Mastodawn

🚨 [CISA-2026:0327] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0327)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2025-53521 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-53521)
- Name: F5 BIG-IP Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: F5
- Product: BIG-IP
- Notes: Please adhere to F5’s guidelines to assess exposure and mitigate risks. Check for signs of potential compromise on all internet accessible F5 products affected by this vulnerability. For more information please see: https://my.f5.com/manage/s/article/K000156741 ; https://my.f5.com/manage/s/article/K000160486 ; https://my.f5.com/manage/s/article/K11438344 ; https://nvd.nist.gov/vuln/detail/CVE-2025-53521

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260327 #cisa20260327 #cve_2025_53521 #cve202553521

[CISA-2026:0327] CISA Adds One Known Exploited Vulnerability to Catalog - Advisory | ZEN SecDB Portal

CISA-2026:0327 - CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

ZEN SecDB 4d ago

🚨 [CISA-2026:0326] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0326)

⚠️ CVE-2026-33634 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-33634)
- Name: Aquasecurity Trivy Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Aquasecurity
- Product: Trivy
- Notes: This vulnerability involves a supply‑chain compromise in a product that may be used across multiple products and environments. Additional vendor‑provided guidance must be followed to ensure full remediation. For more information, please see: https://github.com/advisories/GHSA-69fq-xp46-6x23 ; https://nvd.nist.gov/vuln/detail/CVE-2026-33634

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260326 #cisa20260326 #cve_2026_33634 #cve202633634

[CISA-2026:0326] CISA Adds One Known Exploited Vulnerability to Catalog - Advisory | ZEN SecDB Portal

CISA-2026:0326 - CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

ZEN SecDB Feb 23

📈 CVE Published in last 7 days (2026-02-16 - 2026-02-23)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1338

Severity:
- Critical: 74
- High: 301
- Medium: 602
- Low: 33
- None: 328

Status:
- : 9
- Analyzed: 277
- Awaiting Analysis: 747
- Modified: 3
- Received: 170
- Rejected: 40
- Undergoing Analysis: 92

Top CNAs:
- Patchstack: 334
- GitHub, Inc.: 170
- VulDB: 164
- Wordfence: 148
- VulnCheck: 145
- MITRE: 53
- kernel.org: 33
- IBM Corporation: 33
- Fortinet, Inc.: 25
- Zero Day Initiative: 20

Top Affected Products:
- UNKNOWN: 1037
- Comodo Dome Firewall: 29
- Gfi Mailessentials: 18
- Smoothwall Express: 17
- Openclaw: 16
- Invoiceplane: 11
- Spip: 10
- Nvidia Nemo: 10
- Mjdm Majordomo: 8
- Ibm Concert: 7

Security Dashboard | ZEN SecDB Portal

ZEN SecDB Portal

ZEN SecDB Feb 20

🚨 [CISA-2026:0218] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0218)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2021-22175 (https://secdb.nttzen.cloud/cve/detail/CVE-2021-22175)
- Name: GitLab Server-Side Request Forgery (SSRF) Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: GitLab
- Product: GitLab
- Notes: https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22175.json ; https://nvd.nist.gov/vuln/detail/CVE-2021-22175

⚠️ CVE-2026-22769 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- Name: Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Dell
- Product: RecoverPoint for Virtual Machines (RP4VMs)
- Notes: https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079 ; https://www.dell.com/support/kbdoc/en-us/000426742/recoverpoint-for-vms-apply-the-remediation-script-for-dsa ; https://cloud.google.com/blog/topics/threat-intelligence/unc6201-exploiting-dell-recoverpoint-zero-day ; https://nvd.nist.gov/vuln/detail/CVE-2026-22769

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260218 #cisa20260218 #cve_2021_22175 #cve_2026_22769 #cve202122175 #cve202622769

[CISA-2026:0218] CISA Adds 2 Known Exploited Vulnerabilities to Catalog - Advisory | ZEN SecDB Portal

CISA-2026:0218 - CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

ZEN SecDB Feb 9

📈 CVE Published in last 7 days (2026-02-02 - 2026-02-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1178

Severity:
- Critical: 93
- High: 363
- Medium: 498
- Low: 65
- None: 159

Status:
- : 9
- Analyzed: 94
- Awaiting Analysis: 636
- Modified: 2
- Received: 139
- Rejected: 20
- Undergoing Analysis: 278

Top CNAs:
- GitHub, Inc.: 225
- VulnCheck: 149
- VulDB: 134
- kernel.org: 79
- Wordfence: 71
- MITRE: 64
- wikimedia-foundation: 47
- Patchstack: 45
- Tanium: 26
- TPLink: 25

Top Affected Products:
- UNKNOWN: 1071
- Samsung Exynos 850 Firmware: 10
- Tp-link Archer Be230 Firmware: 10
- Samsung Exynos 980 Firmware: 10
- Samsung Exynos W920 Firmware: 10
- Samsung Exynos W1000 Firmware: 10
- Samsung Exynos 1080 Firmware: 10
- Samsung Exynos W930 Firmware: 10
- Samsung Exynos 1480 Firmware: 9
- Mediatek Nr15: 9

Security Dashboard | ZEN SecDB Portal

ZEN SecDB Portal

ZEN SecDB Feb 2

📈 CVE Published in last 7 days (2026-01-26 - 2026-02-02)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 860

Severity:
- Critical: 96
- High: 295
- Medium: 375
- Low: 18
- None: 76

Status:
- : 6
- Analyzed: 70
- Awaiting Analysis: 299
- Modified: 1
- Received: 245
- Rejected: 18
- Undergoing Analysis: 221

Top CNAs:
- VulnCheck: 171
- GitHub, Inc.: 128
- VulDB: 74
- MITRE: 61
- Government Technology Agency of Singapore Cyber Security Group (GovTech CSG): 48
- Wordfence: 43
- kernel.org: 38
- Spanish National Cybersecurity Institute, S.A. (INCIBE): 28
- SEC Consult Vulnerability Lab: 20
- IBM Corporation: 18

Top Affected Products:
- UNKNOWN: 771
- Discourse: 13
- Flexense Disk Pulse Enterprise: 11
- Flexense Sync Breeze Enterprise Server: 11
- Tenda W30e Firmware: 10
- Oisf Suricata: 7
- Pnpm: 5
- Gpac: 4
- Fabian Online Examination System: 3
- Sangfor Operation And Maintenance Security Management System: 3

Security Dashboard | ZEN SecDB Portal

ZEN SecDB Portal

ZEN SecDB Jan 19

📈 CVE Published in last 7 days (2026-01-12 - 2026-01-19)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1174

Severity:
- Critical: 102
- High: 430
- Medium: 413
- Low: 33
- None: 196

Status:
- : 19
- Analyzed: 196
- Awaiting Analysis: 638
- Modified: 4
- Received: 135
- Rejected: 35
- Undergoing Analysis: 147

Top CNAs:
- VulnCheck: 188
- kernel.org: 138
- GitHub, Inc.: 124
- Microsoft Corporation: 114
- Wordfence: 92
- MITRE: 91
- Fortinet, Inc.: 30
- VulDB: 30
- SICK AG: 26
- Adobe Systems Incorporated: 25

Top Affected Products:
- UNKNOWN: 948
- Microsoft Windows 11 24h2: 83
- Microsoft Windows 11 25h2: 83
- Microsoft Windows Server 2025: 83
- Microsoft Windows Server 2022 23h2: 77
- Microsoft Windows 11 23h2: 77
- Microsoft Windows Server 2022: 75
- Microsoft Windows 10 22h2: 70
- Microsoft Windows 10 21h2: 70
- Microsoft Windows Server 2019: 69

Security Dashboard | ZEN SecDB Portal

ZEN SecDB Portal

ZEN SecDB Nov 10

🚨 [CISA-2025:1110] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:1110)

⚠️ CVE-2025-21042 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-21042)
- Name: Samsung Mobile Devices Out-of-Bounds Write Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Samsung
- Product: Mobile Devices
- Notes: https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=04 ; https://nvd.nist.gov/vuln/detail/CVE-2025-21042

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20251110 #cisa20251110 #cve_2025_21042 #cve202521042

[CISA-2025:1110] CISA Adds One Known Exploited Vulnerability to Catalog - Advisory | ZEN SecDB Portal

CISA-2025:1110 - CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

ZEN SecDB Sep 23, 2025

[CISA-2025:0923] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:0923)

CVE-2025-10585 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-10585)
- Name: Google Chromium V8 Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Google
- Product: Chromium V8
- Notes: https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-10585

#SecDB #InfoSec #CISA_KEV #cisa_20250923 #cve_2025_10585

[CISA-2025:0923] CISA Adds One Known Exploited Vulnerability to Catalog - Advisory | ZEN SecDB Portal

CISA-2025:0923 - CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

ZEN SecDB Sep 23, 2025

[CISA-2025:0923] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:0923)

CVE-2025-10585 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-10585)
- Name: Google Chromium V8 Type Confusion Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns?:</b> Unknown
- Vendor: Google
- Product: Chromium V8
- Notes: https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-10585

#SecDB #InfoSec #CISA_KEV #cisa_20250923 cve_2025_10585

[CISA-2025:0923] CISA Adds One Known Exploited Vulnerability to Catalog - Advisory | ZEN SecDB Portal

CISA-2025:0923 - CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types...

ZEN SecDB Portal

Website	https://secdb.nttzen.cloud
Advisories	https://secdb.nttzen.cloud/security-advisory
Vulnerabilities	https://secdb.nttzen.cloud/cve
Sightigs	https://secdb.nttzen.cloud/sightings
Dashboard	https://secdb.nttzen.cloud/dashboard
About	https://secdb.nttzen.cloud/about