ZDI-26-299: Docker Desktop Enhanced Container Isolation Exposed Dangerous Function Local Privilege Escalation Vulnerability 24/04/2026
ZDI-26-296: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability 24/04/2026
ZDI-26-299: Docker Desktop Enhanced Container Isolation Exposed Dangerous Function Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the... 24/04/2026 Zero-Day Initiative
ZDI-26-298: Siemens SINEC NMS Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of Siemens SINEC NMS. Authentication is not required to... 24/04/2026 Zero-Day Initiative
ZDI-26-297: Siemens SINEC NMS Improper Authentication Privilege Escalation Vulnerability This vulnerability allows remote attackers to escalate privileges on affected installations of Siemens SINEC NMS. Authentication is required to exploit... 24/04/2026 Zero-Day Initiative
ZDI-26-296: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics ASDA-Soft. User interaction is required... 24/04/2026 Zero-Day Initiative
Oracle Critical Patch Update, April 2026 Security Update Review Oracle released its second quarterly edition of this year’s Critical Patch Update. The update received patches for 481 security vulnerabilities. Some of... 23/04/2026 Qualys-Threat-Protect
ZDI-26-295: (0Day) PublicCMS getXml Server-Side Request Forgery Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of PublicCMS. Authentication is not required to exploit... 22/04/2026 Zero-Day Initiative
ZDI-26-294: (0Day) Microsoft Windows library-ms NTLM Response Information Disclosure Vulnerability This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to... 22/04/2026 Zero-Day Initiative
ZDI-26-293: (0Day) Microsoft Office URI Handler NTLM Response Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose NTLM responses on affected installations of Microsoft Office. User interaction is required to... 22/04/2026 Zero-Day Initiative
Apache ActiveMQ Remote Code Execution Vulnerability Added to CISA KEV (CVE-2026-34197) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of active exploitation of the Apache ActiveMQ vulnerability (CVE-2026-34197). CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog, urging... 17/04/2026 Qualys-Threat-Protect
ZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E devices. Authentication is not required... 16/04/2026 Zero-Day Initiative
