Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2026-6310 — Google Chrome: Use after free in Dawn in Google Chrome prior to 147.0.7727.101 allowed a remote
Use after free in Dawn in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH) · EPSS 11th percentile
CVE-2026-6309 — Google Chrome: Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote
Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH) · EPSS 11th percentile
CVE-2026-6306 — Google Chrome: Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote
Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH) · EPSS 9th percentile
CVE-2026-6305 — Google Chrome: Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote
Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH) · EPSS 9th percentile
CVE-2026-6304 — Google Chrome: Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote
Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH) · EPSS 11th percentile
CVE-2026-6303 — Google Chrome: Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote
Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH) · EPSS 15th percentile
CVE-2026-6302 — Google Chrome: Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote
Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH) · EPSS 15th percentile
CVE-2026-6301 — Google Chrome: Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker
Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH) · EPSS 10th percentile
CVE-2026-6300 — Google Chrome: Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote
Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH) · EPSS 15th percentile
CVE-2026-6299 — Google Chrome: Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a remote
Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) CVSSv3.1 8.8 (HIGH) · EPSS 15th percentile
CVE-2026-6297 — Google Chrome: Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker
Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) CVSSv3.1 8.3 (HIGH) · EPSS 1th percentile
CVE-2026-6296 — Google Chrome: Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote
Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) CVSSv3.1 9.6 (CRITICAL) · EPSS 8th percentile
CVE-2026-35569 — Apostrophecms Apostrophecms: Versions 4.28.0 and prior contain a stored cross-site scripting vulnerability in SEO-related fields (SEO
ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a stored cross-site scripting vulnerability in SEO-related fields (SEO Title and Meta Description), where user-controlled input is rendered without proper output encoding into HTML contexts including <title> tags, <meta> attributes, and JSON-LD structured data. An attacker can inject a payload such as "></title><script>alert(1)</script> to break out of the intended HTML contex CVSSv3.1 8.7 (HIGH) · EPSS 10th percentile
CVE-2025-41118 — Grafana Pyroscope: The database supports various storage backends, including Tencent Cloud Object Storage (COS).
Pyroscope is an open-source continuous profiling database. The database supports various storage backends, including Tencent Cloud Object Storage (COS). If the database is configured to use Tencent COS as the storage backend, an attacker could extract the secret_key configuration value from the Pyroscope API. To exploit this vulnerability, an attacker needs direct access to the Pyroscope API. We highly recommend limiting the public internet exposure of all our databases, su CVSSv3.1 9.1 (CRITICAL) · EPSS 25th percentile
CVE-2026-6290 — Rapid7 Velociraptor: versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows
Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user's current ACL token. This allows an authenticated GUI user with access in one org, to use the query() plugin, in a notebook cell, to run VQL queries on other orgs which they may not have access to. The user's permissions in the other org are the same as the permissions they have in the org containing the notebook. CVSSv3.1 8.0 (HIGH)
CVE-2026-20186 — Cisco Identity_services_engine: A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker
A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exp CVSSv3.1 9.9 (CRITICAL) · EPSS 92th percentile
BloodHound CE v9.0.1
BloodHound CE v9.0.1 released with dependency updates and DAWGS library bump to 0.4.16. This is a maintenance release addressing identified vulnerabilities in upstream dependencies via Dependabot.
CVE-2026-30625 — Upsonic: 0.71.6 contains a remote code execution vulnerability in its MCP server/task creation functionality.
Upsonic 0.71.6 contains a remote code execution vulnerability in its MCP server/task creation functionality. The application allows users to define MCP tasks with arbitrary command and args values. Although an allowlist exists, certain allowed commands (npm, npx) accept argument flags that enable execution of arbitrary OS commands. Maliciously crafted MCP tasks may lead to remote code execution with the privileges of the Upsonic process. In version 0.72.0 Upsonic added a warn CVSSv3.1 9.8 (CRITICAL) · EPSS 55th percentile
CVE-2026-30617 — LangChain: LangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server configuration
LangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server configuration and execution handling. A remote attacker can access the publicly exposed MCP management interface and configure an MCP STDIO server with attacker-controlled commands and arguments. When the MCP server is started and MCP is enabled for agent execution, subsequent agent activity triggers execution of arbitrary commands on the server. Successful exploitation allows arbi CVSSv3.1 8.6 (HIGH) · EPSS 41th percentile
CVE-2026-30615 — Windsurf: A prompt injection vulnerability in Windsurf 1.9544.26 allows remote attackers to execute arbitrary commands
A prompt injection vulnerability in Windsurf 1.9544.26 allows remote attackers to execute arbitrary commands on a victim system. When Windsurf processes attacker-controlled HTML content, malicious instructions can cause unauthorized modification of the local MCP configuration and automatic registration of a malicious MCP STDIO server, resulting in execution of arbitrary commands without further user interaction. Successful exploitation may allow attackers to execute commands CVSSv3.1 8.0 (HIGH) · EPSS 18th percentile
CVE-2024-53412 — Command: injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to
Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field CVSSv3.1 8.4 (HIGH)
Threat landscape for industrial automation systems in Q4 2025
Kaspersky's Q4 2025 industrial threat report reveals a 1.6x spike in worm detections on ICS systems, primarily driven by the Backdoor.MSIL.XWorm distributed via phishing emails in the 'Curriculum-vitae-catalina' campaign targeting HR personnel. Overall malicious object detection on ICS computers declined to 19.7%, but email-based threats remain the primary infection vector, with regional variations showing Africa and Southern Europe as hotspots for removable media and phishing-based attacks respectively.
CVE-2026-21643 — Fortinet: CVE-2026-21643 is a critical unauthenticated SQL injection in Fortinet FortiClient EMS 7.4.4
CVE-2026-21643 is a critical unauthenticated SQL injection in Fortinet FortiClient EMS 7.4.4 (CVSS 9.8) affecting the administrative GUI that allows remote code execution. Active exploitation in the wild was confirmed by March 30, 2026, and CISA added it to the Known Exploited Vulnerabilities catalog by April 13, 2026. Affected users must upgrade to 7.4.5 or above immediately.
From Patch Tuesday to Pentest Wednesday®: When “Clean” Didn’t Mean Secure
Horizon3.ai published a case study of an internal penetration test at a defense industrial base organization that revealed critical attack paths despite passing external security assessments and maintaining active EDR/endpoint controls. The test demonstrated that credentialed attackers could achieve full domain compromise through credential reuse, lateral movement, and privilege escalation—techniques aligned with Iranian threat actor tradecraft (MuddyWater, APT33, APT39). Targeted remediation focused on breaking attack chains rather than patching individual vulnerabilities, validating that internal testing reveals risks invisible to external assessments.
CVE-2026-40784 — Authorization: Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting
Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through <= 1.91.2. CVSSv3.1 8.1 (HIGH) · EPSS 16th percentile