ZDI-26-132: Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability 26/02/2026
ZDI-26-131: Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability 26/02/2026
ZDI-26-130: IceWarp collaboration Directory Traversal Information Disclosure Vulnerability 26/02/2026
ZDI-26-132: Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Siemens SINEC NMS. An attacker must first obtain... 26/02/2026 Zero-Day Initiative
ZDI-26-131: Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Siemens SINEC NMS. An attacker must first obtain... 26/02/2026 Zero-Day Initiative
ZDI-26-130: IceWarp collaboration Directory Traversal Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of IceWarp. Authentication is not required to exploit... 26/02/2026 Zero-Day Initiative
ZDI-26-129: Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is... 26/02/2026 Zero-Day Initiative
ZDI-26-128: (Pwn2Own) Ubiquiti Networks AI Pro Uncaught Exception Denial-of-Service Vulnerability This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Ubiquiti Networks AI Pro. Authentication is... 26/02/2026 Zero-Day Initiative
ZDI-26-127: (Pwn2Own) Ubiquiti Networks AI Pro Cleartext Transmission Information Disclosure Vulnerability This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Ubiquiti Networks AI Pro. Authentication is not... 26/02/2026 Zero-Day Initiative
ZDI-26-126: (Pwn2Own) Ubiquiti Networks AI Pro Discovery Protocol Missing Encryption Protocol Downgrade Vulnerability This vulnerability allows network-adjacent attackers to downgrade the communication protocol on affected installations of Ubiquiti Networks AI Pro. Authentication is... 26/02/2026 Zero-Day Initiative
ZDI-26-125: Docker Desktop grpcfuse Kernel Module Out-Of-Bounds Read Information Disclosure Vulnerability This vulnerability allows local attackers to disclose sensitive information on affected installations of Docker Desktop. An attacker must first obtain... 26/02/2026 Zero-Day Initiative
ZDI-26-124: claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of claude-hovercraft. Authentication is not required to exploit... 26/02/2026 Zero-Day Initiative
ZDI-26-123: Docker Desktop MCP Server Cleartext Storage of Sensitive Information Vulnerability This vulnerability allows local attackers to disclose sensitive information on affected installations of Docker Desktop. An attacker must first obtain... 24/02/2026 Zero-Day Initiative
