•about 4 hours ago•CVE-2026-33824
9.8CVE-2026-33824: Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability
A double-free vulnerability in the Windows IKE Extension service allows unauthenticated remote attackers to achieve arbitrary code execution with SYSTEM privileges by sending malformed IKEv2 payloads.
8 views•6 min read
•about 6 hours ago•GHSA-33R3-4WHC-44C2
8.6GHSA-33R3-4WHC-44C2: Path Traversal and Arbitrary File Write in vite-plus/binding
A path traversal vulnerability exists in the `vite-plus/binding` component of the `vite-plus` npm package prior to version 0.1.17. The `downloadPackageManager()` function fails to validate the `version` parameter, allowing programmatic attackers to escape the `VP_HOME` directory, overwrite arbitrary directories, and write executable shims to unintended filesystem locations.
2 views•7 min read
•about 8 hours ago•CVE-2026-33805
9.0CVE-2026-33805: Connection Header Abuse in @fastify/reply-from and @fastify/http-proxy
A logic flaw in the header processing pipeline of @fastify/reply-from and @fastify/http-proxy allows unauthenticated remote attackers to bypass access controls or subvert routing. By manipulating the HTTP Connection header, clients can force the proxy to remove security-critical headers injected by the developer via the rewriteRequestHeaders hook.
2 views•6 min read
•about 8 hours ago•CVE-2026-33807
9.1CVE-2026-33807: Middleware Bypass via Path Interpretation Conflict in @fastify/express
A critical vulnerability exists in @fastify/express versions 4.0.4 and earlier where an interpretation conflict causes middleware paths to be incorrectly calculated during plugin inheritance. This flaw allows unauthenticated remote attackers to bypass security middleware, such as authentication and authorization controls, on specific routes defined within child plugin scopes.
1 views•6 min read
•about 9 hours ago•CVE-2026-40175
10.0CVE-2026-40175: Header Injection in Axios via Prototype Pollution Gadget
CVE-2026-40175 is a critical Header Injection vulnerability in the Axios HTTP client library. It functions as an exploitation gadget in Prototype Pollution attack chains, enabling HTTP request smuggling and splitting. This flaw allows attackers to bypass SSRF mitigations and achieve full cloud compromise via internal service interactions.
10 views•5 min read
•about 9 hours ago•CVE-2026-33808
9.1CVE-2026-33808: Authentication Bypass via Path Normalization Drift in @fastify/express
An interpretation conflict (CWE-436) in @fastify/express up to version 4.0.4 allows unauthenticated attackers to bypass path-scoped middleware. By exploiting normalization drift between the Fastify router and the Express middleware engine using duplicate slashes or semicolon delimiters, attackers can access protected endpoints.
1 views•8 min read
•about 9 hours ago•CVE-2026-33825
7.8CVE-2026-33825: Local Privilege Escalation via TOCTOU in Microsoft Defender Signature Updates (BlueHammer)
CVE-2026-33825, publicly referred to as BlueHammer, is a high-severity local privilege escalation vulnerability within the Microsoft Defender Antimalware Platform. The flaw stems from insufficient access control granularity and a Time-of-Check to Time-of-Use (TOCTOU) race condition during signature updates, enabling a standard user to obtain NT AUTHORITY\SYSTEM privileges.
11 views•7 min read
•about 9 hours ago•GHSA-VP22-38M5-R39R
7.8CVE-2026-33139: Arbitrary Code Execution via Sandbox Bypass in PySpector Plugin Validation
PySpector versions 0.1.6 and earlier contain a critical vulnerability in the plugin security validation system. An incomplete Abstract Syntax Tree (AST) analysis allows attackers to bypass the restrictive sandbox using indirect function calls. Successful exploitation leads to unauthenticated arbitrary code execution on the system running the static analysis scanner.
3 views•5 min read
•about 11 hours ago•GHSA-RR7J-V2Q5-CHGV
5.3GHSA-RR7J-V2Q5-CHGV: Streaming Token Redaction Bypass in LangSmith SDK
The LangSmith SDK for both Python and JavaScript/TypeScript fails to apply output redaction controls to streaming token events. This oversight allows sensitive Large Language Model (LLM) outputs to bypass privacy configurations and transmit raw token data to the LangSmith backend, resulting in unintended data exposure.
1 views•6 min read
•about 11 hours ago•CVE-2026-33120
8.8CVE-2026-33120: Remote Code Execution via Untrusted Pointer Dereference in Microsoft SQL Server
Microsoft SQL Server 2022 contains an untrusted pointer dereference vulnerability (CWE-822) that permits an authenticated, low-privileged attacker to execute arbitrary code within the context of the SQL Server service. This network-exploitable flaw carries a CVSS score of 8.8 and is patched in the April 2026 Security Updates.
4 views•7 min read
•about 11 hours ago•CVE-2026-32167
6.7CVE-2026-32167: Microsoft SQL Server Elevation of Privilege via Internal SQL Injection
CVE-2026-32167 is an Elevation of Privilege vulnerability in Microsoft SQL Server caused by improper neutralization of special elements (SQL Injection). Affecting multiple versions from 2016 to 2025, the flaw permits authenticated attackers with high database privileges to execute arbitrary SQL commands under elevated permissions, potentially compromising the host system.
5 views•5 min read
•about 11 hours ago•CVE-2026-32176
6.7CVE-2026-32176: Elevation of Privilege via SQL Injection in Microsoft SQL Server
CVE-2026-32176 is an elevation of privilege vulnerability in the Microsoft SQL Server engine caused by improper neutralization of special elements in dynamic SQL commands. An attacker with existing high-level privileges can exploit this flaw to execute arbitrary SQL commands within an elevated context, leading to full instance takeover.
5 views•7 min read