{"vulnerability": "cve-2026-3220", "sightings": [{"uuid": "68daa540-e4c4-40aa-89a1-ba097b6224f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/81341", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-32201-exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a B1tBit\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-22 21:55:19\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nA spoofing vulnerability exists in Microsoft SharePoint Server due to improper input validation. An unauthenticated attacker can send a specially crafted HTTP request to inject malicious JavaScript (reflected XSS), which executes in the security context of the SharePoint site.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-22T22:00:04.000000Z"}, {"uuid": "28dfe9a2-344d-4ce6-9429-2293ae6ced59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://t.me/thehackernews/8883", "content": "\ud83d\udea8 WARNING: Microsoft confirmed active exploitation of a Windows flaw \u2192 CVE-2026-32202.\n\nThe bug stems from an incomplete fix, allowing attackers to steal credentials via SMB authentication when a malicious file is opened.\n\n\ud83d\udd17 Read details \u2192 https://thehackernews.com/2026/04/microsoft-confirms-active-exploitation.html", "creation_timestamp": "2026-04-28T06:01:31.000000Z"}, {"uuid": "ced002d8-1e47-4458-a581-b568d426f9fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://t.me/TengkorakCyberCrewzz/39894", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 \u2013 thehackernews.com\n\nTue, 28 Apr 2026 13:50:00", "creation_timestamp": "2026-04-28T08:03:03.000000Z"}, {"uuid": "93a6dc43-4834-45df-ba26-e7a87ba2cd18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://t.me/TengkorakCyberCrewzz/9982", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 \u2013 thehackernews.com\n\nTue, 28 Apr 2026 13:50:00", "creation_timestamp": "2026-04-28T08:03:03.000000Z"}, {"uuid": "1bd3a010-44b8-4a20-9e67-5de2c5e64f86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://t.me/ctinow/249423", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202\nhttps://ift.tt/fWkVzTb", "creation_timestamp": "2026-04-28T06:59:27.000000Z"}, {"uuid": "28968259-4fe2-4d88-b992-d0a3a9ec50bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://t.me/cibsecurity/89213", "content": "\ud83d\udd8b\ufe0f Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 \ud83d\udd8b\ufe0f\n\nMicrosoft on Monday revised its advisory for a nowpatched, highseverity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE202632202 CVSS score 4.3, a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday update for this.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-04-28T07:00:17.000000Z"}, {"uuid": "54bc98b3-3642-4a8d-ad16-d11ad09d2e8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "exploited", "source": "https://t.me/true_secator/8132", "content": "\u0411\u043e\u043b\u0435\u0435 1300 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Microsoft SharePoint, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u0445\u0441\u044f \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435, \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u043c\u0438 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043f\u043e\u0434\u043c\u0435\u043d\u043e\u0439 IP, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0430\u043a 0-day \u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0438\u0445\u0441\u044f \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043a\u0430\u043a CVE-2026-32201 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 SharePoint Enterprise Server 2016, SharePoint Server 2019 \u0438 SharePoint Server Subscription Edition (\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044e\u044e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0443\u044e \u043c\u043e\u0434\u0435\u043b\u044c \u00ab\u043d\u0435\u043f\u0440\u0435\u0440\u044b\u0432\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u00bb).\n\nMicrosoft \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Patch Tuesday \u0432 \u0430\u043f\u0440\u0435\u043b\u0435. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0431\u0435\u0437 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043f\u043e\u0434\u043c\u0435\u043d\u0443 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e Microsoft \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u043a 0-day, \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430, \u043a\u0430\u043a \u0438\u043c\u0435\u043d\u043d\u043e \u043e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u0438 \u043d\u0435 \u0441\u0432\u044f\u0437\u0430\u043b\u0430 \u044d\u0442\u0443 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0441 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0438\u043b\u0438 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Shadowserver \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e\u00a0\u0431\u043e\u043b\u0435\u0435 1300 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Microsoft SharePoint \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b. \u0421 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f CVE-2026-32201 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u043b\u0438\u0448\u044c \u043c\u0435\u043d\u0435\u0435 200 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0412 \u0442\u043e\u0442 \u0436\u0435 \u0434\u0435\u043d\u044c, \u043a\u043e\u0433\u0434\u0430 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2026-32201, CISA \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0435\u0435 \u0432 \u0441\u0432\u043e\u0439\u00a0\u043a\u0430\u0442\u0430\u043b\u043e\u0433 (KEV), \u043e\u0442\u043c\u0435\u0442\u0438\u0432, \u0447\u0442\u043e \u044d\u0442\u043e\u0442 \u0442\u0438\u043f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044b\u043c \u0432\u0435\u043a\u0442\u043e\u0440\u043e\u043c \u0430\u0442\u0430\u043a \u0434\u043b\u044f \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438.", "creation_timestamp": "2026-04-22T17:00:09.000000Z"}, {"uuid": "422e09f1-699f-47c4-8e4b-8433120365db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://t.me/kasperskyb2b/2142", "content": "\ud83d\udcbb \u0410\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439: \u0446\u0443\u043d\u0430\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Windows\n\nMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 \u0441\u0432\u043e\u0435\u0439 \u0438\u0441\u0442\u043e\u0440\u0438\u0438, \u0437\u0430\u043a\u0440\u044b\u0432 163 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445. \u0415\u0441\u043b\u0438 \u043f\u043e\u0441\u0447\u0438\u0442\u0430\u0442\u044c \u0435\u0449\u0451 \u0438 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043f\u0430\u043a\u0435\u0442 \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u043c \u0441\u043e\u0444\u0442\u0435, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0432 Chromium, \u0442\u043e \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0441\u0447\u0451\u0442 \u043f\u0430\u0442\u0447\u0435\u0439 \u043f\u0440\u0438\u0431\u043b\u0438\u0436\u0430\u0435\u0442\u0441\u044f \u043a \u0448\u043e\u043a\u0438\u0440\u0443\u044e\u0449\u0435\u0439 \u043e\u0442\u043c\u0435\u0442\u043a\u0435 250. \u0421 \u0443\u0447\u0451\u0442\u043e\u043c \u0443\u0441\u043f\u0435\u0445\u043e\u0432 \u0418\u0418 \u0432 \u043f\u043e\u0438\u0441\u043a\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a \u0442\u0430\u043a\u0438\u043c \u0446\u0438\u0444\u0440\u0430\u043c \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u0438\u0434\u0438\u043c\u043e \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f \u043f\u0440\u0438\u0432\u044b\u043a\u0430\u0442\u044c.\n\n\u041e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f, \u043e\u0434\u043d\u0430 \u0431\u044b\u043b\u0430 \u0434\u043e\u0441\u0440\u043e\u0447\u043d\u043e \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0430, \u0435\u0449\u0451 8 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c. \u0410\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0431\u0430\u0433\u043e\u0432 (131) \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 Windows, \u0434\u0430\u043b\u0435\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 Office \u0441 \u0434\u044e\u0436\u0438\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043e\u043a. \n93 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 20 \u2014 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, 20 \u2014 \u0443\u0442\u0435\u0447\u043a\u0430\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 12 \u2014 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 9 \u2014 DoS, 8  \u2014 spoofing.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f\n\u0412 \u0436\u0438\u0432\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0432\u044b\u043b\u043e\u0432\u0438\u043b\u0438 CVE-2026-32201 (CVSS 6.5) \u0432 SharePoint, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a\u0430\u043a \u0440\u0430\u0437 \u043a \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0443. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043b\u0430\u043a\u043e\u043d\u0438\u0447\u0435\u043d \u0432 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u043c\u0435\u0447\u0430\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f  \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0435\u0451. \u0413\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c, \u043a\u0442\u043e \u0435\u0451 \u043d\u0430\u0448\u0451\u043b \u2014 \u043d\u0438 \u0441\u043b\u043e\u0432\u0430. \n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 CVE-2026-33825 (CVSS 7.8), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 Defender. \u0415\u0451 \u0440\u0430\u0437\u0433\u043b\u0430\u0441\u0438\u043b\u0438 \u0434\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0438 Microsoft \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0434\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c\u0441\u044f \u043e \u043f\u043e\u0440\u044f\u0434\u043a\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f \u0438 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u0430. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043d\u0430\u043b\u0438\u0447\u0438\u0435 PoC \u043d\u0430 GitHub, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Defender \u0441\u0442\u043e\u0438\u0442 \u043f\u043e\u0442\u043e\u0440\u043e\u043f\u0438\u0442\u044c\u0441\u044f \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438. \n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b\n\n\u0412 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0435\u0441\u0442\u044c \u0434\u0432\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e \u0441\u0435\u0442\u0438 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0436\u0435\u0440\u0442\u0432\u044b.\nCVE-2026-33827  \u2014 \u044d\u0442\u043e RCE \u0432 TCP/IP (\u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u044b IPv6 \u0438 IPSec), \u0430 CVE-2026-33824  \u2014 RCE \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 Windows Internet Key Exchange (IKE). \u041f\u0435\u0440\u0432\u0430\u044f \u043f\u043e\u0442\u044f\u043d\u0443\u043b\u0430 \u043d\u0430 CVSS 8.1, \u0430 \u0432\u0442\u043e\u0440\u0430\u044f \u0430\u0436 \u043d\u0430 9.8.  \n\n\u041d\u0435 \u043e\u0431\u043e\u0448\u043b\u043e\u0441\u044c \u0438 \u0431\u0435\u0437 RCE \u0432 Office (CVE-2026-32190 -33114 -33115, \u0432\u0441\u0435 CVSS 8.4), \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438\u0437 \u043f\u0430\u043d\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430. \u0421\u043d\u043e\u0432\u0430 \u0443\u043c\u043e\u043b\u044f\u0435\u043c \u0435\u0451 \u0443\u0436\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043d\u0430\u043a\u043e\u043d\u0435\u0446.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #Microsoft @\u041f2\u0422", "creation_timestamp": "2026-04-15T08:01:44.000000Z"}, {"uuid": "0950fcd7-7323-4dc3-a80f-eb9e974ea4ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mkbymlltlg2v", "content": "", "creation_timestamp": "2026-04-25T02:29:06.745043Z"}, {"uuid": "8c6ab375-1fcf-4206-9250-497f76da662a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32203", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mji4z4vi7m2f", "content": "", "creation_timestamp": "2026-04-14T19:38:27.875841Z"}, {"uuid": "e02ab277-ed21-43f9-ad46-e0689c5001d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mjhw5z7wa52q", "content": "", "creation_timestamp": "2026-04-14T17:35:54.185245Z"}, {"uuid": "bc1fc959-d425-4454-912e-9e18285e2b49", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2026-32201", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/6900f11f-52e4-4aca-ba00-96d6ca32b39a", "content": "", "creation_timestamp": "2026-04-14T18:00:02.965230Z"}, {"uuid": "edd0c2c9-c695-413c-a8ee-226bba4b4e72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6253551", "content": "", "creation_timestamp": "2026-04-14T18:14:23.889304Z"}, {"uuid": "0841684e-e826-4157-a25d-b568b462450d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/zettawire.com/post/3mjhym2fuh32d", "content": "", "creation_timestamp": "2026-04-14T18:19:33.012267Z"}, {"uuid": "2b7be382-8df0-43d6-9d3e-7bf2435a1ff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mjhyv2be2c2j", "content": "", "creation_timestamp": "2026-04-14T18:24:35.334255Z"}, {"uuid": "b0de1111-b5d8-4f95-a424-2ba56f3fc78b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "939dd687-6af3-464d-b684-c78551bcacf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32203", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "b5d11b34-4739-4642-88a8-4e817bea3275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "c2240978-5803-44b7-ad44-b5ac3be501e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32200", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "976612eb-4249-42e1-9395-445c5f99944f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mji62h677s2f", "content": "", "creation_timestamp": "2026-04-14T19:57:05.399462Z"}, {"uuid": "76603712-d8f3-4617-93b0-d84692a120ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32203", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mji6abvp5d2y", "content": "", "creation_timestamp": "2026-04-14T20:00:20.877495Z"}, {"uuid": "e2a0fb80-2248-44c5-8f65-9c1ad8409427", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://t.me/true_secator/8105", "content": "Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 Patch Tuesday \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 0-day \u0432 SharePoint \u0438 \u0435\u0449\u0435 168 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432\u043e\u043c \u043f\u043e\u0440\u0442\u0444\u0435\u043b\u0435, \u0447\u0442\u043e, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u0441\u0442\u0430\u043b\u043e  \u0432\u0442\u043e\u0440\u044b\u043c \u043f\u043e \u0432\u0435\u043b\u0438\u0447\u0438\u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0432\u0441\u044e \u0438\u0441\u0442\u043e\u0440\u0438\u044e \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0445 CVE.\n\n\u0418\u0437 \u044d\u0442\u0438\u0445 169 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 157 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u0432\u0430\u0436\u043d\u044b\u0435, \u0432\u043e\u0441\u0435\u043c\u044c - \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435, \u0442\u0440\u0438 - \u043a\u0430\u043a \u0443\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0435 \u0438 \u043e\u0434\u043d\u0430 - \u043a\u0430\u043a \u043d\u0438\u0437\u043a\u0430\u044f \u043f\u043e \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438. \n\n93 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a EoP, \u0437\u0430 \u043d\u0438\u043c\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 21 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 21 - \u0441 RCE, 14 - \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 10 - \u0441 \u043f\u043e\u0434\u043c\u0435\u043d\u043e\u0439 \u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u0434\u0435\u0432\u044f\u0442\u044c - \u0441 DoS.\n\n\u0412 \u0447\u0438\u0441\u043b\u043e 169 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u0432\u0445\u043e\u0434\u044f\u0442 \u0447\u0435\u0442\u044b\u0440\u0435 CVE, \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 Microsoft, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 AMD (CVE-2023-20585), Node.js (CVE-2026-21637), Windows Secure Boot (CVE-2026-25250) \u0438 Git for Windows (CVE-2026-32631). \u042d\u0442\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u044f\u044e\u0442\u00a078 \u043e\u0448\u0438\u0431\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Edge \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Chromium.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 SharePoint Server \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-32201\u00a0\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c \u0441 \u043f\u043e\u0434\u043c\u0435\u043d\u043e\u0439 IP-\u0430\u0434\u0440\u0435\u0441\u0430. Microsoft \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0430 \u0435\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u00ab\u0432\u0430\u0436\u043d\u044b\u0439\u00bb \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 6,5.\n\n\u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 Microsoft Office SharePoint \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043f\u043e\u0434\u043c\u0435\u043d\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0441\u0435\u0442\u0438. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0435\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e, \u043a\u0442\u043e \u0441\u0442\u043e\u0438\u0442 \u0437\u0430 0-day  \u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u043d\u0430 CVE-2026-32201. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u043a\u0430\u043a \u043e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0438 \u043a\u0430\u043a\u043e\u0432 \u043c\u0430\u0441\u0448\u0442\u0430\u0431.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u0441\u0443\u0434\u044f \u043f\u043e \u043a\u0440\u0430\u0442\u043a\u043e\u043c\u0443 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-32201 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438.\u00a0\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 SharePoint \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\u00a0\u0412 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435\u00a0KEV CISA\u00a0\u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043e 10 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2026-32201.\n\n\u0418\u0437 \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 Microsoft \u0432 \u0440\u0430\u043c\u043a\u0430\u0445\u00a0Patch Tuesday \u0437\u0430 \u0430\u043f\u0440\u0435\u043b\u044c 2026 \u0433\u043e\u0434\u0430, 19 \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u00ab\u0431\u043e\u043b\u0435\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\u00bb, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\u00a0\u00a0\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 - CVE-2026-33825 (CVSS: 7.8), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Microsoft Defender, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043c\u0438\u043a\u0440\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u0431\u044b\u043b\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0434\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u043e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e, \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0441\u044c \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0432 Defender \u0430\u0434\u0435\u043a\u0432\u0430\u0442\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 - \u044d\u0442\u043e \u0441\u043b\u0443\u0447\u0430\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0441\u043b\u0443\u0436\u0431\u044b \u043e\u0431\u043c\u0435\u043d\u0430 \u043a\u043b\u044e\u0447\u0430\u043c\u0438 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 (IKE) Windows. \u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-33824 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438\u0437 10,0.\n\n\u0414\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c IKE v2, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Windows, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a, Active Directory, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0441\u0442\u043e\u043b, Hello, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430 \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0438\u0441\u043a, \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438 TDI, BitLocker, \u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, TCP/IP, \u043e\u0431\u0449\u0438\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u0445\u043e\u0441\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 UPnP, COM, \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0430, \u0441\u043b\u0443\u0436\u0431\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0438 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440 \u043e\u043a\u043e\u043d \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430, \u0442\u0430\u043a\u0436\u0435 \u0441 \u0431\u043e\u043b\u044c\u0448\u0435\u0439 \u0434\u043e\u043b\u0435\u0439 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u0438 \u0431\u0443\u0434\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u043d\u0435\u0434\u0430\u043b\u0435\u043a\u043e\u043c \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432 Tenable \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u0442\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u043f\u043e \u0432\u0435\u043b\u0438\u0447\u0438\u043d\u0435 \u00ab\u0412\u0442\u043e\u0440\u043d\u0438\u043a \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439\u00bb \u0437\u0430 \u0432\u0441\u044e \u0438\u0441\u0442\u043e\u0440\u0438\u044e, \u0438 \u043e\u043d \u043b\u0438\u0448\u044c \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043d\u0435 \u0434\u043e\u0442\u044f\u043d\u0443\u043b \u0434\u043e \u0440\u0435\u043a\u043e\u0440\u0434\u0430, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u00a0\u043e\u043a\u0442\u044f\u0431\u0440\u0435 2025 \u0433\u043e\u0434\u0430 (183 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438).\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 \u0446\u0438\u043a\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Patch Tuesday \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0432\u043e\u0441\u0435\u043c\u044c \u043c\u0435\u0441\u044f\u0446\u0435\u0432, \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u0435 57% \u0432\u0441\u0435\u0445 CVE, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e RCE \u0441\u043d\u0438\u0437\u0438\u043b\u043e\u0441\u044c \u0434\u043e 12%, \u0441\u0440\u0430\u0432\u043d\u044f\u0432\u0448\u0438\u0441\u044c \u0441 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.", "creation_timestamp": "2026-04-15T12:00:08.000000Z"}, {"uuid": "d4d4e3fa-34b7-4800-845d-41d6b49f2e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://t.me/bdufstecru/3081", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition \u0438 Microsoft SharePoint Enterprise Server \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438\n\nBDU:2026-05272\nCVE-2026-32201\n\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e;\n- \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f (\u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f, \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438) \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a \u0442\u0438\u043f\u0430 \u00ab\u043f\u043e\u0434\u043c\u0435\u043d\u0430 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432\u00bb (IP-spoofing);\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442).\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32201", "creation_timestamp": "2026-04-15T14:32:59.000000Z"}, {"uuid": "6c370a7f-d26f-4580-8bc8-877d93251d72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mji6ccibly2d", "content": "", "creation_timestamp": "2026-04-14T20:01:28.948969Z"}, {"uuid": "b531b696-1052-45ed-be6a-f146705cfb2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-april-2026-monthly-rollup-av26-352", "content": "", "creation_timestamp": "2026-04-14T11:51:20.000000Z"}, {"uuid": "880bac6c-2dc7-4bf9-a003-c396a39b5b0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://gist.github.com/stone776/2e9ff08f1b49b6ce70a3684e7b10221a", "content": "", "creation_timestamp": "2026-04-15T08:25:35.000000Z"}, {"uuid": "5df10927-a83f-4126-a566-724318eff927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mjjmp32cv3c2", "content": "", "creation_timestamp": "2026-04-15T09:51:54.431303Z"}, {"uuid": "92ff750d-3091-4b33-b600-ac16787ede20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0119", "content": "", "creation_timestamp": "2026-04-15T06:53:38.000000Z"}, {"uuid": "894d47f1-ec1c-45d3-8bea-e143e4d46c81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32203", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0114", "content": "", "creation_timestamp": "2026-04-14T12:18:58.000000Z"}, {"uuid": "892c756e-f1de-40b2-a933-51d45f26cc4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0116", "content": "", "creation_timestamp": "2026-04-14T12:20:56.000000Z"}, {"uuid": "4e114696-4383-4d3b-a3ae-55fe977df4a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32200", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0116", "content": "", "creation_timestamp": "2026-04-14T12:20:56.000000Z"}, {"uuid": "2e40be82-0042-401a-9c60-c0be6999b66e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116408995714789924", "content": "", "creation_timestamp": "2026-04-15T13:38:32.076846Z"}, {"uuid": "e6b984a9-3b0f-4912-85de-4cdbdb2ac434", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mjjzezg5fu2a", "content": "", "creation_timestamp": "2026-04-15T13:38:51.393675Z"}, {"uuid": "82cab2e6-5bbf-42c4-a56d-1acc0c337fee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-19", "content": "", "creation_timestamp": "2026-04-15T02:38:43.000000Z"}, {"uuid": "798d5b1e-3293-49a2-9f2d-ad56f1be666c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32203", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mjjzzj3vhr2r", "content": "", "creation_timestamp": "2026-04-15T13:50:18.540892Z"}, {"uuid": "18870e34-8912-4d58-a116-7da8ca421dcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/intel.overresearched.net/post/3mjigwwokrk2n", "content": "", "creation_timestamp": "2026-04-14T22:36:11.084582Z"}, {"uuid": "419fe1f8-26d6-4db6-bbba-cdf82232648f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mjiktx2sig25", "content": "", "creation_timestamp": "2026-04-14T23:46:05.290762Z"}, {"uuid": "49acf973-bf4d-4d35-a9de-68c95bd47198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32200", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mjk3mbwm6t2a", "content": "", "creation_timestamp": "2026-04-15T14:18:41.690860Z"}, {"uuid": "01406003-08e2-4283-848e-22178cd23c2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/", "content": "", "creation_timestamp": "2026-04-14T19:47:59.000000Z"}, {"uuid": "559f3a24-81c8-4682-a975-23db1a4cc230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/technology-news.bsky.social/post/3mjk53j5w6b2c", "content": "", "creation_timestamp": "2026-04-15T14:45:06.915735Z"}, {"uuid": "7bf53d29-be8d-4af2-925c-a51ee506ad22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjkbl37puc2p", "content": "", "creation_timestamp": "2026-04-15T16:05:24.057391Z"}, {"uuid": "226d4e55-fe6f-464a-b3c1-463649fc12b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjkbl3a2m22p", "content": "", "creation_timestamp": "2026-04-15T16:05:24.579556Z"}, {"uuid": "d6aaac54-f087-4bb5-b78b-7ea312d8a8f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjkbl3a3lc2p", "content": "", "creation_timestamp": "2026-04-15T16:05:25.085403Z"}, {"uuid": "ac85f419-6901-4426-ab43-b6188c7235fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjkbl3a4kk2p", "content": "", "creation_timestamp": "2026-04-15T16:05:25.592535Z"}, {"uuid": "a00e004d-72f4-4302-a1eb-fb4e8496320e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjkbl3a4kl2p", "content": "", "creation_timestamp": "2026-04-15T16:05:26.107986Z"}, {"uuid": "6fc340d1-ce85-4d48-a438-8aa063d7daaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjkbl3a5jt2p", "content": "", "creation_timestamp": "2026-04-15T16:05:27.063061Z"}, {"uuid": "159dee2c-ec27-4f02-943e-090b5d6675a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjkbl3a6j32p", "content": "", "creation_timestamp": "2026-04-15T16:05:27.593520Z"}, {"uuid": "31ca636d-a686-4ac3-b289-7b833e87ce9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjkbl3a7id2p", "content": "", "creation_timestamp": "2026-04-15T16:05:28.131009Z"}, {"uuid": "8881a815-cd2a-4d9b-a3dc-49a0035f7bb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjkbl3a7ie2p", "content": "", "creation_timestamp": "2026-04-15T16:05:28.624541Z"}, {"uuid": "543db96c-838c-4d17-8fc6-34e93cab6b98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mjkhjcuwhk2q", "content": "", "creation_timestamp": "2026-04-15T17:51:47.279449Z"}, {"uuid": "1d02a1f0-06e2-4d07-8adc-ead1421e794d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mjkmbkdhus25", "content": "", "creation_timestamp": "2026-04-15T19:16:55.414888Z"}, {"uuid": "20cacaf0-11d4-47bd-8c76-cd63a581444f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32201", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mjjptvarjch2", "content": "", "creation_timestamp": "2026-04-15T10:48:22.856145Z"}, {"uuid": "6909bc90-f353-4a98-872a-1254ba005bf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mjitfykr6cca", "content": "", "creation_timestamp": "2026-04-15T02:19:31.657394Z"}, {"uuid": "a1128770-b3a3-4bd4-8732-b93f2575bc3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mjks6jip6e2o", "content": "", "creation_timestamp": "2026-04-15T21:02:36.007533Z"}, {"uuid": "cff33162-5fcb-45c4-b77b-0898bf5d6db1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mjiuyyjy7o2s", "content": "", "creation_timestamp": "2026-04-15T02:47:52.213831Z"}, {"uuid": "495492d6-c829-4cf1-9f20-677f3b879611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mjizhayss22q", "content": "", "creation_timestamp": "2026-04-15T04:07:25.465411Z"}, {"uuid": "a9ca232a-1903-49fc-8976-85109f589dd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mjizqbqp62ca", "content": "", "creation_timestamp": "2026-04-15T04:12:39.357979Z"}, {"uuid": "9af89308-e09c-48c7-b1be-aafcfd06ccc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/microsoft-monthly-security-update-april-2026", "content": "", "creation_timestamp": "2026-04-14T18:00:00.000000Z"}, {"uuid": "b65dc3b6-313d-4637-9575-813c26629100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://www.jpcert.or.jp/english/at/2026/at260010.html", "content": "", "creation_timestamp": "2026-04-14T19:53:00.000000Z"}, {"uuid": "1f1f4834-5fc2-46ac-8ee3-abb6241f66ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/pwrdbyrog.bsky.social/post/3mjuew4ipi22p", "content": "", "creation_timestamp": "2026-04-19T16:31:57.401783Z"}, {"uuid": "59e0ae7f-5b5c-4239-b8f8-6547eb04ca57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/116414041626933227", "content": "", "creation_timestamp": "2026-04-16T11:01:45.568197Z"}, {"uuid": "d8f4a367-8949-48b4-8f74-d437acf1179f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlhie2p", "content": "", "creation_timestamp": "2026-04-16T14:28:38.431896Z"}, {"uuid": "3f56f6ee-5782-4635-9303-9b0ea4cdb867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlqbm2p", "content": "", "creation_timestamp": "2026-04-16T14:28:39.027031Z"}, {"uuid": "4c9a97ae-8a21-4992-b0ed-2cf9ec044314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlt7e2p", "content": "", "creation_timestamp": "2026-04-16T14:28:39.645213Z"}, {"uuid": "b3be7869-1a84-4e57-bbbd-9d9f6b2e3365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlu6m2p", "content": "", "creation_timestamp": "2026-04-16T14:28:40.248545Z"}, {"uuid": "6c21bc83-58ec-4f75-ab91-2eb625e58701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlv5u2p", "content": "", "creation_timestamp": "2026-04-16T14:28:40.927397Z"}, {"uuid": "c66e6e0f-715b-4603-b12a-857303fa4b9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlw542p", "content": "", "creation_timestamp": "2026-04-16T14:28:41.592760Z"}, {"uuid": "8b326368-3ad3-4a77-ae4b-d56dfacf30a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlx4e2p", "content": "", "creation_timestamp": "2026-04-16T14:28:42.216553Z"}, {"uuid": "01f81109-f2d5-4c56-a424-70ba70115bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxm2242p", "content": "", "creation_timestamp": "2026-04-16T14:28:42.813678Z"}, {"uuid": "0f09217f-8236-44d5-8ad2-2087cab7ba34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxm2ze2p", "content": "", "creation_timestamp": "2026-04-16T14:28:43.425389Z"}, {"uuid": "ecb1a71e-02f0-4b42-8e36-240dac898137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mjsfoscqqs2k", "content": "", "creation_timestamp": "2026-04-18T21:40:22.152744Z"}, {"uuid": "d8a5eb4e-186e-4034-8ae2-a41920673731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mjsir7juhk2k", "content": "", "creation_timestamp": "2026-04-18T22:35:26.657584Z"}, {"uuid": "64b3bd53-5686-452c-a570-dee575557769", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mjstko5cgk2k", "content": "", "creation_timestamp": "2026-04-19T01:48:37.479509Z"}, {"uuid": "f45d3377-6c54-49a9-84b8-9586d13501e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mjsvtyenpn2x", "content": "", "creation_timestamp": "2026-04-19T02:29:35.472017Z"}, {"uuid": "91f197da-1309-41c5-9a91-7fdb777842fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mjtfunugcq27", "content": "", "creation_timestamp": "2026-04-19T07:16:17.826988Z"}, {"uuid": "d5767f90-65ae-4c3c-94e6-df10daf8a4a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mk2ha7xm7v2g", "content": "", "creation_timestamp": "2026-04-22T02:29:17.941328Z"}, {"uuid": "a072679b-cd71-413c-9ad7-d850dfef44bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjwoc5akt22l", "content": "", "creation_timestamp": "2026-04-20T14:25:00.398385Z"}, {"uuid": "77bf6310-26c3-42ef-8344-3a9568b24f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjwoc5awk22l", "content": "", "creation_timestamp": "2026-04-20T14:25:01.534861Z"}, {"uuid": "f3097787-8d87-45dc-9193-1633bd63a737", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjwoc5axjc2l", "content": "", "creation_timestamp": "2026-04-20T14:25:02.695411Z"}, {"uuid": "f843937f-6d7e-4fea-9210-1ee70d635e27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjwoc5ayik2l", "content": "", "creation_timestamp": "2026-04-20T14:25:03.655700Z"}, {"uuid": "eed8ee79-75c2-4fbd-9db4-ad1b4c28dcc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjwoc5azhs2l", "content": "", "creation_timestamp": "2026-04-20T14:25:04.664192Z"}, {"uuid": "b9761b44-5832-4593-b803-44f5a546fa94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjwoc5b3gc2l", "content": "", "creation_timestamp": "2026-04-20T14:25:05.679320Z"}, {"uuid": "394003a4-f1e9-43a5-b6c1-9b63d38de7d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjwoc5b4fk2l", "content": "", "creation_timestamp": "2026-04-20T14:25:07.870905Z"}, {"uuid": "ac103f10-b973-4ef9-a24f-6b41980478b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjwoc5b6e22l", "content": "", "creation_timestamp": "2026-04-20T14:25:08.829033Z"}, {"uuid": "661675db-9cbc-445b-8ed5-b8f1a0560c0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjwoc5b6e32l", "content": "", "creation_timestamp": "2026-04-20T14:25:09.789931Z"}, {"uuid": "5adb36e5-5496-4618-9ee8-47d1c2a805a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mjqkr2jhsw24", "content": "", "creation_timestamp": "2026-04-18T04:05:46.049881Z"}, {"uuid": "ec48c942-6f48-49c7-9ab5-f17e1bb76fc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/116447009747894003", "content": "", "creation_timestamp": "2026-04-22T06:45:59.074380Z"}, {"uuid": "7c5acc12-9b48-4ce9-bfa4-17e033f7ed83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/e-kiledjian.bsky.social/post/3mk2vmcmryk2k", "content": "", "creation_timestamp": "2026-04-22T06:46:39.781693Z"}, {"uuid": "0c941597-3d37-4941-abf6-719bfb47cd6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://threatintel.cc/2026/04/22/microsoft-sharepoint-servers-at-risk.html", "content": "", "creation_timestamp": "2026-04-22T04:46:09.000000Z"}, {"uuid": "b36b18e7-d5d0-4963-9fec-ed81c840b78d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32201", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mk3c4kubpn22", "content": "", "creation_timestamp": "2026-04-22T10:30:25.961896Z"}, {"uuid": "6bcc2be4-7233-4524-b864-afc0551c5001", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mk6fgor5ex2n", "content": "", "creation_timestamp": "2026-04-23T16:07:54.348441Z"}, {"uuid": "60b170a2-e4cc-48b9-b501-a1c749f78f85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/christinaayiotis.bsky.social/post/3mk42um7z422f", "content": "", "creation_timestamp": "2026-04-22T17:53:24.468275Z"}, {"uuid": "71157e07-6360-43fc-a5b3-16ba5604467f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3mk4bab72dv2z", "content": "", "creation_timestamp": "2026-04-22T19:47:17.430891Z"}, {"uuid": "55eee34a-8dc4-48a1-bca0-ec764489cde2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/intel.overresearched.net/post/3mk4g3vlxnk2q", "content": "", "creation_timestamp": "2026-04-22T21:14:19.404623Z"}, {"uuid": "cd85f181-04c3-459b-a358-dae34acbf069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mk4huqwy3c2x", "content": "", "creation_timestamp": "2026-04-22T21:46:06.574966Z"}, {"uuid": "2c897ca3-db21-4ea3-82d5-6d3f530ea470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mk4xpkgxex2u", "content": "", "creation_timestamp": "2026-04-23T02:29:31.692988Z"}, {"uuid": "cff02d67-0f1e-4c6d-b0f7-4bb53fb73641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mk3cxetudm2s", "content": "", "creation_timestamp": "2026-04-22T10:45:25.614452Z"}, {"uuid": "58550f54-cb80-4fdd-8822-30aef6340cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32201", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mk3hb6bf4q27", "content": "", "creation_timestamp": "2026-04-22T12:02:29.113767Z"}, {"uuid": "0b89c27f-4ade-4703-b8db-3fa1adbf43cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32203", "type": "seen", "source": "Telegram/lxUamZdi97Dy_Nq5TRyTu8yHzg5m0OA9NEDZ_QYhOLIL2IQ", "content": "", "creation_timestamp": "2026-04-14T20:15:39.000000Z"}, {"uuid": "e675d89c-77ad-4ab5-bb33-20e3dc6b0315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/cerberusit.bsky.social/post/3mk5valrh2v2h", "content": "", "creation_timestamp": "2026-04-23T11:18:01.453126Z"}, {"uuid": "7f214cd5-6813-492f-8944-6103c47ec5a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mknetqgrzj2b", "content": "Microsoft confirms active exploitation of Windows Shell vulnerability CVE-2026-32202. Users urged to update systems promptly. #CyberSecurity #WindowsUpdate #CVE202632202 Link: thedailytechfeed.com/microsoft-wa...", "creation_timestamp": "2026-04-29T15:07:06.768226Z"}, {"uuid": "684d7642-7705-43f1-a103-69f2b7dce6f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mkmvlbknz52l", "content": "Microsoft confirmed active exploitation of Windows Shell vulnerability CVE-2026-32202, a spoofing flaw (CVSS score: 4.3) allowing unauthorized access to sensitive information.", "creation_timestamp": "2026-04-29T10:33:56.335167Z"}, {"uuid": "5f46cd86-b604-4459-ba40-593f3d3dee20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/intel.overresearched.net/post/3mk6ue2g2lc2q", "content": "", "creation_timestamp": "2026-04-23T20:34:44.981634Z"}, {"uuid": "9174c9e2-c31e-4d6d-bcce-723207b63b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mk7i6drwho2g", "content": "", "creation_timestamp": "2026-04-24T02:29:28.200348Z"}, {"uuid": "93f8cd6c-837a-41c4-8be0-867457d1f074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/780thmibdecyber.bsky.social/post/3mkam3ilnxc2s", "content": "", "creation_timestamp": "2026-04-24T13:12:06.243548Z"}, {"uuid": "66869081-c234-4129-acb5-2e95a32a8086", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkj4g4vfpc2p", "content": "", "creation_timestamp": "2026-04-27T22:25:41.371540Z"}, {"uuid": "de8bba29-82e9-4784-8bea-47cf21a48ed7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mkmvkjlcds27", "content": "CISA, Microsoft warn of active exploitation of Windows Shell vulnerability (CVE-2026-32202)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/04/29/w...\n\n#cybersecurity #cybersecuritynews #vulnerability #Windows #WindowsServer", "creation_timestamp": "2026-04-29T10:33:34.269650Z"}, {"uuid": "03bfb120-251d-4efc-987b-a717b9619b95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "Telegram/Tvot5OYi7yS2K_ThF7C2BDw9T022EfvaqUn2cmq-a5YoKw", "content": "", "creation_timestamp": "2026-04-28T08:18:06.000000Z"}, {"uuid": "33b29d5c-417e-426c-9c99-1eab11cedc26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mkmwavyscf2g", "content": "CISA\u3001Microsoft\u304c Windows Shell\u8106\u5f31\u6027\uff08CVE-2026-32202\uff09\u306e\u7a4d\u6975\u7684\u306a\u60aa\u7528\u3092\u8b66\u544a\n\nCISA \u3068 Microsoft \u306e\u8b66\u544a\u306b\u3088\u308b\u3068\u3001\u653b\u6483\u8005\u306f\u88ab\u5bb3\u8005\u306e\u30b7\u30b9\u30c6\u30e0\u304c\u653b\u6483\u8005\u306e\u30b5\u30fc\u30d0\u30fc\u306b\u8a8d\u8a3c\u3055\u305b\u308b\u3053\u3068\u306b\u3064\u306a\u304c\u308b\u30bc\u30ed\u30af\u30ea\u30c3\u30af Windows Shell \u30b9\u30d7\u30fc\u30d5\u30a3\u30f3\u30b0\u8106\u5f31\u6027\u3067\u3042\u308b CVE-2026-32202 \u3092\u60aa\u7528\u3057\u3066\u3044\u307e\u3059\u3002 CVE-2026-32202 \u306b\u3064\u3044\u3066 CVE-2026-32202 \u306f CVE", "creation_timestamp": "2026-04-29T10:46:04.672498Z"}, {"uuid": "d6563a7b-0828-4eb3-9fc5-c832e64e2aca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32202", "type": "seen", "source": "https://infosec.exchange/users/threatcodex/statuses/116478525307431969", "content": "", "creation_timestamp": "2026-04-27T20:20:49.105802Z"}, {"uuid": "ad2f5107-e4b2-41e4-8c03-9882f75719e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkj3mdwf3p2e", "content": "", "creation_timestamp": "2026-04-27T22:11:31.251377Z"}, {"uuid": "76bdc7b0-977d-4094-a264-9afce6df6014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkj42s2css2s", "content": "", "creation_timestamp": "2026-04-27T22:19:19.990268Z"}, {"uuid": "2d867b5c-2e67-4c1b-8219-00ebccfa1e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkjba4xv2z23", "content": "", "creation_timestamp": "2026-04-27T23:51:48.569877Z"}, {"uuid": "279c5211-f5fa-4aac-8714-ea64d8df4760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mkjz4bnwqmy2", "content": "", "creation_timestamp": "2026-04-28T06:59:15.098379Z"}, {"uuid": "67f89cc7-803c-4d2e-8800-8dbebab46a2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkjavpzjmq2j", "content": "", "creation_timestamp": "2026-04-27T23:45:59.108331Z"}, {"uuid": "bef008f3-1d74-4233-925f-3e260907c99e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkjfndc3ub23", "content": "", "creation_timestamp": "2026-04-28T01:10:46.366962Z"}, {"uuid": "13bd9ea9-eb42-4be4-9858-764dbc384693", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/softfantw.eurosky.social/post/3mkjwztborc2v", "content": "", "creation_timestamp": "2026-04-28T06:21:59.396186Z"}, {"uuid": "378c6220-4ca9-4aa1-9548-47b575dd63e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mkjxf43qxky2", "content": "", "creation_timestamp": "2026-04-28T06:28:20.149246Z"}, {"uuid": "47d2c44e-1dad-42cb-9dd1-470e332ab5b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mkej4m65mr2x", "content": "", "creation_timestamp": "2026-04-26T02:29:41.356767Z"}, {"uuid": "f5e82af5-7e52-4035-8b84-eadc0e442021", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mkn5r6q3sw2a", "content": "CISA mandates federal agencies to patch a Windows zero-click vulnerability CVE-2026-32202 by May 12 under BOD 22-01. The flaw connects to APT28 and follows an incomplete Microsoft fix for CVE-2026-21510. #CVE2026 #APT28 #USA", "creation_timestamp": "2026-04-29T13:00:24.386313Z"}, {"uuid": "36bcbe2c-532e-4e39-be6a-65abb5957fff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mkdwuku2wy2z", "content": "", "creation_timestamp": "2026-04-25T21:03:17.302208Z"}, {"uuid": "4a2b66df-2769-4992-9041-1478ba10ccf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3mkmxvjcydc27", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202\nthehackernews.com/2026/04/micr...", "creation_timestamp": "2026-04-29T11:15:30.856319Z"}, {"uuid": "929aeb05-cf81-4f56-8f5c-99fe62676203", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mkmxvm2bwn2d", "content": "CISA and Microsoft confirm active exploitation of CVE-2026-32202, a Windows Shell flaw causing automatic NTLM authentication leaks via malicious LNK icons. Linked to APT28 and incomplete patch fixes. #CVE202632202 #WindowsVulnerabilities #USA", "creation_timestamp": "2026-04-29T11:15:29.978999Z"}, {"uuid": "e0bbced8-3691-4560-a811-8b5ba4c63dc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mkjzmdjso52m", "content": "", "creation_timestamp": "2026-04-28T07:08:07.912469Z"}, {"uuid": "79c5ea44-8c8d-4fc8-bde1-f0541345f492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6362878", "content": "", "creation_timestamp": "2026-04-28T19:43:20.754264Z"}, {"uuid": "c5c7b006-3bfa-4688-9d13-27c10c3d90fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://thehackernews.com/2026/04/microsoft-confirms-active-exploitation.html", "content": "", "creation_timestamp": "2026-04-28T03:50:00.000000Z"}, {"uuid": "b281c245-e9ba-48df-a227-4fa9ad44a90e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mklezkhghy2z", "content": "", "creation_timestamp": "2026-04-28T20:05:01.838653Z"}, {"uuid": "0cd09444-0798-43bd-9c53-a8a37a6ee171", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://gist.github.com/agrajag9/7848d911eecc12863c758c3f737c5ec3", "content": "", "creation_timestamp": "2026-04-28T12:44:43.000000Z"}, {"uuid": "587da0d8-a214-43f2-806d-51fd6542cc40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/cwealthsentinel.bsky.social/post/3mklfncedyb2b", "content": "", "creation_timestamp": "2026-04-28T20:16:05.202401Z"}, {"uuid": "3e12cb4f-effd-40ee-a56b-d8fe1ca77a76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.info.ve/post/3mkkoxamnf22t", "content": "", "creation_timestamp": "2026-04-28T13:30:00.957004Z"}, {"uuid": "3a7970ef-4309-46e6-9a11-6e84a4d909df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxms4xk2c", "content": "", "creation_timestamp": "2026-04-28T14:41:50.443976Z"}, {"uuid": "bd1050eb-0ab8-4f75-a8d8-0792af03f59a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmsiok2c", "content": "", "creation_timestamp": "2026-04-28T14:41:50.975732Z"}, {"uuid": "6066c751-8be6-4031-9528-818c42255b75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmskn22c", "content": "", "creation_timestamp": "2026-04-28T14:41:52.015235Z"}, {"uuid": "4fa03894-7307-4e0a-bd28-bc0e5ab57a03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmslmc2c", "content": "", "creation_timestamp": "2026-04-28T14:41:52.562145Z"}, {"uuid": "155e6698-31fb-4732-8f9f-75ac26fbc42a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmslmd2c", "content": "", "creation_timestamp": "2026-04-28T14:41:53.114635Z"}, {"uuid": "51971af1-db0c-4b5d-aa8b-f7572289d6c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmsjns2c", "content": "", "creation_timestamp": "2026-04-28T14:41:51.505264Z"}, {"uuid": "ada705f6-6b25-4d73-97da-bbf87311751b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmsmll2c", "content": "", "creation_timestamp": "2026-04-28T14:41:53.636440Z"}, {"uuid": "0c61b331-3ed6-4c39-ab7a-d037d13d8bc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmsmlm2c", "content": "", "creation_timestamp": "2026-04-28T14:41:54.199041Z"}, {"uuid": "6f0ea458-bd6f-4136-a066-c922708f1605", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nz-nb.bsky.social/post/3mkmmyr5uwd2s", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202\n\nhttps://www.newsbeep.com/nz/402901/\n\nWhat happened Microsoft has revised its advisory for CVE-2026-32202, a Windows Shell spoofing vulnerability patched in April\u2019s Patch\u2026", "creation_timestamp": "2026-04-29T08:00:36.923868Z"}, {"uuid": "6c282225-dc03-4682-bba2-b38658122505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmsmln2c", "content": "", "creation_timestamp": "2026-04-28T14:41:54.705093Z"}, {"uuid": "2f801032-2710-4d1b-b060-d444af0bf873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-april-2026-monthly-rollup-av26-352", "content": "", "creation_timestamp": "2026-04-28T10:39:01.000000Z"}, {"uuid": "2c42c452-d72e-4702-95d1-837d5337ac61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://gist.github.com/stone776/352084b56e7483a447a98ea4be839686", "content": "", "creation_timestamp": "2026-04-29T08:29:26.000000Z"}, {"uuid": "66ab0e9a-64f3-41df-a5be-2ebd8bb53a87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/kaldata.bsky.social/post/3mkkrsnhh2k2z", "content": "", "creation_timestamp": "2026-04-28T14:21:09.878069Z"}, {"uuid": "dcf9b21d-85bc-43a8-8baa-bb641a405c71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/systemcenterdudes.com/post/3mkl5lxd4hm2t", "content": "", "creation_timestamp": "2026-04-28T17:52:09.623749Z"}, {"uuid": "71bea0bf-fdfa-4de1-b2aa-7cc3b2c68af7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/talalabbasi.com/post/3mkgjfxjiw224", "content": "", "creation_timestamp": "2026-04-26T21:40:18.914804Z"}, {"uuid": "e67fd377-37f5-4cf1-aee7-c46c7bdbacaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mklonvookm2w", "content": "", "creation_timestamp": "2026-04-28T22:57:28.719649Z"}, {"uuid": "8d0d5388-0863-4999-9767-c81c2445d409", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/ehcgroup.bsky.social/post/3mkl2occb7c2g", "content": "", "creation_timestamp": "2026-04-28T16:59:48.673209Z"}, {"uuid": "a329d7f6-cc4a-4eac-b394-e056d3323816", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fb193ad3-86de-4b69-906c-aed8cf08137f", "content": "", "creation_timestamp": "2026-04-28T18:00:01.978584Z"}, {"uuid": "5e41ecba-bd83-4f55-8243-f949e0d59374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32202", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mkmz4bpyq52h", "content": "\ud83d\udccc Active Exploitation of Zero-Click Windows Shell Spoofing Vulnerability CVE-2026-32202 https://www.cyberhub.blog/article/24951-active-exploitation-of-zero-click-windows-shell-spoofing-vulnerability-cve-2026-32202", "creation_timestamp": "2026-04-29T11:37:09.385303Z"}, {"uuid": "a2dffc82-291b-4f01-91e4-4554ff968602", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://www.cert.dk/news/2026-04-29/Microsoft-bekraefter-aktiv-udnyttelse-af-Windows-Shell-saarbarhed", "content": "", "creation_timestamp": "2026-04-28T08:14:56.000000Z"}, {"uuid": "2823ca58-4791-4a6b-8075-ae159425ec18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "published-proof-of-concept", "source": "Telegram/dzDW2h-886XV-6aRi3WJqtQJrVieQigoxoc1-2T9QA1v8VU", "content": "", "creation_timestamp": "2026-04-23T03:00:06.000000Z"}, {"uuid": "08f292f1-dc65-4ab1-8692-4afca020667b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mkgzljmjvd2z", "content": "", "creation_timestamp": "2026-04-27T02:29:41.009918Z"}, {"uuid": "8c22549a-50a2-4756-b875-ec24c37dfd25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mklww2bgw22d", "content": "", "creation_timestamp": "2026-04-29T01:25:12.219290Z"}, {"uuid": "93a0d106-71cf-4006-980f-e78d027f9d74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/techstart.bsky.social/post/3mkmznbojgu25", "content": "CISA e Microsoft confirmam atividade envolvendo a CVE-2026-32202 no Windows Shell.\n\nA vulnerabilidade permite vazamento de credenciais atrav\u00e9s de conex\u00f5es SMB autom\u00e1ticas.", "creation_timestamp": "2026-04-29T11:46:38.392757Z"}, {"uuid": "ff7e92a6-8879-4e7f-9109-4de86576b200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32202", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mkncs6pcr22k", "content": "\ud83d\udce2 CVE-2026-32202 : faille Windows Shell activement exploit\u00e9e, li\u00e9e \u00e0 APT28\n\ud83d\udcdd ## \ud83d\uddd3\ufe0f Contexte\n\nPubli\u00e9 le 28 avril 2026 par The Cyber Security Hub sur LinkedIn, cet article\u2026\nhttps://cyberveille.ch/posts/2026-04-29-cve-2026-32202-faille-windows-shell-activement-exploitee-liee-a-apt28/ #APT28 #Cyberveille", "creation_timestamp": "2026-04-29T14:30:26.540378Z"}, {"uuid": "5ab37b17-34f1-40ec-8b94-019b7f0a77d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32200", "type": "seen", "source": "Telegram/jmuDVL-scG0dskCQZ2-Nm16S8ppXJQ4lTcH-MRyz4d89NdI", "content": "", "creation_timestamp": "2026-04-14T20:15:28.000000Z"}, {"uuid": "fd37d798-3815-4ac2-8a98-8c30f9286733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32200", "type": "seen", "source": "Telegram/lxUamZdi97Dy_Nq5TRyTu8yHzg5m0OA9NEDZ_QYhOLIL2IQ", "content": "", "creation_timestamp": "2026-04-14T20:15:39.000000Z"}, {"uuid": "68cf4e5c-209c-4344-8c6a-55af3d992050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsqou2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:22.195106Z"}, {"uuid": "e36dc2e7-6a40-483d-b100-72c0fdbd4d90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsa3k2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:14.534923Z"}, {"uuid": "ecc89be3-8c68-4745-a49b-e0392e97acab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsppl2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:19.995237Z"}, {"uuid": "3cf47a45-cc1e-456f-8bbf-82992eda2387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsnr22r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:16.744816Z"}, {"uuid": "6428223c-79f3-482a-9d86-3e5672bed1d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsoqc2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:17.914676Z"}, {"uuid": "f0103b6a-d6c8-4457-847c-5d5e35e8b315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsro42r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:23.290441Z"}, {"uuid": "2460d411-ba8e-44a6-b207-4b0e59a5532c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsqot2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:21.016855Z"}, {"uuid": "82a6f120-db18-4cdd-83a7-ce87abd9cf9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsoqd2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:18.921997Z"}, {"uuid": "ea522a98-6a53-49c8-9e87-7b94a931fd6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsmrs2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:15.620705Z"}, {"uuid": "e119eca5-32ae-4d37-9e4e-bd07125e0933", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/truthphoenix.bsky.social/post/3mkngj4mr522r", "content": "Windows zero-day CVE-2026-32202 confirmed as exploited\n\nwww.notebookcheck.net/Windows-zero...", "creation_timestamp": "2026-04-29T15:36:28.280002Z"}, {"uuid": "c9d5c6dc-f0ad-4755-99a3-13a0f0b9b5e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mknfmqa67d2v", "content": "Critical 0-click vulnerability CVE-2026-32202 exploited by APT28 to bypass Windows Defender SmartScreen. Immediate patching recommended! #CyberSecurity #WindowsVulnerability #APT28 Link: thedailytechfeed.com/russian-apt2...", "creation_timestamp": "2026-04-29T15:21:06.573399Z"}, {"uuid": "ff1fc86d-c872-44a2-9ac6-8cb0e7e95b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://www.cert.se/2026/04/cert-se-veckobrev-v18.html", "content": "", "creation_timestamp": "2026-04-30T03:15:00.000000Z"}, {"uuid": "1d16dfb0-e097-4b15-a717-56e08ed741a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116489040501970504", "content": "Broadcom has a new advisory for a critical vulnerability:\nESM Microservice 15.0 Vulnerability in Apache Tomcat https://support.broadcom.com/web/ecx/security-advisory #Broadcom #ApacheTomCat ---\nCisco has tagged the Internet Systems Consortium and wolfSSL for zero-day reports https://talosintelligence.com/vulnerability_info @TalosSecurity #zeroday ---\nFrom yesterday:\nCISA added two vulnerabilities to the KEV catalogue:\n-  CVE-2026-32202: Microsoft Windows Protection Mechanism Failure Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-32202\n-  CVE-2024-1708: ConnectWise ScreenConnect Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-1708 \n- Also, one industrial vulnerability https://www.cisa.gov/news-events/ics-advisories/icsa-26-118-01 #CISA #Microsoft #vulnerability #infosec", "creation_timestamp": "2026-04-29T16:54:57.785565Z"}, {"uuid": "57be2eea-1a88-45e7-9d47-aeada9672805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mknype64hf2m", "content": "CVE-2026-32202 has confirmed exploit code according to the following sources: cisa kev, vulncheck kev.", "creation_timestamp": "2026-04-29T21:02:34.545647Z"}, {"uuid": "72baccea-41e1-4e33-8430-f616bf901d21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://gist.github.com/stone776/a5ecb7cf46b544643a300a5546edc285", "content": "", "creation_timestamp": "2026-04-30T08:32:14.000000Z"}, {"uuid": "b278cefe-9bee-408d-b2e3-6ee063ed21fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sctocs.bsky.social/post/3mknq7fet4s2t", "content": "CVE-2026-32202 is now actively exploited in the wild, according to Microsoft.\n\nThe Windows Shell flaw enables spoofing attacks and can expose NTLM hashes through automatic SMB authentication, creating a pathway for credential theft.\n\n sctocs.com/windows-shel...", "creation_timestamp": "2026-04-29T18:30:43.257572Z"}, {"uuid": "2294b7c5-95e5-43f5-a8c9-3cb000d55479", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/lordman1982.bsky.social/post/3mknrw7npix2w", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202\nthehackernews.com/2026/04/micr...", "creation_timestamp": "2026-04-29T19:01:08.188611Z"}, {"uuid": "b1a44681-66dc-4c6e-9dd1-be37e84d684d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mkntg74bmf2s", "content": "Attackers exploit a zero-click Windows flaw, CVE-2026-32202, exposing sensitive information on vulnerable systems.\n", "creation_timestamp": "2026-04-29T19:27:58.206708Z"}, {"uuid": "3c8cf9fc-98d4-41ff-b0c8-edf0b6040a72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwxrcs2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:12:55.543790Z"}, {"uuid": "f781e6cc-3e4e-42ee-922e-fa48d2d188ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mko47gog7527", "content": "\ud83d\udd12 CVE-2026-32202: Windows Shell Spoofing Vulnerability\n\nA Windows Shell spoofing vulnerability has been identified and tracked as CVE-2026-32202. This security flaw impacts the Windows oper...\n\nhttps://is.gd/fXSbjK #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-04-29T22:05:14.720040Z"}, {"uuid": "be39d162-20d0-4d2b-9fbc-0b8d732347b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mkoelejavx2n", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u60272\u4ef6\u3092\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCISA Adds Two Known Exploited Vulnerabilities to Catalog  #CISA (Apr 28)\n\nCVE-2024-1708  ConnectWise ScreenConnect \u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\nCVE-2026-32202  Microsoft Windows\u4fdd\u8b77\u30e1\u30ab\u30cb\u30ba\u30e0\u306e\u4e0d\u5177\u5408\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-04-30T00:35:05.374901Z"}, {"uuid": "6882cd38-dd5c-4c91-bf48-b001a6cf5770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mkoevr4dyq2e", "content": "CISA\u3068\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u306f\u3001Windows\u30b7\u30a7\u30eb\u8106\u5f31\u6027\uff08CVE-2026-32202\uff09\u306e\u60aa\u7528\u304c\u6d3b\u767a\u306b\u884c\u308f\u308c\u3066\u3044\u308b\u3068\u8b66\u544a\u3057\u305f \n\nCISA, Microsoft warn of active exploitation of Windows Shell vulnerability (CVE-2026-32202)  #HelpNetSecurity (Apr 29)\n\nwww.helpnetsecurity.com/2026/04/29/w...", "creation_timestamp": "2026-04-30T00:40:53.765180Z"}, {"uuid": "71fb3f6d-9572-4d7a-ba4d-f97ea90045a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwy6yc2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:02.549931Z"}, {"uuid": "6d9e0c45-3116-440f-a21c-995125e2d0e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwy7xk2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:04.430249Z"}, {"uuid": "9c1b929e-35fd-4ec3-ac1c-badd41435030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwybw32q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:07.958589Z"}, {"uuid": "d2810366-0fde-4bba-939c-529d9b5c9594", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwyetu2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:11.436499Z"}, {"uuid": "66f8242b-7cce-4c6d-81cf-78d4fd365370", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwybw22q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:06.106085Z"}, {"uuid": "74207d65-44eb-4edb-b6ba-a747a7080dee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwybw42q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:09.783000Z"}, {"uuid": "424ad12e-3deb-44f7-8d5a-c24a5bfbed9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mkr46gbkis2e", "content": "CISA Adds Two Known Exploited Vulnerabilities to Catalog\nRelease Date April 28, 2026\n\nCVE-2024-1708 ConnectWise ScreenConnect Path Traversal Vulnerability\nCVE-2026-32202 Microsoft Windows Protection Mechanism Failure Vulnerability", "creation_timestamp": "2026-05-01T02:42:40.468838Z"}, {"uuid": "96bcf239-d36b-4a75-bef1-527cfd8e7e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwy33c2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:12:57.276304Z"}, {"uuid": "65c11810-d222-4636-84c4-7759006d58d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwy42k2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:12:59.183142Z"}, {"uuid": "cd6d9f2a-94f5-45a8-a9e8-51ee899c1cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwy4zs2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:00.862942Z"}, {"uuid": "d6b14737-f170-416b-8398-8501e737fb38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://t.me/itarmyofrussianews/377", "content": "CVE-2026-21510\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Akamai \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-21510 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows, \u0432 \u043d\u0435\u0439 \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u043b\u0441\u044f \u0441\u043a\u0440\u044b\u0442\u044b\u0439 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440 \u0436\u0435\u0440\u0442\u0432\u044b \u0441\u0430\u043c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c\u0441\u044f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430. \u041d\u043e\u0432\u044b\u0439 \u0434\u0435\u0444\u0435\u043a\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043d\u043e\u043c\u0435\u0440 CVE-2026-32202. \u0410\u0442\u0430\u043a\u0430 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043f\u0430\u043f\u043a\u0443 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u043e\u043c.\n\n\u0423\u0441\u0442\u0440\u0430\u043d\u0438\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 APT28(FancyBear), \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430, \u043d\u043e \u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0434\u0440\u0443\u0433\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0432\u044b\u043c\u0430\u043d\u0438\u0432\u0430\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0431\u0435\u0437 \u0435\u0434\u0438\u043d\u043e\u0433\u043e \u043a\u043b\u0438\u043a\u0430.\n\n\u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 Fancy Bear, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432 \u043a\u043e\u043d\u0446\u0435 2025 \u0433\u043e\u0434\u0430 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0430 \u0440\u044f\u0434 \u0441\u0442\u0440\u0430\u043d \u0432 \u0415\u0432\u0440\u043e\u043f\u0435, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u044f\u0440\u043b\u044b\u043a\u0438 Windows. \u0422\u0430\u043a\u0438\u0435 \u0444\u0430\u0439\u043b\u044b \u0441 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c LNK \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b\u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2026-21513 \u0438 CVE-2026-21510. \u0427\u0435\u0440\u0435\u0437 \u043d\u0438\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043e\u0431\u0445\u043e\u0434\u0438\u043b\u0438 \u0437\u0430\u0449\u0438\u0442\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430.\n\n\u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043f\u0430\u043f\u043a\u0443 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u044f\u0440\u043b\u044b\u043a\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u043e\u0432\u043e\u0434\u043d\u0438\u043a \u043f\u043e\u043f\u044b\u0442\u0430\u043b\u0441\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0435\u0433\u043e \u0437\u043d\u0430\u0447\u043e\u043a. \u0412 \u044d\u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 Windows \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u043a \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443.\n\n\u041d\u0430\u0448\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u044b: \n\u041a\u0430\u043d\u0430\u043b \u0444\u043e\u0440\u0443\u043c\u0430: T.ME/XSSF_FORUM\n\u041d\u0430\u0448 \u043a\u0430\u043d\u0430\u043b: T.ME/ITARMYOFRUSSIANEWS", "creation_timestamp": "2026-05-02T11:29:59.000000Z"}, {"uuid": "e07f02d9-94bf-48c0-9065-d41eb81fecc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32202", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mks224uocf2q", "content": "\ud83d\udccc Microsoft Confirms Active Exploitation of CVE-2026-32202 Credential Theft Vulnerability in Windows https://www.cyberhub.blog/article/25150-microsoft-confirms-active-exploitation-of-cve-2026-32202-credential-theft-vulnerability-in-windows", "creation_timestamp": "2026-05-01T11:37:09.286294Z"}, {"uuid": "ee7f1497-c730-48c2-b9fc-570d991ded9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mkyvou5gcj2p", "content": "Microsoft patched the SharePoint zero-day CVE-2026-32201 in April - no login, no user interaction required to exploit. CISA required federal agencies to remediate by April 28. One week after that deadline, over 1,300 SharePoint servers are still publicly exposed.", "creation_timestamp": "2026-05-04T05:07:53.062408Z"}, {"uuid": "62a45243-0215-479d-8510-835739549570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3mkqv5pvylh2v", "content": "[RSS] A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202\n\n\n www.akamai.com -> \n\n\nOriginal->", "creation_timestamp": "2026-05-01T00:37:00.267177Z"}, {"uuid": "6425196d-59bf-41ca-9eba-3ea70098cff0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32207", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlcdjiw4jr2w", "content": "\ud83d\udfe0 CVE-2026-32207 - High (8.8)\n\nImproper neutralization of input during web page generation ('cross-site scripting') in Azure Mac...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-32207/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-07T23:09:23.678963Z"}, {"uuid": "c942066a-ad1e-4662-8048-ce5364165df1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://t.me/kasperskyb2b/2158", "content": "\ud83d\udc40 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udfe2\u0412 \u0430\u0442\u0430\u043a\u0430\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 Silver Fox \u043d\u0430 \u043e\u0440\u0433\u0430\u043d\u0437\u0438\u0430\u0446\u0438\u0438 \u0432 \u0420\u0424 \u0438 \u0432 \u0418\u043d\u0434\u0438\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u043d\u043e\u0432\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 ABCDoor. \u0420\u0435\u0442\u0440\u043e\u0441\u043f\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c 7 \u0432\u0435\u0440\u0441\u0438\u0439 \u0412\u041f\u041e, \u043f\u0435\u0440\u0432\u0430\u044f \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0434\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0430\u0436 2024 \u0433\u043e\u0434\u043e\u043c, \u043d\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u0435 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u0441\u044f \u043f\u043e \u0441\u0435\u0439 \u0434\u0435\u043d\u044c. \u041d\u0430\u0447\u0438\u043d\u0430\u044e\u0442\u0441\u044f \u0430\u0442\u0430\u043a\u0438 \u0441 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u043d\u0430\u043b\u043e\u0433\u043e\u0432\u043e\u0439 \u0442\u0435\u043c\u0430\u0442\u0438\u043a\u0438. \n\n\ud83d\udfe3\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2026-31431 (CopyFail), \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0449\u0435\u0439 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0443 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0431\u043e\u0440\u043e\u043a Linux. \u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430 \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u044b\u0445 \u0441\u0440\u0435\u0434:  Docker, LXC \u0438 Kubernetes.\n\n\ud83d\udd35\u0412 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u0435 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 npm \u0431\u0443\u0448\u0443\u0435\u0442 \u044d\u043f\u0438\u0434\u0435\u043c\u0438\u044f Mini Shai-Hulud: \u0447\u0435\u0440\u0432\u044c \u043f\u043e\u0440\u0430\u0437\u0438\u043b \u043f\u0430\u043a\u0435\u0442\u044b SAP \u0438 intercom. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0442\u0435 \u0436\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043f\u0430\u043a\u0435\u0442\u044b lightning \u0432 PyPi. TTPs \u043f\u043e\u0445\u043e\u0436\u0438 \u043d\u0430 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0443 TeamPCP.\n\n\ud83d\udfe3\u0413\u0440\u0443\u043f\u043f\u0430 HeartlessSoul, \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u0430\u044f \u043e\u0441\u0435\u043d\u044c\u044e 2025 \u0433\u043e\u0434\u0430, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0430\u0432\u0438\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0438 \u0432 \u0447\u0438\u0441\u043b\u0435 \u043f\u043e\u0445\u0438\u0449\u0430\u0435\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u0435\u043b\u0430\u0435\u0442 \u043e\u0441\u043e\u0431\u044b\u0439 \u0430\u043a\u0446\u0435\u043d\u0442 \u043d\u0430 \u0444\u0430\u0439\u043b\u044b \u0433\u0435\u043e\u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c. \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u0435\u043d \u043f\u043e\u0434\u0445\u043e\u0434 \u043a \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e: \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0440\u0435\u043a\u043b\u0430\u043c\u0438\u0440\u0443\u0435\u0442 \u0441\u0430\u0439\u0442\u044b-\u0444\u0430\u043b\u044c\u0448\u0438\u0432\u043a\u0438 \u0441 \u0442\u0440\u043e\u044f\u043d\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u041f\u041e \u0434\u043b\u044f \u0430\u0432\u0438\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\ud83d\udfe3\u0412\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438 \u0442\u043e\u0436\u0435 \u0432\u043e\u043b\u043d\u0443\u044e\u0442\u0441\u044f \u043e \u043f\u043e\u0441\u0442\u043a\u0432\u0430\u043d\u0442\u043e\u0432\u043e\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0438 \u2014 \u043d\u043e\u0432\u044b\u0439 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a Kyber \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0432 \u0441\u0432\u043e\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u0435 \u0433\u0438\u0431\u0440\u0438\u0434\u043d\u044b\u0439 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c \u0441 \u041f\u041a\u0428.\n\n\ud83d\udd35\u041e\u0433\u0440\u043e\u043c\u043d\u044b\u0439 150-\u0441\u0442\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0439 \u043e\u0442\u0447\u0435\u0442 \u043e \u0441\u043b\u043e\u0436\u043d\u043e\u043c \u0412\u041f\u041e EasterBunny (pdf) \u0438 TTPs APT29/DarkHalo, \u0435\u0433\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0449\u0435\u0439. \u0421\u0440\u0435\u0434\u0438 \u043b\u044e\u0431\u043e\u043f\u044b\u0442\u043d\u044b\u0445 \u0434\u0435\u0442\u0430\u043b\u0435\u0439 \u2014 \u0436\u0451\u0441\u0442\u043a\u0430\u044f \u043f\u0440\u0438\u0432\u044f\u0437\u043a\u0430 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430 \u043a \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0443, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043d \u043d\u0430\u0446\u0435\u043b\u0435\u043d, \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445 \u043f\u0440\u043e\u0441\u0442\u043e \u043d\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u0441\u044f.\n\n\ud83d\udfe3\u041d\u043e\u0432\u044b\u0435 \u0440\u0430\u0437\u043d\u043e\u0432\u0438\u0434\u043d\u043e\u0441\u0442\u0438 ClickFix: \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043a\u043e\u043c\u0430\u043d\u0434 cmdkey \u0438 regsvr32 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0412\u041f\u041e.\n\n\ud83d\udd35\u0417\u0430\u043a\u0440\u044b\u0442\u0430\u044f \u0432 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u043e\u043c Patch Tuesday CVE-2026-32202, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0445\u044d\u0448\u0435\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u043c\u0435\u0447\u0435\u043d\u0430 \u043a\u0430\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f. \u0414\u0435\u0444\u0435\u043a\u0442 \u0432\u043e\u0437\u043d\u0438\u043a \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0444\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0437\u0438\u0440\u043e\u0434\u0435\u044f CVE-2026-21510.\n\n\ud83d\udfe3\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0430\u044f \u0438\u0441\u0442\u043e\u0440\u0438\u044f \u2014 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d \u0434\u043b\u044f WordPress \u0431\u044b\u043b \u0438\u0437\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d \u0438\u0437 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0435\u0449\u0435 \u0432 2020 \u0433\u043e\u0434\u0443, \u043d\u043e \u043e\u0431\u0437\u0430\u0432\u0451\u043b\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 2026. \n\n\ud83d\udd35\u0420\u0430\u0437\u0431\u043e\u0440 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u043f\u0430\u043c-\u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0441 \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u043e\u0439 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0445 SMS \u043e\u0431 \u043e\u043f\u043b\u0430\u0442\u0435 \u0434\u043e\u0440\u043e\u0436\u043d\u044b\u0445 \u043f\u043e\u0448\u043b\u0438\u043d \u0438 \u0448\u0442\u0440\u0430\u0444\u043e\u0432. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0436\u0435\u0440\u0442\u0432 \u0437\u0430\u043c\u0430\u043d\u0438\u0432\u0430\u044e\u0442 \u043d\u0430 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0435 \u043f\u043b\u0430\u0442\u0451\u0436\u043d\u044b\u0435 \u0441\u0430\u0439\u0442\u044b \u0438 \u0441\u0430\u0439\u0442\u044b, \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0412\u041f\u041e.\n\n\ud83d\udfe2\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41940 \u0432 \u043f\u0430\u043d\u0435\u043b\u044f\u0445 cPanel \u0438 WHM, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0441\u043a\u0438\u0435 \u043f\u0440\u0430\u0432\u0430 \u0431\u0435\u0437 \u0432\u0441\u044f\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0435\u0449\u0451 \u0434\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c cPanel, \u044d\u0442\u043e \u0432\u0435\u0441\u044c\u043c\u0430 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e \u2014 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u043d\u0443\u0436\u043d\u043e \u0432 \u0441\u0440\u043e\u0447\u043d\u043e\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u0435. \n\n\ud83d\udfe3\u041d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u043e\u0435 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u0433\u0435\u043e\u0433\u0440\u0430\u0444\u0438\u0438 \u0441\u043a\u0430\u043c-\u0446\u0435\u043d\u0442\u0440\u043e\u0432 (\u0438 \u0431\u043e\u0440\u044c\u0431\u044b \u0441 \u043d\u0438\u043c\u0438) \u2014 \u0434\u0435\u0432\u044f\u0442\u044c \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043e\u0444\u0438\u0441\u043e\u0432 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 \u0432 \u0414\u0443\u0431\u0430\u0435.\n\n#\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2026-05-04T09:44:28.000000Z"}, {"uuid": "01444aff-02d3-44da-b912-cfc5437f8aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3ml5su4t3d624", "content": "CISA warns of active exploitation of Windows Shell zero-day vulnerability CVE-2026-32202. Organizations urged to apply patches immediately. #CyberSecurity #WindowsVulnerability #CISAAlert Link: thedailytechfeed.com/critical-zer...", "creation_timestamp": "2026-05-06T04:00:27.690016Z"}, {"uuid": "b773bc31-17cf-43d8-9b27-62612d6dd878", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://t.me/codeby_sec/10098", "content": "Windows - \u0412 \u0421 \u0401!\n\n\ud83c\udf10 Microsoft \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2026-32202 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Windows Shell, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u0440\u0430\u0441\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0447\u0435\u0440\u0435\u0437 SMB-\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e. \u042d\u0442\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u043b\u0430 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2026-21510, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2026 \u0433\u043e\u0434\u0430.\n\n\ud83d\udd78 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043a\u043b\u0430\u0441\u0441\u0443 spoofing (CVSS 4.3), \u043d\u043e \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0438\u0441\u043a \u0432\u044b\u0448\u0435 \u0438\u0437-\u0437\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043b\u0430\u0442\u0435\u0440\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0432 \u0441\u0435\u0442\u0438. \u041f\u0440\u0438 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0435 \u043f\u0430\u043f\u043a\u0438 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c LNK-\u0444\u0430\u0439\u043b\u043e\u043c (\u044f\u0440\u043b\u044b\u043a\u043e\u043c) Windows Shell \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 UNC-\u043f\u0443\u0442\u044c \u0432 \u0444\u0430\u0439\u043b\u0435, \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u044f SMB-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 NTLMv2-\u0445\u0435\u0448 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0431\u0435\u0437 \u043a\u043b\u0438\u043a\u0430 \u0438\u043b\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0444\u0430\u0439\u043b\u0430 \u2014 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043f\u0430\u043f\u043a\u0443.\n\n\ud83e\uddff \u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e CVE-2026-21510 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0423\u043a\u0440\u0430\u0438\u043d\u0443 \u0438 \u0415\u0421 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2025 \u0433\u043e\u0434\u0430; \u0444\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u0438\u0439 \u043f\u0430\u0442\u0447 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043b RCE, \u043d\u043e \u043e\u0441\u0442\u0430\u0432\u0438\u043b \u0432\u0435\u043a\u0442\u043e\u0440 \u043a\u0440\u0430\u0436\u0438 credentials. \u041f\u043e\u043b\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u044b\u0448\u043b\u043e 14 \u0430\u043f\u0440\u0435\u043b\u044f 2026 \u0432 Patch Tuesday (KB5083769 \u0434\u043b\u044f Windows 11 24H2/25H2), \u043d\u043e Microsoft 27 \u0430\u043f\u0440\u0435\u043b\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0441\u0442\u0430\u0442\u0443\u0441, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0432 exploitation \u0432 wild. 28 \u0430\u043f\u0440\u0435\u043b\u044f CISA \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 CVE \u0432 KEV-\u043a\u0430\u0442\u0430\u043b\u043e\u0433.\n\n\u2197\ufe0f \u0412\u0435\u043a\u0442\u043e\u0440 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2026-32202 \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0438 UNC-\u043f\u0443\u0442\u0435\u0439 \u0432 Windows Shell \u043f\u0440\u0438 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0435 \u043f\u0430\u043f\u043a\u0438 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c LNK-\u0444\u0430\u0439\u043b\u043e\u043c (\u044f\u0440\u043b\u044b\u043a\u043e\u043c), \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 SMB-\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0431\u0435\u0437 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u0430. \u042d\u0442\u043e zero-click \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439: \u0436\u0435\u0440\u0442\u0432\u0435 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043f\u0430\u043f\u043a\u0443 \u0432 \u041f\u0440\u043e\u0432\u043e\u0434\u043d\u0438\u043a\u0435, \u0447\u0442\u043e\u0431\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043b\u0430 NTLM-\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0441\u0435\u0440\u0432\u0435\u0440: \n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0430\u0442\u0430\u043a\u0438: \n1\ufe0f\u20e3 \u0414\u043e\u0441\u0442\u0430\u0432\u043a\u0430 payload: \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u0435\u0442 LNK-\u0444\u0430\u0439\u043b \u0441 UNC-\u043f\u0443\u0442\u0451\u043c \u0432\u0438\u0434\u0430 \\\\server\\share\\file.lnk \u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u043f\u0430\u043f\u043a\u0435 \u2014 \u0447\u0435\u0440\u0435\u0437 email-\u0432\u043b\u043e\u0436\u0435\u043d\u0438\u0435, \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u0443\u044e \u0441\u0441\u044b\u043b\u043a\u0443 \u043d\u0430 SMB-\u0448\u0430\u0440 \u0438\u043b\u0438 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0440\u0435\u0441\u0443\u0440\u0441.\n2\ufe0f\u20e3 \u0410\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435: \u0416\u0435\u0440\u0442\u0432\u0430 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u0430\u043f\u043a\u0443 \u0432 \u041f\u0440\u043e\u0432\u043e\u0434\u043d\u0438\u043a\u0435; Windows Shell \u043f\u0430\u0440\u0441\u0438\u0442 LNK \u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0440\u0435\u0437\u043e\u043b\u0432\u0438\u0442 UNC-\u043f\u0443\u0442\u044c, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044f SMB-\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0441 server \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n3\ufe0f\u20e3 \u041a\u0440\u0430\u0436\u0430 NTLMv2-\u0445\u0435\u0448\u0430: \u0421\u0435\u0440\u0432\u0435\u0440 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0435\u0442 NTLMv2-\u0447\u0435\u043b\u043b\u0435\u043d\u0434\u0436/\u0440\u0435\u0441\u043f\u043e\u043d\u0441 (\u0445\u0435\u0448 \u043f\u0430\u0440\u043e\u043b\u044f), \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044f \u043a\u043b\u0438\u043a\u0430 \u043f\u043e \u0444\u0430\u0439\u043b\u0443 \u2014 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0437\u0430\u0449\u0438\u0442\u044b \u043d\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0432\u044b\u0437\u043e\u0432.\n4\ufe0f\u20e3 \u041f\u043e\u0441\u0442\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f: \u0425\u0435\u0448 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f relay-\u0430\u0442\u0430\u043a\u0438 (NTLM relay \u043d\u0430 DC \u0434\u043b\u044f DCSync \u0438\u043b\u0438 lateral movement), \u043e\u0444\u0444\u043b\u0430\u0439\u043d brute-force \u0438\u043b\u0438 Pass-the-Hash\n\n\u2b07\ufe0f \u041d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows KB5083769, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c SMBv1 \u0438 \u0441\u043f\u0440\u044f\u0442\u0430\u0442\u044c\u0441\u044f \u043f\u043e\u0434 \u043e\u0434\u0435\u044f\u043b\u043e  \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u0442\u044c UNC/LNK-\u0444\u0430\u0439\u043b\u044b \u0432 \u0441\u0435\u0442\u0435\u0432\u043e\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u0435\n\n#windows #cve #smb #lnk\n\n\ud83d\udd17 \u0412\u0441\u0435 \u043d\u0430\u0448\u0438 \u043a\u0430\u043d\u0430\u043b\u044b \ud83d\udd01 \u0412\u0441\u0435 \u043d\u0430\u0448\u0438 \u0447\u0430\u0442\u044b \ud83e\udea7 \u0414\u043b\u044f \u0441\u0432\u044f\u0437\u0438 \u0441 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u043e\u043c", "creation_timestamp": "2026-05-07T16:02:14.000000Z"}, {"uuid": "15a098b6-fba3-4c3b-8772-60d4e7e22dbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3mkz43caize2t", "content": "[RSS] A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202\n\n\n www.akamai.com -> \n\n\nOriginal->", "creation_timestamp": "2026-05-04T07:02:12.982888Z"}, {"uuid": "3b63873d-f4c2-4230-865c-d4120e339130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32207", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlcdlcfhct2o", "content": "CVE-2026-32207 - Azure Machine Learning Notebook Spoofing Vulnerability\nCVE ID : CVE-2026-32207\n \n Published : May 7, 2026, 8:58 p.m. | 1\u00a0hour, 22\u00a0minutes ago\n \n Description : None\n \n Severity: 8.8 | HIGH\n \n Visit the link for more details, such as CVSS details, affected produ...", "creation_timestamp": "2026-05-07T23:10:24.108893Z"}, {"uuid": "62904f1b-d995-4b4c-a431-6c0c03cdc705", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32207", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mlcoxjxiz423", "content": "Azure Machine Learning\u306eWeb\u30da\u30fc\u30b8\u751f\u6210\u306b\u304a\u3051\u308b\u5165\u529b\u306e\u4e0d\u9069\u5207\u306a\u7121\u5bb3\u5316\uff08\u30af\u30ed\u30b9\u30b5\u30a4\u30c8\u30b9\u30af\u30ea\u30d7\u30c6\u30a3\u30f3\u30b0\uff09\u306b\u3088\u308a\u3001\u653b\u6483\u8005\u306f\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3092\u4ecb\u3057\u305f\u30b9\u30d7\u30fc\u30d5\u30a3\u30f3\u30b0\u304c\u53ef\u80fd\u306b\u306a\u308b\u3002\nCVE-2026-32207 CVSS 8.8 | HIGH", "creation_timestamp": "2026-05-08T02:34:05.360003Z"}, {"uuid": "756b8500-bd1d-4d08-853f-9ca5ca6e6a7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://gist.github.com/nrf0009-09/957d21fe0408108bccb397435cb6692a", "content": "\n\n\n  \n\n    Noticias de Noelia\n\n    https://gist.githubusercontent.com/nrf0009-09/957d21fe0408108bccb397435cb6692a/raw/12124d004fb2e8e0037740046f544f018418cd94/noticias.xml\n\n    \n      Canal RSS especializado en noticias t\u00e9cnicas sobre sistemas,\n      ciberseguridad y administraci\u00f3n inform\u00e1tica.\n    \n\n    es\n\n    \n    \n      Microsoft corrige vulnerabilidades cr\u00edticas en Windows\n\n      \n       https://unaaldia.hispasec.com/2026/04/microsoft-corrige-un-zero-day-en-sharepoint-y-parchea-169-vulnerabilidades.html\n      \n\n      \n          Microsoft ha corregido 169 vulnerabilidades en su \u00faltima oleada de parches,\n           incluyendo una zero-day activamente explotada en SharePoint Server CVE-2026-32201 y varios fallos cr\u00edticos en Windows Defender \n           y servicios de red. Estas vulnerabilidades afectan a m\u00faltiples versiones de Windows, incluyendo Windows 11 y tambi\u00e9n Windows 10 en \n           sistemas que a\u00fan reciben actualizaciones de seguridad. Las organizaciones deben priorizar estas actualizaciones para evitar ataques potenciales.\n        \n\n        \n      ]]>\n\n      \n        https://unaaldia.hispasec.com/2026/04/microsoft-corrige-un-zero-day-en-sharepoint-y-parchea-169-vulnerabilidades.html\n      \n\n      nrf0009@alu.medac.es\n\n      Fri, 08 May 2026 08:00:00 GMT\n    \n\n    \n    \n      Alertan de dos nuevas estafas que suplantan a DHL\n\n      \n        https://www.20minutos.es/tecnologia/ciberseguridad/alertan-dos-nuevas-estafas-que-suplantan-dhl-no-piques-si-te-llegan-estos-correos-electronicos_6966903_0.html\n      \n\n      \n         Una nueva estafa de suplantaci\u00f3n de identidad vuelve a amenazar a los usuarios. En este caso, los ciberdelincuentes \n         se hacen pasar por la empresa de servicios de mensajer\u00eda DHL a trav\u00e9s de un mensaje en forma de correo electr\u00f3nico. \n         Este tipo de fraudes tiene como objetivo robar informaci\u00f3n personal y bancaria, adem\u00e1s de comprometer los sistemas de las v\u00edctimas. \n        \n\n        \n      ]]>\n\n      \n        https://www.20minutos.es/tecnologia/ciberseguridad/alertan-dos-nuevas-estafas-que-suplantan-dhl-no-piques-si-te-llegan-estos-correos-electronicos_6966903_0.html\n      \n\n      nrf0009@alu.medac.es\n\n      Fri, 08 May 2026 08:00:00 GMT\n    \n\n    \n    \n      El kernel Linux 7.0 llega con mejoras de rendimiento, soporte para nuevo \n        hardware y un sistema de archivos XFS m\u00e1s inteligente\n\n      \n       https://www.l4b-software.com/es/linux-kernel-7-0-regulated-embedded-systems/\n      \n\n      \n         El n\u00facleo de Linux 7.0 es la versi\u00f3n principal actual en el momento de redactar este art\u00edculo, pero el cambio de versi\u00f3n en s\u00ed mismo es \n         principalmente una cuesti\u00f3n de mantenimiento. La verdadera pregunta para los equipos de ingenier\u00eda que desarrollan sistemas embebidos regulados \n         no es si la versi\u00f3n 7.0 lo cambia todo, sino si el \u00faltimo ciclo del n\u00facleo mejora de manera significativa el comportamiento temporal, \n         la facilidad de mantenimiento, el nivel de seguridad y la estrategia de actualizaci\u00f3n lo suficiente como para justificar su adopci\u00f3n.\n        \n\n        \n      ]]>\n\n      \n        https://www.l4b-software.com/es/linux-kernel-7-0-regulated-embedded-systems/\n      \n\n      nrf0009@alu.medac.es\n\n      Fri, 08 May 2026 08:00:00 GMT\n    \n\n  \n", "creation_timestamp": "2026-05-08T07:07:57.000000Z"}, {"uuid": "be3781f5-f7ea-463e-8ebc-464d0e9bea43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32207", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mlevjzloxp2h", "content": "\ud83d\udccc CVE-2026-32207 - Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perf... https://www.cyberhub.blog/cves/CVE-2026-32207", "creation_timestamp": "2026-05-08T23:37:09.369891Z"}, {"uuid": "cd39d208-4bd8-426d-ae9d-c77fb3d9a5ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32207", "type": "seen", "source": "https://www.thezdi.com/blog/2026/5/12/the-may-2026-security-update-review", "content": "I\u2019m currently in Berlin helping set up for Pwn2Own Berlin, but that doesn\u2019t stop Patch Tuesday from coming, and it\u2019s another big one. At least nothing is listed as being in the wild \u2013 for now. Take a break from your regularly scheduled activities and let\u2019s take a look at the latest security patches from Adobe and Microsoft. Due to technical difficulties, there will not be a video companion for this month.\nAdobe Patches for May 2026\nFor May, Adobe released 10 bulletins addressing 52 unique CVEs in Adobe Commerce, After Effects, Adobe Connect, Illustrator, Media Encoder, Premiere Pro, Substance 3D Painter, Substance 3D Sampler, Content Authenticity SDK, and the Adobe Substance 3D Designer. Here\u2019s this month\u2019s overview table:\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n  \n  \n\n\n\n\n  \n    \n\n\n\n<colgroup>\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n</colgroup>\n\n<tfoot>\n  \n</tfoot>\n\n\n  \n    Bulletin ID\n    Product\n    CVE Count\n    Highest Severity\n    Highest CVSS\n    Exploited\n    Deployment Priority\n  \n\n\n  \n    APSB26-49\n    Adobe Commerce\n    15\n    Critical\n    8.7\n    No\n    2\n  \n  \n    APSB26-48\n    Adobe After Effects\n    4\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-50\n    Adobe Connect\n    2\n    Critical\n    9.6\n    No\n    3\n  \n  \n    APSB26-51\n    Adobe Illustrator\n    4\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-47\n    Adobe Media Encoder\n    2\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-46\n    Adobe Premiere Pro\n    3\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-55\n    Adobe Substance 3D Painter\n    2\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-54\n    Adobe Substance 3D Sampler\n    1\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-53\n    Content Authenticity SDK\n    14\n    Critical\n    7.5\n    No\n    3\n  \n  \n    APSB26-52\n    Adobe Substance 3D Designer\n    5\n    Important\n    6.3\n    No\n    3\n  \n\n    TOTAL\n    10 bulletins\n    52\n    \n    \n    \n    \n  \n\n\n\n  \n\n\n\n\n  \nThe obvious priority this month is the patch for Commerce, with its 15 bugs and deployment priority of 2. The Connect fix should also rank up there since both of its CVEs are CVSS 9s. Beyond those, it\u2019s a pretty typical month for Adobe, with most of the bugs either being cross-site scripting (XSS) or open-and-own code executions.\nMicrosoft Patches for May 2026\nThis month, Microsoft released a whopping 138 new CVEs in Windows and Windows components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, .NET and Visual Studio, Copilot Chat, Github Copilot, M365 Copilot, SQL Server, TCP/IP, and the Telnet Client \u2013 yes, the Telnet client. Two of these bugs were reported through the TrendAI ZDI program. 30 of these bugs are rated Critical, three are rated as Moderate, one is rated Low, and the rest are rated Important in severity.\nThis large volume of fixes follows the largest monthly release in Microsoft\u2019s history and reflects the trend across the industry of a high number of submissions. While not all of these bugs were found by AI, it\u2019s likely they had an AI-related component \u2013 even if it was just AI writing the submission. I should also point out the Pwn2Own Berlin occurs in just a few days, and it\u2019s typical for vendors to patch as much as they can before the event.\nNone of the bugs patched by Microsoft this month are listed as publicly known or under active attack at the time of release, so we\u2019ve got that going for us. Let\u2019s take a closer look at some of the more interesting updates for this month, starting with a nasty-looking bug in DNS:\n-    CVE-2026-41096 - Windows DNS Client Remote Code Execution VulnerabilityThis patch fixes a heap-based buffer overflow in the DNS Client triggered by a malicious DNS response. No authentication or user interaction needed, and since the DNS Client runs on virtually every Windows machine, the attack surface is enormous. An attacker with a position to influence DNS responses (MitM, rogue server) could achieve unauthenticated RCE across your enterprise.\n-    CVE-2026-41089 - Windows Netlogon Remote Code Execution VulnerabilityThis update covers another CVSS 9.8 bug, which is a stack-based buffer overflow that lets an unauthenticated remote attacker execute code on a domain controller by sending a specially crafted network request \u2014 no credentials, no user interaction required. Yup \u2013 that makes it wormable. This is the highest-impact bug that requires immediate patching: a compromised domain controller is a compromised domain.\n-    CVE-2026-42898 - Microsoft Dynamics 365 On-Premises Remote Code Execution VulnerabilityThis bug rates a CVSS 9.9(!) and represents a code injection in Dynamics 365. It allows any authenticated user to execute code with a scope change, meaning exploitation can break out and affect resources beyond the vulnerable component itself. Scope changes are pretty rare, so if you\u2019re running Dynamics 365 On-Prem, definitely test and deploy this patch quickly.\n-    CVE-2026-40415 - Windows TCP/IP Remote Code Execution VulnerabilityThis bug in the TCP/IP stack results from a use-after-free (UAF) and could allow a remote, unauthenticated threat actor to execute code without user interaction. That makes this another wormable bug. However, this one is much less likely to be exploited. The target needs to be under sustained low-memory (memory pressure) conditions, which is pretty rare. Still, no need to tempt fate here. Test and deploy this one quickly.\nHere\u2019s the full list of CVEs released by Microsoft for May 2026:\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n  \n  \n\n\n\n\n  \n    \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n <col width=\"144\" />\n <col width=\"256\" />\n <col span=\"5\" width=\"104\" />\n \n\n  CVE\n  Title\n  Severity\n  CVSS\n  Public\n  Exploited\n  Type\n \n \n  <span>CVE-2026-35435</span>\n  Azure AI Foundry\n  Elevation of Privilege Vulnerability\n  Critical\n  8.6\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35428</span>\n  Azure Cloud Shell\n  Spoofing Vulnerability\n  Critical\n  9.6\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-42826</span>\n  Azure DevOps\n  Information Disclosure Vulnerability\n  Critical\n  10\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-32207</span>\n  Azure Machine Learning\n  Notebook Spoofing Vulnerability\n  Critical\n  8.8\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-33109</span>\n  Azure Managed Instance\n  for Apache Cassandra Remote Code Execution Vulnerability\n  Critical\n  9.9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33844</span>\n  Azure Managed Instance\n  for Apache Cassandra Remote Code Execution Vulnerability\n  Critical\n  9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41105</span>\n  Azure Monitor Action\n  Group Notification System Elevation of Privilege Vulnerability\n  Critical\n  8.1\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33111</span>\n  Copilot Chat\n  (Microsoft Edge) Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-26129</span>\n  M365 Copilot\n  Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-26164</span>\n  M365 Copilot\n  Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33821</span>\n  Microsoft Dynamics 365\n  Customer Insights Elevation of Privilege Vulnerability\n  Critical\n  7.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42898</span>\n  Microsoft Dynamics 365\n  On-Premises Remote Code Execution Vulnerability\n  Critical\n  9.9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40379</span>\n  Microsoft Enterprise\n  Security Token Service (ESTS) Spoofing Vulnerability\n  Critical\n  9.3\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40363</span>\n  Microsoft Office\n  Remote Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40358</span>\n  Microsoft Office\n  Remote Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-34327</span>\n  Microsoft Partner\n  Center Spoofing Vulnerability\n  Critical\n  8.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40365</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Critical\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41103</span>\n  Microsoft SSO Plugin\n  for Jira & Confluence Elevation of Privilege Vulnerability\n  Critical\n  9.1\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33823</span>\n  Microsoft Team Events\n  Portal Information Disclosure Vulnerability\n  Critical\n  9.6\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40364</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40366</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40361</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40367</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42831</span>\n  Office for Android\n  Remote Code Execution Vulnerability\n  Critical\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41096</span>\n  Windows DNS Client\n  Remote Code Execution Vulnerability\n  Critical\n  9.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-35421</span>\n  Windows GDI Remote\n  Code Execution Vulnerability\n  Critical\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40403</span>\n  Windows Graphics\n  Component Remote Code Execution Vulnerability\n  Critical\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40402</span>\n  Windows Hyper-V\n  Elevation of Privilege Vulnerability\n  Critical\n  9.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32161</span>\n  Windows Native WiFi\n  Miniport Driver Remote Code Execution Vulnerability\n  Critical\n  7.5\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41089</span>\n  Windows Netlogon\n  Remote Code Execution Vulnerability\n  Critical\n  9.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-32175</span>\n  .NET Core Tampering\n  Vulnerability\n  Important\n  4.3\n  No\n  No\n  Tampering\n \n \n  <span>CVE-2026-32177</span>\n  .NET Elevation of\n  Privilege Vulnerability\n  Important\n  7.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35433</span>\n  .NET Elevation of\n  Privilege Vulnerability\n  Important\n  7.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2025-54518 *</span>\n  AMD: CVE-2025-54518\n  CPU OP Cache Corruption\n  Important\n  \n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42899</span>\n  ASP.NET Core Denial of\n  Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40381</span>\n  Azure Connected\n  Machine Agent Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42823 \u2020</span>\n  Azure Logic Apps\n  Elevation of Privilege Vulnerability\n  Important\n  9.9\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33833</span>\n  Azure Machine Learning\n  Notebook Spoofing Vulnerability\n  Important\n  8.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-32204</span>\n  Azure Monitor Agent\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42830</span>\n  Azure Monitor Agent\n  Metrics Extension Elevation of Privilege Vulnerability\n  Important\n  6.5\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33117</span>\n  Azure SDK for Java\n  Security Feature Bypass Vulnerability\n  Important\n  9.1\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-41109</span>\n  GitHub Copilot and\n  Visual Studio Code Security Feature Bypass Vulnerability\n  Important\n  8.8\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-35424</span>\n  Internet Key Exchange\n  (IKE) Protocol Denial of Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-41614</span>\n  M365 Copilot for\n  Desktop Spoofing Vulnerability\n  Important\n  6.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41100</span>\n  Microsoft 365 Copilot\n  for Android Spoofing Vulnerability\n  Important\n  4.4\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40377</span>\n  Microsoft\n  Cryptographic Services Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41094</span>\n  Microsoft Data\n  Formulator Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40417</span>\n  Microsoft Dynamics 365\n  Business Central Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42833</span>\n  Microsoft Dynamics 365\n  On-Premises Remote Code Execution Vulnerability\n  Important\n  9.1\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42838</span>\n  Microsoft Edge\n  (Chromium-based) Elevation of Privilege Vulnerability\n  Important\n  5.4\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40360</span>\n  Microsoft Excel\n  Information Disclosure Vulnerability\n  Important\n  7.8\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40359</span>\n  Microsoft Excel Remote\n  Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40362</span>\n  Microsoft Excel Remote\n  Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42832</span>\n  Microsoft Excel\n  Spoofing Vulnerability\n  Important\n  7.7\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-34329</span>\n  Microsoft Message\n  Queuing (MSMQ) Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40419</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40418</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35436</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40420</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42893</span>\n  Microsoft Outlook for\n  iOS Tampering Vulnerability\n  Important\n  7.4\n  No\n  No\n  Tampering\n \n \n  <span>CVE-2026-40374</span>\n  Microsoft Power\n  Automate Desktop Information Disclosure Vulnerability\n  Important\n  6.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41102</span>\n  Microsoft PowerPoint\n  for Android Spoofing Vulnerability\n  Important\n  7.1\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35439</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40368</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33110</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33112</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40357</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-32185</span>\n  Microsoft Teams\n  Spoofing Vulnerability\n  Important\n  5.5\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41101</span>\n  Microsoft Word for\n  Android Spoofing Vulnerability\n  Important\n  7.1\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35440</span>\n  Microsoft Word\n  Information Disclosure Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40421</span>\n  Microsoft Word\n  Information Disclosure Vulnerability\n  Important\n  4.3\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41097</span>\n  Secure Boot Security\n  Feature Bypass Vulnerability\n  Important\n  6.7\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-40370 \u2020</span>\n  SQL Server Remote Code\n  Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41613</span>\n  Visual Studio Code\n  Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41612</span>\n  Visual Studio Code\n  Information Disclosure Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41611</span>\n  Visual Studio Code\n  Remote Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41610</span>\n  Visual Studio Code\n  Security Feature Bypass Vulnerability\n  Important\n  6.3\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-33839</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33840</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34330</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34331</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35423</span>\n  Windows 11 Telnet\n  Client Information Disclosure Vulnerability\n  Important\n  5.4\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-35438</span>\n  Windows Admin Center\n  Elevation of Privilege Vulnerability\n  Important\n  8.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41086</span>\n  Windows Admin Center\n  in Azure Portal Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34344</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34345</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35416</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41088</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34343</span>\n  Windows Application\n  Identity (AppID) Subsystem Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35418</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33835</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34337</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40407</span>\n  Windows Common Log\n  File System Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40397</span>\n  Windows Common Log\n  File System Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42896</span>\n  Windows DWM Core\n  Library Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35419</span>\n  Windows DWM Core\n  Library Information Disclosure<span> \n  </span>Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-34336</span>\n  Windows DWM Core\n  Library Information Disclosure<span> \n  </span>Vulnerability\n  Important\n  7.8\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33834</span>\n  Windows Event Logging\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32209</span>\n  Windows Filtering\n  Platform (WFP) Security Feature Bypass Vulnerability\n  Important\n  4.4\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-33841</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35420</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40369</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34332</span>\n  Windows Kernel-Mode\n  Driver Remote Code Execution Vulnerability\n  Important\n  8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-34339</span>\n  Windows Lightweight\n  Directory Access Protocol (LDAP) Denial of Service Vulnerability\n  Important\n  5.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-34341</span>\n  Windows Link-Layer\n  Discovery Protocol (LLDP) Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33838</span>\n  Windows Message\n  Queuing (MSMQ) Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34342</span>\n  Windows Print Spooler\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41095</span>\n  Windows Projected File\n  System Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34340</span>\n  Windows Projected File\n  System Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40398</span>\n  Windows Remote Desktop\n  Services Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-21530</span>\n  Windows Rich Text Edit\n  Elevation of Privilege Vulnerability\n  Important\n  6.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32170</span>\n  Windows Rich Text Edit\n  Elevation of Privilege Vulnerability\n  Important\n  6.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40410</span>\n  Windows SMB Client\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35415</span>\n  Windows Storage Spaces\n  Controller Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34350</span>\n  Windows Storport\n  Miniport Driver Denial of Service Vulnerability\n  Important\n  6.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40405</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40414</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.4\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40401</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  6.2\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40413</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.4\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-35422</span>\n  Windows TCP/IP Driver\n  Security Feature Bypass Vulnerability\n  Important\n  6.5\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-34351</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40399</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34334</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40406</span>\n  Windows TCP/IP\n  Information Disclosure Vulnerability\n  Important\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33837</span>\n  Windows TCP/IP Local\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40415</span>\n  Windows TCP/IP Remote\n  Code Execution Vulnerability\n  Important\n  8.1\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42825</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34338</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40382</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40380</span>\n  Windows Volume Manager\n  Extension Driver Remote Code Execution Vulnerability\n  Important\n  6.2\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40408</span>\n  Windows WAN ARP Driver\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34333</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34347</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35417</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42891</span>\n  Microsoft Edge\n  (Chromium-based) for Android Spoofing Vulnerability\n  Moderate\n  6.5\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35429</span>\n  Microsoft Edge\n  (Chromium-based) for Android Spoofing Vulnerability\n  Moderate\n  4.3\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41107</span>\n  Microsoft Edge\n  (Chromium-based) Information Disclosure Vulnerability\n  Moderate\n  7.4\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40416</span>\n  Microsoft\n  Edge (Chromium-based) for Android Spoofing Vulnerability\n  Low\n  4.3\n  No\n  No\n  Spoofing\n \n \n \n  \n  \n  \n  \n  \n  \n  \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n  \n\n\n\n\n  \n* Indicates this CVE had been released by a third party and is now being included in Microsoft releases.\n\u2020 Indicates further administrative actions are required to fully address the vulnerability.\n \nLooking at the other Critical-rated bugs in this month\u2019s release, there are quite a few scary-looking bugs (including a CVSS 10!), but there\u2019s no action for the end user as Microsoft has already mitigated these bugs and is just now documenting them. There\u2019s also this month\u2019s crop of Office bugs where the Preview Pane is an attack vector. However, the bug in Office for Android does not have the Preview Pane vector; it\u2019s simple open and own. The bug in the WiFi driver needs a network adjacent attacker. The SharePoint bug requires authentication, but anyone with site privileges has the authentication needed. The bug in SSO Plugin for Jira & Confluence should really be called an authentication bypass, since it allows an unauthenticated attacker to gain access to a system.\nLooking at the other code execution bugs, most are of the open and own variety as expected. The bug in Dynamic 365 (On Prem) requires high privileges. The Message Queueing bug requires an adjacent attacker. The bug in SQL Server requires authentication, but as usual, patching won\u2019t be straightforward. Finally, there\u2019s a bug in the kernel that leads to code execution. Most kernel bugs are privilege escalations, but this one could allow code execution if an attacker sends specially crafted NVMe over Fabrics (NVMe\u2011oF) response messages during the connection handshake process that contains an invalid header length value. Neat.\nAs usual, the vast majority of the Microsoft release fixes Elevation of Privilege (EoP) bugs. Also as usual, most simply lead to local attackers executing their code at SYSTEM-level privileges or administrative privileges, so there\u2019s not much to add without further technical details about the bugs themselves. There are also a few bugs that just state the attacker could \u201cgain ELEVATED privileges.\u201d How obtuse. The bugs in Azure allow an attacker to access data otherwise hidden from them. The Edge bug allows threat actors to elevate to the privileges of the running application. The bug in Visual Studio allows attackers to get permissions associated with the MCP Server\u2019s managed identity. Finally, there are a couple of sandbox escapes, too, which are always useful.\nThis month's update includes six Security Feature Bypass vulnerabilities. The most severe is in the Azure SDK for Java (CVSS 9.1). An attacker over the network can bypass the integrity protection provided by authentication tags on encrypted data, effectively manipulating encrypted input in a way that slips past integrity checks during decryption.  Close behind is the bypass affecting the GitHub Copilot integration in Visual Studio Code (CWE-74). This one requires a user interaction, but it allows an attacker to circumvent the path validation safeguards that normally control which files Copilot is permitted to modify. The other Visual Studio Code bypass involves cross-site scripting, improper link resolution, and information exposure triggered when a user opens or views a maliciously crafted notebook.  On the Windows networking side there are two bypasses. The first hits the Windows TCP/IP driver via an authentication bypass using an alternate channel. The other impacts the Windows Filtering Platform through improper access control, allowing a local, low-privileged attacker to bypass FQDN-based network security rules. Finally, there\u2019s a Secure Boot bypass that, you guessed it, bypasses secure boot features.\nMoving on to the Information Disclosure bugs fixed this month, we have 15 different CVEs. As usual, the majority of these simply result in info leaks consisting of unspecified memory contents or memory addresses. The bug in Power Automate could expose data marked \u201cSensitive\u201d within Power Automate Desktop flows. One of the Word bugs could disclose NLTM hashes. The bug in Edge could disclose your cookies, which seems rude. The bug in Visual Studio could expose file path information. Finally, there\u2019s a bug in Telnet for Windows 11 that leaks information being used by Telnet at the time. I didn\u2019t even realize Windows 11 still had a telnet client.\nThe May release contains 10 spoofing bugs (plus the ones already addressed by Microsoft). The bug in Azure Machine Learning Notebooks vulnerability requires user interaction, but it could expose info through the Azure ML web interface to the attacker. There\u2019s a cluster of fixes for Microsoft's mobile Office suite on Android. Excel, Word, and PowerPoint for Android all carry spoofing flaws rooted in improper access control. Two Copilot products are also affected by spoofing vulns. The M365 Copilot for Desktop has no details provided. The M365 Copilot for Android variant requires low privileges and producing only limited impact on confidentiality and integrity. Microsoft Teams for Android rounds out the mobile app spoofing bugs. Three Edge bugs close things out, all involving misrepresentation of information in the browser UI. \nThere are two Tampering bugs in this month\u2019s release. The one in .NET Core allows threat actors to write files to an affected system. The other is in Outlook for iOS and manifests as a command injection bug.\nThere are eight DoS bugs in the May release, but as always, Microsoft provides little to no actionable information about the vulnerabilities. The most interesting from a practical standpoint are two TCP/IP bugs that allow a low-privilege Hyper-V guest to crash the host. Both are triggered from the adjacent network. On the broader network-exposure side, the ASP.NET Core bug is a straightforward infinite loop condition \u2014 an unauthenticated attacker sends a crafted request over the network and the server stops responding.\nNo new advisories are being released this month.\nLooking Ahead\nAssuming I survive Pwn2Own Berlin (which is looking iffy at the moment), I\u2019ll return on June 9th on what will hopefully be a smaller release than this one. Until then, stay safe, happy patching, and may all your reboots be smooth and clean!", "creation_timestamp": "2026-05-12T16:38:43.000000Z"}, {"uuid": "ae0afd47-61aa-457a-8457-65a4471d5e26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mlh5r2sm6s2x", "content": "\u7c73\u5f53\u5c40\u3001\u60aa\u7528\u30ea\u30b9\u30c8\u306b\u8106\u5f31\u60273\u4ef6\u3092\u8ffd\u52a0 - \u6700\u77ed\u30675\u67083\u65e5\u5bfe\u5fdc\u671f\u9650\n\n\u7c73\u5f53\u5c40\u306f\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u305f3\u4ef6\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u6ce8\u610f\u559a\u8d77\u3092\u884c\u3063\u305f\u3002\u7279\u306b\u300ccPanel & WHM\u300d\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306f\u3001\u65e9\u6025\u306a\u5bfe\u7b56\u304c\u6c42\u3081\u3089\u308c\u3066\u3044\u308b\u3002\n\n\u7c73\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u304c\u73fe\u5730\u6642\u95932026\u5e744\u670828\u65e5\u306b2\u4ef6\u300130\u65e5\u306b1\u4ef6\u306e\u8106\u5f31\u6027\u3092\u300c\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u305f\u8106\u5f31\u6027\u30ab\u30bf\u30ed\u30b0\uff08KEV\uff09\u300d\u3078\u8ffd\u52a0\u3057\u305f\u3082\u306e\u3002\n\n...\n\n\u540c\u670828\u65e5\u306b\u306f2\u4ef6\u306e\u8106\u5f31\u6027\u3092\u8ffd\u52a0\u3057\u305f\u3002\u300cCVE-2026-32202\u300d\u306f\u300cWindows Shell\u300d\u306b\u304a\u3051\u308b\u4fdd\u8b77\u6a5f\u69cb\u306e\u4e0d\u5099\u306b\u8d77\u56e0\u3059\u308b\u8106\u5f31\u6027\u3002\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u3053\u3068\u3067\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306b...", "creation_timestamp": "2026-05-09T21:09:34.380157Z"}, {"uuid": "c44f59c9-c33a-4d7c-9286-fa7fb04f718d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32209", "type": "seen", "source": "https://www.thezdi.com/blog/2026/5/12/the-may-2026-security-update-review", "content": "I\u2019m currently in Berlin helping set up for Pwn2Own Berlin, but that doesn\u2019t stop Patch Tuesday from coming, and it\u2019s another big one. At least nothing is listed as being in the wild \u2013 for now. Take a break from your regularly scheduled activities and let\u2019s take a look at the latest security patches from Adobe and Microsoft. Due to technical difficulties, there will not be a video companion for this month.\nAdobe Patches for May 2026\nFor May, Adobe released 10 bulletins addressing 52 unique CVEs in Adobe Commerce, After Effects, Adobe Connect, Illustrator, Media Encoder, Premiere Pro, Substance 3D Painter, Substance 3D Sampler, Content Authenticity SDK, and the Adobe Substance 3D Designer. Here\u2019s this month\u2019s overview table:\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n  \n  \n\n\n\n\n  \n    \n\n\n\n<colgroup>\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n</colgroup>\n\n<tfoot>\n  \n</tfoot>\n\n\n  \n    Bulletin ID\n    Product\n    CVE Count\n    Highest Severity\n    Highest CVSS\n    Exploited\n    Deployment Priority\n  \n\n\n  \n    APSB26-49\n    Adobe Commerce\n    15\n    Critical\n    8.7\n    No\n    2\n  \n  \n    APSB26-48\n    Adobe After Effects\n    4\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-50\n    Adobe Connect\n    2\n    Critical\n    9.6\n    No\n    3\n  \n  \n    APSB26-51\n    Adobe Illustrator\n    4\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-47\n    Adobe Media Encoder\n    2\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-46\n    Adobe Premiere Pro\n    3\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-55\n    Adobe Substance 3D Painter\n    2\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-54\n    Adobe Substance 3D Sampler\n    1\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-53\n    Content Authenticity SDK\n    14\n    Critical\n    7.5\n    No\n    3\n  \n  \n    APSB26-52\n    Adobe Substance 3D Designer\n    5\n    Important\n    6.3\n    No\n    3\n  \n\n    TOTAL\n    10 bulletins\n    52\n    \n    \n    \n    \n  \n\n\n\n  \n\n\n\n\n  \nThe obvious priority this month is the patch for Commerce, with its 15 bugs and deployment priority of 2. The Connect fix should also rank up there since both of its CVEs are CVSS 9s. Beyond those, it\u2019s a pretty typical month for Adobe, with most of the bugs either being cross-site scripting (XSS) or open-and-own code executions.\nMicrosoft Patches for May 2026\nThis month, Microsoft released a whopping 138 new CVEs in Windows and Windows components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, .NET and Visual Studio, Copilot Chat, Github Copilot, M365 Copilot, SQL Server, TCP/IP, and the Telnet Client \u2013 yes, the Telnet client. Two of these bugs were reported through the TrendAI ZDI program. 30 of these bugs are rated Critical, three are rated as Moderate, one is rated Low, and the rest are rated Important in severity.\nThis large volume of fixes follows the largest monthly release in Microsoft\u2019s history and reflects the trend across the industry of a high number of submissions. While not all of these bugs were found by AI, it\u2019s likely they had an AI-related component \u2013 even if it was just AI writing the submission. I should also point out the Pwn2Own Berlin occurs in just a few days, and it\u2019s typical for vendors to patch as much as they can before the event.\nNone of the bugs patched by Microsoft this month are listed as publicly known or under active attack at the time of release, so we\u2019ve got that going for us. Let\u2019s take a closer look at some of the more interesting updates for this month, starting with a nasty-looking bug in DNS:\n-    CVE-2026-41096 - Windows DNS Client Remote Code Execution VulnerabilityThis patch fixes a heap-based buffer overflow in the DNS Client triggered by a malicious DNS response. No authentication or user interaction needed, and since the DNS Client runs on virtually every Windows machine, the attack surface is enormous. An attacker with a position to influence DNS responses (MitM, rogue server) could achieve unauthenticated RCE across your enterprise.\n-    CVE-2026-41089 - Windows Netlogon Remote Code Execution VulnerabilityThis update covers another CVSS 9.8 bug, which is a stack-based buffer overflow that lets an unauthenticated remote attacker execute code on a domain controller by sending a specially crafted network request \u2014 no credentials, no user interaction required. Yup \u2013 that makes it wormable. This is the highest-impact bug that requires immediate patching: a compromised domain controller is a compromised domain.\n-    CVE-2026-42898 - Microsoft Dynamics 365 On-Premises Remote Code Execution VulnerabilityThis bug rates a CVSS 9.9(!) and represents a code injection in Dynamics 365. It allows any authenticated user to execute code with a scope change, meaning exploitation can break out and affect resources beyond the vulnerable component itself. Scope changes are pretty rare, so if you\u2019re running Dynamics 365 On-Prem, definitely test and deploy this patch quickly.\n-    CVE-2026-40415 - Windows TCP/IP Remote Code Execution VulnerabilityThis bug in the TCP/IP stack results from a use-after-free (UAF) and could allow a remote, unauthenticated threat actor to execute code without user interaction. That makes this another wormable bug. However, this one is much less likely to be exploited. The target needs to be under sustained low-memory (memory pressure) conditions, which is pretty rare. Still, no need to tempt fate here. Test and deploy this one quickly.\nHere\u2019s the full list of CVEs released by Microsoft for May 2026:\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n  \n  \n\n\n\n\n  \n    \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n <col width=\"144\" />\n <col width=\"256\" />\n <col span=\"5\" width=\"104\" />\n \n\n  CVE\n  Title\n  Severity\n  CVSS\n  Public\n  Exploited\n  Type\n \n \n  <span>CVE-2026-35435</span>\n  Azure AI Foundry\n  Elevation of Privilege Vulnerability\n  Critical\n  8.6\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35428</span>\n  Azure Cloud Shell\n  Spoofing Vulnerability\n  Critical\n  9.6\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-42826</span>\n  Azure DevOps\n  Information Disclosure Vulnerability\n  Critical\n  10\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-32207</span>\n  Azure Machine Learning\n  Notebook Spoofing Vulnerability\n  Critical\n  8.8\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-33109</span>\n  Azure Managed Instance\n  for Apache Cassandra Remote Code Execution Vulnerability\n  Critical\n  9.9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33844</span>\n  Azure Managed Instance\n  for Apache Cassandra Remote Code Execution Vulnerability\n  Critical\n  9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41105</span>\n  Azure Monitor Action\n  Group Notification System Elevation of Privilege Vulnerability\n  Critical\n  8.1\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33111</span>\n  Copilot Chat\n  (Microsoft Edge) Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-26129</span>\n  M365 Copilot\n  Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-26164</span>\n  M365 Copilot\n  Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33821</span>\n  Microsoft Dynamics 365\n  Customer Insights Elevation of Privilege Vulnerability\n  Critical\n  7.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42898</span>\n  Microsoft Dynamics 365\n  On-Premises Remote Code Execution Vulnerability\n  Critical\n  9.9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40379</span>\n  Microsoft Enterprise\n  Security Token Service (ESTS) Spoofing Vulnerability\n  Critical\n  9.3\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40363</span>\n  Microsoft Office\n  Remote Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40358</span>\n  Microsoft Office\n  Remote Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-34327</span>\n  Microsoft Partner\n  Center Spoofing Vulnerability\n  Critical\n  8.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40365</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Critical\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41103</span>\n  Microsoft SSO Plugin\n  for Jira & Confluence Elevation of Privilege Vulnerability\n  Critical\n  9.1\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33823</span>\n  Microsoft Team Events\n  Portal Information Disclosure Vulnerability\n  Critical\n  9.6\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40364</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40366</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40361</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40367</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42831</span>\n  Office for Android\n  Remote Code Execution Vulnerability\n  Critical\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41096</span>\n  Windows DNS Client\n  Remote Code Execution Vulnerability\n  Critical\n  9.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-35421</span>\n  Windows GDI Remote\n  Code Execution Vulnerability\n  Critical\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40403</span>\n  Windows Graphics\n  Component Remote Code Execution Vulnerability\n  Critical\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40402</span>\n  Windows Hyper-V\n  Elevation of Privilege Vulnerability\n  Critical\n  9.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32161</span>\n  Windows Native WiFi\n  Miniport Driver Remote Code Execution Vulnerability\n  Critical\n  7.5\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41089</span>\n  Windows Netlogon\n  Remote Code Execution Vulnerability\n  Critical\n  9.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-32175</span>\n  .NET Core Tampering\n  Vulnerability\n  Important\n  4.3\n  No\n  No\n  Tampering\n \n \n  <span>CVE-2026-32177</span>\n  .NET Elevation of\n  Privilege Vulnerability\n  Important\n  7.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35433</span>\n  .NET Elevation of\n  Privilege Vulnerability\n  Important\n  7.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2025-54518 *</span>\n  AMD: CVE-2025-54518\n  CPU OP Cache Corruption\n  Important\n  \n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42899</span>\n  ASP.NET Core Denial of\n  Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40381</span>\n  Azure Connected\n  Machine Agent Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42823 \u2020</span>\n  Azure Logic Apps\n  Elevation of Privilege Vulnerability\n  Important\n  9.9\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33833</span>\n  Azure Machine Learning\n  Notebook Spoofing Vulnerability\n  Important\n  8.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-32204</span>\n  Azure Monitor Agent\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42830</span>\n  Azure Monitor Agent\n  Metrics Extension Elevation of Privilege Vulnerability\n  Important\n  6.5\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33117</span>\n  Azure SDK for Java\n  Security Feature Bypass Vulnerability\n  Important\n  9.1\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-41109</span>\n  GitHub Copilot and\n  Visual Studio Code Security Feature Bypass Vulnerability\n  Important\n  8.8\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-35424</span>\n  Internet Key Exchange\n  (IKE) Protocol Denial of Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-41614</span>\n  M365 Copilot for\n  Desktop Spoofing Vulnerability\n  Important\n  6.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41100</span>\n  Microsoft 365 Copilot\n  for Android Spoofing Vulnerability\n  Important\n  4.4\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40377</span>\n  Microsoft\n  Cryptographic Services Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41094</span>\n  Microsoft Data\n  Formulator Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40417</span>\n  Microsoft Dynamics 365\n  Business Central Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42833</span>\n  Microsoft Dynamics 365\n  On-Premises Remote Code Execution Vulnerability\n  Important\n  9.1\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42838</span>\n  Microsoft Edge\n  (Chromium-based) Elevation of Privilege Vulnerability\n  Important\n  5.4\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40360</span>\n  Microsoft Excel\n  Information Disclosure Vulnerability\n  Important\n  7.8\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40359</span>\n  Microsoft Excel Remote\n  Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40362</span>\n  Microsoft Excel Remote\n  Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42832</span>\n  Microsoft Excel\n  Spoofing Vulnerability\n  Important\n  7.7\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-34329</span>\n  Microsoft Message\n  Queuing (MSMQ) Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40419</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40418</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35436</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40420</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42893</span>\n  Microsoft Outlook for\n  iOS Tampering Vulnerability\n  Important\n  7.4\n  No\n  No\n  Tampering\n \n \n  <span>CVE-2026-40374</span>\n  Microsoft Power\n  Automate Desktop Information Disclosure Vulnerability\n  Important\n  6.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41102</span>\n  Microsoft PowerPoint\n  for Android Spoofing Vulnerability\n  Important\n  7.1\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35439</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40368</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33110</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33112</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40357</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-32185</span>\n  Microsoft Teams\n  Spoofing Vulnerability\n  Important\n  5.5\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41101</span>\n  Microsoft Word for\n  Android Spoofing Vulnerability\n  Important\n  7.1\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35440</span>\n  Microsoft Word\n  Information Disclosure Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40421</span>\n  Microsoft Word\n  Information Disclosure Vulnerability\n  Important\n  4.3\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41097</span>\n  Secure Boot Security\n  Feature Bypass Vulnerability\n  Important\n  6.7\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-40370 \u2020</span>\n  SQL Server Remote Code\n  Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41613</span>\n  Visual Studio Code\n  Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41612</span>\n  Visual Studio Code\n  Information Disclosure Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41611</span>\n  Visual Studio Code\n  Remote Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41610</span>\n  Visual Studio Code\n  Security Feature Bypass Vulnerability\n  Important\n  6.3\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-33839</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33840</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34330</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34331</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35423</span>\n  Windows 11 Telnet\n  Client Information Disclosure Vulnerability\n  Important\n  5.4\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-35438</span>\n  Windows Admin Center\n  Elevation of Privilege Vulnerability\n  Important\n  8.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41086</span>\n  Windows Admin Center\n  in Azure Portal Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34344</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34345</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35416</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41088</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34343</span>\n  Windows Application\n  Identity (AppID) Subsystem Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35418</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33835</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34337</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40407</span>\n  Windows Common Log\n  File System Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40397</span>\n  Windows Common Log\n  File System Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42896</span>\n  Windows DWM Core\n  Library Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35419</span>\n  Windows DWM Core\n  Library Information Disclosure<span> \n  </span>Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-34336</span>\n  Windows DWM Core\n  Library Information Disclosure<span> \n  </span>Vulnerability\n  Important\n  7.8\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33834</span>\n  Windows Event Logging\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32209</span>\n  Windows Filtering\n  Platform (WFP) Security Feature Bypass Vulnerability\n  Important\n  4.4\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-33841</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35420</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40369</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34332</span>\n  Windows Kernel-Mode\n  Driver Remote Code Execution Vulnerability\n  Important\n  8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-34339</span>\n  Windows Lightweight\n  Directory Access Protocol (LDAP) Denial of Service Vulnerability\n  Important\n  5.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-34341</span>\n  Windows Link-Layer\n  Discovery Protocol (LLDP) Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33838</span>\n  Windows Message\n  Queuing (MSMQ) Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34342</span>\n  Windows Print Spooler\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41095</span>\n  Windows Projected File\n  System Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34340</span>\n  Windows Projected File\n  System Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40398</span>\n  Windows Remote Desktop\n  Services Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-21530</span>\n  Windows Rich Text Edit\n  Elevation of Privilege Vulnerability\n  Important\n  6.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32170</span>\n  Windows Rich Text Edit\n  Elevation of Privilege Vulnerability\n  Important\n  6.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40410</span>\n  Windows SMB Client\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35415</span>\n  Windows Storage Spaces\n  Controller Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34350</span>\n  Windows Storport\n  Miniport Driver Denial of Service Vulnerability\n  Important\n  6.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40405</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40414</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.4\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40401</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  6.2\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40413</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.4\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-35422</span>\n  Windows TCP/IP Driver\n  Security Feature Bypass Vulnerability\n  Important\n  6.5\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-34351</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40399</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34334</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40406</span>\n  Windows TCP/IP\n  Information Disclosure Vulnerability\n  Important\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33837</span>\n  Windows TCP/IP Local\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40415</span>\n  Windows TCP/IP Remote\n  Code Execution Vulnerability\n  Important\n  8.1\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42825</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34338</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40382</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40380</span>\n  Windows Volume Manager\n  Extension Driver Remote Code Execution Vulnerability\n  Important\n  6.2\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40408</span>\n  Windows WAN ARP Driver\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34333</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34347</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35417</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42891</span>\n  Microsoft Edge\n  (Chromium-based) for Android Spoofing Vulnerability\n  Moderate\n  6.5\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35429</span>\n  Microsoft Edge\n  (Chromium-based) for Android Spoofing Vulnerability\n  Moderate\n  4.3\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41107</span>\n  Microsoft Edge\n  (Chromium-based) Information Disclosure Vulnerability\n  Moderate\n  7.4\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40416</span>\n  Microsoft\n  Edge (Chromium-based) for Android Spoofing Vulnerability\n  Low\n  4.3\n  No\n  No\n  Spoofing\n \n \n \n  \n  \n  \n  \n  \n  \n  \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n  \n\n\n\n\n  \n* Indicates this CVE had been released by a third party and is now being included in Microsoft releases.\n\u2020 Indicates further administrative actions are required to fully address the vulnerability.\n \nLooking at the other Critical-rated bugs in this month\u2019s release, there are quite a few scary-looking bugs (including a CVSS 10!), but there\u2019s no action for the end user as Microsoft has already mitigated these bugs and is just now documenting them. There\u2019s also this month\u2019s crop of Office bugs where the Preview Pane is an attack vector. However, the bug in Office for Android does not have the Preview Pane vector; it\u2019s simple open and own. The bug in the WiFi driver needs a network adjacent attacker. The SharePoint bug requires authentication, but anyone with site privileges has the authentication needed. The bug in SSO Plugin for Jira & Confluence should really be called an authentication bypass, since it allows an unauthenticated attacker to gain access to a system.\nLooking at the other code execution bugs, most are of the open and own variety as expected. The bug in Dynamic 365 (On Prem) requires high privileges. The Message Queueing bug requires an adjacent attacker. The bug in SQL Server requires authentication, but as usual, patching won\u2019t be straightforward. Finally, there\u2019s a bug in the kernel that leads to code execution. Most kernel bugs are privilege escalations, but this one could allow code execution if an attacker sends specially crafted NVMe over Fabrics (NVMe\u2011oF) response messages during the connection handshake process that contains an invalid header length value. Neat.\nAs usual, the vast majority of the Microsoft release fixes Elevation of Privilege (EoP) bugs. Also as usual, most simply lead to local attackers executing their code at SYSTEM-level privileges or administrative privileges, so there\u2019s not much to add without further technical details about the bugs themselves. There are also a few bugs that just state the attacker could \u201cgain ELEVATED privileges.\u201d How obtuse. The bugs in Azure allow an attacker to access data otherwise hidden from them. The Edge bug allows threat actors to elevate to the privileges of the running application. The bug in Visual Studio allows attackers to get permissions associated with the MCP Server\u2019s managed identity. Finally, there are a couple of sandbox escapes, too, which are always useful.\nThis month's update includes six Security Feature Bypass vulnerabilities. The most severe is in the Azure SDK for Java (CVSS 9.1). An attacker over the network can bypass the integrity protection provided by authentication tags on encrypted data, effectively manipulating encrypted input in a way that slips past integrity checks during decryption.  Close behind is the bypass affecting the GitHub Copilot integration in Visual Studio Code (CWE-74). This one requires a user interaction, but it allows an attacker to circumvent the path validation safeguards that normally control which files Copilot is permitted to modify. The other Visual Studio Code bypass involves cross-site scripting, improper link resolution, and information exposure triggered when a user opens or views a maliciously crafted notebook.  On the Windows networking side there are two bypasses. The first hits the Windows TCP/IP driver via an authentication bypass using an alternate channel. The other impacts the Windows Filtering Platform through improper access control, allowing a local, low-privileged attacker to bypass FQDN-based network security rules. Finally, there\u2019s a Secure Boot bypass that, you guessed it, bypasses secure boot features.\nMoving on to the Information Disclosure bugs fixed this month, we have 15 different CVEs. As usual, the majority of these simply result in info leaks consisting of unspecified memory contents or memory addresses. The bug in Power Automate could expose data marked \u201cSensitive\u201d within Power Automate Desktop flows. One of the Word bugs could disclose NLTM hashes. The bug in Edge could disclose your cookies, which seems rude. The bug in Visual Studio could expose file path information. Finally, there\u2019s a bug in Telnet for Windows 11 that leaks information being used by Telnet at the time. I didn\u2019t even realize Windows 11 still had a telnet client.\nThe May release contains 10 spoofing bugs (plus the ones already addressed by Microsoft). The bug in Azure Machine Learning Notebooks vulnerability requires user interaction, but it could expose info through the Azure ML web interface to the attacker. There\u2019s a cluster of fixes for Microsoft's mobile Office suite on Android. Excel, Word, and PowerPoint for Android all carry spoofing flaws rooted in improper access control. Two Copilot products are also affected by spoofing vulns. The M365 Copilot for Desktop has no details provided. The M365 Copilot for Android variant requires low privileges and producing only limited impact on confidentiality and integrity. Microsoft Teams for Android rounds out the mobile app spoofing bugs. Three Edge bugs close things out, all involving misrepresentation of information in the browser UI. \nThere are two Tampering bugs in this month\u2019s release. The one in .NET Core allows threat actors to write files to an affected system. The other is in Outlook for iOS and manifests as a command injection bug.\nThere are eight DoS bugs in the May release, but as always, Microsoft provides little to no actionable information about the vulnerabilities. The most interesting from a practical standpoint are two TCP/IP bugs that allow a low-privilege Hyper-V guest to crash the host. Both are triggered from the adjacent network. On the broader network-exposure side, the ASP.NET Core bug is a straightforward infinite loop condition \u2014 an unauthenticated attacker sends a crafted request over the network and the server stops responding.\nNo new advisories are being released this month.\nLooking Ahead\nAssuming I survive Pwn2Own Berlin (which is looking iffy at the moment), I\u2019ll return on June 9th on what will hopefully be a smaller release than this one. Until then, stay safe, happy patching, and may all your reboots be smooth and clean!", "creation_timestamp": "2026-05-12T16:38:43.000000Z"}, {"uuid": "50f8d18c-5520-47ed-b039-8c9c9cfa5d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/patchdayalert.bsky.social/post/3mlp4cxasyc2q", "content": "A CVSS 4.3 can still be the ticket that matters. CVE-2026-32202 had a low-looking score, a vendor flag gap, and APT28 already using it. Triage by score alone loses this one. patchdayalert.com/blog/cve-202...", "creation_timestamp": "2026-05-13T01:05:05.741909Z"}, {"uuid": "3cf11118-f0c0-4112-8537-e0e6e2d82727", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32204", "type": "seen", "source": "https://www.thezdi.com/blog/2026/5/12/the-may-2026-security-update-review", "content": "I\u2019m currently in Berlin helping set up for Pwn2Own Berlin, but that doesn\u2019t stop Patch Tuesday from coming, and it\u2019s another big one. At least nothing is listed as being in the wild \u2013 for now. Take a break from your regularly scheduled activities and let\u2019s take a look at the latest security patches from Adobe and Microsoft. Due to technical difficulties, there will not be a video companion for this month.\nAdobe Patches for May 2026\nFor May, Adobe released 10 bulletins addressing 52 unique CVEs in Adobe Commerce, After Effects, Adobe Connect, Illustrator, Media Encoder, Premiere Pro, Substance 3D Painter, Substance 3D Sampler, Content Authenticity SDK, and the Adobe Substance 3D Designer. Here\u2019s this month\u2019s overview table:\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n  \n  \n\n\n\n\n  \n    \n\n\n\n<colgroup>\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n</colgroup>\n\n<tfoot>\n  \n</tfoot>\n\n\n  \n    Bulletin ID\n    Product\n    CVE Count\n    Highest Severity\n    Highest CVSS\n    Exploited\n    Deployment Priority\n  \n\n\n  \n    APSB26-49\n    Adobe Commerce\n    15\n    Critical\n    8.7\n    No\n    2\n  \n  \n    APSB26-48\n    Adobe After Effects\n    4\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-50\n    Adobe Connect\n    2\n    Critical\n    9.6\n    No\n    3\n  \n  \n    APSB26-51\n    Adobe Illustrator\n    4\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-47\n    Adobe Media Encoder\n    2\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-46\n    Adobe Premiere Pro\n    3\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-55\n    Adobe Substance 3D Painter\n    2\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-54\n    Adobe Substance 3D Sampler\n    1\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-53\n    Content Authenticity SDK\n    14\n    Critical\n    7.5\n    No\n    3\n  \n  \n    APSB26-52\n    Adobe Substance 3D Designer\n    5\n    Important\n    6.3\n    No\n    3\n  \n\n    TOTAL\n    10 bulletins\n    52\n    \n    \n    \n    \n  \n\n\n\n  \n\n\n\n\n  \nThe obvious priority this month is the patch for Commerce, with its 15 bugs and deployment priority of 2. The Connect fix should also rank up there since both of its CVEs are CVSS 9s. Beyond those, it\u2019s a pretty typical month for Adobe, with most of the bugs either being cross-site scripting (XSS) or open-and-own code executions.\nMicrosoft Patches for May 2026\nThis month, Microsoft released a whopping 138 new CVEs in Windows and Windows components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, .NET and Visual Studio, Copilot Chat, Github Copilot, M365 Copilot, SQL Server, TCP/IP, and the Telnet Client \u2013 yes, the Telnet client. Two of these bugs were reported through the TrendAI ZDI program. 30 of these bugs are rated Critical, three are rated as Moderate, one is rated Low, and the rest are rated Important in severity.\nThis large volume of fixes follows the largest monthly release in Microsoft\u2019s history and reflects the trend across the industry of a high number of submissions. While not all of these bugs were found by AI, it\u2019s likely they had an AI-related component \u2013 even if it was just AI writing the submission. I should also point out the Pwn2Own Berlin occurs in just a few days, and it\u2019s typical for vendors to patch as much as they can before the event.\nNone of the bugs patched by Microsoft this month are listed as publicly known or under active attack at the time of release, so we\u2019ve got that going for us. Let\u2019s take a closer look at some of the more interesting updates for this month, starting with a nasty-looking bug in DNS:\n-    CVE-2026-41096 - Windows DNS Client Remote Code Execution VulnerabilityThis patch fixes a heap-based buffer overflow in the DNS Client triggered by a malicious DNS response. No authentication or user interaction needed, and since the DNS Client runs on virtually every Windows machine, the attack surface is enormous. An attacker with a position to influence DNS responses (MitM, rogue server) could achieve unauthenticated RCE across your enterprise.\n-    CVE-2026-41089 - Windows Netlogon Remote Code Execution VulnerabilityThis update covers another CVSS 9.8 bug, which is a stack-based buffer overflow that lets an unauthenticated remote attacker execute code on a domain controller by sending a specially crafted network request \u2014 no credentials, no user interaction required. Yup \u2013 that makes it wormable. This is the highest-impact bug that requires immediate patching: a compromised domain controller is a compromised domain.\n-    CVE-2026-42898 - Microsoft Dynamics 365 On-Premises Remote Code Execution VulnerabilityThis bug rates a CVSS 9.9(!) and represents a code injection in Dynamics 365. It allows any authenticated user to execute code with a scope change, meaning exploitation can break out and affect resources beyond the vulnerable component itself. Scope changes are pretty rare, so if you\u2019re running Dynamics 365 On-Prem, definitely test and deploy this patch quickly.\n-    CVE-2026-40415 - Windows TCP/IP Remote Code Execution VulnerabilityThis bug in the TCP/IP stack results from a use-after-free (UAF) and could allow a remote, unauthenticated threat actor to execute code without user interaction. That makes this another wormable bug. However, this one is much less likely to be exploited. The target needs to be under sustained low-memory (memory pressure) conditions, which is pretty rare. Still, no need to tempt fate here. Test and deploy this one quickly.\nHere\u2019s the full list of CVEs released by Microsoft for May 2026:\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n  \n  \n\n\n\n\n  \n    \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n <col width=\"144\" />\n <col width=\"256\" />\n <col span=\"5\" width=\"104\" />\n \n\n  CVE\n  Title\n  Severity\n  CVSS\n  Public\n  Exploited\n  Type\n \n \n  <span>CVE-2026-35435</span>\n  Azure AI Foundry\n  Elevation of Privilege Vulnerability\n  Critical\n  8.6\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35428</span>\n  Azure Cloud Shell\n  Spoofing Vulnerability\n  Critical\n  9.6\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-42826</span>\n  Azure DevOps\n  Information Disclosure Vulnerability\n  Critical\n  10\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-32207</span>\n  Azure Machine Learning\n  Notebook Spoofing Vulnerability\n  Critical\n  8.8\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-33109</span>\n  Azure Managed Instance\n  for Apache Cassandra Remote Code Execution Vulnerability\n  Critical\n  9.9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33844</span>\n  Azure Managed Instance\n  for Apache Cassandra Remote Code Execution Vulnerability\n  Critical\n  9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41105</span>\n  Azure Monitor Action\n  Group Notification System Elevation of Privilege Vulnerability\n  Critical\n  8.1\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33111</span>\n  Copilot Chat\n  (Microsoft Edge) Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-26129</span>\n  M365 Copilot\n  Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-26164</span>\n  M365 Copilot\n  Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33821</span>\n  Microsoft Dynamics 365\n  Customer Insights Elevation of Privilege Vulnerability\n  Critical\n  7.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42898</span>\n  Microsoft Dynamics 365\n  On-Premises Remote Code Execution Vulnerability\n  Critical\n  9.9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40379</span>\n  Microsoft Enterprise\n  Security Token Service (ESTS) Spoofing Vulnerability\n  Critical\n  9.3\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40363</span>\n  Microsoft Office\n  Remote Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40358</span>\n  Microsoft Office\n  Remote Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-34327</span>\n  Microsoft Partner\n  Center Spoofing Vulnerability\n  Critical\n  8.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40365</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Critical\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41103</span>\n  Microsoft SSO Plugin\n  for Jira & Confluence Elevation of Privilege Vulnerability\n  Critical\n  9.1\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33823</span>\n  Microsoft Team Events\n  Portal Information Disclosure Vulnerability\n  Critical\n  9.6\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40364</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40366</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40361</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40367</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42831</span>\n  Office for Android\n  Remote Code Execution Vulnerability\n  Critical\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41096</span>\n  Windows DNS Client\n  Remote Code Execution Vulnerability\n  Critical\n  9.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-35421</span>\n  Windows GDI Remote\n  Code Execution Vulnerability\n  Critical\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40403</span>\n  Windows Graphics\n  Component Remote Code Execution Vulnerability\n  Critical\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40402</span>\n  Windows Hyper-V\n  Elevation of Privilege Vulnerability\n  Critical\n  9.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32161</span>\n  Windows Native WiFi\n  Miniport Driver Remote Code Execution Vulnerability\n  Critical\n  7.5\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41089</span>\n  Windows Netlogon\n  Remote Code Execution Vulnerability\n  Critical\n  9.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-32175</span>\n  .NET Core Tampering\n  Vulnerability\n  Important\n  4.3\n  No\n  No\n  Tampering\n \n \n  <span>CVE-2026-32177</span>\n  .NET Elevation of\n  Privilege Vulnerability\n  Important\n  7.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35433</span>\n  .NET Elevation of\n  Privilege Vulnerability\n  Important\n  7.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2025-54518 *</span>\n  AMD: CVE-2025-54518\n  CPU OP Cache Corruption\n  Important\n  \n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42899</span>\n  ASP.NET Core Denial of\n  Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40381</span>\n  Azure Connected\n  Machine Agent Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42823 \u2020</span>\n  Azure Logic Apps\n  Elevation of Privilege Vulnerability\n  Important\n  9.9\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33833</span>\n  Azure Machine Learning\n  Notebook Spoofing Vulnerability\n  Important\n  8.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-32204</span>\n  Azure Monitor Agent\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42830</span>\n  Azure Monitor Agent\n  Metrics Extension Elevation of Privilege Vulnerability\n  Important\n  6.5\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33117</span>\n  Azure SDK for Java\n  Security Feature Bypass Vulnerability\n  Important\n  9.1\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-41109</span>\n  GitHub Copilot and\n  Visual Studio Code Security Feature Bypass Vulnerability\n  Important\n  8.8\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-35424</span>\n  Internet Key Exchange\n  (IKE) Protocol Denial of Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-41614</span>\n  M365 Copilot for\n  Desktop Spoofing Vulnerability\n  Important\n  6.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41100</span>\n  Microsoft 365 Copilot\n  for Android Spoofing Vulnerability\n  Important\n  4.4\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40377</span>\n  Microsoft\n  Cryptographic Services Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41094</span>\n  Microsoft Data\n  Formulator Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40417</span>\n  Microsoft Dynamics 365\n  Business Central Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42833</span>\n  Microsoft Dynamics 365\n  On-Premises Remote Code Execution Vulnerability\n  Important\n  9.1\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42838</span>\n  Microsoft Edge\n  (Chromium-based) Elevation of Privilege Vulnerability\n  Important\n  5.4\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40360</span>\n  Microsoft Excel\n  Information Disclosure Vulnerability\n  Important\n  7.8\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40359</span>\n  Microsoft Excel Remote\n  Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40362</span>\n  Microsoft Excel Remote\n  Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42832</span>\n  Microsoft Excel\n  Spoofing Vulnerability\n  Important\n  7.7\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-34329</span>\n  Microsoft Message\n  Queuing (MSMQ) Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40419</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40418</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35436</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40420</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42893</span>\n  Microsoft Outlook for\n  iOS Tampering Vulnerability\n  Important\n  7.4\n  No\n  No\n  Tampering\n \n \n  <span>CVE-2026-40374</span>\n  Microsoft Power\n  Automate Desktop Information Disclosure Vulnerability\n  Important\n  6.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41102</span>\n  Microsoft PowerPoint\n  for Android Spoofing Vulnerability\n  Important\n  7.1\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35439</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40368</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33110</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33112</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40357</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-32185</span>\n  Microsoft Teams\n  Spoofing Vulnerability\n  Important\n  5.5\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41101</span>\n  Microsoft Word for\n  Android Spoofing Vulnerability\n  Important\n  7.1\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35440</span>\n  Microsoft Word\n  Information Disclosure Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40421</span>\n  Microsoft Word\n  Information Disclosure Vulnerability\n  Important\n  4.3\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41097</span>\n  Secure Boot Security\n  Feature Bypass Vulnerability\n  Important\n  6.7\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-40370 \u2020</span>\n  SQL Server Remote Code\n  Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41613</span>\n  Visual Studio Code\n  Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41612</span>\n  Visual Studio Code\n  Information Disclosure Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41611</span>\n  Visual Studio Code\n  Remote Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41610</span>\n  Visual Studio Code\n  Security Feature Bypass Vulnerability\n  Important\n  6.3\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-33839</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33840</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34330</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34331</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35423</span>\n  Windows 11 Telnet\n  Client Information Disclosure Vulnerability\n  Important\n  5.4\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-35438</span>\n  Windows Admin Center\n  Elevation of Privilege Vulnerability\n  Important\n  8.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41086</span>\n  Windows Admin Center\n  in Azure Portal Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34344</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34345</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35416</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41088</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34343</span>\n  Windows Application\n  Identity (AppID) Subsystem Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35418</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33835</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34337</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40407</span>\n  Windows Common Log\n  File System Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40397</span>\n  Windows Common Log\n  File System Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42896</span>\n  Windows DWM Core\n  Library Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35419</span>\n  Windows DWM Core\n  Library Information Disclosure<span> \n  </span>Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-34336</span>\n  Windows DWM Core\n  Library Information Disclosure<span> \n  </span>Vulnerability\n  Important\n  7.8\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33834</span>\n  Windows Event Logging\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32209</span>\n  Windows Filtering\n  Platform (WFP) Security Feature Bypass Vulnerability\n  Important\n  4.4\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-33841</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35420</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40369</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34332</span>\n  Windows Kernel-Mode\n  Driver Remote Code Execution Vulnerability\n  Important\n  8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-34339</span>\n  Windows Lightweight\n  Directory Access Protocol (LDAP) Denial of Service Vulnerability\n  Important\n  5.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-34341</span>\n  Windows Link-Layer\n  Discovery Protocol (LLDP) Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33838</span>\n  Windows Message\n  Queuing (MSMQ) Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34342</span>\n  Windows Print Spooler\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41095</span>\n  Windows Projected File\n  System Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34340</span>\n  Windows Projected File\n  System Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40398</span>\n  Windows Remote Desktop\n  Services Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-21530</span>\n  Windows Rich Text Edit\n  Elevation of Privilege Vulnerability\n  Important\n  6.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32170</span>\n  Windows Rich Text Edit\n  Elevation of Privilege Vulnerability\n  Important\n  6.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40410</span>\n  Windows SMB Client\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35415</span>\n  Windows Storage Spaces\n  Controller Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34350</span>\n  Windows Storport\n  Miniport Driver Denial of Service Vulnerability\n  Important\n  6.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40405</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40414</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.4\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40401</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  6.2\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40413</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.4\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-35422</span>\n  Windows TCP/IP Driver\n  Security Feature Bypass Vulnerability\n  Important\n  6.5\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-34351</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40399</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34334</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40406</span>\n  Windows TCP/IP\n  Information Disclosure Vulnerability\n  Important\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33837</span>\n  Windows TCP/IP Local\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40415</span>\n  Windows TCP/IP Remote\n  Code Execution Vulnerability\n  Important\n  8.1\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42825</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34338</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40382</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40380</span>\n  Windows Volume Manager\n  Extension Driver Remote Code Execution Vulnerability\n  Important\n  6.2\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40408</span>\n  Windows WAN ARP Driver\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34333</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34347</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35417</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42891</span>\n  Microsoft Edge\n  (Chromium-based) for Android Spoofing Vulnerability\n  Moderate\n  6.5\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35429</span>\n  Microsoft Edge\n  (Chromium-based) for Android Spoofing Vulnerability\n  Moderate\n  4.3\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41107</span>\n  Microsoft Edge\n  (Chromium-based) Information Disclosure Vulnerability\n  Moderate\n  7.4\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40416</span>\n  Microsoft\n  Edge (Chromium-based) for Android Spoofing Vulnerability\n  Low\n  4.3\n  No\n  No\n  Spoofing\n \n \n \n  \n  \n  \n  \n  \n  \n  \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n  \n\n\n\n\n  \n* Indicates this CVE had been released by a third party and is now being included in Microsoft releases.\n\u2020 Indicates further administrative actions are required to fully address the vulnerability.\n \nLooking at the other Critical-rated bugs in this month\u2019s release, there are quite a few scary-looking bugs (including a CVSS 10!), but there\u2019s no action for the end user as Microsoft has already mitigated these bugs and is just now documenting them. There\u2019s also this month\u2019s crop of Office bugs where the Preview Pane is an attack vector. However, the bug in Office for Android does not have the Preview Pane vector; it\u2019s simple open and own. The bug in the WiFi driver needs a network adjacent attacker. The SharePoint bug requires authentication, but anyone with site privileges has the authentication needed. The bug in SSO Plugin for Jira & Confluence should really be called an authentication bypass, since it allows an unauthenticated attacker to gain access to a system.\nLooking at the other code execution bugs, most are of the open and own variety as expected. The bug in Dynamic 365 (On Prem) requires high privileges. The Message Queueing bug requires an adjacent attacker. The bug in SQL Server requires authentication, but as usual, patching won\u2019t be straightforward. Finally, there\u2019s a bug in the kernel that leads to code execution. Most kernel bugs are privilege escalations, but this one could allow code execution if an attacker sends specially crafted NVMe over Fabrics (NVMe\u2011oF) response messages during the connection handshake process that contains an invalid header length value. Neat.\nAs usual, the vast majority of the Microsoft release fixes Elevation of Privilege (EoP) bugs. Also as usual, most simply lead to local attackers executing their code at SYSTEM-level privileges or administrative privileges, so there\u2019s not much to add without further technical details about the bugs themselves. There are also a few bugs that just state the attacker could \u201cgain ELEVATED privileges.\u201d How obtuse. The bugs in Azure allow an attacker to access data otherwise hidden from them. The Edge bug allows threat actors to elevate to the privileges of the running application. The bug in Visual Studio allows attackers to get permissions associated with the MCP Server\u2019s managed identity. Finally, there are a couple of sandbox escapes, too, which are always useful.\nThis month's update includes six Security Feature Bypass vulnerabilities. The most severe is in the Azure SDK for Java (CVSS 9.1). An attacker over the network can bypass the integrity protection provided by authentication tags on encrypted data, effectively manipulating encrypted input in a way that slips past integrity checks during decryption.  Close behind is the bypass affecting the GitHub Copilot integration in Visual Studio Code (CWE-74). This one requires a user interaction, but it allows an attacker to circumvent the path validation safeguards that normally control which files Copilot is permitted to modify. The other Visual Studio Code bypass involves cross-site scripting, improper link resolution, and information exposure triggered when a user opens or views a maliciously crafted notebook.  On the Windows networking side there are two bypasses. The first hits the Windows TCP/IP driver via an authentication bypass using an alternate channel. The other impacts the Windows Filtering Platform through improper access control, allowing a local, low-privileged attacker to bypass FQDN-based network security rules. Finally, there\u2019s a Secure Boot bypass that, you guessed it, bypasses secure boot features.\nMoving on to the Information Disclosure bugs fixed this month, we have 15 different CVEs. As usual, the majority of these simply result in info leaks consisting of unspecified memory contents or memory addresses. The bug in Power Automate could expose data marked \u201cSensitive\u201d within Power Automate Desktop flows. One of the Word bugs could disclose NLTM hashes. The bug in Edge could disclose your cookies, which seems rude. The bug in Visual Studio could expose file path information. Finally, there\u2019s a bug in Telnet for Windows 11 that leaks information being used by Telnet at the time. I didn\u2019t even realize Windows 11 still had a telnet client.\nThe May release contains 10 spoofing bugs (plus the ones already addressed by Microsoft). The bug in Azure Machine Learning Notebooks vulnerability requires user interaction, but it could expose info through the Azure ML web interface to the attacker. There\u2019s a cluster of fixes for Microsoft's mobile Office suite on Android. Excel, Word, and PowerPoint for Android all carry spoofing flaws rooted in improper access control. Two Copilot products are also affected by spoofing vulns. The M365 Copilot for Desktop has no details provided. The M365 Copilot for Android variant requires low privileges and producing only limited impact on confidentiality and integrity. Microsoft Teams for Android rounds out the mobile app spoofing bugs. Three Edge bugs close things out, all involving misrepresentation of information in the browser UI. \nThere are two Tampering bugs in this month\u2019s release. The one in .NET Core allows threat actors to write files to an affected system. The other is in Outlook for iOS and manifests as a command injection bug.\nThere are eight DoS bugs in the May release, but as always, Microsoft provides little to no actionable information about the vulnerabilities. The most interesting from a practical standpoint are two TCP/IP bugs that allow a low-privilege Hyper-V guest to crash the host. Both are triggered from the adjacent network. On the broader network-exposure side, the ASP.NET Core bug is a straightforward infinite loop condition \u2014 an unauthenticated attacker sends a crafted request over the network and the server stops responding.\nNo new advisories are being released this month.\nLooking Ahead\nAssuming I survive Pwn2Own Berlin (which is looking iffy at the moment), I\u2019ll return on June 9th on what will hopefully be a smaller release than this one. Until then, stay safe, happy patching, and may all your reboots be smooth and clean!", "creation_timestamp": "2026-05-12T16:38:43.000000Z"}, {"uuid": "708067aa-9e6b-4d9b-86c3-3dc999d9dd76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32204", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-20", "content": "", "creation_timestamp": "2026-05-13T01:08:48.000000Z"}, {"uuid": "cc789f43-227c-499a-8c67-6182c552e0b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32209", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-20", "content": "", "creation_timestamp": "2026-05-13T01:08:48.000000Z"}, {"uuid": "ccb6892f-b142-4c1f-b897-9bbb370eeeb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32207", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0142", "content": "Microsoft heeft kwetsbaarheden verholpen in diverse Azure componenten. Een kwaadwillende kan de kwetsbaarheden misbruiken om zich voor te doen als andere gebruiker, zich verhoogde rechten toe te kennen, willekeurige code uit te voeren en mogelijk daarmee toegang te krijgen tot gevoelige gegevens.\n\nDe kwetsbaarheden met kenmerk CVE-2026-40379, CVE-2026-32207, CVE-2026-33109, CVE-2026-33844, CVE-2026-34327, CVE-2026-35428, CVE-2026-35435 en CVE-2026-41105 zijn reeds centraal verholpen door Microsoft en slechts opgenomen ter informatie. Voor deze kwetsbaarheden zijn geen acties benodigd.\n\n```\nAzure Machine Learning: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32207 | 8.80 | Voordoen als andere gebruiker       | \n| CVE-2026-33833 | 8.20 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nAzure Monitor Agent: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32204 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-42830 | 6.50 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nMicrosoft Partner Center: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34327 | 8.20 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nAzure Connected Machine Agent: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40381 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure SDK: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33117 | 9.10 | Omzeilen van beveiligingsmaatregel  | \n|----------------|------|-------------------------------------|\n\nMicrosoft SSO Plugin for Jira & Confluence: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41103 | 9.10 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Notification Service: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41105 | 8.10 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Logic Apps: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-42823 | 9.90 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Entra ID: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40379 | 9.30 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nWindows Admin Center: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41086 | 8.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure AI Foundry M365 published agents: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35435 | 8.60 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Cloud Shell: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35428 | 9.60 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nAzure Managed Instance for Apache Cassandra: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33109 | 9.90 | Uitvoeren van willekeurige code     | \n| CVE-2026-33844 | 9.00 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n```", "creation_timestamp": "2026-05-12T15:53:04.000000Z"}, {"uuid": "26671931-4f5b-4195-a85b-614ab1087eb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32207", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-20", "content": "", "creation_timestamp": "2026-05-13T01:08:48.000000Z"}, {"uuid": "c60fec77-4659-4112-9e77-ed70a17dd973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32204", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0142", "content": "Microsoft heeft kwetsbaarheden verholpen in diverse Azure componenten. Een kwaadwillende kan de kwetsbaarheden misbruiken om zich voor te doen als andere gebruiker, zich verhoogde rechten toe te kennen, willekeurige code uit te voeren en mogelijk daarmee toegang te krijgen tot gevoelige gegevens.\n\nDe kwetsbaarheden met kenmerk CVE-2026-40379, CVE-2026-32207, CVE-2026-33109, CVE-2026-33844, CVE-2026-34327, CVE-2026-35428, CVE-2026-35435 en CVE-2026-41105 zijn reeds centraal verholpen door Microsoft en slechts opgenomen ter informatie. Voor deze kwetsbaarheden zijn geen acties benodigd.\n\n```\nAzure Machine Learning: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32207 | 8.80 | Voordoen als andere gebruiker       | \n| CVE-2026-33833 | 8.20 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nAzure Monitor Agent: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32204 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-42830 | 6.50 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nMicrosoft Partner Center: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34327 | 8.20 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nAzure Connected Machine Agent: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40381 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure SDK: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33117 | 9.10 | Omzeilen van beveiligingsmaatregel  | \n|----------------|------|-------------------------------------|\n\nMicrosoft SSO Plugin for Jira & Confluence: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41103 | 9.10 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Notification Service: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41105 | 8.10 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Logic Apps: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-42823 | 9.90 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Entra ID: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40379 | 9.30 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nWindows Admin Center: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41086 | 8.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure AI Foundry M365 published agents: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35435 | 8.60 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nAzure Cloud Shell: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35428 | 9.60 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nAzure Managed Instance for Apache Cassandra: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33109 | 9.90 | Uitvoeren van willekeurige code     | \n| CVE-2026-33844 | 9.00 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n```", "creation_timestamp": "2026-05-12T15:53:04.000000Z"}, {"uuid": "753d48d7-a960-4fdb-a1b1-fe73485bf898", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmrcokbdx22e", "content": "4/ \u26a0\ufe0f THREE active exploits right now: SharePoint CVE-2026-32201 (RCE, actively hit). Exchange CVE-2026-42897 (CISA deadline May 29). Fortinet FortiAuth CVE-2026-44277 (CVSS 9.1). Patch. All. Three.", "creation_timestamp": "2026-05-26T15:29:27.125060Z"}, {"uuid": "35bcbd28-c5ff-4e23-a8e5-658065014b80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32209", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0141", "content": "Microsoft heeft kwetsbaarheden verholpen in Windows. Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Uitvoeren van willekeurige code (root/admin-rechten)\n- Uitvoeren van willekeurige code (gebruikersrechten)\n- Verkrijgen van verhoogde rechten\n- Omzeilen van een beveiligingsmaatregel\n- Toegang tot gevoelige gegevens\n\nDe ernstigste kwetsbaarheden hebben kenmerken CVE-2026-40402, CVE-2026-41089 en CVE-2026-41096 toegewezen gekregen en bevinden zich respectievelijk in Hyper-V, NETLOGON en de DNS Client. De kwetsbaarheid in Hyper-V stelt een geauthenticeerde kwaadwillende in staat om uit de Guest-VM te breken en toegang te krijgen tot geheugen van de host en mogelijk willekeurige code uit te voeren op de host. De kwetsbaarheden in NETLOGON en de DNS Client stellen een ongeauthenticeerde kwaadwillende op afstand in staat om willekeurige code uit te voeren op het kwetsbare systeem.\n\n**Met name Domain Controllers die toegankelijk zijn vanaf externe netwerken lopen een hoog risico voor actief misbruik van de kwetsbaarheid in NETLOGON.**\n\nHet verdient altijd aanbeveling om een systeem met de rol van Domain Controller niet publiek toegankelijk te hebben en, indien dit noodzakelijk is, additionele maatregelen te hebben genomen.\n\n```\nWindows Projected File System: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34340 | 7.00 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Application Identity (AppID) Subsystem: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34343 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nUndisclosed: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41095 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40398 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nMicrosoft Windows DNS: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41096 | 9.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nWindows Ancillary Function Driver for WinSock: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34344 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-34345 | 7.00 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-35416 | 7.00 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-41088 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Kernel: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33841 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-35420 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-40369 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Secure Boot: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41097 | 6.70 | Omzeilen van beveiligingsmaatregel  | \n|----------------|------|-------------------------------------|\n\nWindows Native WiFi Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32161 | 7.50 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nWindows Kernel-Mode Drivers: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40408 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-34332 | 8.00 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nTelnet Client: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35423 | 5.40 | Toegang tot gevoelige gegevens      | \n|----------------|------|-------------------------------------|\n\nWindows Print Spooler Components: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34342 | 7.00 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows SMB Client: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40410 | 7.00 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Storage Spaces Controller: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35415 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Filtering Platform (WFP): \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32209 | 4.40 | Omzeilen van beveiligingsmaatregel  | \n|----------------|------|-------------------------------------|\n\nWindows Volume Manager Extension Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40380 | 6.20 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nWindows Cryptographic Services: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40377 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - GRFX: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33839 | 7.00 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-34330 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-34331 | 7.00 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-34333 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-34347 | 7.00 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-40403 | 8.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nWindows Admin Center: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35438 | 8.30 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Hyper-V: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40402 | 9.30 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit Control: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32170 | 6.70 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Event Logging Service: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33834 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Internet Key Exchange (IKE) Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35424 | 7.50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nWindows Netlogon: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41089 | 9.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nWindows Storport Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34350 | 6.50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nWindows Common Log File System Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40407 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-40397 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Cloud Files Mini Filter Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35418 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-33835 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-34337 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - ICOMP: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33840 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-35417 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows GDI: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35421 | 7.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-21530 | 6.70 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows TCP/IP: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34351 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-35422 | 6.50 | Omzeilen van beveiligingsmaatregel  | \n| CVE-2026-40399 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-40405 | 7.50 | Denial-of-Service                   | \n| CVE-2026-40406 | 7.50 | Toegang tot gevoelige gegevens      | \n| CVE-2026-40414 | 7.40 | Denial-of-Service                   | \n| CVE-2026-40415 | 8.10 | Uitvoeren van willekeurige code     | \n| CVE-2026-33837 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-34334 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-40401 | 6.20 | Denial-of-Service                   | \n| CVE-2026-40413 | 7.40 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nWindows LDAP - Lightweight Directory Access Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34339 | 5.50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nWindows Telephony Service: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-42825 | 7.00 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-34338 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-40382 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Message Queuing: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34329 | 8.80 | Uitvoeren van willekeurige code     | \n| CVE-2026-33838 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows DWM Core Library: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35419 | 5.50 | Toegang tot gevoelige gegevens      | \n| CVE-2026-42896 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-34336 | 7.80 | Toegang tot gevoelige gegevens      | \n|----------------|------|-------------------------------------|\n\nWindows Link-Layer Discovery Protocol (LLDP): \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-34341 | 7.00 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\n```", "creation_timestamp": "2026-05-12T15:52:42.000000Z"}, {"uuid": "1c11fb1f-ea44-431c-95bc-00f835274449", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32204", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mlqjcrqsnq2w", "content": "\ud83d\udd17 CVE : CVE-2026-32204, CVE-2026-33117, CVE-2026-33833, CVE-2026-40370, CVE-2026-40381, CVE-2026-42823, CVE-2026-42830, CVE-2026-32204, CVE-2026-33117, CVE-2026-33833, CVE-2026-40370, CVE-2026-40381, CVE-2026-42823, CVE-2026-42830", "creation_timestamp": "2026-05-13T14:30:16.979426Z"}, {"uuid": "7966154e-4978-457b-953d-84681c2b1790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3220", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mm4i7w3k3b2e", "content": "CVE-2026-3220 - Multiple Plugins - Unauthenticated Stored XSS via Minify Library\nCVE ID : CVE-2026-3220\n \n Published : May 18, 2026, 7:16 a.m. | 55\u00a0minutes ago\n \n Description : The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed O...", "creation_timestamp": "2026-05-18T08:42:43.506572Z"}, {"uuid": "91172696-2491-4cab-a545-4d0cc41b8273", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmrcokbmqc2e", "content": "4/ \u26a0\ufe0f THREE active exploits right now: SharePoint CVE-2026-32201 (RCE, actively hit). Exchange CVE-2026-42897 (CISA deadline May 29). Fortinet FortiAuth CVE-2026-44277 (CVSS 9.1). Patch. All. Three.", "creation_timestamp": "2026-05-26T15:29:28.045579Z"}, {"uuid": "711733e1-6d69-4e3e-85bd-1b75ed737a63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmrcokbmqd2e", "content": "4/ \u26a0\ufe0f THREE active exploits right now: SharePoint CVE-2026-32201 (RCE, actively hit). Exchange CVE-2026-42897 (CISA deadline May 29). Fortinet FortiAuth CVE-2026-44277 (CVSS 9.1). Patch. All. Three.", "creation_timestamp": "2026-05-26T15:29:29.002484Z"}, {"uuid": "7ec97210-88ab-44a0-8a8c-71c00a7af5df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmrcokbnpl2e", "content": "4/ \u26a0\ufe0f THREE active exploits right now: SharePoint CVE-2026-32201 (RCE, actively hit). Exchange CVE-2026-42897 (CISA deadline May 29). Fortinet FortiAuth CVE-2026-44277 (CVSS 9.1). Patch. All. Three.", "creation_timestamp": "2026-05-26T15:30:23.730714Z"}, {"uuid": "7a58c660-6396-4243-b7d6-864eb769e631", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmrcokbnpm2e", "content": "4/ \u26a0\ufe0f THREE active exploits right now: SharePoint CVE-2026-32201 (RCE, actively hit). Exchange CVE-2026-42897 (CISA deadline May 29). Fortinet FortiAuth CVE-2026-44277 (CVSS 9.1). Patch. All. Three.", "creation_timestamp": "2026-05-26T15:30:24.938744Z"}, {"uuid": "258ba7ab-30ea-4054-9864-d423696f8087", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmrcokboou2e", "content": "4/ \u26a0\ufe0f THREE active exploits right now: SharePoint CVE-2026-32201 (RCE, actively hit). Exchange CVE-2026-42897 (CISA deadline May 29). Fortinet FortiAuth CVE-2026-44277 (CVSS 9.1). Patch. All. Three.", "creation_timestamp": "2026-05-26T15:30:25.830976Z"}, {"uuid": "cc21f015-7195-4adf-bd68-b62fa466ab59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmrcokboov2e", "content": "4/ \u26a0\ufe0f THREE active exploits right now: SharePoint CVE-2026-32201 (RCE, actively hit). Exchange CVE-2026-42897 (CISA deadline May 29). Fortinet FortiAuth CVE-2026-44277 (CVSS 9.1). Patch. All. Three.", "creation_timestamp": "2026-05-26T15:30:26.734848Z"}, {"uuid": "35c47c55-e98b-4ddf-ab40-3f7b4d95dddd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmrcokbpo52e", "content": "4/ \u26a0\ufe0f THREE active exploits right now: SharePoint CVE-2026-32201 (RCE, actively hit). Exchange CVE-2026-42897 (CISA deadline May 29). Fortinet FortiAuth CVE-2026-44277 (CVSS 9.1). Patch. All. Three.", "creation_timestamp": "2026-05-26T15:30:27.628775Z"}, {"uuid": "602d724f-6692-4c21-99e9-16d65cfbdca7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32201", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmrcokbpo62e", "content": "4/ \u26a0\ufe0f THREE active exploits right now: SharePoint CVE-2026-32201 (RCE, actively hit). Exchange CVE-2026-42897 (CISA deadline May 29). Fortinet FortiAuth CVE-2026-44277 (CVSS 9.1). Patch. All. Three.", "creation_timestamp": "2026-05-26T15:30:28.565825Z"}, {"uuid": "21c6194c-22a5-42e3-93e1-077325b1dbbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mmtgmvb2sj2d", "content": "Proofpoint reports 12 CVE-2026 flaws under active exploitation, with opportunistic actors reusing familiar tactics. AI-assisted discovery is increasing new flaws, but abuse is already seen in CVE-2026-21509 and CVE-2026-32202. #CVE2026 #APT28", "creation_timestamp": "2026-05-27T11:45:26.356311Z"}]}