SYSTEM access

PoC Exploit Publicly Disclosed: ‘RegPwn’ Flaw Grants SYSTEM Access via Windows Accessibility RegPwn Vulnerability CVE-2026-24291

RegPwn Vulnerability CVE-2026-24291

PoC Exploit Publicly Disclosed: ‘RegPwn’ Flaw Grants SYSTEM Access via Windows Accessibility

Do Son March 18, 2026

A newly discovered vulnerability, dubbed RegPwn, has pulled back the curtain on a significant security gap in...

ASUS LPE Flaw (CVE-2025-59373): High-Severity Bug Grants SYSTEM Privileges via MyASUS Component ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

ASUS LPE Flaw (CVE-2025-59373): High-Severity Bug Grants SYSTEM Privileges via MyASUS Component

Do Son November 26, 2025

ASUS has released critical security updates addressing a local privilege escalation (LPE) vulnerability in the ASUS System...

Researcher Details Windows SMB Server Elevation of Privilege Vulnerability – CVE-2025-58726 Kerberos Reflection, Ghost SPN

Kerberos Reflection, Ghost SPN

Researcher Details Windows SMB Server Elevation of Privilege Vulnerability – CVE-2025-58726

Do Son November 4, 2025

A newly disclosed Windows vulnerability, CVE-2025-58726, allows attackers with low privileges to gain SYSTEM-level access remotely by...

PoC Released for Notepad++ Flaw Enables Privilege Escalation to NT AUTHORITY\SYSTEM Notepad++ privilege escalation

Notepad++ privilege escalation

PoC Released for Notepad++ Flaw Enables Privilege Escalation to NT AUTHORITY\SYSTEM

Do Son June 24, 2025

A new vulnerability, tracked as CVE-2025-49144, has been discovered in Notepad++ version 8.8.1 that allows local privilege...

Weaponizing Group Policy: Custom Client-Side Extensions as a Stealthy Backdoor into Active Directory Active Directory, GPO Persistence

Active Directory, GPO Persistence

Weaponizing Group Policy: Custom Client-Side Extensions as a Stealthy Backdoor into Active Directory

Do Son June 6, 2025

A newly published report by Antoine Cauchois, Staff Research Engineer at Tenable, reveals a stealthy persistence technique...

CVE-2025-21204: SYSTEM-Level Privilege Escalation in Windows Update Stack Exposed, PoC Released CVE-2025-21204, Windows Update Stack

CVE-2025-21204, Windows Update Stack

CVE-2025-21204: SYSTEM-Level Privilege Escalation in Windows Update Stack Exposed, PoC Released

Do Son April 22, 2025

Security researcher Elli Shlomo published the technical details and a proof-of-concept exploit code for CVE-2025-21204, a severe...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
Admin intel🗓 Updated: Jun 25, 2026
CVE-2026-12569
PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary...
🗓 Added to KEV: Jun 25, 2026
CVE-2025-67038CVSS 9.8
Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34910CVSS 10.0
Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34909CVSS 10.0
Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34908CVSS 10.0
Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
Admin intel🗓 Updated: Jun 22, 2026
CVE-2026-20253CVSS 9.8
Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create...
🗓 Added to KEV: Jun 18, 2026