CVE | THREATINT

Welcome

This is a free service provided by THREATINT. It is hosted in Europe

It contains information on publicly disclosed cyber security vulnerabilities based on data from the CVE® Program, please see the official CVE website and CVE List V5 on GitHub. Whenever applicable we also show information from the Known Exploited Vulnerabilities Catalog provided by US CISA as the authoritative source of vulnerabilities that have been exploited in the wild.

New

CVE-2026-23663: Microsoft Global Secure Access (GSA) Information Disclosure Vulnerability: Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-42901: Microsoft Entra ID Elevation of Privilege Vulnerability: Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-41104: Microsoft Planetary Computer Pro Information Disclosure Vulnerability: Deserialization of untrusted data in Microsoft Planetary Computer Pro allows an unauthorized attacker to disclose information over a network.

CVE-2026-45659: Microsoft SharePoint Remote Code Execution Vulnerability: Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVE-2026-41148: Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection: Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0.0-alpha.1 through 11.12.0 are vulnerable to CSS injection through improper sanitization. The state diagram (and any other diagram type that routes user-controlled s...

Updated

CVE-2026-34336: Windows DWM Core Library Elevation of Privilege Vulnerability: Buffer over-read in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2026-33117: Azure SDK for Java Security Feature Bypass Vulnerability: The Java Key Vault Keys library in the Azure SDK for Java contains an issue in the local cryptographic verification path where authentication tag comparison was implemented incorrectly. In affected applications that use the vulnerable local cryptography path, specially crafted encrypted input may bypass integrity verification checks. Ope...

CVE-2026-32185: Microsoft Teams Spoofing Vulnerability: Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally.

CVE-2026-41105: Azure Monitor Action Group Notification System Elevation of Privilege Vulnerability: Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network.

CVE-2026-42826: Azure DevOps Information Disclosure Vulnerability: Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.

CISA Known Exploited Vulnerabilities

CVE-2010-0249 Microsoft Internet Explorer: Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

CVE-2026-9082 Drupal Core: Drupal Core contains a SQL injection vulnerability that could allow for privilege escalation and remote code execution via specially crafted requests sent with the database abstraction API.

CVE-2025-34291 Langflow Langflow: Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. This could allow the attacker to execute arbitrary code and achieve full system compromise via obtained tokens that permit access to authenticated endpoints.

CVE-2026-34926 Trend Micro Apex One: Trend Micro Apex One (on-premise) contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations.

CVE-2026-45498 Microsoft Defender: Microsoft Defender contains an unspecified vulnerability that allows for denial of service.

Additional information

EUVD (European Union Vulnerability Database) is maintained by ENISA (European Union Agency for Cybersecurity), under the European Union’s regulatory umbrella, serving as a centralized platform for vulnerability reporting specifically aligned with the EU’s legal frameworks such as NIS2 and the Cyber Resilience Act (CRA)

EUVD complements the CVE system by aggregating CVE data, but also assigns its own EUVD IDs to vulnerabilities, offers enriched metadata tailored for EU policies and compliance, and may highlight vulnerabilities particularly relevant to the European market.

Most vulnerabilities catalogued in EUVD will have both a CVE-ID and an EUVD-ID, acting as cross-references.

euvd.enisa.europa.eu

Source: media.ccc.de/v/eh22-138-panic-at-the-cve-o-theque.

A big "thank you" goes to @pennylane.

help @ threatint.eu