What has changed?
Comparing 3 May 2026 with the previous day 2 May 2026.
Newly added
218CVE-2019-0708 — Microsoft Remote Desktop Services Remote Code Execution Vulnerability
CVE-2017-7269 — Microsoft Windows Server Buffer Overflow Vulnerability
CVE-2021-44228 — Apache Log4j2 Remote Code Execution Vulnerability
CVE-2020-3952 — VMware vCenter Server Information Disclosure Vulnerability
CVE-2015-1635 — Microsoft HTTP.sys Remote Code Execution Vulnerability
CVE-2021-34523 — Microsoft Exchange Server Privilege Escalation Vulnerability
CVE-2023-48788 — Fortinet FortiClient EMS SQL Injection Vulnerability
CVE-2022-42475 — Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
CVE-2024-47575 — Fortinet FortiManager Missing Authentication Vulnerability
CISA KEV listing elevates this to active exploitation risk; FortiManager admin access is a natural target for lateral movement into manufacturing control systems (WinCC, S7 PLC, TwinCAT).
CVE-2020-0646 — Microsoft .NET Framework Remote Code Execution Vulnerability
CVE-2020-0646 is a 4-year-old RCE with a patch deadline that has already passed; unless the company is running unpatched .NET Framework instances, this alert adds no novel threat intelligence beyond routine vulnerability tracking.
CVE-2020-1350 — Microsoft Windows DNS Server Remote Code Execution Vulnerability
CVE-2023-23397 — Microsoft Office Outlook Privilege Escalation Vulnerability
CVE-2023-34048 — VMware vCenter Server Out-of-Bounds Write Vulnerability
CVE-2024-21413 — Microsoft Outlook Improper Input Validation Vulnerability
CISA KEV listing confirms active exploitation risk; no novel attack campaign or victim-sector details disclosed beyond standard patch advisory.
CVE-2025-64446 — Fortinet FortiWeb Path Traversal Vulnerability
CVE-2020-15999 — Google Chrome FreeType Heap Buffer Overflow Vulnerability
CVE-2019-5544 — VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability
This is a legacy patch reminder from CISA KEV; no novel active campaign details are provided beyond the original 2019 disclosure.
CVE-2011-2462 — Adobe Reader and Acrobat Universal 3D Memory Corruption Vulnerability
This is a 13-year-old vulnerability unlikely to pose active risk if Reader is kept current; CISA KEV inclusion suggests it may still appear in attack chains against unpatched legacy systems.
CVE-2020-3992 — VMware ESXi OpenSLP Use-After-Free Vulnerability
CVE-2017-8543 — Microsoft Windows Search Remote Code Execution Vulnerability
CVE-2024-40711 — Veeam Backup and Replication Deserialization Vulnerability
CVE-2025-32756 — Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
CVE-2021-30633 — Google Chromium Indexed DB API Use-After-Free Vulnerability
CVE-2025-25257 — Fortinet FortiWeb SQL Injection Vulnerability
CVE-2024-21410 — Microsoft Exchange Server Privilege Escalation Vulnerability
CVE-2025-59718 — Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability
Improper cryptographic signature verification in Fortinet appliances could enable man-in-the-middle or firmware tampering attacks if not patched by 2025-12-23 deadline.
CVE-2026-20963 — Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
CVE-2024-5274 — Google Chromium V8 Type Confusion Vulnerability
CVE-2022-3075 — Google Chromium Mojo Insufficient Data Validation Vulnerability
CVE-2024-7971 — Google Chromium V8 Type Confusion Vulnerability
CVE-2024-4671 — Google Chromium Visuals Use-After-Free Vulnerability
CVE-2017-0144 — Microsoft SMBv1 Remote Code Execution Vulnerability
CVE-2021-1675 — Microsoft Windows Print Spooler Remote Code Execution Vulnerability
CVE-2017-0199 — Microsoft Office and WordPad Remote Code Execution Vulnerability
CVE-2021-27065 — Microsoft Exchange Server Remote Code Execution Vulnerability
This CVE is part of the Proxylogon chain (CVE-2021-26855 + 27065) actively exploited by state-sponsored actors (HAFNIUM/China) since early 2021; patch status should be verified immediately as critical infrastructure and manufacturing sectors remain targets.
CVE-2020-0618 — Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
CVE-2017-8570 — Microsoft Office Remote Code Execution Vulnerability
CVE-2022-41040 — Microsoft Exchange Server Server-Side Request Forgery Vulnerability
CVE-2018-8120 — Microsoft Win32k Privilege Escalation Vulnerability
CVE-2023-4863 — Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
CVE-2021-42278 — Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
CVE-2017-0143 — Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability
CVE-2021-42287 — Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
CVE-2017-8759 — Microsoft .NET Framework Remote Code Execution Vulnerability
CVE-2021-31207 — Microsoft Exchange Server Security Feature Bypass Vulnerability
CVE-2024-21412 — Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability
Internet Shortcut (.url) file bypass allows attackers to bypass Mark-of-the-Web security warnings, increasing phishing and malware delivery effectiveness against manufacturing staff using Windows desktops.
CVE-2008-2992 — Adobe Reader and Acrobat Input Validation Vulnerability
This is a stale CISA KEV reminder for a 16-year-old vulnerability with a 2022 deadline; no active campaign, novel tactics, or strategic threat context—purely archival patch guidance.
CVE-2024-29059 — Microsoft .NET Framework Information Disclosure Vulnerability
No evidence of active exploitation campaign or sector-specific targeting; standard patch advisory lacking tactical or strategic novelty.
CVE-2021-42321 — Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-33766 — Microsoft Exchange Server Information Disclosure
CVE-2010-0188 — Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability
CVE-2017-0145 — Microsoft SMBv1 Remote Code Execution Vulnerability
CVE-2010-2883 — Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability
CVE-2007-5659 — Adobe Acrobat and Reader Buffer Overflow Vulnerability
CVE-2013-0640 — Adobe Reader and Acrobat Memory Corruption Vulnerability
CVE-2014-4114 — Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability
CVE-2020-17144 — Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2019-1458 — Microsoft Win32k Privilege Escalation Vulnerability
CVE-2015-2426 — Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability
CVE-2021-36934 — Microsoft Windows SAM Local Privilege Escalation Vulnerability
CVE-2023-36025 — Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2019-0803 — Microsoft Win32k Privilege Escalation Vulnerability
CVE-2019-0803 is from 2019 with a remediation deadline of May 2022; this appears to be a stale or re-circulated patch reminder lacking evidence of active exploitation or campaign relevance.
CVE-2019-13720 — Google Chrome WebAudio Use-After-Free Vulnerability
This is a legacy 2019 vulnerability with expired remediation deadline; relevance only if systems remain unpatched despite age.
CVE-2024-30088 — Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
CVE-2019-5786 — Google Chrome Blink Use-After-Free Vulnerability
CVE-2018-9276 — Paessler PRTG Network Monitor OS Command Injection Vulnerability
This 2018 vulnerability is now on CISA KEV; if Joel Traber AG has not patched PRTG since 2018, immediate remediation is required as exploits are publicly available and trivial.
CVE-2022-21971 — Microsoft Windows Runtime Remote Code Execution Vulnerability
CVE-2013-3918 — Microsoft Windows Out-of-Bounds Write Vulnerability
CVE-2015-1671 — Microsoft Windows Remote Code Execution Vulnerability
CVE-2020-1020 — Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability
This is a legacy 2020 vulnerability with a 2022 patch deadline; no current active campaign or novel TTPs are indicated—standard patch reminder with no strategic implications.
CVE-2024-1086 — Linux Kernel Use-After-Free Vulnerability
CVE-2024-1086 is a widely exploitable kernel UAF enabling privilege escalation on all Linux distributions; no active targeted campaign against manufacturing sector identified in alert.
CVE-2021-30632 — Google Chromium V8 Out-of-Bounds Write Vulnerability
CVE-2020-16009 — Google Chromium V8 Type Confusion Vulnerability
CVE-2023-27532 — Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability
CISA KEV confirmation elevates this beyond routine patch advisory; missing authentication on backup Cloud Connect creates direct lateral-movement and data-exfiltration risk for manufacturing environments.
CVE-2023-29336 — Microsoft Win32K Privilege Escalation Vulnerability
CVE-2021-30551 — Google Chromium V8 Type Confusion Vulnerability
CVE-2019-0808 — Microsoft Win32k Privilege Escalation Vulnerability
CVE-2023-24880 — Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
SmartScreen bypass enables malware execution on protected endpoints; no active exploitation campaign disclosed, standard patch advisory.
CVE-2024-38193 — Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
CVE-2019-6693 — Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability
CVE-2025-49706 — Microsoft SharePoint Improper Authentication Vulnerability
Vulnerability affects EOL/EOS SharePoint Server instances; priority action is inventory and disconnect legacy deployments rather than patch patching live systems.
CVE-2023-36874 — Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability
CVE-2022-44698 — Microsoft Defender SmartScreen Security Feature Bypass Vulnerability
CVE-2024-49039 — Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
CVE-2024-29988 — Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability
CVE-2024-38213 — Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2016-3393 — Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability
CVE-2019-1405 — Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability
CVE-2025-0411 — 7-Zip Mark of the Web Bypass Vulnerability
Mark of the Web bypass enables malicious 7z archives to execute without user warning when extracted, elevating phishing+social engineering risk in manufacturing environments where CAD/design files are routinely shared.
CVE-2015-2360 — Microsoft Win32k Privilege Escalation Vulnerability
CVE-2018-4990 — Adobe Acrobat and Reader Double Free Vulnerability
CVE-2025-33073 — Microsoft Windows SMB Client Improper Access Control Vulnerability
CVE-2025-2783 — Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2021-26857 — Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-26857 was exploited by state-sponsored Hafnium (suspected APT40) against European manufacturing and utilities in early 2021; DACH SMEs running Exchange must treat this as a nation-state supply-chain threat even if patched, as forensics may reveal lateral movement into manufacturing control networks.
CVE-2023-32046 — Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability
CVE-2022-41128 — Microsoft Windows Scripting Languages Remote Code Execution Vulnerability
CVE-2018-8639 — Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
Six-year-old vulnerability now on CISA KEV with mandatory remediation deadline; indicates Joel Traber AG may still have unpatched Windows systems in production if this is newly flagged.
CVE-2021-34486 — Microsoft Windows Event Tracing Privilege Escalation Vulnerability
CVE-2022-3038 — Google Chromium Network Service Use-After-Free Vulnerability
CVE-2021-42292 — Microsoft Excel Security Feature Bypass
CVE-2021-28550 — Adobe Acrobat and Reader Use-After-Free Vulnerability
CVE-2021-38648 — Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability
CVE-2019-1069 — Microsoft Task Scheduler Privilege Escalation Vulnerability
CVE-2024-38813 — VMware vCenter Server Privilege Escalation Vulnerability
CVE-2024-7965 — Google Chromium V8 Inappropriate Implementation Vulnerability
CVE-2020-16013 — Google Chromium V8 Incorrect Implementation Vulnerabililty
CVE-2022-22948 — VMware vCenter Server Incorrect Default File Permissions Vulnerability
CVE-2019-0703 — Microsoft Windows SMB Information Disclosure Vulnerability
This is a 2019 vulnerability with a 2022 patch deadline; most organizations should have already remediated, but the CISA KEV listing suggests active exploitation in the wild remains a concern.
CVE-2023-23376 — Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
CVE-2021-21193 — Google Chromium Blink Use-After-Free Vulnerability
CVE-2025-30397 — Microsoft Windows Scripting Engine Type Confusion Vulnerability
CISA KEV listing confirms active exploitation or high weaponization risk; prioritize patching ahead of June 3 deadline as this affects baseline Windows infrastructure.
CVE-2016-8562 — Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability
CVE-2016-8562 is an 8-year-old privilege management flaw in legacy Siemens communication processors; patch status and active exploitation likelihood require verification given age and industrial environment criticality.
CVE-2022-1364 — Google Chromium V8 Type Confusion Vulnerability
CVE-2021-43890 — Microsoft Windows AppX Installer Spoofing Vulnerability
CVE-2024-53104 — Linux Kernel Out-of-Bounds Write Vulnerability
CVE-2024-21351 — Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2024-38217 — Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability
MOTW bypass enables malware persistence via downloaded files without user warning; particularly relevant for manufacturing environments where CAD files, PDFs, and documents are frequently exchanged with vendors and partners.
CVE-2022-37969 — Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
CVE-2023-21674 — Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability
CVE-2026-21509 — Microsoft Office Security Feature Bypass Vulnerability
CVE-2025-22225 — VMware ESXi Arbitrary Write Vulnerability
CVE-2024-43461 — Microsoft Windows MSHTML Platform Spoofing Vulnerability
CVE-2026-21525 — Microsoft Windows NULL Pointer Dereference Vulnerability
CVE-2019-1388 — Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability
This is a legacy CVE with expired remediation deadline; re-surfacing suggests either unpatched legacy systems exist or alert fatigue from recycled vulnerability notices.
CVE-2023-32049 — Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability
CVE-2025-21335 — Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
CVE-2021-31979 — Microsoft Windows Kernel Privilege Escalation Vulnerability
CVE-2022-22718 — Microsoft Windows Print Spooler Privilege Escalation Vulnerability
CVE-2019-18988 — TeamViewer Desktop Bypass Remote Login Vulnerability
This 2019 vulnerability is now obsolete; verify that deployed TeamViewer versions are current, as legacy installations remain vulnerable to unauthenticated remote access.
CVE-2022-41091 — Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
CVE-2021-33771 — Microsoft Windows Kernel Privilege Escalation Vulnerability
CVE-2021-4102 — Google Chromium V8 Use-After-Free Vulnerability
CVE-2019-1215 — Microsoft Windows Privilege Escalation Vulnerability
CVE-2023-21823 — Microsoft Windows Graphic Component Privilege Escalation Vulnerability
CVE-2022-38028 — Microsoft Windows Print Spooler Privilege Escalation Vulnerability
CVE-2026-21514 — Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
CVE-2025-21391 — Microsoft Windows Storage Link Following Vulnerability
CVE-2026-21519 — Microsoft Windows Type Confusion Vulnerability
CVE-2019-0797 — Microsoft Win32k Privilege Escalation Vulnerability
Routine CISA KEV reminder with 2022 deadline; no active exploitation campaign or novel TTPs reported.
CVE-2025-22226 — VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability
CVE-2021-41357 — Microsoft Win32k Privilege Escalation Vulnerability
CVE-2023-5217 — Google Chromium libvpx Heap Buffer Overflow Vulnerability
CVE-2021-31955 — Microsoft Windows Kernel Information Disclosure Vulnerability
CVE-2018-13374 — Fortinet FortiOS and FortiADC Improper Access Control Vulnerability
This is a historical patch reminder for a 2018 vulnerability; no active campaign, novel exploitation technique, or new victim data is reported.
CVE-2021-31196 — Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2022-34713 — Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
CVE-2021-30563 — Google Chromium V8 Type Confusion Vulnerability
CVE-2023-20867 — VMware Tools Authentication Bypass Vulnerability
CVE-2023-7024 — Google Chromium WebRTC Heap Buffer Overflow Vulnerability
CVE-2023-3079 — Google Chromium V8 Type Confusion Vulnerability
CVE-2022-41073 — Microsoft Windows Print Spooler Privilege Escalation Vulnerability
CVE-2025-24985 — Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability
CVE-2024-53197 — Linux Kernel Out-of-Bounds Access Vulnerability
CVE-2018-13383 — Fortinet FortiOS and FortiProxy Out-of-bounds Write
Six-year-old vulnerability reappearing in patch reminders suggests the company may not have applied FortiOS updates; verification of current FortiGate patch level is essential.
CVE-2022-41033 — Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability
CVE-2024-50302 — Linux Kernel Use of Uninitialized Resource Vulnerability
CVE-2023-36036 — Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability
CVE-2025-6554 — Google Chromium V8 Type Confusion Vulnerability
CVE-2025-32701 — Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
CVE-2020-0638 — Microsoft Update Notification Manager Privilege Escalation Vulnerability
CVE-2021-31201 — Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability
CVE-2025-32706 — Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
CVE-2025-14174 — Google Chromium Out of Bounds Memory Access Vulnerability
CVE-2023-36033 — Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability
CVE-2025-32709 — Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability
CVE-2023-26369 — Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability
CVE-2022-3723 — Google Chromium V8 Type Confusion Vulnerability
CVE-2023-35311 — Microsoft Outlook Security Feature Bypass Vulnerability
CVE-2024-0519 — Google Chromium V8 Out-of-Bounds Memory Access Vulnerability
CVE-2025-29824 — Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
CVE-2022-41328 — Fortinet FortiOS Path Traversal Vulnerability
CVE-2023-0266 — Linux Kernel Use-After-Free Vulnerability
No active campaign, victim sectors, or attacker TTPs identified; standard CISA patch reminder with April 2023 due date—likely already superseded by Ubuntu security advisories.
CVE-2025-38352 — Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability
CISA KEV listing confirms priority patching; no novel attack details or sector-specific exploitation reported beyond standard vulnerability disclosure.
ZDI-26-187: (Pwn2Own) Synology DiskStation Manager Netatalk Library Buffer Overflow Remote Code Execution Vulnerability
CVE-2022-45188 is a well-known 2022 Pwn2Own finding; verify DSM version and apply patches immediately as Netatalk RCE poses direct risk to NAS availability and data.
ZDI-26-206: (Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Canon imageCLASS MF654Cdw TTF font parsing flaw enables unauthenticated network-adjacent RCE; likely affects other Canon multifunction models in same family—immediate firmware patch assessment required for all Canon MFP fleet.
ZDI-26-126: (Pwn2Own) Ubiquiti Networks AI Pro Discovery Protocol Missing Encryption Protocol Downgrade Vulnerability
Protocol downgrade on discovery mechanism could allow attackers to intercept or manipulate device communications without authentication on the local network segment.
ZDI-26-183: Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability
Requires local code execution first; prioritize patching after assessing internal lateral-movement risks in manufacturing environment.
ZDI-26-188: (Pwn2Own) VMware ESXi VMCI Integer Underflow Local Privilege Escalation Vulnerability
Integer underflow in VMCI allows local guest-to-hypervisor privilege escalation; requires prior code execution on guest but breaks hypervisor isolation boundary.
ZDI-26-180: Microsoft Windows cdd Improper Locking Local Privilege Escalation Vulnerability
Windows cdd component LPE requires prior code execution; prioritize patching after establishing perimeter controls to prevent initial compromise.
Fortinet FortiOS & FortiProxy - Aktive Ausnutzung einer Zero-Day Schwachstelle
Active zero-day exploitation of Fortinet products used in company perimeter defense requires immediate incident response and patch deployment protocols.
Microsoft SharePoint - Angreifer nutzen kritische Schwachstelle aktiv aus
BSI warning of active SharePoint exploitation in German language emphasizes threat targeting DACH organizations; immediate patching and network monitoring required.
Microsoft WSUS - Notfallupdate schließt kritische Schwachstelle mit Proof-of-Concept
BSI emergency advisory on WSUS critical flaw suggests active exploitation or imminent threat—immediate patching required for manufacturing infrastructure resilience.
Fortinet - Zero-Day Schwachstelle gefährdet Fortinet-Lösungen mit SAML SSO
Zero-day affecting SAML SSO in Fortinet products represents critical risk to enterprise authentication; BSI advisory indicates active exploitation risk in DACH region.
Microsoft won’t patch PhantomRPC: Feature or bug?
Microsoft's decision not to patch PhantomRPC suggests either a design-level architectural decision or disputed severity classification; critical for organizations relying on RPC-dependent legacy systems and manufacturing tools.
Microsoft Windows RPC: Schwachstelle ermöglicht Privilegieneskalation
BSI advisory on Windows RPC privilege escalation affecting manufacturing company's core infrastructure; requires immediate patching assessment despite lack of CVE reference in alert summary.
[UPDATE] sudo: Mehrere Schwachstellen
BSI update confirms multiple sudo flaws enabling local root escalation; critical for Ubuntu 24.04 LTS systems used in manufacturing environment where industrial control access (SIMATIC WinCC, TIA Portal, PLCs) depends on privilege separation.
[UPDATE] Oracle Java SE: Mehrere Schwachstellen
BSI official advisory on Oracle Java SE indicates this is a coordinated disclosure—likely covering recent Java SE critical patch updates; Joel Traber AG should prioritize patching Java runtimes used in Abacus ERP and development environments.
Google Chrome: Mehrere Schwachstellen
BSI advisory flags multiple Chrome vulnerabilities with unspecified details; patch status and CVE list should be tracked as details emerge.
Google Chrome und Microsoft Edge: Mehrere Schwachstellen
BSI has issued a warning on multiple Chrome/Edge vulnerabilities without full disclosure yet—suggests active exploitation risk or zero-day concerns in DACH region; immediate patch monitoring required.
[UPDATE] FreeRDP: Mehrere Schwachstellen
BSI advisory on FreeRDP multiple vulnerabilities affecting arbitrary code execution and DoS; relevant for organisations deploying open-source RDP alternatives or legacy RDP-based infrastructure.
[UPDATE] Microsoft Windows: Mehrere Schwachstellen
BSI advisory on multiple Windows vulnerabilities affecting privilege escalation and RCE vectors; no specific CVEs listed in this update notice, suggesting rolling advisory covering recent patches or embargo-period disclosures.
Synology DiskStation Manager: Mehrere Schwachstellen
BSI warning on multiple DSM vulnerabilities affecting a core backup/storage component; no CVE numbers provided in alert, suggesting coordinated or embargoed disclosure—immediate patching of Synology DSM systems recommended.
Adobe Creative Cloud Applikationen: Mehrere Schwachstellen
BSI advisory confirms multiple unpatched or recently patched vulnerabilities in Creative Cloud suite affecting German manufacturing; recommend immediate patch review and user awareness on suspicious file sources.
Adobe Acrobat DC, Acrobat Reader DC und Acrobat Reader: Mehrere Schwachstellen
Prototype pollution vulnerabilities in PDF readers are difficult to patch consistently across legacy versions; affected product is ubiquitous in manufacturing documentation workflows.
Ubiquiti UniFi Play PowerAmp und Audio Port: Mehrere Schwachstellen
Multiple unspecified vulnerabilities in UniFi audio/power hardware affecting a deployed network component; patch status and severity grades unavailable pending full CVE disclosure.
Adobe Acrobat Reader: Schwachstelle ermöglicht Offenlegung von Informationen und Codeausführung
BSI WID advisory on Adobe Reader RCE/info-disclosure vulnerability—no specific CVE identifier provided; request full CVE details and CVSS score for patch prioritization.
Google Chrome und Microsoft Edge: Mehrere Schwachstellen
BSI WID disclosure without specific CVE identifiers suggests ongoing or coordinated vulnerability management affecting all German government and critical infrastructure advisories.
Ubiquiti UniFi Network Server: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
BSI-issued vulnerability in UniFi Network Server affecting authentication; requires user interaction (phishing/social engineering vector) but enables account compromise.
Ubiquiti UniFi Network Application: Mehrere Schwachstellen ermöglichen Privilegieneskalation
BSI official warning on UniFi privilege escalation affecting DACH region; immediate patch assessment required for company's network management platform.
Adobe Acrobat DC: Mehrere Schwachstellen
BSI advisory on multiple unspecified Adobe Acrobat DC/Reader DC RCE and privilege escalation flaws; lack of CVE details suggests active advisory or coordinated disclosure window.
Google Chrome: Schwachstelle ermöglicht Codeausführung
BSI advisory confirms active Chrome vulnerability with code execution capability; patch urgency depends on CVSS score and exploitation status not specified in alert.
Intel Prozessoren: Mehrere Schwachstellen
BSI official warning signals coordinated vulnerability disclosure affecting core compute infrastructure; DACH supply-chain and manufacturing sectors should prioritize patching.
Microsoft Edge: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Requires user interaction for exploitation but enables bypass of security controls on Windows endpoints; relevant for environments where Edge runs under user contexts with local execution capabilities.
Google Chrome/Microsoft Edge: Schwachstelle ermöglicht Codeausführung
BSI advisory on unspecified Chrome/Edge RCE vulnerability requiring user interaction—indicates active exploitation risk in DACH region; patch status and CVE details pending.
Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation
PhantomRPC is an unpatched local privilege escalation affecting Windows systems; requires immediate assessment of exploit availability and deployment of mitigations pending official Microsoft patch.
Exploits Turn Windows Defender Into Attacker Tool
Exploitation technique that converts Windows Defender from defensive tool into attack vector represents a critical defense-in-depth concern for organizations relying on Microsoft's endpoint protection as primary security layer.
Bypassing Windows Administrator Protection
Project Zero disclosed a method to bypass Windows Administrator Protection by exploiting TokenLinkedToken query behavior that generates new logon sessions, enabling potential privilege escalation on vulnerable systems.
23rd March – Threat Intelligence Report
Ubiquiti UniFi critical vulnerability directly affects company's network infrastructure; ScreenConnect flaw relevant to remote access security posture across managed IT services.
[UPDATE] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
BSI advisory on multiple unspecified Linux kernel DoS vulnerabilities; Joel Traber AG should cross-reference Ubuntu security bulletins for patching guidance and CVE specifics.
[UPDATE] Linux Kernel: Mehrere Schwachstellen
BSI advisory signals multiple unspecified kernel CVEs requiring patch assessment across Ubuntu 24.04 LTS fleet; prioritize kernel updates in WSUS/patch management.
Synology DiskStation Manager: Schwachstelle ermöglicht Offenlegung von Informationen
BSI-disclosed information disclosure in Synology DSM requires patch review; threat is limited by authentication requirement but may expose sensitive NAS configuration or user data.
Google Chrome/Microsoft Edge: Mehrere Schwachstellen
BSI advisory signals multiple Chrome/Edge vulnerabilities without CVE details yet; proactive monitoring and patching readiness recommended for manufacturing environment.
Microsoft Patchday Februar 2026
Microsoft Edge: Mehrere Schwachstellen
BSI generic advisory without CVE details limits immediate patching clarity; requires monitoring for published CVE list and Microsoft security updates.
Microsoft Edge: Schwachstelle ermöglicht Offenlegung von Informationen
Vulnerability steals PII (addresses, emails, phones) via malicious website visit; typical social-engineering attack vector against manufacturing workforce.
Microsoft 365 Copilot und Edge: Schwachstelle ermöglicht Offenlegung von Informationen und Manipulation von Daten
Vulnerability leverages Copilot's trusted UI context to deliver convincing phishing; mobile-focused attack surface may bypass desktop-centric security controls.
Google Chrome: Schwachstelle ermöglicht Offenlegung von Informationen
Exploitation requires user interaction (visiting malicious site/app), limiting immediate risk but relevant for employee browsing security controls.
Newly KEV-listed
0No changes in this category.
Score moved
0No changes in this category.
No longer in report
11CISA Adds One Known Exploited Vulnerability to Catalog
This CVE is actively exploited and added to CISA's KEV catalog, requiring immediate patching of affected Linux systems.
Dangerous New Linux Exploit Gives Attackers Root Access to Countless Computers
This alert describes a specific active exploit (CopyFail) with root access capabilities, not just a patch reminder, and highlights that many systems remain unpatched.
Metasploit Wrap-Up 05/01/2026
Public PoC and Metasploit module for a Linux kernel cryptographic API logic flaw enabling local privilege escalation on AMD64/AARCH64 systems.
vSphere and BRICKSTORM Malware: A Defender's Guide
The BRICKSTORM malware exploits vCenter SSO to establish persistence and evade detection, requiring MFA and real-time alerting on SSO account actions.
CVE-2026-22167
This vulnerability allows a non-privileged user to corrupt kernel memory via GPU system calls, which could be exploited in multi-tenant virtualization environments like VMware ESXi to break isolation.
CVE-2026-31700
This is a newly disclosed Linux kernel vulnerability with a TOCTOU race condition in the packet socket subsystem that could allow local privilege escalation.
CVE-2026-31709
This CVE describes a newly discovered vulnerability in the Linux kernel's SMB client that allows a malicious server to corrupt memory via a crafted DACL, going beyond a simple patch reminder by detailing the specific flaw in ACL validation.
CVE-2026-31711
An unauthenticated remote attacker can exhaust the max_connections pool by triggering memory allocation failures via crafted TCP connections, causing permanent denial of service until module reload.
CVE-2026-31774
This vulnerability describes a specific slab-out-of-bounds read in io_uring that can be triggered by passing large sqe->len values, potentially leading to memory corruption or information disclosure.
CVE-2026-43016
This is a newly disclosed use-after-free vulnerability in the Linux kernel's BPF sockmap subsystem that could allow local privilege escalation or denial of service.
CVE-2026-43043
This is a newly disclosed vulnerability with no active exploitation reported yet, but it poses a high risk of kernel panic for systems using AF_ALG crypto operations.