ZDI-26-435: (Pwn2Own) Autel MaxiCharger AC Elite Home NFC Stack-based Buffer Overflow Arbitrary Code Execution Vulnerability This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Home EV... 16/07/2026 Zero-Day Initiative
ZDI-26-434: (Pwn2Own) Autel MaxiCharger AC Elite Home USB Authentication Bypass Vulnerability This vulnerability allows physically present attackers to bypass authentication on affected installations of Autel MaxiCharger AC Elite Home EV chargers.... 16/07/2026 Zero-Day Initiative
ZDI-26-433: (Pwn2Own) Autel MaxiCharger AC Elite Home Software Update Improper Verification of Cryptographic Signature Arbitrary Code Execution Vulnerability This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Home EV... 16/07/2026 Zero-Day Initiative
ZDI-26-432: G DATA Total Security Backup Service Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first... 16/07/2026 Zero-Day Initiative
ZDI-26-431: ASUS Business Manager Service Client-Side Authentication Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of ASUS Business Manager. An attacker must first obtain... 16/07/2026 Zero-Day Initiative
ZDI-26-430: MSI Center NTIOLib_X64 Origin Validation Error Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of MSI Center. An attacker must first obtain the... 16/07/2026 Zero-Day Initiative
Microsoft Patch Tuesday, July 2026 Security Update Review Microsoft’s July 2026 Patch Tuesday delivers security updates for a broad range of products and services, including several vulnerabilities that... 15/07/2026 Qualys-Threat-Protect
CISA Warns About Langflow Authorization Bypass Vulnerability Exploitation (CVE-2026-55255) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently acknowledged the active exploitation of the Langflow vulnerability. Tracked as CVE-2026-55255, the vulnerability may... 10/07/2026 Qualys-Threat-Protect
ZDI-26-403: (0Day) Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ollama. Authentication is not required to... 09/07/2026 Zero-Day Initiative
ZDI-26-402: (0Day) Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain... 09/07/2026 Zero-Day Initiative