ZDI-26-331: (Pwn2Own) Microsoft Edge Feedback Log File Handling Directory Traversal Remote Code Execution Vulnerability 05/06/2026
ZDI-26-330: (Pwn2Own) Microsoft Edge Navigation Handling Universal Cross-Site Scripting Vulnerability 05/06/2026
ZDI-26-329: (Pwn2Own) Microsoft Edge Origin Validation Error Security Bypass Vulnerability 05/06/2026
ZDI-26-328: ASUS Business Manager Service Client-Side Authentication Local Privilege Escalation Vulnerability 05/06/2026
ZDI-26-331: (Pwn2Own) Microsoft Edge Feedback Log File Handling Directory Traversal Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge. User interaction is required to... 05/06/2026 Zero-Day Initiative
ZDI-26-330: (Pwn2Own) Microsoft Edge Navigation Handling Universal Cross-Site Scripting Vulnerability This vulnerability allows remote attackers to execute arbitrary cross-origin script on affected installations of Microsoft Edge. User interaction is required... 05/06/2026 Zero-Day Initiative
ZDI-26-329: (Pwn2Own) Microsoft Edge Origin Validation Error Security Bypass Vulnerability This vulnerability allows remote attackers to access restricted functionality on affected installations of Microsoft Edge. User interaction is required to... 05/06/2026 Zero-Day Initiative
ZDI-26-328: ASUS Business Manager Service Client-Side Authentication Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of ASUS Business Manager. An attacker must first obtain... 05/06/2026 Zero-Day Initiative
ZDI-26-327: Docker Desktop grpcfuse Kernel Module Uncontrolled Recursion Denial-of-Service Vulnerability This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Docker Desktop. An attacker must first... 05/06/2026 Zero-Day Initiative
Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability (CVE-2026-20230) Security researchers identified a critical severity vulnerability impacting Cisco Unified Communications Manager. Tracked as CVE-2026-20230, the vulnerability may allow an attacker to conduct server-side request forgery... 05/06/2026 Qualys-Threat-Protect
CISA Warns of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257) CISA has warned about active exploitation of a vulnerability impacting the GlobalProtect portal and gateway of Palo Alto Networks’ PAN-OS software. Tracked as CVE-2026-0257, the vulnerability may allow... 01/06/2026 Qualys-Threat-Protect
Notepad++ Vulnerabilities Allow Attackers to Execute Arbitrary Code (CVE-2026-48778) Notepad++ released a security advisory addressing three vulnerabilities, including two arbitrary code execution flaws, that could allow attackers to silently... 30/05/2026 Qualys-Threat-Protect
ZDI-26-326: TrendAI Vision One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must... 29/05/2026 Zero-Day Initiative
ZDI-26-325: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must... 29/05/2026 Zero-Day Initiative
