CVEs
35 CVEs referenced across all briefs. Click an ID for the full appearance trail.
| CVE | Title | First seen | Last seen | Appears in |
|---|---|---|---|---|
| CVE-2026-5787 | Ivanti EPMM on-prem improper certificate validation → pre-auth Sentry impersonation (CVSS 9.1, ITW, KEV chain) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-6973 | Ivanti EPMM on-prem admin API improper input validation → RCE (CVSS 7.2, ITW, KEV deadline 2026-05-10) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-32202 | Windows Shell protection mechanism failure → NTLM coercion / spoofing (CVSS 4.3, APT28 ITW, KEV deadline 2026-05-12) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-32312 | GLPI < 10.0.25 / 11.0.7 SSRF (CERTFR-2026-AVI-0551) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-40108 | GLPI < 10.0.25 / 11.0.7 data integrity compromise (CERTFR-2026-AVI-0551) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-42317 | GLPI < 10.0.25 / 11.0.7 XSS (CERTFR-2026-AVI-0551) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-42318 | GLPI < 10.0.25 / 11.0.7 XSS (CERTFR-2026-AVI-0551) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-42320 | GLPI < 10.0.25 / 11.0.7 XSS (CERTFR-2026-AVI-0551) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-42321 | GLPI < 10.0.25 / 11.0.7 XSS (CERTFR-2026-AVI-0551) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-5385 | GLPI < 10.0.25 / 11.0.7 security policy bypass / auth bypass (CERTFR-2026-AVI-0551) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2023-35078 | Ivanti EPMM pre-auth API access (2023, exploited by APT29; cited as historical precedent in 2026-05-08 deep dive) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2025-0283 | Ivanti EPMM critical (January 2025, state-actor exploitation; cited as historical precedent in 2026-05-08 deep dive) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-21509 | Microsoft Office Protected View bypass — security feature bypass (CVSS 7.8, KEV deadline 2026-02-16 already passed; deferred from §4) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-21513 | Microsoft Office Protected View chain CVE (deferred from §4; see CVE-2026-21509 series) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-21514 | Microsoft Office Protected View chain CVE (deferred from §4; see CVE-2026-21509 series) | 2026-05-08 | 2026-05-08 | 2026-05-08 |
| CVE-2026-31431 | Copy Fail — Linux kernel algif_aead local privilege escalation (ITW, KEV) | 2026-05-06 | 2026-05-07 | 2026-05-072026-05-06 |
| CVE-2026-0300 | Palo Alto PAN-OS Captive Portal unauthenticated root RCE (CVSS 9.3, ITW, KEV deadline 2026-05-09) | 2026-05-07 | 2026-05-07 | 2026-05-082026-05-07 |
| CVE-2024-57726 | SimpleHelp RMM unauthenticated privilege escalation (ITW) | 2026-05-07 | 2026-05-07 | 2026-05-07 |
| CVE-2024-57728 | SimpleHelp RMM path traversal — unauthenticated file download (ITW) | 2026-05-07 | 2026-05-07 | 2026-05-07 |
| CVE-2024-7399 | Samsung MagicINFO 9 Server unauthenticated arbitrary file write → RCE (CVSS 8.8, ITW) | 2026-05-07 | 2026-05-07 | 2026-05-07 |
| CVE-2026-6023 | Progress Telerik RadFilter deserialization → unauthenticated RCE (CVSS 9.8) | 2026-05-07 | 2026-05-07 | 2026-05-07 |
| CVE-2026-6022 | Progress Telerik RadAsyncUpload DoS via path traversal (CVSS 7.5) | 2026-05-07 | 2026-05-07 | 2026-05-07 |
| CVE-2026-23926 | Zabbix frontend stored XSS in map element labels (CVSS 6.1) | 2026-05-07 | 2026-05-07 | 2026-05-07 |
| CVE-2026-23927 | Zabbix API confidentiality — unprivileged user can read admin host data (CVSS 5.3) | 2026-05-07 | 2026-05-07 | 2026-05-07 |
| CVE-2026-23928 | Zabbix frontend reflected XSS in host-group filter (CVSS 6.1) | 2026-05-07 | 2026-05-07 | 2026-05-07 |
| CVE-2026-33725 | Metabase Enterprise Java serialization → authenticated RCE (CVSS 8.8) | 2026-05-07 | 2026-05-07 | 2026-05-07 |
| CVE-2026-28780 | Apache httpd mod_proxy_ajp heap overflow → remote crash / potential RCE (CVSS 7.5) | 2026-05-07 | 2026-05-07 | 2026-05-072026-05-06 |
| CVE-2026-29168 | 2026-05-06 | 2026-05-07 | 2026-05-072026-05-06 | |
| CVE-2026-29169 | 2026-05-06 | 2026-05-07 | 2026-05-072026-05-06 | |
| CVE-2026-41940 | cPanel/WHM authentication bypass via CRLF injection (mass exploitation ongoing, KEV) | 2026-05-06 | 2026-05-06 | 2026-05-06 |
| CVE-2026-4670 | Progress MOVEit Automation unauthenticated authentication bypass (CVSS 9.8) | 2026-05-06 | 2026-05-06 | 2026-05-06 |
| CVE-2026-5174 | Progress MOVEit Automation authenticated privilege escalation (CVSS 8.8) | 2026-05-06 | 2026-05-06 | 2026-05-06 |
| CVE-2026-23918 | Apache HTTP Server 2.4.66 HTTP/2 double-free — DoS and potential RCE (CVSS 8.8) | 2026-05-06 | 2026-05-06 | 2026-05-06 |
| CVE-2026-32305 | Traefik proxy mTLS bypass via fragmented TLS ClientHello | 2026-05-06 | 2026-05-06 | 2026-05-06 |
| CVE-2026-24072 | 2026-05-06 | 2026-05-06 | 2026-05-06 |