Vulnerability Archives • Daily CyberSecurity

NTLM Reflection Bypass CVE-2026-24294 Gets Public PoC Exploit NTLM reflection CVE-2026-24294 SMB local privilege escalation Windows Server 2025 PoC exploit

NTLM reflection CVE-2026-24294 SMB local privilege escalation Windows Server 2025 PoC exploit

NTLM Reflection Bypass CVE-2026-24294 Gets Public PoC Exploit

Do Son June 29, 2026

TL;DR Synacktiv publicly disclosed a new NTLM reflection bypass tracked as CVE-2026-24294. The flaw gives a local...

Public Details Disclosed: MediaTek t7xx WWAN Flaw Diagram of the MediaTek t7xx WWAN flaw triggering an out-of-bounds read in the Linux kernel

Public Details Disclosed: MediaTek t7xx WWAN Flaw

Do Son June 24, 2026

TL;DR Security researcher Pavitra Jha published full details regarding a severe Linux kernel vulnerability. Specifically, this MediaTek...

FreeBSD Privilege Escalation Flaw CVE-2026-49413 Hits the Linuxulator FreeBSD privilege escalation CVE-2026-49413, Linuxulator vulnerability

FreeBSD privilege escalation CVE-2026-49413, Linuxulator vulnerability

FreeBSD Privilege Escalation Flaw CVE-2026-49413 Hits the Linuxulator

Do Son June 15, 2026

Researchers have disclosed a serious FreeBSD privilege escalation vulnerability that hands local users a root shell. Tracked...

Redis DarkReplica Exploit: Full PoC Code and Technical Details Released CVE-2022-35951 Redis DarkReplica exploit CVE-2026-23631 public disclosure

Redis DarkReplica Exploit: Full PoC Code and Technical Details Released

Do Son June 8, 2026

Severe Infrastructure Exposure Discovered A researcher has released the technical mechanics of a critical post-authentication flaw impacting...

Critical RCE Flaws Fixed in Mautic Marketing Platform Mautic security vulnerabilities critical RCE flaws

Critical RCE Flaws Fixed in Mautic Marketing Platform

Do Son June 4, 2026

Overview of the Security Threat Mautic has released urgent security updates to address dangerous software flaws in...

Drupal SQL Injection Exploit: Critical Flaw Exploited in the Wild with Public PoC Drupal SQL injection exploit wild exploit PoC

Drupal SQL Injection Exploit: Critical Flaw Exploited in the Wild with Public PoC

Do Son June 3, 2026

A dangerous security flaw is actively disrupting enterprise web servers globally. Specifically, attackers are aggressively weaponizing a...

FreeBSD kernel buffer overflow public exploit code released

Critical FreeBSD Kernel Buffer Overflow Disclosed: Public Details & PoC Out

Do Son June 1, 2026

Security researchers recently published a detailed analysis of a significant vulnerability in modern operating systems. Specifically, this...

Windows DNS Client RCE: 9.8 CVSS & Public PoC Disclosed Windows DNS Client RCE .NET 10 Auth Bypass CVE-2026-40372

Windows DNS Client RCE: 9.8 CVSS & Public PoC Disclosed

Do Son May 28, 2026

Security researchers have uncovered a critical memory corruption flaw in a core Microsoft networking component. Specifically, this...

Critical Dell Container Storage Modules Vulnerability Exposes Infrastructure

Do Son May 26, 2026

Dell has issued an urgent security update to address a maximum severity flaw in its cloud storage...

Public Exploit Exposes Root Privilege Escalation Flaw in VMware Fusion VMware Fusion TOCTOU Exploit CVE-2026-41702 PoC

Public Exploit Exposes Root Privilege Escalation Flaw in VMware Fusion

Do Son May 21, 2026

Mathieu Farrell, an independent security researcher operating under the handle @coiffeur0x90, has publicly disclosed the inner workings...

Details and PoC Exploit Code Released: Critical Cockpit RCE Flaw Grants Instant Root Shells Cockpit RCE Vulnerability CVE-2026-4802 PoC Exploit

Cockpit RCE Vulnerability CVE-2026-4802 PoC Exploit

Details and PoC Exploit Code Released: Critical Cockpit RCE Flaw Grants Instant Root Shells

Do Son May 20, 2026

A severe vulnerability has been uncovered in Cockpit, the widely used web-based Linux server administration tool developed...

Pre-Auth RCE Exposed: Apache HTTP Server Vulnerability and Exploit Code Hit the Public Apache HTTP Server RCE CVE-2026-23918 PoC

Pre-Auth RCE Exposed: Apache HTTP Server Vulnerability and Exploit Code Hit the Public

Do Son May 13, 2026

The detailed disclosure of a critical flaw in Apache HTTP Server 2.4.66 is now public. The vulnerability,...

Apache Tomcat RCE Details and Exploit Code Now Public Apache Tomcat RCE CVE-2026-34486

Apache Tomcat RCE Details and Exploit Code Now Public

Do Son May 12, 2026

A newly disclosed vulnerability was found in Apache Tomcat (CVE-2026-34486, CVSS 7.5). With the details of the...

Fully Exposed: Public PoC Released for the Adobe PDF Vulnerabilities Exploited in the Wild Adobe Acrobat PoC CVE-2026-34621

Fully Exposed: Public PoC Released for the Adobe PDF Vulnerabilities Exploited in the Wild

Do Son May 4, 2026

Security researchers have detailed the curtain on a sophisticated “prototype pollution” chain in Adobe Acrobat and Reader...

Full Exploit Disclosed: Public PoC and Technical Details Released for Critical ProFTPD SQL Injection ProFTPD SQL Injection CVE-2026-42167 Exploit

ProFTPD SQL Injection CVE-2026-42167 Exploit

Full Exploit Disclosed: Public PoC and Technical Details Released for Critical ProFTPD SQL Injection

Do Son April 29, 2026

Analysts from ZeroPath Research have uncovered a critical SQL injection vulnerability within the mod_sql extension of ProFTPD,...

Rclone Critical Vulnerability Alert: Public PoC Released for Administrative Auth Bypass and RCE rclone command execution execute local commands Rclone RCE CVE-2026-41176

rclone command execution execute local commands Rclone RCE CVE-2026-41176

Rclone Critical Vulnerability Alert: Public PoC Released for Administrative Auth Bypass and RCE

Do Son April 20, 2026

The cybersecurity community is on high alert following the public disclosure of two critical vulnerabilities in Rclone,...

Windows Snipping Tool Can Leak Your Identity, PoC Available Snipping Tool Exploit CVE-2026-33829

Windows Snipping Tool Can Leak Your Identity, PoC Available

Do Son April 20, 2026

For years, the Windows Snipping Tool has been a trusted companion for capturing quick screenshots. However, a...

Fortra BoKS vulnerability OS command injection, CVE-2026-9862 Altium Enterprise Server Vulnerability CVE-2026-9129 Path Traversal Patreon OAuth Vulnerability Identity Collision DRC INSIGHT Vulnerability Exam Data Hijacking Horner Automation PLC Industrial Brute Force Honeywell IQ4x Vulnerability CVE-2026-3611 DJI Romo vacuum security flaw Python Cryptography Vulnerability CVE-2026-26007 Open5GS Vulnerability CVE-2026-0622 Vivotek IP7137 Vulnerabilities CVE-2025-66049 Forcepoint DLP Vulnerability CVE-2025-14026 Cellopoint Secure Email Gateway - CVE-2024-9043

Critical 9.1 CVSS Flaw in Horner Automation PLCs Invites Industrial Takeovers

Do Son April 17, 2026

A security flaw has been identified in industrial control systems manufactured by Horner Automation, posing a significant...

High-Severity Use-After-Free Vulnerability Uncovered in Rsync Rsync Vulnerability Use-After-Free CVE-2022-29154 & CVE-2024-12084 CVE-2024-120845 PoC

Rsync Vulnerability Use-After-Free CVE-2022-29154 & CVE-2024-12084 CVE-2024-120845 PoC

High-Severity Use-After-Free Vulnerability Uncovered in Rsync

Do Son April 16, 2026

Rsync, the high-performance and extraordinarily versatile tool relied upon by millions for remote and local file synchronization,...

Python Under Pressure: Critical Memory Flaws and Command Injection Bypass Uncovered Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

Python Under Pressure: Critical Memory Flaws and Command Injection Bypass Uncovered

Do Son April 14, 2026

In the world of software development, Python (CPython) stands as a foundational pillar, powering everything from local...

Critical Alert 1 Active Exploit Detected Today