{"vulnerability": "CVE-2026-41091", "sightings": [{"uuid": "874f59e7-a23f-40ed-bd14-45946c55f08a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmc5rjgfuc2n", "content": "CVE-2026-41091 - Microsoft Defender Elevation of Privilege Vulnerability\nCVE ID : CVE-2026-41091\n \n Published : May 20, 2026, 1:16 p.m. | 58\u00a0minutes ago\n \n Description : Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized a...", "creation_timestamp": "2026-05-20T14:51:41.613452Z"}, {"uuid": "13120046-d1bf-42f0-9912-76abcfdcc273", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mmc3h6v5lm2e", "content": "\ud83d\udd17 CVE : CVE-2026-34956, CVE-2026-44431, CVE-2026-46483, CVE-2026-41091, CVE-2026-45498, CVE-2026-45584, CVE-2026-34956, CVE-2026-41091, CVE-2026-44431, CVE-2026-45498, CVE-2026-45584, CVE-2026-46483", "creation_timestamp": "2026-05-20T14:10:08.030498Z"}, {"uuid": "08751e55-eaba-40f3-a0fb-335b5fe927f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1878", "content": "", "creation_timestamp": "2026-05-19T21:00:00.000000Z"}, {"uuid": "f99c33d3-cf07-4b4c-91f7-36331032b442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/microsoft-defender-multiple-vulnerabilities_20260521", "content": "", "creation_timestamp": "2026-05-20T18:00:00.000000Z"}, {"uuid": "b05b4ac5-9b47-48b4-a9e0-06dcbec3e615", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2026-41091", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/585a485a-b1a5-49e8-8e94-9e2a71a3efb4", "content": "", "creation_timestamp": "2026-05-20T18:00:02.776965Z"}, {"uuid": "bc5f695b-0412-44fb-9cc1-a687081dfb67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mmcpa3cyoa2e", "content": "~Cisa~\nCISA added seven actively exploited vulnerabilities to the KEV catalog, urging immediate remediation.\n-\nIOCs: CVE-2026-41091, CVE-2026-45498\n-\n#CISA #KEV #ThreatIntel #Vulnerability", "creation_timestamp": "2026-05-20T20:04:04.591235Z"}, {"uuid": "89ca344b-f352-48a9-b054-7141bf4d8562", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://infosec.exchange/users/secdb/statuses/116608677530202595", "content": "\ud83d\udea8 [CISA-2026:0520] CISA Adds 7 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0520)\nCISA has added 7 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.\n\u26a0\ufe0f CVE-2008-4250 (https://secdb.nttzen.cloud/cve/detail/CVE-2008-4250)- Name: Microsoft Windows Buffer Overflow Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Windows- Notes: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067 ; https://nvd.nist.gov/vuln/detail/CVE-2008-4250\n\u26a0\ufe0f CVE-2009-1537 (https://secdb.nttzen.cloud/cve/detail/CVE-2009-1537)- Name: Microsoft DirectX NULL Byte Overwrite Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: DirectX- Notes: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028 ; https://nvd.nist.gov/vuln/detail/CVE-2009-1537\n\u26a0\ufe0f CVE-2009-3459 (https://secdb.nttzen.cloud/cve/detail/CVE-2009-3459)- Name: Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Adobe- Product: Acrobat and Reader- Notes: https://www.cisa.gov/news-events/alerts/2009/10/13/adobe-reader-and-acrobat-vulnerabilities ; https://web.archive.org/web/20120324170253/http://www.adobe.com/support/security/bulletins/apsb09-15.html#:~:text=CVE%2D2009%2D3459).-,NOTE%3A,-There%20are%20reports ; https://nvd.nist.gov/vuln/detail/CVE-2009-3459\n\u26a0\ufe0f CVE-2010-0249 (https://secdb.nttzen.cloud/cve/detail/CVE-2010-0249)- Name: Microsoft Internet Explorer Use-After-Free Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Internet Explorer- Notes: https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2010/979352 ; https://nvd.nist.gov/vuln/detail/CVE-2010-0249\n\u26a0\ufe0f CVE-2010-0806 (https://secdb.nttzen.cloud/cve/detail/CVE-2010-0806)- Name: Microsoft Internet Explorer Use-After-Free Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Internet Explorer- Notes: https://learn.microsoft.com/en-us/security-updates/securityadvisories/2010/981374 ; https://nvd.nist.gov/vuln/detail/CVE-2010-0806\n\u26a0\ufe0f CVE-2026-41091 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41091)- Name: Microsoft Defender Link Following Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Defender- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-41091 ; https://nvd.nist.gov/vuln/detail/CVE-2026-41091\n\u26a0\ufe0f CVE-2026-45498 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-45498)- Name: Microsoft Defender Denial of Service Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Defender- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45498 ; https://nvd.nist.gov/vuln/detail/CVE-2026-45498\n#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260520 #cisa20260520 #cve_2008_4250 #cve_2009_1537 #cve_2009_3459 #cve_2010_0249 #cve_2010_0806 #cve_2026_41091 #cve_2026_45498 #cve20084250 #cve20091537 #cve20093459 #cve20100249 #cve20100806 #cve202641091 #cve202645498", "creation_timestamp": "2026-05-20T21:13:37.284640Z"}, {"uuid": "c345dc7e-f5a5-4abf-bd8f-d8250b666143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-av26-489", "content": "", "creation_timestamp": "2026-05-20T10:16:09.000000Z"}, {"uuid": "a6643f2f-b43f-4402-b435-27b8863b1dc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-41091", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mmdyvqqkcx2w", "content": "\ud83d\udcf0 Microsoft Tambal Dua Celah Zero-Day Kritis pada Windows Defender yang Aktif Dieksploitasi\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/05/21/microsoft-tambal-dua-zero-day-defender-dieksploitasi/\n\n#beritaTeknologi #cisaKevCatalog #cve-2026-41091 #cve-2026-45498 #denialOfService", "creation_timestamp": "2026-05-21T08:29:54.226301Z"}, {"uuid": "4a5a74e9-ef1b-452f-989c-bafbd7967874", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mmeblgq6r22p", "content": "Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/05/21/m...\n\n#cybersecurity #cybersecuritynews #vulnerability #vulnerabilitydisclosure #Windows @microsoft.com", "creation_timestamp": "2026-05-21T11:05:16.709010Z"}, {"uuid": "e3bfc95b-528c-433d-a2fa-d54a8dc38ddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mmecyfedqo2y", "content": "Microsoft patched two exploited zero-days in Defender: CVE-2026-41091, a local privilege escalation to SYSTEM, and CVE-2026-45498, a denial-of-service flaw. CISA added both to KEV. #MicrosoftDefender #CVE202641091 #CVE202645498", "creation_timestamp": "2026-05-21T11:30:20.838492Z"}, {"uuid": "1e2810bf-897d-4e69-a902-d8f92bc5672b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mmeeo7mnce2q", "content": "Microsoft patched two actively exploited Defender zero-days, CVE-2026-41091 and CVE-2026-45498. One can grant SYSTEM privileges, while the other can trigger DoS on unpatched Windows devices. #MicrosoftDefender #CISA #Windows \u0627\u0644\u0623\u0645\u0646\u064a\u0629", "creation_timestamp": "2026-05-21T12:00:27.584062Z"}, {"uuid": "4e0a88ea-6688-408f-86f4-8541d6ccc460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://t.me/true_secator/8228", "content": "Microsoft \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u043d\u043e\u0432\u044b\u0445 \u0434\u0432\u0443\u0445 0-day \u0432 Defender, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u0435\u0440\u0432\u0430\u044f, CVE-2026-41091, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e Microsoft Malware Protection Engine 1.1.26030.3008 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0433\u043e \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0441\u0441\u044b\u043b\u043e\u043a \u043f\u0435\u0440\u0435\u0434 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0444\u0430\u0439\u043b\u0443 (\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0430\u043c), \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2026-45498) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Microsoft Defender Antimalware Platform 4.18.26030.3011 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 Microsoft System Center Endpoint Protection, System Center 2012 R2 Endpoint Protection, System Center 2012 Endpoint Protection \u0438 Security Essentials.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c DoS \u043d\u0430 \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows.\n\nMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432\u0435\u0440\u0441\u0438\u0438 1.1.26040.8 \u0438 4.18.26040.7 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b Malware Protection Engine \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0432\u043e\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u00ab\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u043c \u041f\u041e Microsoft \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0430\u0437 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e \u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows Defender Antimalware Platform.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u0441\u0435 \u0436\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c, \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u0430 \u043b\u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows Defender, \u0438 \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f \u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0412\u0447\u0435\u0440\u0430 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0430\u044f CISA \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0437\u0432\u0430\u043b\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u0437\u0430\u0449\u0438\u0442\u0443 \u0441\u0438\u0441\u0442\u0435\u043c Windows \u043e\u0442 \u0434\u0432\u0443\u0445 0-day \u0432 Microsoft Defender, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u0432, \u0447\u0442\u043e \u043e\u043d\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u0421\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u0432\u043d\u0435\u0441\u043b\u0430\u00a0\u0438\u0445 \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 (KEV).", "creation_timestamp": "2026-05-21T14:44:32.000000Z"}, {"uuid": "a189bc8c-76d9-4478-8704-fdc86b14e05d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/bitnewsbot.bsky.social/post/3mmeoy56j7z2j", "content": "Two actively exploited vulnerabilities in Microsoft Defender, CVE-2026-41091 and CVE-2026-45498, have been patched according to an advisory dated May 21, [\u2026]", "creation_timestamp": "2026-05-21T15:04:57.164692Z"}, {"uuid": "3be64f85-c77f-43ce-a3aa-ba9746809746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://infosec.exchange/ap/users/116025545744531578/statuses/116612467967333188", "content": "\ud83d\udd34 SonicWall Gen6 SSL-VPN MFA bypass is being exploited through CVE-2024-12802 after incomplete LDAP remediation, with ransomware tooling observed.\n\ud83d\udd34 Microsoft Defender CVE-2026-41091 and CVE-2026-45498 are now in CISA KEV after confirmed exploitation.\nCheck VPN auth logs and verify Defender platform and engine versions.solomonneas.dev/intel\n#CyberSecurity #ThreatIntel #CISA #VPN", "creation_timestamp": "2026-05-21T15:18:46.948164Z"}, {"uuid": "920ec2a5-dfff-4943-a435-bc60260d2530", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mmeqcqorryq2", "content": "CISA Adds Two Exploited Microsoft Defender Zero-Days to KEV Microsoft Defender is actively being exploited via two zero-days, CVE-2026-41091 and CVE-2026-45498, which CISA added to its KEV catalog ...\n\n#Cybersecurity #CVE #Vulnerability #Alerts [\u2026] \n\n[Original post on dailysecurityreview.com]", "creation_timestamp": "2026-05-21T15:28:49.458328Z"}, {"uuid": "262f8622-8214-49a7-a566-217959c6b1ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://thehackernews.com/2026/05/microsoft-warns-of-two-actively.html", "content": "Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild.\n\nThe former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring system. Successful exploitation of the flaw could allow an attacker to gain SYSTEM privileges.\n\n\"Improper link resolution before file access ('link following') in Microsoft Defender", "creation_timestamp": "2026-05-21T08:55:57.000000Z"}, {"uuid": "e425d125-c47e-4ba4-acf7-9688175ad0be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/kautious.com/post/3mmekbv63v22d", "content": "Worth noting: the Anthropic compute story traces to The Information. On the risk side, watch the named Defender CVEs (CVE-2026-41091/45498) and Microsoft\u2019s Mini Shai-Hulud npm supply-chain analysis targeting antv packages.", "creation_timestamp": "2026-05-21T13:41:22.131641Z"}, {"uuid": "b09ea93b-f289-4fae-b962-3d3c9d8aa9ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://www.acn.gov.it/portale/w/microsoft-rilevato-sfruttamento-attivo-di-nuove-vulnerabilita", "content": "", "creation_timestamp": "2026-05-21T02:11:49.000000Z"}, {"uuid": "c92b2c0d-829f-450b-9238-fcdc88b104a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mmebwpqnuq27", "content": "Microsoft Defender\u306e\u8106\u5f31\u6027\u304c\u91ce\u751f\u3067\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\uff08CVE-2026-41091\u3001CVE-2026-45498\uff09\n\n\u653b\u6483\u8005\u304cMicrosoft Defender\u306e2\u3064\u306e\u8106\u5f31\u6027\uff08CVE-2026-41091\u304a\u3088\u3073CVE-2026-45498\uff09\u3092\u60aa\u7528\u3057\u3066\u304a\u308a\u3001Microsoft\u306f\u3053\u308c\u3092\u8a8d\u3081\u3001CISA\u306f\u305d\u308c\u3089\u3092\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\u8106\u5f31\u6027\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3059\u308b\u3053\u3068\u3067\u78ba\u8a8d\u3057\u307e\u3057\u305f\u3002 \u8106\u5f31\u6027\u306b\u3064\u3044\u3066 CVE-2026-41091\u306f\u30ed\u30fc\u30ab\u30eb\u6a29\u9650\u6607\u683c", "creation_timestamp": "2026-05-21T11:11:30.362814Z"}, {"uuid": "f020faff-e3c2-48a4-9c66-f386a734da91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116614160241192927", "content": "\ud83d\udcf0 Warning: Microsoft Defender Flaws Actively Exploited to Gain SYSTEM Privileges\n\u26a0\ufe0f ACTIVE EXPLOITATION ALERT: Flaws in Microsoft Defender (CVE-2026-41091, CVE-2026-45498) are being used by attackers to gain SYSTEM privileges and disable AV. Patch the Malware Protection Engine immediately! #CyberSecurity #Vulnerability #PatchNow\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/microsoft-defender-vulnerabilities-actively-exploited-for-privilege-escalati\u2026", "creation_timestamp": "2026-05-21T19:14:34.159250Z"}, {"uuid": "750c21cf-174e-4f09-b3be-9928ffb02fa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mmf4xa64nm2h", "content": "\u26a0\ufe0f ACTIVE EXPLOITATION ALERT: Flaws in Microsoft Defender (CVE-2026-41091, CVE-2026-45498) are being used by attackers to gain SYSTEM privileges and disable AV. Patch the Malware Protection Engine immediately! #CyberSecurity #Vulnerability #PatchNow\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-05-21T19:14:59.206516Z"}, {"uuid": "efa8730f-b31d-430a-baef-eddac57c1939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmfvchcwo22h", "content": "Top 3 CVE for last 7 days:\nCVE-2026-45584: 64 interactions\nCVE-2026-45250: 63 interactions\nCVE-2026-42897: 43 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-45250: 63 interactions\nCVE-2026-41091: 8 interactions\nCVE-2026-45498: 8 interactions\n", "creation_timestamp": "2026-05-22T02:30:46.273137Z"}, {"uuid": "ce699aa7-fefe-4a03-9485-c3ae69354938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3mmmdgkekx226", "content": "\ud83d\udea8 #Vulnerabilidad cr\u00edtica de escalada de privilegios en #Microsoft #Defender (CVE-2026-41091 / CVE-2026-45498) (+MITIGACI\u00d3N) www.newstecnicas.com/2026/05/vuln...", "creation_timestamp": "2026-05-24T15:59:38.952987Z"}, {"uuid": "9a40dc29-1985-48d0-85f8-cbaf9de306cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "Telegram/jiZx2KVeoyFQFLEzwG_O_yzJtDlSLZKc89oI7xVvPAIu4g", "content": "", "creation_timestamp": "2026-05-21T12:31:26.000000Z"}, {"uuid": "d0872cea-d7dd-4896-b763-743566c290fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/cocanews.bsky.social/post/3mmgebhad222p", "content": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u3001Defender\u306e\u60aa\u7528\u3055\u308c\u305f\u30bc\u30ed\u30c7\u30a4\u3092\u4fee\u6b63\uff08CVE-2026-41091\u3001CVE-2026-45498\uff09 | Codebook\uff5cSecurity News\n\nhttps://www.wacoca.com/news/2843035/\n\n\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u3001Defender\u306e\u60aa\u7528\u3055\u308c\u305f\u30bc\u30ed\u30c7\u30a4RedSun\u3068UnDefend\u3092\u4fee\u6b63\uff08CVE-2026-41091\u3001CVE-2026-45498\uff09 SecurityWeek \u2013 May 21, 2026 \u30de\u30a4\u30af\u30ed\u30bd\u30d5 [...]", "creation_timestamp": "2026-05-22T06:58:37.984652Z"}, {"uuid": "ad6d3031-1785-4d31-9528-d1dc4a195ef8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/jussimetso.com/post/3mmgjkz2z6k25", "content": "There are 2 Zero-day vulnerabities in Microsoft Defender! CVE-2026-41091 and CVE-2026-45498 impacting to impact Microsoft Defender\u2019s Malware Protection Engine and Antimalware Platform. www.linkedin.com/pulse/warnin...", "creation_timestamp": "2026-05-22T08:33:27.923516Z"}, {"uuid": "79148938-402d-4fa5-a2db-8d56a56f1989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/guardian360.bsky.social/post/3mmgl2qrcwk2e", "content": "Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild.\n\nThe former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring system.", "creation_timestamp": "2026-05-22T09:00:09.953217Z"}, {"uuid": "af7dbcb6-7fae-4784-b5d2-04eecff7827b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mmkwa6j64z2e", "content": "Top 3 CVE for last 7 days:\nCVE-2026-45584: 65 interactions\nCVE-2026-45250: 64 interactions\nCVE-2026-46333: 25 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-69: 18 interactions\nCVE-2026-20223: 3 interactions\nCVE-2026-41091: 3 interactions\n", "creation_timestamp": "2026-05-24T02:30:41.902256Z"}, {"uuid": "a94485e9-df67-4501-be6d-8cbaf07a05cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/85279", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-41091\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xBlackash\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C++\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-21 19:28:49\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-41091\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-21T20:00:06.000000Z"}, {"uuid": "78c6fc31-d4cc-41ad-bd8f-70b40eac2a63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mmgajxmtikzj", "content": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u3001Defender\u306e\u60aa\u7528\u3055\u308c\u305f\u30bc\u30ed\u30c7\u30a4\u3092\u4fee\u6b63\uff08CVE-2026-41091\u3001CVE-2026-45498\uff09 | Codebook\uff5cSecurity News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/45741/", "creation_timestamp": "2026-05-22T05:52:28.325210Z"}, {"uuid": "4bfd5933-7478-48e9-81a2-28617959bd80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mmgu44wxfs2g", "content": "Microsoft Warns of Two Actively Exploited Defender Vulnerabilities\n\nMicrosoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild.\n\nThe former, tracked as CVE-2026-41091, is rated 7.8 on the C\u2026\n#hackernews #microsoft #news", "creation_timestamp": "2026-05-22T11:41:59.551077Z"}, {"uuid": "68c87199-89bf-4354-8acc-a33fd9139637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mmgvb62utk2g", "content": "Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)\n\nAttackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known Exploite\u2026\n#hackernews #microsoft #news", "creation_timestamp": "2026-05-22T12:02:42.100752Z"}, {"uuid": "dc7bced0-ff1f-46f7-a41b-2b5c0ceebb2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116619811118984669", "content": "\ud83d\udcf0 Warning: Microsoft Defender Flaws Actively Exploited to Gain SYSTEM Privileges\n\u26a0\ufe0f ACTIVE EXPLOITATION ALERT: Flaws in Microsoft Defender (CVE-2026-41091, CVE-2026-45498) are being used by attackers to gain SYSTEM privileges and disable AV. Patch the Malware Protection Engine immediately! #CyberSecurity #Vulnerability #PatchNow\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/microsoft-defender-vulnerabilities-actively-exploited-for-privilege-escalati\u2026", "creation_timestamp": "2026-05-22T19:11:40.248584Z"}, {"uuid": "599b697b-01b1-4442-a66b-294e23a10f4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mmhnbzmjdo2p", "content": "\u26a0\ufe0f ACTIVE EXPLOITATION ALERT: Flaws in Microsoft Defender (CVE-2026-41091, CVE-2026-45498) are being used by attackers to gain SYSTEM privileges and disable AV. Patch the Malware Protection Engine immediately! #CyberSecurity #Vulnerability #PatchNow\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-05-22T19:12:40.016808Z"}, {"uuid": "19e5c81a-12a0-4ff8-8c90-ab311ce203ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mmht63ratv2k", "content": "PATCH NOW: Microsoft Defender Zero-Days (CVSS 78) Exploited in Wild \u2014 CISA Issues Urgent Warning +\u00a0Video\n\nIntroduction Microsoft has disclosed two zero-day vulnerabilities in Microsoft Defender that are being actively exploited in the wild. Tracked as CVE-2026-41091 (CVSS 7.8) and CVE-2026-45498\u2026", "creation_timestamp": "2026-05-22T20:57:51.622157Z"}, {"uuid": "43205c82-a4c4-485c-a1fd-90ee467a4e1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://t.me/thehackernews/9054", "content": "\ud83d\udea8 Microsoft warns two Defender vulnerabilities are being actively exploited in the wild.\n\nhttps://thehackernews.com/2026/05/microsoft-warns-of-two-actively.html\n\n\ud83d\udd38 CVE-2026-41091 could allow attackers to gain SYSTEM privileges locally.\n\ud83d\udd38 CVE-2026-45498 is a denial-of-service flaw impacting Defender.\n\nCISA added both to KEV with a June 3, 2026 patch deadline.", "creation_timestamp": "2026-05-21T11:51:37.000000Z"}, {"uuid": "67fd37d2-155d-4abb-9247-e6d09ef168ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/deafnews-auto.bsky.social/post/3mmmkjexofu2h", "content": "CVE-2026-41091: Microsoft Defender Engine Exploited for SYSTEM Privilege Escalation", "creation_timestamp": "2026-05-24T18:06:24.757220Z"}, {"uuid": "9ee7d488-5592-4e28-981b-65f4d5470043", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mmmzoauhvs2g", "content": "Microsoft\u3001\u30bc\u30ed\u30c7\u30a4 \u8106\u5f31\u6027\u306eRedSun(CVE-2026-41091)\u3068UnDefend(CVE-2026-45498)\u306e\u7dca\u6025\u30d1\u30c3\u30c1\u3092\u516c\u958b\u30fbYellowKey(CVE-2026-45585)\u306f\u300c\u7de9\u548c\u7b56\u306e\u307f\u300d\n\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-05-24T22:37:38.610526Z"}, {"uuid": "135c2216-b0a7-4ccb-8095-666793f8aed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "Telegram/EQ-OtrMk-MWFYtaQdS6-MjZwABKlvl-CaVDrJmD_M-e-p2s", "content": "", "creation_timestamp": "2026-05-22T03:00:06.000000Z"}, {"uuid": "7ee107c8-da43-4b92-950c-46f6245c3ff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://t.me/kasperskyb2b/2193", "content": "\u27a1\ufe0f \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udfe2\u0410\u043d\u0430\u043b\u0438\u0437 \u043d\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a APT Cloud Atlas, \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0445 \u0432 2026 \u0433\u043e\u0434\u0443. \u0426\u0435\u043b\u0438 \u2014 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0438 \u0434\u0438\u043f\u043b\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0420\u043e\u0441\u0441\u0438\u0438 \u0438 \u0411\u0435\u043b\u043e\u0440\u0443\u0441\u0441\u0438\u0438. \u0426\u0435\u043b\u0435\u0432\u043e\u0439 \u0444\u0438\u0448\u0438\u043d\u0433 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b \u043a \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0431\u044d\u043a\u0434\u043e\u0440\u0430 VBCloud \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438 PowerShower, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0443\u0442\u0438\u043b\u0438\u0442. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430\u0441\u044c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430, \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u0430\u044f \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044e \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u0430\u0442\u0430\u043a\u0438. \n\n\ud83d\udfe2APT Calypso/Red Lamassu \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0441 2022 \u0433\u043e\u0434\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0442\u0435\u043b\u0435\u043a\u043e\u043c-\u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0432 \u0410\u0422\u0420 \u0438 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u0412\u041f\u041e \u0434\u043b\u044f Linux \u0438 Windows. \u0418\u043c\u043f\u043b\u0430\u043d\u0442 Showboat \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u044b\u0439 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u043f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0438 \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043a\u0430\u043a SOCKS5-\u043f\u0440\u043e\u043a\u0441\u0438  \n\n\ud83d\udfe2\u0423\u0433\u0440\u043e\u0437\u044b \u0434\u043b\u044f \u041f\u041a \u0437\u0430 1 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2026 \u0433\u043e\u0434\u0430: \u0431\u044b\u043b\u043e \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u043f\u043e\u0447\u0442\u0438 3000 \u043d\u043e\u0432\u044b\u0445 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0439 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u041f\u041e, \u0430 \u043e\u0442 \u0430\u0442\u0430\u043a \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 77 \u0442\u044b\u0441\u044f\u0447 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \u041d\u0430 Clop \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c 14% \u0432\u0441\u0435\u0445 \u0436\u0435\u0440\u0442\u0432, \u0447\u044c\u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u0441\u0430\u0439\u0442\u0430\u0445 \u0443\u0442\u0435\u0447\u0435\u043a \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a \u0437\u0430 \u044d\u0442\u043e\u0442 \u043f\u0435\u0440\u0438\u043e\u0434.\n\n\ud83d\udd35APT Webworm \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0433\u043e\u0434 \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u043b\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0438\u0437 \u0410\u0437\u0438\u0438 \u0432 \u0415\u0432\u0440\u043e\u043f\u0443. \u0412 \u0440\u044f\u0434\u0435 \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 \u0433\u0440\u0443\u043f\u043f\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 Discord \u0438 API MS Graph \u043a\u0430\u043a C2-\u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443.\n\n\ud83d\udd35\u0420\u0430\u0437\u0431\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0435 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u0435 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 TencShell, \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430 \u043d\u0430 Go, \u0438\u0437\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0431\u0430\u0437\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0433\u043e C2-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Rshell.   \u0418\u043c\u043f\u043b\u0430\u043d\u0442 \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u044b\u0439 \u0438 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u0446\u0435\u043b\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b. \n\n\ud83d\udfe3\u0420\u0430\u0437\u0431\u043e\u0440 TTPs APT44 \u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u0440\u0435 10 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439, \u0433\u0434\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 \u0438\u044e\u043b\u044f 2025 \u0433\u043e\u0434\u0430 \u043f\u043e \u044f\u043d\u0432\u0430\u0440\u044c 2026. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u043f\u0440\u0438\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0433\u0440\u0443\u043f\u043f\u044b \u0434\u0430\u0432\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u043c\u0443 \u0412\u041f\u041e, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438  \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u0432 \u0441\u0435\u0442\u044f\u0445 \u0418\u0422 \u0438 \u041e\u0422 \u043f\u0440\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u044f.\n \n\ud83d\udfe3\u0420\u0430\u0437\u0431\u043e\u0440 \u0412\u041f\u041e ZionSiphon, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0434\u043e\u043b\u0436\u043d\u043e \u043d\u0430\u0440\u0443\u0448\u0430\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u0443 \u0441\u0438\u0441\u0442\u0435\u043c \u0432\u043e\u0434\u043e\u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u0438 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0418\u0418-\u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432. \u041d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0433\u0435\u043e\u0442\u0430\u0440\u0433\u0435\u0442\u0438\u043d\u0433\u0430 \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u043d\u0435 \u0434\u0430\u044e\u0442 \u0412\u041f\u041e \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c, \u0430 \u0440\u0430\u0431\u043e\u0442\u0430 \u0441 \u0410\u0421\u0423 \u0422\u041f \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u043d\u043e \u0438 \u043d\u0435 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u043c \u044d\u0444\u0444\u0435\u043a\u0442\u0430\u043c, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0412\u041f\u041e \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u0441\u044f.\n\n\ud83d\udfe3Microsoft \u043f\u0440\u0435\u0441\u0435\u043a\u043b\u0430 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c SignSpaceCloud, \u0441\u0435\u0440\u0432\u0438\u0441\u0430 signing-as-a-service, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0433\u043e \u043a\u0430\u043a Fox Tempest, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441 \u043c\u0430\u044f 2025 \u0433\u043e\u0434\u0430 \u043f\u0440\u043e\u0434\u0430\u0432\u0430\u043b \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043a\u043e\u0434\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c \u0412\u041f\u041e. \u0421\u0440\u0435\u0434\u0438 \u00ab\u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432\u00bb \u2014 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 Rhysida, INC, Qilin \u0438 Akira, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0433\u0440\u0443\u043f\u043f\u044b, \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u044b.\n\n\ud83d\udd35\u042d\u043f\u0438\u0434\u0435\u043c\u0438\u044e \u0430\u0442\u0430\u043a \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u0443\u0436\u0435 \u0432\u043f\u043e\u0440\u0443 \u043d\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u0447\u0443\u043c\u043e\u0439. \u0421\u0440\u0435\u0434\u0438 \u0440\u0435\u0437\u043e\u043d\u0430\u043d\u0441\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043d\u0435\u0434\u0435\u043b\u044c: AntV (Alibaba), DurableTask (Microsoft), Nx Console, Grafana, TanStack, \u0438 \u043d\u0430 \u0437\u0430\u043a\u0443\u0441\u043a\u0443 \u0441\u0430\u043c GitHub.\n\n\ud83d\udd35\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0430\u0442\u0430\u043a APT Storm-2949, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u044e\u0442 \u0446\u0435\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0440\u0435\u0434 Microsoft, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f SaaS \u0438 PaaS. \n\n\ud83d\udfe3\u0412\u044b\u0448\u043b\u0438 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0432\u0443\u0445 \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u0432 \u0432 Defender, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445: \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CVE-2026-41091) \u0438 DoS (CVE-2026-45498).\n\n\ud83d\udfe3\u0422\u0430\u043a\u0436\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0437\u0438\u0440\u043e\u0434\u0435\u0439 \u0432 Microsoft Exchange Outlook Web Access (CVE-2026-42897), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 JavaScript \u0432 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u044f\u0449\u0438\u043a\u0430\u0445 OWA. Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b, \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u043f\u0430\u0442\u0447  \u043d\u0435 \u0433\u043e\u0442\u043e\u0432.\n\n\ud83d\udd34\u0417\u0430\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043f\u0430\u043b\u0435\u043e\u043d\u0442\u043e\u043b\u043e\u0433\u0438\u044f: \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0440\u0430\u0431\u043e\u0442\u044b Fast16, \u0434\u0432\u043e\u044e\u0440\u043e\u0434\u043d\u043e\u0433\u043e \u0431\u0440\u0430\u0442\u0430 Stuxnet. \u042d\u0442\u043e \u0412\u041f\u041e \u0431\u044b\u043b\u043e \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043e \u043d\u0430 \u041f\u041e LS-DYNA \u0438 Autodyn, \u0438 \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u043b\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438 \u043c\u043e\u0434\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u044f\u0434\u0435\u0440\u043d\u044b\u0445 \u0432\u0437\u0440\u044b\u0432\u043e\u0432. \u0420\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u043f\u043e\u0434\u0441\u0447\u0451\u0442\u043e\u0432 \u043f\u043e\u0434\u043c\u0435\u043d\u044f\u043b\u0438\u0441\u044c \u043d\u0430 \u043b\u0435\u0442\u0443, \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u043f\u043b\u043e\u0442\u043d\u043e\u0441\u0442\u044c \u044f\u0434\u0435\u0440\u043d\u043e\u0433\u043e \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u0430 \u043d\u0435 \u0434\u043e\u0441\u0442\u0438\u0433\u043d\u0443\u0442\u0430.  \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0443\u0432\u0435\u0440\u0435\u043d\u044b, \u0447\u0442\u043e fast16 \u0431\u044b\u043b \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d \u0434\u043b\u044f \u0441\u0430\u0431\u043e\u0442\u0430\u0436\u0430 \u044f\u0434\u0435\u0440\u043d\u043e\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0418\u0440\u0430\u043d\u0430.\n\n\ud83d\udfe0\u041d\u0435\u043c\u043d\u043e\u0433\u043e \u0437\u0430 \u0440\u0430\u043c\u043a\u0430\u043c\u0438 \u043d\u0430\u0448\u0438\u0445 \u043e\u0431\u044b\u0447\u043d\u044b\u0445 \u0442\u0435\u043c, \u043d\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u043c \u043c\u043e\u043b\u0447\u0430\u0442\u044c. \u0414\u043e 30% \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0437\u0430\u0440\u0443\u0431\u0435\u0436\u043d\u043e\u0435 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0435 \u041f\u041e, \u0437\u0430\u043a\u0443\u043f\u043b\u0435\u043d\u043d\u043e\u0435 \u0434\u043e 2022 \u0433\u043e\u0434\u0430, \u043d\u043e \u0443\u0436\u0435 \u0431\u0435\u0437 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0431\u0435\u0437 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438.  \u00af\\_(\u30c4)_/\u00af\n\n#\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2026-05-25T09:12:01.000000Z"}, {"uuid": "a7721f2e-f460-4fdb-940f-05cab930ce91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "Telegram/hQ1BgqlandqZtiBEN_8bc-Jqb7FATWW_NqNwwco7cLj54NM", "content": "", "creation_timestamp": "2026-05-23T03:00:04.000000Z"}, {"uuid": "e1f46ef4-1633-474e-b81e-267d8db09f86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/masuda-bot.jiskey.dev.ap.brid.gy/post/3mmo2mej277d2", "content": "\u65b0\u3057\u3044\u8a18\u4e8b\u304c\u6295\u7a3f\u3055\u308c\u307e\u3057\u305f\n\nMicrosoft Defender\u306e\u7dca\u6025\u30d1\u30c3\u30c1\nRedSun(CVE-2026-41091) \u6a29...\nhttps://anond.hatelabo.jp/20260525172541", "creation_timestamp": "2026-05-25T08:27:17.270274Z"}, {"uuid": "a70ad684-63ee-4b70-9763-b366b5c43bbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/boredchilada.bsky.social/post/3mmouaicxxy2e", "content": "~Checkpoint~\nHighlights include actively exploited Defender &amp; Drupal flaws, major breaches at GitHub &amp; 7-Eleven, and new AI-driven threats.\n-\nIOCs: CVE-2026-41091, CVE-2026-9082, Showboat\n-\n#CVE #Malware #ThreatIntel", "creation_timestamp": "2026-05-25T16:05:43.699907Z"}, {"uuid": "31c376d9-fe63-4a00-a150-6155427c830d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://chaos.social/users/christopherkunz/statuses/116640416250193841", "content": "The RedSun vulnerability was \"officially fixed\" on May 19, with the fix being \"let's break the PoC by quarantining the affected .exe\". The fix is just part of a Defender definition update. So, I guess the Red Sun no longer prevails. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091", "creation_timestamp": "2026-05-26T10:31:49.929385Z"}, {"uuid": "9a4a231b-1fe7-4d2a-ac48-5260f60f8337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://bsky.app/profile/christopherkunz.bsky.social/post/3mmqsbasypq2u", "content": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091 [2/2]", "creation_timestamp": "2026-05-26T10:35:40.644212Z"}, {"uuid": "83484d80-23cf-4ca2-b5bb-e38c64422ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41091", "type": "seen", "source": "https://t.me/xakep_ru/19431", "content": "Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 0-day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 UnDefend \u0438 RedSun\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0432\u043d\u0435\u043f\u043b\u0430\u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0432\u0443\u0445 0-day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Microsoft Defender, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445. \u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e \u0431\u0430\u0433\u0430\u0445 CVE-2026-41091 \u0438 CVE-2026-45498, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u044f\u043c\u0438 RedSun \u0438 UnDefend.\n\nhttps://xakep.ru/2026/05/26/undefend-redsun-patch/", "creation_timestamp": "2026-05-26T15:36:32.000000Z"}]}