Yazoul Alerts1h ago

🚨 New security advisory:

CVE-2026-27626 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
https://yazoul.net/advisory/cve/cve-2026-27626

#CVE #ZeroDay #ThreatIntel

CRITICAL: CVE-2026-27626 | Yazoul Security

OliveTin gives access to predefined shell commands from a web interface. In versions up to and including 3000.10.0, OliveTin's shell mode safety check (`checkShellArgumentSafety`) blocks several dange...

Yazoul Security
HackerWorkspace12h ago

DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon

https://www.youtube.com/watch?v=3F5icGjDWfg

#cybersecurity #exploit #zeroday

DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon

YouTube
Yazoul Alerts16h ago

🔴 New security advisory:

CVE-2025-70043 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
https://yazoul.net/advisory/cve/cve-2025-70043

#Cybersecurity #ZeroDay #ThreatIntel

CRITICAL: CVE-2025-70043 | Yazoul Security

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in...

Yazoul Security
AA17h ago

New advisory. Login needed for details.

Broadcom OPS/MVS 14.0 - OPSMVS REST API Vulnerability (updates Apache Tomcat from 10.1.48 to 10.1.52) https://support.broadcom.com/web/ecx/security-advisory

Also, Cisco has tagged GeoVision eight times (🤔) for zero-day reports https://talosintelligence.com/vulnerability_info @TalosSecurity #zeroday #infosec #vulnerability #Broadcom #Apache

Security Advisory - Support Portal - Broadcom support portal

Support Portal
Yazoul Alerts20h ago

⛔ New security advisory:

CVE-2026-26198 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
https://yazoul.net/advisory/cve/cve-2026-26198

#CVE #ZeroDay #ThreatIntel

CRITICAL: CVE-2026-26198 | Yazoul Security

Ormar is a async mini ORM for Python. In versions 0.9.9 through 0.22.0, when performing aggregate queries, Ormar ORM constructs SQL expressions by passing user-supplied column names directly into `sql...

Yazoul Security
TechNadu21h ago

Ivanti Pulse Secure VPN flaws reportedly exploited since 2021.
~119 orgs impacted, including contractors.
CISA later ordered federal disconnects.

Report:
https://www.technadu.com/ivanti-vpn-flaws-exploited-by-chinese-hackers-impacting-almost-120-organizations-report-says/620689/

#Infosec #Ivanti #ZeroDay

Show threadLukas Neumann1d ago
Interessantes Projekt! Wie gehst du mit Zero-Day-Exploits um? Das ist ja die größte Gefahr. #dumango #zeroday #threats
Hackread.com1d ago

📢⚠️ Researchers uncover multiple zero-day PDF platform flaws enabling XSS and one-click attacks that can let hackers run malicious code simply by opening a file.

Read: https://hackread.com/zero-day-flaws-pdf-platforms-xss-one-click-attacks/

#CyberSecurity #ZeroDay #Vulnerability #PDF #Infosec #XSS

Multiple Zero-Day Flaws in PDF Platforms Enable XSS and One-Click Attacks

16 zero-day security flaws found in Foxit and Apryse PDF platforms could lead to account takeover and RCE. Learn how AI identified these risks.

Hackread - Cybersecurity News, Data Breaches, AI and More
AA1d ago
Cisco has tagged VTK for a zero-day report https://talosintelligence.com/vulnerability_info @TalosSecurity #infosec #zeroday
Zero-Day Vulnerability & Disclosed Vulnerabilities Reports || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

Talos investigates software and operating system vulnerabilities in order to discover them before malicious threat actors do. We provide this information to vendors so that they can create patches and protect their customers as soon as possible.

Yazoul Alerts1d ago

⚠️ New security advisory:

CVE-2026-2870 affects multiple systems.

• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours

Full breakdown:
https://yazoul.net/advisory/cve/cve-2026-2870

#Cybersecurity #ZeroDay #ThreatIntel

HIGH: CVE-2026-2870 | Yazoul Security

A security flaw has been discovered in Tenda A21 1.0.0.0. Affected by this issue is the function set_qosMib_list of the file /goform/formSetQosBand. The manipulation of the argument list results in st...

Yazoul Security