Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2026-23687 — Sap Sap_basis: NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal
SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information, unauthorized access to sensitive user data and potential disruption of normal system usage. CVSSv3.1 8.8 (HIGH) · EPSS 5th percentile
Intego X9: When your macOS antivirus becomes your enemy
Quarkslab disclosed two critical local privilege escalation vulnerabilities in Intego X9 macOS security suite affecting Log Reporter and Personal Backup. Both vulnerabilities exploit TOCTOU race conditions to write arbitrary files as root, enabling unauthenticated privilege escalation. The vulnerabilities affect all Intego applications in the bundle and were disclosed after failed vendor contact attempts, with publication coordinated through CERT-FR.
CVE-2026-1529 — Keycloak: This lack of cryptographic signature verification allows the attacker to successfully self-register into an
A flaw was found in Keycloak. An attacker can exploit this vulnerability by modifying the organization ID and target email within a legitimate invitation token's JSON Web Token (JWT) payload. This lack of cryptographic signature verification allows the attacker to successfully self-register into an unauthorized organization, leading to unauthorized access. CVSSv3.1 8.1 (HIGH)
CVE-2026-1486 — Keycloak: A flaw was found in Keycloak.
A flaw was found in Keycloak. A vulnerability exists in the jwt-authorization-grant flow where the server fails to verify if an Identity Provider (IdP) is enabled before issuing tokens. The issuer lookup mechanism (lookupIdentityProviderFromIssuer) retrieves the IdP configuration but does not filter for isEnabled=false. If an administrator disables an IdP (e.g., due to a compromise or offboarding), an entity possessing that IdP's signing key can still generate valid JWT asser CVSSv3.1 8.8 (HIGH)
CVE-2025-10465 — Upload: Sensaway allows Upload a Web Shell to a Web Server.
Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server. This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufacturer is unable to fix the relevant vulnerabilities. Users of the Sensaway application are advised to contact the manufacturer and review updated products developed with newer CVSSv3.1 8.8 (HIGH) · EPSS 6th percentile
CVE-2025-6830 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpoda Türkiye Information Technology Inc. Password Module allows SQL Injection. This issue affects Password Module: through 11022026. CVSSv3.1 9.8 (CRITICAL) · EPSS 4th percentile
CVE-2025-7799 — Neutralization: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zirve Information Technologies Inc. E-Taxpayer Accounting Website allows Reflected XSS. This issue affects e-Taxpayer Accounting Website: through 07082025. CVSSv3.1 8.6 (HIGH) · EPSS 6th percentile
Deep Dive into Arista NG Firewall Vulnerabilities
Bishop Fox disclosed six vulnerabilities in Arista NG Firewall 17.4, including multiple OS command injection flaws (CVE-2025-6978, CVE-2026-25620, CVE-2026-25621, CVE-2026-25622), an overly permissive RPC interface (CVE-2026-25623), and reflected XSS (CVE-2026-25624). The most critical issues allow unauthenticated RCE via captive portal password fields under specific conditions, and authenticated admins can achieve root command execution; chaining XSS with RPC exposure enables single-click RCE against logged-in administrators. Arista released patched version 17.4.1 on February 3, 2026.
CVE-2026-1615 — Versions of the package jsonpath before 1.3.0 are vulnerable to Arbitrary Code Injection via
Versions of the package jsonpath before 1.3.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation of user-supplied JSON Path expressions. The library relies on the static-eval module to process JSON Path input, which is not designed to handle untrusted data safely. An attacker can exploit this vulnerability by supplying a malicious JSON Path expression that, when evaluated, executes arbitrary JavaScript code, leading to Remote Code Execution in Node.js environmen CVSSv3.1 9.8 (CRITICAL)
v1.7.1
Sliver v1.7.1 released with updates to Linux shellcode generation and multi-console functionality. This is a routine tool update with incremental feature additions and bug fixes.
CVE-2026-25858 — Macrozheng Mall: version 1.0.3 and prior contains an authentication vulnerability in the mall-portal password
macrozheng mall version 1.0.3 and prior contains an authentication vulnerability in the mall-portal password reset workflow that allows an unauthenticated attacker to reset arbitrary user account passwords using only a victim’s telephone number. The password reset flow exposes the one-time password (OTP) directly in the API response and validates password reset requests solely by comparing the provided OTP to a value stored by telephone number, without verifying user identity CVSSv3.1 9.1 (CRITICAL)
v1.7.0
Sliver v1.7.0 released with updates to C2/mux functionality, Darwin/arm64 shellcode generation, background execution features, DNS DoS fixes, and gRPC API improvements. This is a routine tool release with incremental feature additions and bug fixes.
CVE-2026-25580 — Pydantic Pydantic_ai: From 0.0.26 to before 1.56.0, aServer-Side Request Forgery (SSRF) vulnerability exists in Pydantic AI's
Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 0.0.26 to before 1.56.0, aServer-Side Request Forgery (SSRF) vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources, attackers can include malicious URLs that cause the server to make HTTP requests to internal network resources, potentially accessing internal services or cloud credentials. This vuln CVSSv3.1 8.6 (HIGH)
CVE-2026-1709 — Redhat Enterprise_linux: This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate. CVSSv3.1 9.4 (CRITICAL) · EPSS 92th percentile
CVE-2026-21643 — Fortinet Forticlientems: An improper neutralization of special elements used in an sql command ('sql injection') vulnerability
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. CVSSv3.1 9.8 (CRITICAL)
CVE-2026-1499 — Duplicate: The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization leading to Arbitrary
The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization leading to Arbitrary File Upload in all versions up to and including 1.1.8. This is due to a missing capability check on the `process_add_site()` AJAX action combined with path traversal in the file upload functionality. This makes it possible for authenticated (subscriber-level) attackers to set the internal `prod_key_random_id` option, which can then be used by an unauthenticated attacker to bypass CVSSv3.1 8.8 (HIGH)
Viral AI, Invisible Risks: What OpenClaw Reveals About Agentic Assistants
Trend Micro research examines OpenClaw (aka Clawdbot, Moltbot), a highly autonomous agentic AI assistant with persistent memory and broad permissions, mapping its capabilities against the TrendAI framework and comparing it to ChatGPT Agent. The analysis reveals that while OpenClaw doesn't introduce novel risk categories, its unrestricted configurability, lack of mandatory human-in-the-loop controls, and rapid viral adoption amplify inherent agentic AI risks including prompt injection, data exfiltration, agent manipulation, and exposure to unvetted skills. Real-world incidents already demonstrate millions of records exposed through misconfigurations, with malicious actors actively discussing OpenClaw skill deployment for botnet operations on underground forums.
CVE-2026-24302 — Microsoft Azure_arc: Improper access control in Azure Arc allows an unauthorized attacker to elevate privileges over
Improper access control in Azure Arc allows an unauthorized attacker to elevate privileges over a network. CVSSv3.1 8.6 (HIGH)
v1.6.11
Sliver v1.6.11 released with minor bug fixes and improvements: cross-platform armory temp file handling, daemon mode lport configuration fix, shell PTY resizing correction, and website protobuf path construction fix. This is a routine maintenance release with no security vulnerabilities disclosed.
CVE-2025-68121 — Golang Go: During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs
During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a s CVSSv3.1 10.0 (CRITICAL) · EPSS 5th percentile
CVE-2025-6978: Arbitrary Code Execution in the Arista NG Firewall
CVE-2025-6978 is a command injection vulnerability in Arista NG Firewall's JSON-RPC diagnostics endpoint (runTroubleshooting method) that allows authenticated remote attackers to execute arbitrary commands as root. The vulnerability stems from incomplete input validation—backticks and other shell metacharacters bypass the sanitization filter. Arista has patched the issue in version 17.4 and higher.
CVE-2025-61732 — Golang Go: A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary. CVSSv3.1 8.6 (HIGH)
CVE-2026-25521 — Locutus Locutus: brings stdlibs of other programming languages to JavaScript for educational purposes.
Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. In versions from 2.0.12 to before 2.0.39, a prototype pollution vulnerability exists in locutus. Despite a previous fix that attempted to mitigate prototype pollution by checking whether user input contained a forbidden key, it is still possible to pollute Object.prototype via a crafted input using String.prototype. This issue has been patched in version 2.0.39. CVSSv3.1 8.8 (HIGH) · EPSS 14th percentile
CVE-2026-0661 — Autodesk 3ds_max: A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. CVSSv3.1 8.4 (HIGH) · EPSS 1th percentile
CVE-2026-0660 — Autodesk 3ds_max: A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. CVSSv3.1 8.4 (HIGH) · EPSS 0th percentile