All news with #vulnerability disclosure tag

🔒 Pwn2Own Automotive 2026 concluded in Tokyo with researchers awarded $1,047,000 for exploiting 76 zero-day vulnerabilities between January 21 and 23. The contest targeted fully patched in-vehicle infotainment systems, EV chargers, and car operating systems including Automotive Grade Linux. Team Fuzzware.io won top prize with $215,000; vendors have 90 days to issue fixes before public disclosure by the Zero Day Initiative.

🔍 Cisco Talos stresses the simple but essential advice: know your environment, and pay attention to reconnaissance rather than dismissing it as noise. Researchers disclosed patched vulnerabilities in Foxit PDF Editor, Epic Games Store, and MedDream PACS, including privilege escalation, use‑after‑free, and XSS that could enable code execution or unauthorized access. The newsletter also covers active phishing and ransomware activity and provides telemetry on prevalent malware. Organizations should patch affected products, enhance detection for recon patterns, and apply layered defenses.

🔒 Cisco Talos disclosed multiple vulnerabilities affecting Foxit PDF Editor, the Epic Games Store installer, and MedDream PACS. The issues include installer privilege escalation, two use‑after‑free flaws in Foxit that can be triggered by crafted PDF JavaScript, and 21 reflected XSS vulnerabilities in MedDream. Vendors have issued patches under Cisco’s disclosure policy. Administrators should apply vendor updates and consider IDS/IPS signatures such as Snort to detect attempted exploitation.

🚗 On the second day of Pwn2Own Automotive 2026, security researchers earned $439,250 after exploiting 29 unique zero-day vulnerabilities in EV chargers, in-vehicle infotainment systems, and automotive operating systems. Contestants targeted fully patched devices such as the Phoenix Contact CHARX SEC-3150, ChargePoint Home Flex, and the Grizzl-E Smart 40A charging station. Fuzzware.io led the leaderboard after two days, and organizers confirmed vendors have 90 days to issue fixes before public disclosure by the Zero Day Initiative.

⚠️ CISA has added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog after observing evidence of active exploitation. The entries include CVE-2025-31125 (Vite improper access control), CVE-2025-34026 (Versa Concerto improper authentication), CVE-2025-54313 (Prettier eslint-config-prettier embedded malicious code), and CVE-2025-68645 (Synacor Zimbra Collaboration Suite PHP remote file inclusion). CISA urges organizations to prioritize remediation and follow BOD 22-01 guidance to reduce exposure to active threats.

🛑 Curl has ended paid rewards in its bug bounty program after a surge of low-quality, AI-generated vulnerability reports overwhelmed the project's triage resources. Chief administrator Daniel Stenberg said the volume of "AI slop" and generally poor reports left maintainers unable to keep up. Over the years Curl paid $101,020 in bounties, and the project joins other vendors reassessing programs as automated tooling reshapes vulnerability disclosure.

🛡️ Oracle's January quarterly update delivers 337 security fixes across its product portfolio, including 27 rated critical. The vendor reports no known in-the-wild exploitation at release, but urges priority attention to the 13 CVEs mapped to critical severity. A substantial share of patches address third-party and open-source components such as Apache Tika, creating cross-product CVE overlap and assessment complexity.

🔒 At Pwn2Own Automotive 2026 in Tokyo, researchers chained 37 zero-day vulnerabilities and collected $516,500 in cash awards on the first day. Teams including Synacktiv Team, Fuzzware.io, PetoWorks, and Team DDOS gained root access on targets such as the Tesla Infotainment System, Sony XAV-9500ES, multiple EV chargers, and other IVI systems. Vendors have 90 days to issue patches before Trend Micro's Zero Day Initiative publicly discloses the reported flaws.

🌐 The open-source Global Cybersecurity Vulnerability Enumeration (GCVE) has launched as a community-driven, European-headquartered alternative to the US-led CVE program. Hosted by CIRCL at db.gcve.eu, the initiative aggregates vulnerability data from more than 25 public sources and empowers GCVE Numbering Authorities (GNAs) to allocate identifiers independently. Backers say the model reduces single points of failure, strengthens digital sovereignty by combining open-source software with European-controlled infrastructure, and—if kept compatible with existing conventions—could speed and diversify vulnerability disclosure without causing tracking misalignment.

🔓 Researchers at Israel-based Cyata disclosed three vulnerabilities in Anthropic's official mcp-server-git that enable prompt-injection attacks to influence MCP tool calls and perform unapproved actions. The flaws affect versions prior to 2025.12.18 and are tracked as CVE-2025-68143, CVE-2025-68144, and CVE-2025-68145; together they allow arbitrary git flags, path tampering, file overwrite/deletion, and abuse of git smudge/clean filters to execute code. Cyata and interviewed experts urge an immediate update to the patched release and recommend auditing MCP deployments, restricting Git + Filesystem combinations, applying least-privilege, sanitizing inputs, and adding logging and retrospection for agent actions.

⚠️ Security researchers disclosed two critical vulnerabilities in the Python-based AI app framework Chainlit that allow unauthenticated attackers to read arbitrary server files and trigger SSRF requests. The flaws (CVE-2026-22218 and CVE-2026-22219), fixed in Chainlit 2.9.4, stem from an unvalidated custom Element type exposing path and URL properties. Exploits can leak environment variables, API keys, LLM prompts, and cloud credentials, enabling lateral movement and broader compromise.

🚨 Cybersecurity researchers have identified three prompt-injection vulnerabilities in Anthropic's reference Git server implementation, mcp-server-git, affecting default installations and all releases before 8 December 2025. The flaws let attackers manipulate what an AI assistant reads—such as a README, issue text or a webpage—to cause unintended actions without credentials or system access. Exploits can enable code execution when combined with a filesystem MCP server, delete arbitrary files, or load sensitive files into a model's context. Anthropic accepted the reports in September and issued patches in December 2025; affected users are urged to update immediately.

🔒 Cloudflare patched a vulnerability in its ACME HTTP-01 validation logic that could allow requests to bypass WAF protections and reach customer origin servers. Discovered by FearsOff in October 2025, the flaw arose when edge logic disabled WAF handling for requests matching an ACME challenge token without confirming the token belonged to the requested hostname. Cloudflare said it found no evidence of exploitation and implemented a code change on October 27, 2025 to only disable WAF features when the token is a valid challenge for that specific hostname.

🔐The new GCVE database at db.gcve.eu is a free, publicly accessible repository designed to simplify vulnerability reporting and management across Europe. It aggregates normalized data from more than 25 public sources and uses the GCVE Numbering Authority (GNA) model to enable decentralized assignment of identifiers. An open API allows seamless integration into compliance and risk-management tools for security teams, vendors, researchers, CSIRTs, and open-source developers.

⚠️ XM Cyber disclosed privilege-escalation flaws in Google’s Vertex AI that let low‑privileged users manipulate Google-managed Service Agents to gain elevated project-wide permissions. Google told XM Cyber this behavior is "working as intended." Security experts warn that managed service identities and insecure defaults create invisible, structural risks. CISOs are urged to audit service identities, reduce authentication scope, and monitor agent activity like privileged users.

🔒 Researchers at Wiz found a subtle misconfiguration in AWS CodeBuild build-trigger handling that could let unauthenticated actors infiltrate build environments and leak credentials. A two-character mistake in an unanchored regex filter allowed threat actor ID bypasses, putting public repositories such as the AWS JavaScript SDK at risk. AWS patched the issue within 48 hours, hardening CodeBuild and auditing public build logs. Wiz recommends anchored regexes, fine-grained PATs, and stricter build gates to reduce exposure.

⚠️ A critical CodeBuild misconfiguration, dubbed CodeBreach by Wiz, could have allowed attackers to take over several AWS-managed GitHub repositories, including aws-sdk-js-v3, by bypassing webhook actor ID filters. The flaw—missing ^ and $ anchors in regex filters—enabled unauthorized build triggers and potential leakage of privileged GitHub tokens. AWS fixed the issue in September 2025, rotated credentials, implemented mitigations, and reported no evidence of exploitation.

⚠️ Patchstack reports a maximum-severity vulnerability (CVE-2026-23550, CVSS 10.0) in the Modular DS WordPress plugin affecting all versions up to and including 2.5.1. The flaw permits unauthenticated privilege escalation via routes under /api/modular-connector/ when the "direct request" mode with an "origin=mo" parameter is used, bypassing authentication. Exploitation was observed beginning Jan 13, 2026, and the issue is patched in 2.5.2; administrators should update immediately.

⚠️ A critical CodeBuild misconfiguration discovered by Wiz Research allowed untrusted pull requests to run privileged builds, enabling potential injection of malicious code into core AWS repositories—including the AWS SDK for JavaScript that underpins the AWS Console. The flaw was an unanchored regex in an ACTOR_ID webhook filter that let attacker-controlled GitHub IDs bypass restrictions and access credentials stored in build memory. AWS patched the issue within 48 hours, revoked exposed credentials, added protections to block memory-based credential theft and introduced a Pull Request Comment Approval build gate. Wiz advises blocking untrusted PRs, using fine‑grained tokens and anchoring webhook regexes.

⚠️ Researchers demonstrated remote control of WHILL wheelchairs via unsecured Bluetooth connections. CISA has issued an advisory noting the devices did not enforce pairing authentication, allowing attackers within Bluetooth range to pair and control movement, override speed restrictions, and alter configuration profiles without credentials or user interaction. Users and operators should follow the advisory, apply vendor updates, and disable Bluetooth when not required.