Skip to content
Auto-CTI
Archive view — this data may be outdated.

CTI status

Joel Traber AG

As of:

Last pipeline run:

Status High

All threats

Sorted by KEV · Risk · EPSS
Admiralty grading (A–F · 1–6)

Source reliability

  • A Completely reliable
  • B Usually reliable
  • C Fairly reliable
  • D Not usually reliable
  • E Unreliable
  • F Cannot be judged

Information credibility

  • 1 Confirmed
  • 2 Probably true
  • 3 Possibly true
  • 4 Doubtful
  • 5 Improbable
  • 6 Cannot be judged

NATO Admiralty (AJP-2.1) grades confidence, independent of the risk score. Cross-source corroboration isn't tracked for non-CVE news, so single-source items are capped at a lower credibility number; a low number does not imply low quality.

NEW A2
99

CVE-2026-58525

This is a standard NVD patch notice without active campaign or in-the-wild exploitation details; likely already covered by BSI/CISA advisories.

Critical CVSS 8.2 EPSS 0%
C3
80

Europe Evolves Into Ransomware's Favorite Region

Ransomware-as-a-Service ecosystems are strategically shifting focus toward European organizations and their supply chains, signaling a deliberate repositioning of ransomware campaigns after a global lull.

Critical
NEW LapDogs (China-linked APT) C3
80

China-Linked APT Expands Arsenal With New 'Leash' Backdoors

A China-linked APT group is actively expanding its arsenal with new proprietary backdoor variants (LongLeash, DogLeash, JarLeash) for SOHO routers, signalling sustained investment in infrastructure compromise in the context of geopolitical tensions.

Critical
NEW UAT-7810 C3
75

China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware

Chinese APT UAT-7810 is actively developing custom malware (ShortLeash/LONGLEASH) to establish Operational Relay Box networks positioned as infrastructure provider for downstream threat actors,a strategic escalation pattern targeting high-value victims.

Critical
NEW A2
71

CVE-2026-13129

A JavaScript-based field traversal vulnerability in PDF applications can cause application crash through invalid pointer dereference when a corrupted field form is opened.

High CVSS 7.8 EPSS 0%
NEW A2
71

CVE-2026-57237

A memory-corruption flaw in PDF applications can be triggered by malicious JavaScript in form fields, leading to application crashes; remote code execution potential is unclear from the advisory.

High CVSS 7.8 EPSS 0%
NEW A2
71

CVE-2026-57238

The vulnerability causes DoS through invalid object access after JavaScript deletion of form fields in PDF documents; no remote code execution.

High CVSS 7.8 EPSS 0%
NEW A2
71

CVE-2026-57245

The vulnerability enables a heap corruption condition through improper validation of PDF annotation relationships, potentially leading to crashes or code execution.

High CVSS 7.8 EPSS 0%
NEW A2
71

CVE-2026-57250

A flaw in PDF applications enables crash-through-service via malformed JavaScript form fields without validation checks.

High CVSS 7.8 EPSS 0%
NEW A2
71

CVE-2026-57252

The vulnerability enables PDF application crashes through manipulated JavaScript code during page deletion and annotation removal, with no remote code execution or data loss documented.

High CVSS 7.8 EPSS 0%
NEW A2
71

CVE-2026-57256

A validation failure in PDF form objects during JavaScript execution leads to invalid pointer access and application crash, potentially exploitable for denial-of-service.

High CVSS 7.8 EPSS 0%
NEW A2
68

CVE-2026-57239

The vulnerability allows local users to escalate privileges to NT AUTHORITY\SYSTEM level via user-controllable executable files; however, the vendor, PoC status, and active exploitation details remain unclear.

High CVSS 8.2 EPSS 0%
NEW A2
55

CVE-2026-57255

Memory vulnerability in PDF rendering enables remote denial-of-service through malformed color spaces; attack vectors via email attachments or SharePoint documents are likely.

Medium CVSS 6.1 EPSS 0%
B3
20

Introduction to COM usage by Windows threats

Researchers systematically document how malware abuses COM interfaces for lateral movement, persistence, and Windows automation, with Qakbot presented as a case study and reverse-engineering tools discussed.

High
NEW A3
20

[UPDATE] OpenSSH: Multiple Vulnerabilities

The BSI advisory covers multiple OpenSSH vulnerabilities without naming CVE numbers or specific version details,a typical aggregated advisory lacking clarity on exploit status.

High
A3
20

Google Chrome and Microsoft Edge: Multiple Vulnerabilities

The BSI warning is a collection advisory covering multiple browser vulnerabilities without specific CVE identification; prioritizing patches requires identifying the specific CVEs affecting Chrome and Edge versions in use.

High
What has changed since yesterday? →
ESC