ZDI-26-233: Digilent DASYLab DSA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Digilent DASYLab. User interaction is required to... 31/03/2026 Zero-Day Initiative
ZDI-26-232: (Pwn2Own) Red Hat Enterprise Linux vmwgfx Driver Integer Overflow Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Red Hat Enterprise Linux. An attacker must first... 31/03/2026 Zero-Day Initiative
N8n Patches Critical Remote Code Execution Vulnerability (CVE-2026-33660) N8n is vulnerable to a critical remote code execution flaw. Tracked as CVE-2026-33660, the vulnerability has a CVSS score of 9.4. Successful exploitation of this... 31/03/2026 Qualys-Threat-Protect
CISA Warns about Active Exploitation of F5 BIG-IP Vulnerability (CVE-2025-53521) CISA added a critical vulnerability in F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities catalog on Friday, based on evidence... 31/03/2026 Qualys-Threat-Protect
CISA Added Langflow Vulnerability to its Known Exploited Vulnerabilities Catalog (CVE-2026-33017) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently acknowledged the active exploitation of the Langflow vulnerability. Tracked as CVE-2026, the vulnerability may allow... 27/03/2026 Qualys-Threat-Protect
ZDI-26-226: (0Day) Microsoft Azure MCP AzureCliService Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure. Authentication is not required to... 25/03/2026 Zero-Day Initiative
Citrix NetScaler ADC and NetScaler Gateway multiple vulnerabilities (CVE-2026-3055 & CVE-2026-4368) Citrix released a security advisory addressing two vulnerabilities in NetScaler ADC and NetScaler Gateway. Tracked as CVE-2026-3055 & CVE-2026-4368, successful... 25/03/2026 Qualys-Threat-Protect
ZDI-26-225: (Pwn2Own) Samsung Galaxy S25 Samsung Account Open Redirect Security Bypass Vulnerability This vulnerability allows remote attackers to bypass security on affected installations of Samsung Galaxy S25. Authentication is not required to... 24/03/2026 Zero-Day Initiative
ZDI-26-224: (Pwn2Own) Samsung Galaxy S25 Samsung Account Cross-Site Scripting Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary script on affected installations of Samsung Galaxy S25. Authentication is not required... 24/03/2026 Zero-Day Initiative
ZDI-26-223: (Pwn2Own) Samsung Galaxy S25 Smart Touch Call Application Protection Mechanism Failure Information Disclosure Vulnerability This vulnerability allows remote attackers to disclose sensitive information on affected installations of Samsung Galaxy S25. User interaction is required... 24/03/2026 Zero-Day Initiative
