π¨ CVE-2025-26687
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
π@cveNotify
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
π@cveNotify
π¨ CVE-2025-30386
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-30388
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
π@cveNotify
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-47162
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-47164
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-47167
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-47953
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-49695
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-49696
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-49697
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-49702
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-53732
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-53766
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
π@cveNotify
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
π@cveNotify
π¨ CVE-2025-53799
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
π@cveNotify
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
π@cveNotify
π¨ CVE-2025-59227
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-59234
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-60724
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
π@cveNotify
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
π@cveNotify
π¨ CVE-2022-23302
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
π@cveNotify
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
π@cveNotify
π¨ CVE-2026-28809
XML External Entity (XXE) vulnerability in esaml (and its forks) allows an attacker to cause the system to read local files and incorporate their contents into processed SAML documents, and potentially perform SSRF via crafted SAML messages.
esaml parses attacker-controlled SAML messages using xmerl_scan:string/2 before signature verification without disabling XML entity expansion. On Erlang/OTP versions before 27, Xmerl allows entities by default, enabling pre-signature XXE attacks. An attacker can cause the host to read local files (e.g., Kubernetes-mounted secrets) into the SAML document. If the attacker is not a trusted SAML SP, signature verification will fail and the document is discarded, but file contents may still be exposed through logs or error messages.
This issue affects all versions of esaml, including forks by arekinath, handnot2, and dropbox. Users running on Erlang/OTP 27 or later are not affected due to Xmerl defaulting to entities disabled.
π@cveNotify
XML External Entity (XXE) vulnerability in esaml (and its forks) allows an attacker to cause the system to read local files and incorporate their contents into processed SAML documents, and potentially perform SSRF via crafted SAML messages.
esaml parses attacker-controlled SAML messages using xmerl_scan:string/2 before signature verification without disabling XML entity expansion. On Erlang/OTP versions before 27, Xmerl allows entities by default, enabling pre-signature XXE attacks. An attacker can cause the host to read local files (e.g., Kubernetes-mounted secrets) into the SAML document. If the attacker is not a trusted SAML SP, signature verification will fail and the document is discarded, but file contents may still be exposed through logs or error messages.
This issue affects all versions of esaml, including forks by arekinath, handnot2, and dropbox. Users running on Erlang/OTP 27 or later are not affected due to Xmerl defaulting to entities disabled.
π@cveNotify
Erlang Ecosystem Foundation CNA
XXE in esaml SAML library allows local file read and potential SSRF
This project handles the CVE Numbering Authority (CNA) for the Erlang Ecosystem Foundation (EEF).
π¨ CVE-2025-71210
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations.
Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mitigated and no customer action required.
For this particular vulnerability, an attacker must have access to the Trend Micro Apex One Management Console, so customers that have their consoleοΏ½s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied.
π@cveNotify
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations.
Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mitigated and no customer action required.
For this particular vulnerability, an attacker must have access to the Trend Micro Apex One Management Console, so customers that have their consoleοΏ½s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied.
π@cveNotify
π¨ CVE-2025-71211
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable.
Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mitigated and no customer action required.
For this particular vulnerability, an attacker must have access to the Trend Micro Apex One Management Console, so customers that have their consoleοΏ½s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied.
π@cveNotify
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable.
Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mitigated and no customer action required.
For this particular vulnerability, an attacker must have access to the Trend Micro Apex One Management Console, so customers that have their consoleοΏ½s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied.
π@cveNotify