttdata #zen #secdb #infosec
#deadletter #cve202645185 #exim #gnutls

🚨 [CISA-2026:0508] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0508)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-42208 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-42208)
- Name: BerriAI LiteLLM SQL Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: BerriAI
- Product: LiteLLM
- Notes: https://github.com/BerriAI/litellm/security/advisories/GHSA-r75f-5x8p-qvmc ; https://nvd.nist.gov/vuln/detail/CVE-2026-42208

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260508 #cisa20260508 #cve_2026_42208 #cve202642208

🚨 [CISA-2026:0420] CISA Adds 8 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0420)

CISA has added 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2023-27351 (https://secdb.nttzen.cloud/cve/detail/CVE-2023-27351)
- Name: PaperCut NG/MF Improper Authentication Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: PaperCut
- Product: NG/MF
- Notes: https://www.papercut.com/kb/Main/PO-1216-and-PO-1219 ; https://nvd.nist.gov/vuln/detail/CVE-2023-27351

⚠️ CVE-2024-27199 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-27199)
- Name: JetBrains TeamCity Relative Path Traversal Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: JetBrains
- Product: TeamCity
- Notes: https://www.jetbrains.com/privacy-security/issues-fixed/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-27199

⚠️ CVE-2025-2749 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-2749)
- Name: Kentico Xperience Path Traversal Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Kentico
- Product: Kentico Xperience
- Notes: https://devnet.kentico.com/download/hotfixes ; https://nvd.nist.gov/vuln/detail/CVE-2025-2749

⚠️ CVE-2025-32975 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-32975)
- Name: Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Quest
- Product: KACE Systems Management Appliance (SMA)
- Notes: https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978 ; https://nvd.nist.gov/vuln/detail/CVE-2025-32975

⚠️ CVE-2025-48700 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-48700)
- Name: Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Synacor
- Product: Zimbra Collaboration Suite (ZCS)
- Notes: https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories ; https://nvd.nist.gov/vuln/detail/CVE-2025-48700

⚠️ CVE-2026-20122 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20122)
- Name: Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
- Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Cisco
- Product: Catalyst SD-WAN Manger
- Notes: CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v ; https://nvd.nist.gov/vuln/detail/ CVE-2026-20122

⚠️ CVE-2026-20128 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20128)
- Name: Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
- Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Cisco
- Product: Catalyst SD-WAN Manager
- Notes: CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v ; https://nvd.nist.gov/vuln/detail/CVE-2026-20128

⚠️ CVE-2026-20133 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20133)
- Name: Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
- Action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Cisco
- Product: Catalyst SD-WAN Manager
- Notes: CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v ; https://nvd.nist.gov/vuln/detail/CVE-2026-20133

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260420 #cisa20260420 #cve_2023_27351 #cve_2024_27199 #cve_2025_2749 #cve_2025_32975 #cve_2025_48700 #cve_2026_20122 #cve_2026_20128 #cve_2026_20133 #cve202327351 #cve202427199 #cve20252749 #cve202532975 #cve202548700 #cve202620122 #cve202620128 #cve202620133

🚨 [CISA-2026:0413] CISA Adds 7 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0413)

CISA has added 7 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2012-1854 (https://secdb.nttzen.cloud/cve/detail/CVE-2012-1854)
- Name: Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Visual Basic for Applications (VBA)
- Notes: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-046 ; https://nvd.nist.gov/vuln/detail/CVE-2012-1854

⚠️ CVE-2020-9715 (https://secdb.nttzen.cloud/cve/detail/CVE-2020-9715)
- Name: Adobe Acrobat Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Adobe
- Product: Acrobat
- Notes: https://helpx.adobe.com/security/products/acrobat/apsb20-48.html ; https://nvd.nist.gov/vuln/detail/CVE-2020-9715

⚠️ CVE-2023-21529 (https://secdb.nttzen.cloud/cve/detail/CVE-2023-21529)
- Name: Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Exchange Server
- Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21529 ; https://nvd.nist.gov/vuln/detail/CVE-2023-21529

⚠️ CVE-2023-36424 (https://secdb.nttzen.cloud/cve/detail/CVE-2023-36424)
- Name: Microsoft Windows Out-of-Bounds Read Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-36424 ; https://nvd.nist.gov/vuln/detail/CVE-2023-36424

⚠️ CVE-2025-60710 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-60710)
- Name: Microsoft Windows Link Following Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60710 ; https://nvd.nist.gov/vuln/detail/CVE-2025-60710

⚠️ CVE-2026-21643 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21643)
- Name: Fortinet SQL Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiClient EMS
- Notes: https://fortiguard.fortinet.com/psirt/FG-IR-25-1142 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21643

⚠️ CVE-2026-34621 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34621)
- Name: Adobe Acrobat and Reader Prototype Pollution Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Adobe
- Product: Acrobat and Reader
- Notes: https://helpx.adobe.com/security/products/acrobat/apsb26-43.html ; https://nvd.nist.gov/vuln/detail/CVE-2026-34621

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260413 #cisa20260413 #cve_2012_1854 #cve_2020_9715 #cve_2023_21529 #cve_2023_36424 #cve_2025_60710 #cve_2026_21643 #cve_2026_34621 #cve20121854 #cve20209715 #cve202321529 #cve202336424 #cve202560710 #cve202621643 #cve202634621

🚨 [CISA-2026:0327] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0327)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2025-53521 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-53521)
- Name: F5 BIG-IP Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: F5
- Product: BIG-IP
- Notes: Please adhere to F5’s guidelines to assess exposure and mitigate risks. Check for signs of potential compromise on all internet accessible F5 products affected by this vulnerability. For more information please see: https://my.f5.com/manage/s/article/K000156741 ; https://my.f5.com/manage/s/article/K000160486 ; https://my.f5.com/manage/s/article/K11438344 ; https://nvd.nist.gov/vuln/detail/CVE-2025-53521

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260327 #cisa20260327 #cve_2025_53521 #cve202553521

🚨 [CISA-2026:0326] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0326)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-33634 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-33634)
- Name: Aquasecurity Trivy Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Aquasecurity
- Product: Trivy
- Notes: This vulnerability involves a supply‑chain compromise in a product that may be used across multiple products and environments. Additional vendor‑provided guidance must be followed to ensure full remediation. For more information, please see: https://github.com/advisories/GHSA-69fq-xp46-6x23 ; https://nvd.nist.gov/vuln/detail/CVE-2026-33634

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260326 #cisa20260326 #cve_2026_33634 #cve202633634

🚨 [CISA-2026:0218] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0218)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2021-22175 (https://secdb.nttzen.cloud/cve/detail/CVE-2021-22175)
- Name: GitLab Server-Side Request Forgery (SSRF) Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: GitLab
- Product: GitLab
- Notes: https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22175.json ; https://nvd.nist.gov/vuln/detail/CVE-2021-22175

⚠️ CVE-2026-22769 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- Name: Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Dell
- Product: RecoverPoint for Virtual Machines (RP4VMs)
- Notes: https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079 ; https://www.dell.com/support/kbdoc/en-us/000426742/recoverpoint-for-vms-apply-the-remediation-script-for-dsa ; https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day ; https://nvd.nist.gov/vuln/detail/CVE-2026-22769

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260218 #cisa20260218 #cve_2021_22175 #cve_2026_22769 #cve202122175 #cve202622769

🚨 [CISA-2025:1110] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:1110)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2025-21042 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-21042)
- Name: Samsung Mobile Devices Out-of-Bounds Write Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Samsung
- Product: Mobile Devices
- Notes: https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21042

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20251110 #cisa20251110 #cve_2025_21042 #cve202521042

[CISA-2025:0923] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:0923)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

CVE-2025-10585 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-10585)
- Name: Google Chromium V8 Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Google
- Product: Chromium V8
- Notes: https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-10585

#SecDB #InfoSec #CISA_KEV #cisa_20250923 #cve_2025_10585

[CISA-2025:0923] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:0923)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

CVE-2025-10585 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-10585)
- Name: Google Chromium V8 Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns?:</b> Unknown
- Vendor: Google
- Product: Chromium V8
- Notes: https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-10585

#SecDB #InfoSec #CISA_KEV #cisa_20250923 cve_2025_10585