BACK TO INTEL

Archives

Classification

No categories extracted.

Feed

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2026-3502

CVE-2026-3502: Critical Integrity Check Flaw in TrueConf Client Demands Urgent Patch

TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.

TrueConf Client
View Detail
CVE-2026-5281

Critical Alert: CVE-2026-5281 Google Dawn Use-After-Free Vulnerability Requires Immediate Patching

Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This vulnerability could affect multiple Chromium-based products including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Dawn
View Detail
CVE-2026-3055

Critical Alert: CVE-2026-3055 – Urgent NetScaler Out-of-Bounds Read Requires Immediate Action

Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability when configured as a SAML IDP leading to memory overread.

NetScaler
View Detail
CVE-2025-53521

Critical Alert: CVE-2025-53521 - Immediate Action Required for F5 BIG-IP Stack-Based Buffer Overflow Leading to RCE

F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution.

BIG-IP
View Detail
CVE-2026-33634

CVE-2026-33634: Critical Supply Chain Attack on Aquasecurity Trivy Demands Immediate Action

Aquasecurity Trivy contains an embedded malicious code vulnerability that could allow an attacker to gain access to everything in the CI/CD environment, including all tokens, SSH keys, cloud credentials, database passwords, and any sensitive configuration in memory.

Trivy
View Detail
CVE-2026-35616

Critical Security Advisory: CVE-2026-35616 Fortinet FortiClient EMS Improper Access Control Vulnerability

Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.

FortiClient EMS
View Detail
CVE-2026-1340

Critical Advisory: CVE-2026-1340 Ivanti EPMM Unauthenticated Code Injection Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.

Endpoint Manager Mobile (EPMM)
View Detail
CVE-2012-1854

CVE-2012-1854: Mitigating the Microsoft VBA Insecure Library Loading Vulnerability

Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution.

Visual Basic for Applications (VBA)
View Detail
CVE-2009-0238

Microsoft Office Excel Remote Code Execution (CVE-2009-0238) Technical Security Advisory

Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially crafted Excel file that includes a malformed object.

Office
View Detail
CVE-2026-34197

CVE-2026-34197: Critical Code Injection in Apache ActiveMQ via Jolokia JMX Bridge

Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection.

ActiveMQ
View Detail