The vulnerability is already tracked in CISA's KEV catalogue and subject to BOD 26-04 requirements; no novel attack data or TTPs are disclosed beyond standard patching guidance.
The vulnerability enables unauthenticated or low-privilege access to system files and configurations via path traversal, potentially compromising the entire UniFi infrastructure.
The vulnerability enables unauthorized access to UniFi OS systems without authentication and is already listed in CISA's catalog of critical, actively exploited vulnerabilities.
The vulnerability is actively exploited and demonstrates a typical gap between patch availability and user configuration; exploitation waves in July-August 2025 indicate ransomware campaigns (including Akira) combining a firewall vulnerability with weak configuration practices.
Russian threat actors are actively exploiting a known WinRAR vulnerability (patched in July) for targeted cyberespionage against Ukrainian military and government targets, signaling sustained cyber-warfare in the region.
The vulnerability allows attackers to predict SSO tickets and perform account takeover without authentication, posing a critical risk to AD-based environments.
The vulnerability allows attackers to bypass PolymorphicTypeValidator allow-list mechanisms by placing denied classes as generic type parameters inside allow-listed container types via the type ID.
The vulnerability permits bypassing type validation when arrays with non-allowlisted component types are used, enabling arbitrary code execution during deserialization.
A Russian initial-access broker is running the FortiBleed campaign to harvest credentials at scale (110+ million since February 2026) via network sniffers and may sell acquired access to state-sponsored groups or ransomware gangs.
The Miasma worm demonstrates that publicly released supply-chain toolchains can now be replicated by any operator, and that stolen developer credentials traded in underground markets enable attackers to inject malicious packages with valid SLSA Build Level 3 attestations into production repositories.
Vulnerability allows bypass of @JsonIgnoreProperties filters by exploiting case-insensitivity processing in jackson-databind, making supposedly ignored properties writable again.
FortiBleed campaign uses Golang-based sniffer to compromise over 430,000 FortiGate firewalls and harvest 110 million credentials; attackers have already breached NATO-aligned defense contractors and leverage stolen credentials for distributed GPU-based hash cracking.
This 2020 CVE is long patched and remains relevant only if outdated Acrobat versions are still in productive use in the organisation; no current threat.
An extremely small attack vector (50 KByte) makes this vulnerability particularly dangerous for automated video recognition and media acquisition over network channels.
BSI advisory without explicit CVE numbers suggests coordinated disclosure or not-yet-fully-disclosed vulnerabilities; priority depends on CVE details and patch availability.
The vulnerability enables remote code execution via maliciously crafted webpages when Autodesk Fusion Desktop is open with the MCP extension enabled,a direct attack vector against design workstations in manufacturing environments.
The vulnerability allows a network-positioned attacker to intercept HTTP AD CS certificate requests and inject a malicious Root CA certificate into the system trust store, compromising all subsequent TLS connections system-wide.
The vulnerability combines multiple critical OAuth 2.0 implementation flaws (insecure state parameter, missing session rotation, unencrypted redirect URIs) in Azure AD that enable session hijacking, session fixation, and token exfiltration.
BSI warns of multiple vulnerabilities in core Azure components (AI Bot Service, AD, Synapse) enabling privilege escalation and information disclosure; no CVE numbers specified in this alert.
BSI alert regarding an authentication-requiring privilege escalation in Exchange Online without a CVE number suggests an as-yet incompletely documented or coordinated vulnerability disclosure.
Attackers compromised the official build and distribution pipeline of a WordPress plugin vendor and distributed backdoor code through legitimate licensed update channels, demonstrating that trusted sources can be weaponized for malware delivery.