Author Archives: Syndicated News

Dependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoundation allows an unauthorized attacker to execute code over a network. Continue reading CVE-2026-23654 GitHub: Zero Shot SCFoundation Remote Code Execution Vulnerability→

Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack. Continue reading CVE-2026-24288 Windows Mobile Broadband Driver Remote Code Execution Vulnerability→

Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-24292 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability→

Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. Continue reading CVE-2026-26106 Microsoft SharePoint Server Remote Code Execution Vulnerability→

Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2026-26115 SQL Server Elevation of Privilege Vulnerability→

Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-23660 Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability→

Improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. Continue reading CVE-2026-26144 Microsoft Excel Information Disclosure Vulnerability→

Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-26134 Microsoft Office Elevation of Privilege Vulnerability→