Zum Inhalt springen
Auto-CTI

Was hat sich geändert?

Vergleich von 2. Mai 2026 mit dem Vortag 1. Mai 2026.

Neu hinzugekommen

11
KEV NEU Linux
100

Metasploit Wrap-Up 05/01/2026

Public PoC and Metasploit module for a Linux kernel cryptographic API logic flaw enabling local privilege escalation on AMD64/AARCH64 systems.

Kritisch CVSS 7.8 EPSS 3%
KEV NEU Dell
50

vSphere and BRICKSTORM Malware: A Defender's Guide

The BRICKSTORM malware exploits vCenter SSO to establish persistence and evade detection, requiring MFA and real-time alerting on SSO account actions.

Kritisch CVSS 10.0 EPSS 22%
NEU
100

CVE-2026-22167

This vulnerability allows a non-privileged user to corrupt kernel memory via GPU system calls, which could be exploited in multi-tenant virtualization environments like VMware ESXi to break isolation.

Hoch CVSS 7.8 EPSS 0%
NEU Linux
0

CVE-2026-31700

This is a newly disclosed Linux kernel vulnerability with a TOCTOU race condition in the packet socket subsystem that could allow local privilege escalation.

Niedrig EPSS 0%
NEU Linux
0

CVE-2026-31709

This CVE describes a newly discovered vulnerability in the Linux kernel's SMB client that allows a malicious server to corrupt memory via a crafted DACL, going beyond a simple patch reminder by detailing the specific flaw in ACL validation.

Niedrig EPSS 0%
NEU Linux
0

CVE-2026-31711

An unauthenticated remote attacker can exhaust the max_connections pool by triggering memory allocation failures via crafted TCP connections, causing permanent denial of service until module reload.

Niedrig EPSS 0%
NEU Linux
0

CVE-2026-31774

This vulnerability describes a specific slab-out-of-bounds read in io_uring that can be triggered by passing large sqe->len values, potentially leading to memory corruption or information disclosure.

Niedrig EPSS 0%
NEU Linux
0

CVE-2026-43016

This is a newly disclosed use-after-free vulnerability in the Linux kernel's BPF sockmap subsystem that could allow local privilege escalation or denial of service.

Niedrig EPSS 0%
NEU Linux
0

CVE-2026-43043

This is a newly disclosed vulnerability with no active exploitation reported yet, but it poses a high risk of kernel panic for systems using AF_ALG crypto operations.

Niedrig EPSS 0%

Neu als KEV gelistet

0

Keine Änderungen in dieser Kategorie.

Score-Sprung

0

Keine Änderungen in dieser Kategorie.

Nicht mehr im Report

9
NEU ABB
60

ABB Edgenius Management Portal

This critical authentication bypass vulnerability in ABB Edgenius Management Portal could allow an attacker on the network to execute arbitrary code, posing a significant risk to manufacturing operations.

Niedrig CVSS 3.1 EPSS 0%
NEU ABB
40

ABB AWIN Gateways

Exploitation allows unauthenticated remote reboot and system configuration disclosure, posing operational risk to manufacturing environments.

Niedrig CVSS 3.1 EPSS 0%
NEU Ivanti
0

CVE-2026-33446

This is a newly disclosed vulnerability with no active exploitation reported yet, but it affects a critical remote access component used by the company.

Niedrig EPSS 0%
NEU Ivanti
0

CVE-2026-33447

This is a newly disclosed vulnerability in Ivanti Secure Access client with no evidence of active exploitation yet, but it underscores the need for patching critical remote access infrastructure.

Niedrig EPSS 0%
NEU Ivanti
0

CVE-2026-33449

This is a newly disclosed vulnerability in Ivanti Secure Access client that could allow denial of service via a crafted server message, but no active exploitation or specific victim sectors are mentioned.

Niedrig EPSS 0%
NEU Ivanti
0

CVE-2026-33451

This is a patch notification with no evidence of active exploitation or specific campaign details.

Niedrig EPSS 0%
NEU Ivanti
0

CVE-2026-40950

This is a patch notification with no active attack campaign details or victim sector information.

Niedrig EPSS 0%
NEU Ivanti
0

CVE-2026-40951

This is a patch reminder for a local DoS vulnerability in Ivanti Secure Access Windows clients; no active exploitation or sector targeting is reported.

Niedrig EPSS 0%
ESC