Aggregator

A vulnerability, which was classified as problematic, has been found in VMware Workstation. Affected by this issue is some unknown functionality. The manipulation leads to null pointer dereference. This vulnerability is documented as CVE-2026-22722. The attack needs to be performed locally. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in Discourse up to 2025.12.1/2026.1.0. Affected by this vulnerability is an unknown functionality of the component Private Category Handler. Executing a manipulation can lead to missing authorization. This vulnerability is registered as CVE-2026-26979. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in Discourse up to 2025.12.1/2026.1.0. Affected is the function enable_category_group_moderation. Performing a manipulation results in incorrect authorization. This vulnerability is cataloged as CVE-2026-26973. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in UnitreeRobotics Unitree Go2 up to 1.1.9. This impacts an unknown function of the file actuator_manager.py of the component Message Handler. Such manipulation leads to missing authentication. This vulnerability is listed as CVE-2026-27509. The attack must be carried out from within the local network. There is no available exploit.

A vulnerability marked as critical has been reported in UnitreeRobotics Unitree Go2 up to 1.1.9/1.1.11. This affects an unknown function of the file unitree_go2.db of the component com.unitree.doggo2. This manipulation of the argument pyCode causes insufficient verification of data authenticity. This vulnerability is tracked as CVE-2026-27510. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability labeled as critical has been found in Pelco Sarix Professional IMP 3, Sarix Professional IXP 3, Sarix Professional IBP 3 and Sarix Professional IWP 3 up to 02.52. The impacted element is an unknown function of the component Web Management Interface. The manipulation results in authentication bypass using alternate channel. This vulnerability is identified as CVE-2026-1241. The attack can be executed remotely. There is not any exploit available.

A newly uncovered phishing campaign is delivering Agent Tesla, one of the most widely used credential-stealing malware families, through a multi-stage attack chain that leaves almost no trace on a victim’s machine. The campaign uses business-themed phishing emails, obfuscated scripts, and in-memory execution to silently harvest sensitive data from Windows users. With its ability to […]

The post Phishing‑Led Agent Tesla Campaign Uses Process Hollowing and Anti‑Analysis to Evade Detection appeared first on Cyber Security News.

A vulnerability identified as problematic has been detected in VMware Workstation and Fusion 9.0.1. The affected element is an unknown function of the component Network Packet Handler. The manipulation leads to denial of service. This vulnerability is referenced as CVE-2026-22715. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.

Qrator Research Lab has identified Aeternum C2, a botnet that uses the Polygon blockchain for commands, making it nearly impossible to shut down.

A vulnerability classified as critical has been found in SmarterTools SmarterMail up to 100.0.9510. The impacted element is an unknown function of the component Password Reset API. Performing a manipulation results in authentication bypass using alternate channel. This vulnerability is reported as CVE-2026-23760. The attack is possible to be carried out remotely. Moreover, an exploit is present. It is recommended to upgrade the affected component.

In September 2025, the cybercriminal group Storm-1175 exploited a zero-day vulnerability in GoAnywhere Managed File Transfer to deploy Medusa ransomware across multiple organizations. The attack succeeded despite perimeter defenses because no signature existed to detect it, and by the time one did, attackers had already established persistence and were moving freely through victim networks. This … Continued

The post Why Perimeter Firewall is Not Enough: Lessons from the GoAnywhere MFT Zero-Day appeared first on VMware Security Blog.

A vulnerability was found in gix-date. It has been classified as critical. This affects the function gix_date::parse::TimeBuf::as_str. This manipulation causes incorrect calculation of multi-byte string length. This vulnerability is tracked as CVE-2026-0810. The attack is only possible within the local network. No exploit exists.

A vulnerability classified as critical was found in jm33-m0 emp3r0r up to 3.21.0. This issue affects some unknown processing of the file /bin/sh. Such manipulation leads to command injection. This vulnerability is referenced as CVE-2026-26068. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in newbee-ltd newbee-mall 1.0.0. The affected element is an unknown function. Performing a manipulation results in hard-coded credentials. This vulnerability was named CVE-2026-26218. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as problematic was found in newbee-ltd newbee-mall 1.0.0. The impacted element is an unknown function of the component Password Hash Handler. Executing a manipulation can lead to risky cryptographic algorithm. The identification of this vulnerability is CVE-2026-26219. The attack may be launched remotely. There is no exploit available.

A vulnerability identified as problematic has been detected in MongoDB Server up to 7.0.28/8.0.12. Impacted is an unknown function of the component geoNear Pipeline Handler. This manipulation causes reachable assertion. This vulnerability is handled as CVE-2026-25610. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, was found in MongoDB Server up to 7.0.28/8.0.17/8.2.3. Affected by this issue is some unknown functionality. Such manipulation leads to incorrect type conversion. This vulnerability is listed as CVE-2026-25613. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.

A vulnerability was found in MongoDB Server up to 7.0.28/8.0.17/8.2.3 and classified as critical. This vulnerability affects unknown code. Executing a manipulation can lead to missing authorization. This vulnerability is registered as CVE-2026-25609. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability was found in ljharb qs up to 6.14.1. It has been classified as problematic. Affected by this issue is some unknown functionality in the library lib/parse.js. The manipulation leads to denial of service. This vulnerability is referenced as CVE-2026-2391. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.

A vulnerability labeled as critical has been found in Soliton FileZen. This issue affects some unknown processing of the component HTTP Request Handler. Such manipulation leads to os command injection. This vulnerability is documented as CVE-2026-25108. The attack can be executed remotely. Additionally, an exploit exists.