🚨 CRITICAL: SenseLive X3050 v1.523 is vulnerable to authentication bypass (CVE-2026-40630) via alternate paths. No fix yet — restrict device network access and monitor closely. https://radar.offseq.com/threat/cve-2026-40630-cwe-288-authentication-bypass-using-b2eedf7d #OffSeq #CVE202640630 #IoTSecurity #VulnAlert

🚨 CVE-2026-33875 (CRITICAL, CVSS 9.3): gematik app-Authenticator <4.16.0 is vulnerable to authentication hijack via malicious deep links. No workarounds — update to 4.16.0+ urgently! https://radar.offseq.com/threat/cve-2026-33875-cwe-940-improper-verification-of-so-189b5f61 #OffSeq #CVE202633875 #HealthIT #VulnAlert

🔎 CVE-2026-3408 (MEDIUM): Open Babel 3.1.0/3.1.1 vulnerable to DoS via null pointer dereference in CDXML handler. Exploit public, patch available (commit e23a224b8fd9…). Update now to prevent app crashes! https://radar.offseq.com/threat/cve-2026-3408-null-pointer-dereference-in-open-bab-da0da361 #OffSeq #OpenBabel #VulnAlert

🚨 CVE-2026-27743: CRITICAL SQL injection in SPIP referer_spam <1.3.0 allows unauthenticated SQL execution via GET. No exploit seen yet — patch to 1.3.0+ ASAP! Monitor logs & restrict DB perms. https://radar.offseq.com/threat/cve-2026-27743-cwe-89-improper-neutralization-of-s-0723b396 #OffSeq #SQLInjection #SPIP #VulnAlert

🚨 CRITICAL: CVE-2025-34252 impacts NetSarang Xmanager Enterprise (5.0 Build 1232). Malicious nssock2.dll enables DNS-based backdoor, remote code exec, and persistent registry VFS. Patch ASAP and monitor DNS activity! https://radar.offseq.com/threat/cve-2025-34252-cwe-506-embedded-malicious-code-in--7efafdd8 #OffSeq #ThreatHunting #VulnAlert

🛡️ HIGH severity: CVE-2025-36174 in IBM Integrated Analytics System 1.0.0.0–1.0.30.0 allows authenticated users to upload harmful files, risking code execution if opened. Restrict uploads & monitor activity until patch. https://radar.offseq.com/threat/cve-2025-36174-cwe-434-unrestricted-upload-of-file-dbb1db28 #OffSeq #IBM #VulnAlert