{"vulnerability": "cve-2026-3382", "sightings": [{"uuid": "59692b89-071d-4470-8165-f116906d88e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-3382", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mfyhtmcfma2o", "content": "", "creation_timestamp": "2026-03-01T09:54:01.915332Z"}, {"uuid": "ddae99ce-6752-4ed9-a19d-9e04f47b5077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "exploited", "source": "https://t.me/thehackernews/8824", "content": "\u26a1 Researchers confirm exploitation of three Microsoft Defender flaws\u2014one patched (CVE-2026-33825) , two unpatched.\n\nAttackers escalate privileges and can block Defender updates.\n\n\ud83d\udd17 Learn how these flaws are used in attacks \u2192 https://thehackernews.com/2026/04/three-microsoft-defender-zero-days.html", "creation_timestamp": "2026-04-17T13:24:42.000000Z"}, {"uuid": "304d8585-741c-427b-915c-0758f6dddec5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "exploited", "source": "https://t.me/badbclubua/784", "content": "\u0414\u043e\u0441\u043b\u0456\u0434\u043d\u0438\u043a Chaotic Eclipse, \u044f\u043a\u0438\u0439 \u0440\u0430\u043d\u0456\u0448\u0435 \u00ab\u043f\u043e\u0434\u0430\u0440\u0443\u0432\u0430\u0432\u00bb \u0441\u0432\u0456\u0442\u0443 \u0435\u043a\u0441\u043f\u043b\u043e\u0457\u0442 BlueHammer, \u0432\u0438\u0440\u0456\u0448\u0438\u0432, \u0449\u043e \u0437\u0443\u043f\u0438\u043d\u044f\u0442\u0438\u0441\u044f \u043d\u0430 \u0434\u043e\u0441\u044f\u0433\u043d\u0443\u0442\u043e\u043c\u0443 \u2014 \u0433\u0440\u0456\u0445. \u0412\u0456\u043d \u0432\u0438\u043a\u043e\u0442\u0438\u0432 \u0449\u0435 \u0434\u0432\u0430 \u0441\u0432\u0456\u0436\u0438\u0445 0-day \u0434\u043b\u044f Microsoft Defender: RedSun \u0442\u0430 UnDefend.\n\n\u0429\u043e \u0442\u0440\u0430\u043f\u0438\u043b\u043e\u0441\u044f? \u0423 Microsoft Security Response Center (MSRC) \u0432\u0438\u0440\u0456\u0448\u0438\u043b\u0438, \u0449\u043e \u043d\u0430\u0439\u043a\u0440\u0430\u0449\u0430 \u0440\u0435\u0430\u043a\u0446\u0456\u044f \u043d\u0430 \u0437\u043d\u0430\u0439\u0434\u0435\u043d\u0438\u0439 \u0431\u0430\u0433 \u2014 \u0446\u0435 \u043d\u0435 \u0432\u0438\u043f\u043b\u0430\u0442\u0430 \u0431\u0430\u0443\u043d\u0442\u0456, \u0430 \u043f\u043e\u0433\u0440\u043e\u0437\u0438 \u00ab\u0437\u0440\u0443\u0439\u043d\u0443\u0432\u0430\u0442\u0438 \u0436\u0438\u0442\u0442\u044f\u00bb \u0434\u043e\u0441\u043b\u0456\u0434\u043d\u0438\u043a\u0443. \u0425\u043b\u043e\u043f\u0435\u0446\u044c \u0433\u0443\u043c\u043e\u0440\u0443 \u043d\u0435 \u043e\u0446\u0456\u043d\u0438\u0432. \u0412\u0456\u043d \u0437\u0430\u044f\u0432\u0438\u0432, \u0449\u043e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0456\u044f \u043f\u043e\u0432\u043e\u0434\u0438\u043b\u0430\u0441\u044f \u0437 \u043d\u0438\u043c, \u044f\u043a \u0437 \u0433\u0430\u043d\u0447\u0456\u0440\u043a\u043e\u044e, \u0442\u043e\u043c\u0443 \u0442\u0435\u043f\u0435\u0440 \u0445\u0430\u0439 \u0446\u0456 \u00ab\u0433\u0435\u043d\u0456\u0457\u00bb \u0440\u043e\u0437\u0431\u0438\u0440\u0430\u044e\u0442\u044c\u0441\u044f \u0437 \u043d\u0430\u0441\u043b\u0456\u0434\u043a\u0430\u043c\u0438 \u0441\u0430\u043c\u0456.\n\n\u0429\u043e \u043c\u0430\u0454\u043c\u043e \u043d\u0430 \u0441\u044c\u043e\u0433\u043e\u0434\u043d\u0456:\n\n\ud83e\ude79 BlueHammer: \u0421\u044f\u043a-\u0442\u0430\u043a \u0437\u0430\u043b\u0430\u0442\u0430\u043b\u0438 \u0443 \u043a\u0432\u0456\u0442\u043d\u0435\u0432\u043e\u043c\u0443 \u043e\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0456 (CVE-2026-33825).\n\n\ud83d\udd25 RedSun: \u041f\u0430\u0442\u0447\u0443 \u043d\u0443\u043b\u044c. \u0406\u0440\u043e\u043d\u0456\u044f \u0434\u043e\u043b\u0456: \u0435\u043a\u0441\u043f\u043b\u043e\u0457\u0442 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u0454 \u043c\u0435\u0445\u0430\u043d\u0456\u0437\u043c\u0438 \u0441\u0430\u043c\u043e\u0433\u043e \u0436 Defender \u0434\u043b\u044f \u043e\u0442\u0440\u0438\u043c\u0430\u043d\u043d\u044f \u043f\u0440\u0430\u0432 SYSTEM. \u0415\u043a\u0441\u043f\u0435\u0440\u0442\u0438 \u043f\u0456\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u2014 \u0446\u044f \u0440\u0430\u0434\u0456\u0441\u0442\u044c \u0456\u0434\u0435\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0430\u0446\u044e\u0454 \u043d\u0430 \u043f\u043e\u0432\u043d\u0456\u0441\u0442\u044e \u043e\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0445 Windows 10, 11 \u0442\u0430 Server 2019.\n\n\ud83d\uded1 UnDefend: \u041f\u0430\u0442\u0447\u0443 \u043d\u0443\u043b\u044c. \u0422\u0443\u043f\u043e \u0431\u043b\u043e\u043a\u0443\u0454 \u043e\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044f \u0431\u0430\u0437 Defender, \u0432\u043b\u0430\u0448\u0442\u043e\u0432\u0443\u044e\u0447\u0438 \u0439\u043e\u043c\u0443 \u0432\u0456\u0434\u043c\u043e\u0432\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0433\u043e\u0432\u0443\u0432\u0430\u043d\u043d\u0456.\n\n\u0424\u0430\u0445\u0456\u0432\u0446\u0456 \u0437 Huntress \u043f\u0456\u0434\u0442\u0432\u0435\u0440\u0434\u0436\u0443\u044e\u0442\u044c: \u0445\u0430\u043a\u0435\u0440\u0438 \u0432\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044e\u0437\u0430\u044e\u0442\u044c \u0432\u0441\u0456 \u0442\u0440\u0438 \u0434\u0456\u0440\u043a\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0414\u0435\u0441\u0435\u0440\u0442: Chaotic Eclipse \u043f\u043e\u043e\u0431\u0456\u0446\u044f\u0432 \u0437\u043b\u0438\u0432\u0430\u0442\u0438 \u043d\u043e\u0432\u0456 RCE-\u0435\u043a\u0441\u043f\u043b\u043e\u0457\u0442\u0438 \u043f\u0456\u0441\u043b\u044f \u043a\u043e\u0436\u043d\u043e\u0433\u043e \u0432\u0438\u043f\u0443\u0441\u043a\u0443 \u043f\u0430\u0442\u0447\u0456\u0432 \u0432\u0456\u0434 Microsoft, \u0449\u043e\u0431 \u0437\u0440\u043e\u0431\u0438\u0442\u0438 \u0457\u0445\u043d\u0454 \u0436\u0438\u0442\u0442\u044f \u00ab\u0449\u0435 \u0432\u0435\u0441\u0435\u043b\u0456\u0448\u0438\u043c\u00bb.\n\n\u041c\u043e\u0440\u0430\u043b\u044c: \u041d\u0435 \u043f\u043b\u044e\u0439 \u0443 \u043a\u0440\u0438\u043d\u0438\u0446\u044e, \u043e\u0441\u043e\u0431\u043b\u0438\u0432\u043e \u044f\u043a\u0449\u043e \u0431\u0456\u043b\u044f \u043d\u0435\u0457 \u0441\u0442\u043e\u0457\u0442\u044c \u0445\u0430\u043a\u0435\u0440 \u0456\u0437 \u043f\u0430\u0447\u043a\u043e\u044e 0-day \u0435\u043a\u0441\u043f\u043b\u043e\u0457\u0442\u0456\u0432. \u0417\u0430\u043f\u0430\u0441\u0430\u0454\u043c\u043e\u0441\u044c \u043f\u043e\u043f\u043a\u043e\u0440\u043d\u043e\u043c \ud83c\udf7f\n\n\u0422\u0430\u043a\u043e\u0436 \u043d\u0430\u0433\u0430\u0434\u0443\u044e, \u0449\u043e 60% \u0456\u043d\u0444\u0440\u0438 \u0440\u0443\u0441\u043d\u0456 \u043f\u0440\u043e\u0434\u043e\u0432\u0436\u0443\u044e\u0442\u044c \u043f\u0440\u0430\u0446\u044e\u0432\u0430\u0442\u0438 \u043d\u0430 \u0437\u0430\u0441\u0442\u0430\u0440\u0456\u043b\u0456\u0439/\u043d\u0435\u043e\u043d\u043e\u0432\u043b\u0435\u043d\u0456\u0439/\u043d\u0435\u043f\u0430\u0442\u0447\u0435\u043d\u043e\u0457 \u0432\u0456\u043d\u0434\u0435.\n\nhttps://github.com/Nightmare-Eclipse\nhttps://www.cloudsek.com/blog/redsun-windows-0day-when-defender-becomes-the-attacker", "creation_timestamp": "2026-04-21T16:47:53.000000Z"}, {"uuid": "5688213c-cea5-4c87-bfe1-cf4474de323e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://t.me/kasperskyb2b/2142", "content": "\ud83d\udcbb \u0410\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439: \u0446\u0443\u043d\u0430\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Windows\n\nMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 \u0441\u0432\u043e\u0435\u0439 \u0438\u0441\u0442\u043e\u0440\u0438\u0438, \u0437\u0430\u043a\u0440\u044b\u0432 163 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445. \u0415\u0441\u043b\u0438 \u043f\u043e\u0441\u0447\u0438\u0442\u0430\u0442\u044c \u0435\u0449\u0451 \u0438 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043f\u0430\u043a\u0435\u0442 \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u043c \u0441\u043e\u0444\u0442\u0435, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0432 Chromium, \u0442\u043e \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0441\u0447\u0451\u0442 \u043f\u0430\u0442\u0447\u0435\u0439 \u043f\u0440\u0438\u0431\u043b\u0438\u0436\u0430\u0435\u0442\u0441\u044f \u043a \u0448\u043e\u043a\u0438\u0440\u0443\u044e\u0449\u0435\u0439 \u043e\u0442\u043c\u0435\u0442\u043a\u0435 250. \u0421 \u0443\u0447\u0451\u0442\u043e\u043c \u0443\u0441\u043f\u0435\u0445\u043e\u0432 \u0418\u0418 \u0432 \u043f\u043e\u0438\u0441\u043a\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a \u0442\u0430\u043a\u0438\u043c \u0446\u0438\u0444\u0440\u0430\u043c \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u0438\u0434\u0438\u043c\u043e \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f \u043f\u0440\u0438\u0432\u044b\u043a\u0430\u0442\u044c.\n\n\u041e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f, \u043e\u0434\u043d\u0430 \u0431\u044b\u043b\u0430 \u0434\u043e\u0441\u0440\u043e\u0447\u043d\u043e \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0430, \u0435\u0449\u0451 8 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c. \u0410\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0431\u0430\u0433\u043e\u0432 (131) \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 Windows, \u0434\u0430\u043b\u0435\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 Office \u0441 \u0434\u044e\u0436\u0438\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043e\u043a. \n93 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 20 \u2014 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, 20 \u2014 \u0443\u0442\u0435\u0447\u043a\u0430\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 12 \u2014 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 9 \u2014 DoS, 8  \u2014 spoofing.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f\n\u0412 \u0436\u0438\u0432\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0432\u044b\u043b\u043e\u0432\u0438\u043b\u0438 CVE-2026-32201 (CVSS 6.5) \u0432 SharePoint, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a\u0430\u043a \u0440\u0430\u0437 \u043a \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0443. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043b\u0430\u043a\u043e\u043d\u0438\u0447\u0435\u043d \u0432 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u043c\u0435\u0447\u0430\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f  \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0435\u0451. \u0413\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c, \u043a\u0442\u043e \u0435\u0451 \u043d\u0430\u0448\u0451\u043b \u2014 \u043d\u0438 \u0441\u043b\u043e\u0432\u0430. \n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 CVE-2026-33825 (CVSS 7.8), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 Defender. \u0415\u0451 \u0440\u0430\u0437\u0433\u043b\u0430\u0441\u0438\u043b\u0438 \u0434\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0438 Microsoft \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0434\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c\u0441\u044f \u043e \u043f\u043e\u0440\u044f\u0434\u043a\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f \u0438 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u0430. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043d\u0430\u043b\u0438\u0447\u0438\u0435 PoC \u043d\u0430 GitHub, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Defender \u0441\u0442\u043e\u0438\u0442 \u043f\u043e\u0442\u043e\u0440\u043e\u043f\u0438\u0442\u044c\u0441\u044f \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438. \n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b\n\n\u0412 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0435\u0441\u0442\u044c \u0434\u0432\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e \u0441\u0435\u0442\u0438 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0436\u0435\u0440\u0442\u0432\u044b.\nCVE-2026-33827  \u2014 \u044d\u0442\u043e RCE \u0432 TCP/IP (\u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u044b IPv6 \u0438 IPSec), \u0430 CVE-2026-33824  \u2014 RCE \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 Windows Internet Key Exchange (IKE). \u041f\u0435\u0440\u0432\u0430\u044f \u043f\u043e\u0442\u044f\u043d\u0443\u043b\u0430 \u043d\u0430 CVSS 8.1, \u0430 \u0432\u0442\u043e\u0440\u0430\u044f \u0430\u0436 \u043d\u0430 9.8.  \n\n\u041d\u0435 \u043e\u0431\u043e\u0448\u043b\u043e\u0441\u044c \u0438 \u0431\u0435\u0437 RCE \u0432 Office (CVE-2026-32190 -33114 -33115, \u0432\u0441\u0435 CVSS 8.4), \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438\u0437 \u043f\u0430\u043d\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430. \u0421\u043d\u043e\u0432\u0430 \u0443\u043c\u043e\u043b\u044f\u0435\u043c \u0435\u0451 \u0443\u0436\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043d\u0430\u043a\u043e\u043d\u0435\u0446.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #Microsoft @\u041f2\u0422", "creation_timestamp": "2026-04-15T08:01:44.000000Z"}, {"uuid": "cbf4686d-b05a-4127-a1fa-2a8e0f7e64da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://t.me/kasperskyb2b/2142", "content": "\ud83d\udcbb \u0410\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439: \u0446\u0443\u043d\u0430\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Windows\n\nMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 \u0441\u0432\u043e\u0435\u0439 \u0438\u0441\u0442\u043e\u0440\u0438\u0438, \u0437\u0430\u043a\u0440\u044b\u0432 163 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445. \u0415\u0441\u043b\u0438 \u043f\u043e\u0441\u0447\u0438\u0442\u0430\u0442\u044c \u0435\u0449\u0451 \u0438 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043f\u0430\u043a\u0435\u0442 \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u043c \u0441\u043e\u0444\u0442\u0435, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0432 Chromium, \u0442\u043e \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0441\u0447\u0451\u0442 \u043f\u0430\u0442\u0447\u0435\u0439 \u043f\u0440\u0438\u0431\u043b\u0438\u0436\u0430\u0435\u0442\u0441\u044f \u043a \u0448\u043e\u043a\u0438\u0440\u0443\u044e\u0449\u0435\u0439 \u043e\u0442\u043c\u0435\u0442\u043a\u0435 250. \u0421 \u0443\u0447\u0451\u0442\u043e\u043c \u0443\u0441\u043f\u0435\u0445\u043e\u0432 \u0418\u0418 \u0432 \u043f\u043e\u0438\u0441\u043a\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a \u0442\u0430\u043a\u0438\u043c \u0446\u0438\u0444\u0440\u0430\u043c \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u0438\u0434\u0438\u043c\u043e \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f \u043f\u0440\u0438\u0432\u044b\u043a\u0430\u0442\u044c.\n\n\u041e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f, \u043e\u0434\u043d\u0430 \u0431\u044b\u043b\u0430 \u0434\u043e\u0441\u0440\u043e\u0447\u043d\u043e \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0430, \u0435\u0449\u0451 8 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c. \u0410\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0431\u0430\u0433\u043e\u0432 (131) \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 Windows, \u0434\u0430\u043b\u0435\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 Office \u0441 \u0434\u044e\u0436\u0438\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043e\u043a. \n93 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 20 \u2014 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, 20 \u2014 \u0443\u0442\u0435\u0447\u043a\u0430\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 12 \u2014 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 9 \u2014 DoS, 8  \u2014 spoofing.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f\n\u0412 \u0436\u0438\u0432\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0432\u044b\u043b\u043e\u0432\u0438\u043b\u0438 CVE-2026-32201 (CVSS 6.5) \u0432 SharePoint, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a\u0430\u043a \u0440\u0430\u0437 \u043a \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0443. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043b\u0430\u043a\u043e\u043d\u0438\u0447\u0435\u043d \u0432 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u043c\u0435\u0447\u0430\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f  \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0435\u0451. \u0413\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c, \u043a\u0442\u043e \u0435\u0451 \u043d\u0430\u0448\u0451\u043b \u2014 \u043d\u0438 \u0441\u043b\u043e\u0432\u0430. \n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 CVE-2026-33825 (CVSS 7.8), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 Defender. \u0415\u0451 \u0440\u0430\u0437\u0433\u043b\u0430\u0441\u0438\u043b\u0438 \u0434\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0438 Microsoft \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0434\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c\u0441\u044f \u043e \u043f\u043e\u0440\u044f\u0434\u043a\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f \u0438 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u0430. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043d\u0430\u043b\u0438\u0447\u0438\u0435 PoC \u043d\u0430 GitHub, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Defender \u0441\u0442\u043e\u0438\u0442 \u043f\u043e\u0442\u043e\u0440\u043e\u043f\u0438\u0442\u044c\u0441\u044f \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438. \n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b\n\n\u0412 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0435\u0441\u0442\u044c \u0434\u0432\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e \u0441\u0435\u0442\u0438 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0436\u0435\u0440\u0442\u0432\u044b.\nCVE-2026-33827  \u2014 \u044d\u0442\u043e RCE \u0432 TCP/IP (\u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u044b IPv6 \u0438 IPSec), \u0430 CVE-2026-33824  \u2014 RCE \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 Windows Internet Key Exchange (IKE). \u041f\u0435\u0440\u0432\u0430\u044f \u043f\u043e\u0442\u044f\u043d\u0443\u043b\u0430 \u043d\u0430 CVSS 8.1, \u0430 \u0432\u0442\u043e\u0440\u0430\u044f \u0430\u0436 \u043d\u0430 9.8.  \n\n\u041d\u0435 \u043e\u0431\u043e\u0448\u043b\u043e\u0441\u044c \u0438 \u0431\u0435\u0437 RCE \u0432 Office (CVE-2026-32190 -33114 -33115, \u0432\u0441\u0435 CVSS 8.4), \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438\u0437 \u043f\u0430\u043d\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430. \u0421\u043d\u043e\u0432\u0430 \u0443\u043c\u043e\u043b\u044f\u0435\u043c \u0435\u0451 \u0443\u0436\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043d\u0430\u043a\u043e\u043d\u0435\u0446.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #Microsoft @\u041f2\u0422", "creation_timestamp": "2026-04-15T08:01:44.000000Z"}, {"uuid": "b03911b7-d5bd-4d34-a5de-ec603f639518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "exploited", "source": "https://t.me/true_secator/8113", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0442\u0440\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 \u043f\u0440\u0430\u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 (SYSTEM) \u0438\u043b\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u0430\u0432 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u0421 \u043d\u0430\u0447\u0430\u043b\u0430 \u043c\u0435\u0441\u044f\u0446\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Chaotic Eclipse (Nightmare-Eclipse) \u0432\u044b\u043a\u0430\u0442\u0438\u043b PoC \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0437\u043d\u0430\u043a \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0430 \u043f\u0440\u043e\u0442\u0438\u0432 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0426\u0435\u043d\u0442\u0440 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Microsoft (MSRC) \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043b \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0414\u0432\u0435 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (\u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0445 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u044f BlueHammer \u0438 RedSun) \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u043e\u0431\u043e\u0439 LPE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Microsoft Defender, \u0430 \u0442\u0440\u0435\u0442\u044c\u044f (UnDefend) \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043e\u0431\u044b\u0447\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u043b\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0439 Microsoft Defender.\n\n\u041d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u044d\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u0441\u0447\u0438\u0442\u0430\u043b\u0438\u0441\u044c 0-day \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044e Microsoft, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u0438\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u043e \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0412 \u0447\u0435\u0442\u0432\u0435\u0440\u0433 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Huntress Labs \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e\u0431 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u0432\u0441\u0435\u0445 \u0442\u0440\u0435\u0445 0-day \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c BlueHammer \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0443\u0436\u0435 \u0441 10 \u0430\u043f\u0440\u0435\u043b\u044f.\n\n\u041e\u043d\u0438 \u0442\u0430\u043a\u0436\u0435\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b UnDefend \u0438 RedSun \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows, \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u043e\u043c \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f SSLVPN, \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u00ab\u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u0441 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u043e\u0439\u00bb.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c, \u043a\u0430\u043a \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u0432 \u0426\u0435\u043d\u0442\u0440\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Huntress, \u0438\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0442\u0441\u043b\u0435\u0434\u0438\u0442\u044c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u0441\u0435\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 BlueHammer, RedSun \u0438 UnDefend, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0445 Nightmare-Eclipse.\n\nMicrosoft \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c BlueHammer \u043a\u0430\u043a CVE-2026-33825 \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0435\u0451 \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u0437\u0430 \u0430\u043f\u0440\u0435\u043b\u044c 2026 \u0433\u043e\u0434\u0430, \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c\u0438.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u043d\u0435\u0435, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c RedSun \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 SYSTEM \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows 10, Windows 11 \u0438 Windows Server 2019 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043f\u0440\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u043c Windows Defender, \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e Patch Tuesday.\n\n\u041a\u043e\u0433\u0434\u0430 Windows Defender \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0438\u043c\u0435\u0435\u0442 \u043c\u0435\u0442\u043a\u0443 \u00ab\u043e\u0431\u043b\u0430\u043a\u043e\u00bb, \u043f\u043e \u043a\u0430\u043a\u043e\u0439-\u0442\u043e \u0433\u043b\u0443\u043f\u043e\u0439 \u0438 \u043d\u0435\u043b\u0435\u043f\u043e\u0439 \u043f\u0440\u0438\u0447\u0438\u043d\u0435 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u043e\u043b\u0436\u0435\u043d \u0437\u0430\u0449\u0438\u0449\u0430\u0442\u044c, \u0440\u0435\u0448\u0430\u0435\u0442 \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0432 \u0435\u0433\u043e \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0435 \u043c\u0435\u0441\u0442\u043e\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0435.\n\n\u0412 \u0432\u044b\u0448\u0435\u0434\u0448\u0438\u0445 PoC \u044d\u0442\u043e \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\nMicrosoft \u0437\u0430\u0432\u0435\u0440\u044f\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0447\u0442\u043e \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0430 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0432\u0441\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u0445 \u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \u0412\u043f\u0440\u043e\u0447\u0435\u043c, \u0437\u043d\u0430\u044f \u043c\u0438\u043a\u0440\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u0443\u0434\u0438\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u043d\u0435\u0447\u0435\u043c\u0443 - \u0440\u0430\u0431\u043e\u0442\u0430 \u043d\u0430\u0434 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u0441 \u0445\u043e\u0440\u043e\u0448\u0435\u0433\u043e \u043f\u0438\u043d\u043a\u0430. \u0411\u0443\u0434\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c.", "creation_timestamp": "2026-04-17T09:49:57.000000Z"}, {"uuid": "92619855-8c6e-41d9-8f76-86072f0dd5d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/116404330182760907", "content": "", "creation_timestamp": "2026-04-14T17:52:01.525192Z"}, {"uuid": "cbbea9d3-fc6b-4e26-a734-374e0dd653fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/wdormann.infosec.exchange.ap.brid.gy/post/3mjhx2wkpn5d2", "content": "", "creation_timestamp": "2026-04-14T17:52:07.317162Z"}, {"uuid": "74bf1f1c-e02f-4dc9-9c6a-5013337e8097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mjhzjwh7mh2w", "content": "", "creation_timestamp": "2026-04-14T18:36:15.706082Z"}, {"uuid": "070f4f1c-b8e3-4366-9c7d-ad3cb64712ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/116404516592597593", "content": "", "creation_timestamp": "2026-04-14T18:39:25.686615Z"}, {"uuid": "5586998a-0dcf-4bb7-ba53-f330f0c272d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/wdormann.infosec.exchange.ap.brid.gy/post/3mjhzps6nksp2", "content": "", "creation_timestamp": "2026-04-14T18:39:36.219813Z"}, {"uuid": "79535211-daca-4dbe-9353-70fac841c334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33826", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mji2vt6aae2w", "content": "", "creation_timestamp": "2026-04-14T19:00:49.325678Z"}, {"uuid": "e5e210c7-7296-4530-9e59-99824cafd379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "e0a3d6fc-b0c2-42c1-a4a7-b7b8aa60814f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "89c6d5dc-4f79-4c36-8782-efca9900b671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "d78cc28f-cd18-436e-8730-2a81745f7d14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33826", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "e3e45222-7f50-451b-9cd3-35f432ec833d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mji2xpfqpe2e", "content": "", "creation_timestamp": "2026-04-14T19:01:52.600104Z"}, {"uuid": "7f53aef4-f97b-4e66-bfb5-706b6545c53e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mji2w2ru542w", "content": "", "creation_timestamp": "2026-04-14T19:00:57.167175Z"}, {"uuid": "658db11f-fa74-4051-89fe-95f0c9f89676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33822", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "91d64699-d00e-49fb-bdb5-c68a7823911a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://t.me/HackerNewscyber/2968", "content": "\u2708\ufe0f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u062f\u0631 Microsoft Defender\u061b \u062f\u0633\u062a\u0631\u0633\u06cc \u06a9\u0627\u0645\u0644 \u062f\u0631 \u062e\u0637\u0631\n\n\ud83c\udfa4\u0634\u0631\u06a9\u062a Microsoft \u06cc\u06a9 \u0646\u0642\u0635 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u062f\u0631 Defender \u0631\u0627 \u0648\u0635\u0644\u0647 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2026-33825 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc\u200c\u062f\u0647\u062f \u0628\u0627 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0636\u0639\u0641 \u062f\u0631 \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc\u060c \u0633\u0637\u062d \u062f\u0633\u062a\u0631\u0633\u06cc \u062e\u0648\u062f \u0631\u0627 \u0628\u0647 SYSTEM \u0627\u0631\u062a\u0642\u0627 \u062f\u0647\u062f \u0648 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627 \u0628\u0647 \u062f\u0633\u062a \u0628\u06af\u06cc\u0631\u062f.\n\n\u2705 @HackerNewsCyber", "creation_timestamp": "2026-04-15T08:29:23.000000Z"}, {"uuid": "bcb1f155-35dd-4039-b1d1-29bb8dc88e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://t.me/true_secator/8105", "content": "Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 Patch Tuesday \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 0-day \u0432 SharePoint \u0438 \u0435\u0449\u0435 168 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432\u043e\u043c \u043f\u043e\u0440\u0442\u0444\u0435\u043b\u0435, \u0447\u0442\u043e, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u0441\u0442\u0430\u043b\u043e  \u0432\u0442\u043e\u0440\u044b\u043c \u043f\u043e \u0432\u0435\u043b\u0438\u0447\u0438\u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0432\u0441\u044e \u0438\u0441\u0442\u043e\u0440\u0438\u044e \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0445 CVE.\n\n\u0418\u0437 \u044d\u0442\u0438\u0445 169 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 157 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u0432\u0430\u0436\u043d\u044b\u0435, \u0432\u043e\u0441\u0435\u043c\u044c - \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435, \u0442\u0440\u0438 - \u043a\u0430\u043a \u0443\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0435 \u0438 \u043e\u0434\u043d\u0430 - \u043a\u0430\u043a \u043d\u0438\u0437\u043a\u0430\u044f \u043f\u043e \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438. \n\n93 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a EoP, \u0437\u0430 \u043d\u0438\u043c\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 21 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 21 - \u0441 RCE, 14 - \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 10 - \u0441 \u043f\u043e\u0434\u043c\u0435\u043d\u043e\u0439 \u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u0434\u0435\u0432\u044f\u0442\u044c - \u0441 DoS.\n\n\u0412 \u0447\u0438\u0441\u043b\u043e 169 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u0432\u0445\u043e\u0434\u044f\u0442 \u0447\u0435\u0442\u044b\u0440\u0435 CVE, \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 Microsoft, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 AMD (CVE-2023-20585), Node.js (CVE-2026-21637), Windows Secure Boot (CVE-2026-25250) \u0438 Git for Windows (CVE-2026-32631). \u042d\u0442\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u044f\u044e\u0442\u00a078 \u043e\u0448\u0438\u0431\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Edge \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Chromium.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 SharePoint Server \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-32201\u00a0\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c \u0441 \u043f\u043e\u0434\u043c\u0435\u043d\u043e\u0439 IP-\u0430\u0434\u0440\u0435\u0441\u0430. Microsoft \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0430 \u0435\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u00ab\u0432\u0430\u0436\u043d\u044b\u0439\u00bb \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 6,5.\n\n\u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 Microsoft Office SharePoint \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043f\u043e\u0434\u043c\u0435\u043d\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0441\u0435\u0442\u0438. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0435\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e, \u043a\u0442\u043e \u0441\u0442\u043e\u0438\u0442 \u0437\u0430 0-day  \u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u043d\u0430 CVE-2026-32201. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u043a\u0430\u043a \u043e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0438 \u043a\u0430\u043a\u043e\u0432 \u043c\u0430\u0441\u0448\u0442\u0430\u0431.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u0441\u0443\u0434\u044f \u043f\u043e \u043a\u0440\u0430\u0442\u043a\u043e\u043c\u0443 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-32201 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438.\u00a0\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 SharePoint \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\u00a0\u0412 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435\u00a0KEV CISA\u00a0\u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043e 10 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2026-32201.\n\n\u0418\u0437 \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 Microsoft \u0432 \u0440\u0430\u043c\u043a\u0430\u0445\u00a0Patch Tuesday \u0437\u0430 \u0430\u043f\u0440\u0435\u043b\u044c 2026 \u0433\u043e\u0434\u0430, 19 \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u00ab\u0431\u043e\u043b\u0435\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\u00bb, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\u00a0\u00a0\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 - CVE-2026-33825 (CVSS: 7.8), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Microsoft Defender, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043c\u0438\u043a\u0440\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u0431\u044b\u043b\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0434\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u043e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e, \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0441\u044c \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0432 Defender \u0430\u0434\u0435\u043a\u0432\u0430\u0442\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 - \u044d\u0442\u043e \u0441\u043b\u0443\u0447\u0430\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0441\u043b\u0443\u0436\u0431\u044b \u043e\u0431\u043c\u0435\u043d\u0430 \u043a\u043b\u044e\u0447\u0430\u043c\u0438 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 (IKE) Windows. \u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-33824 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438\u0437 10,0.\n\n\u0414\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c IKE v2, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Windows, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a, Active Directory, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0441\u0442\u043e\u043b, Hello, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430 \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0438\u0441\u043a, \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438 TDI, BitLocker, \u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, TCP/IP, \u043e\u0431\u0449\u0438\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u0445\u043e\u0441\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 UPnP, COM, \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0430, \u0441\u043b\u0443\u0436\u0431\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0438 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440 \u043e\u043a\u043e\u043d \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430, \u0442\u0430\u043a\u0436\u0435 \u0441 \u0431\u043e\u043b\u044c\u0448\u0435\u0439 \u0434\u043e\u043b\u0435\u0439 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u0438 \u0431\u0443\u0434\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u043d\u0435\u0434\u0430\u043b\u0435\u043a\u043e\u043c \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432 Tenable \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u0442\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u043f\u043e \u0432\u0435\u043b\u0438\u0447\u0438\u043d\u0435 \u00ab\u0412\u0442\u043e\u0440\u043d\u0438\u043a \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439\u00bb \u0437\u0430 \u0432\u0441\u044e \u0438\u0441\u0442\u043e\u0440\u0438\u044e, \u0438 \u043e\u043d \u043b\u0438\u0448\u044c \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043d\u0435 \u0434\u043e\u0442\u044f\u043d\u0443\u043b \u0434\u043e \u0440\u0435\u043a\u043e\u0440\u0434\u0430, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u00a0\u043e\u043a\u0442\u044f\u0431\u0440\u0435 2025 \u0433\u043e\u0434\u0430 (183 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438).\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 \u0446\u0438\u043a\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Patch Tuesday \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0432\u043e\u0441\u0435\u043c\u044c \u043c\u0435\u0441\u044f\u0446\u0435\u0432, \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u0435 57% \u0432\u0441\u0435\u0445 CVE, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e RCE \u0441\u043d\u0438\u0437\u0438\u043b\u043e\u0441\u044c \u0434\u043e 12%, \u0441\u0440\u0430\u0432\u043d\u044f\u0432\u0448\u0438\u0441\u044c \u0441 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.", "creation_timestamp": "2026-04-15T12:00:08.000000Z"}, {"uuid": "a0f6ead8-411f-4f7d-abd6-4b3478c4de0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "published-proof-of-concept", "source": "https://t.me/bdufstecru/3080", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b Windows Defender \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438\n\nBDU:2026-05271\nCVE-2026-33825\n\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f (\u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f, \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438) \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439;\n- \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435/\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33825", "creation_timestamp": "2026-04-15T14:32:32.000000Z"}, {"uuid": "4e046379-cd60-48a4-abfd-282955f18951", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://t.me/true_secator/8105", "content": "Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 Patch Tuesday \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 0-day \u0432 SharePoint \u0438 \u0435\u0449\u0435 168 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432\u043e\u043c \u043f\u043e\u0440\u0442\u0444\u0435\u043b\u0435, \u0447\u0442\u043e, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u0441\u0442\u0430\u043b\u043e  \u0432\u0442\u043e\u0440\u044b\u043c \u043f\u043e \u0432\u0435\u043b\u0438\u0447\u0438\u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0432\u0441\u044e \u0438\u0441\u0442\u043e\u0440\u0438\u044e \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0445 CVE.\n\n\u0418\u0437 \u044d\u0442\u0438\u0445 169 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 157 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u0432\u0430\u0436\u043d\u044b\u0435, \u0432\u043e\u0441\u0435\u043c\u044c - \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435, \u0442\u0440\u0438 - \u043a\u0430\u043a \u0443\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0435 \u0438 \u043e\u0434\u043d\u0430 - \u043a\u0430\u043a \u043d\u0438\u0437\u043a\u0430\u044f \u043f\u043e \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438. \n\n93 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a EoP, \u0437\u0430 \u043d\u0438\u043c\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 21 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 21 - \u0441 RCE, 14 - \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 10 - \u0441 \u043f\u043e\u0434\u043c\u0435\u043d\u043e\u0439 \u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u0434\u0435\u0432\u044f\u0442\u044c - \u0441 DoS.\n\n\u0412 \u0447\u0438\u0441\u043b\u043e 169 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u0432\u0445\u043e\u0434\u044f\u0442 \u0447\u0435\u0442\u044b\u0440\u0435 CVE, \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 Microsoft, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 AMD (CVE-2023-20585), Node.js (CVE-2026-21637), Windows Secure Boot (CVE-2026-25250) \u0438 Git for Windows (CVE-2026-32631). \u042d\u0442\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u044f\u044e\u0442\u00a078 \u043e\u0448\u0438\u0431\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Edge \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Chromium.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 SharePoint Server \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-32201\u00a0\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c \u0441 \u043f\u043e\u0434\u043c\u0435\u043d\u043e\u0439 IP-\u0430\u0434\u0440\u0435\u0441\u0430. Microsoft \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0430 \u0435\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u00ab\u0432\u0430\u0436\u043d\u044b\u0439\u00bb \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 6,5.\n\n\u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 Microsoft Office SharePoint \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043f\u043e\u0434\u043c\u0435\u043d\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0441\u0435\u0442\u0438. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0435\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e, \u043a\u0442\u043e \u0441\u0442\u043e\u0438\u0442 \u0437\u0430 0-day  \u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u043d\u0430 CVE-2026-32201. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u043a\u0430\u043a \u043e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0438 \u043a\u0430\u043a\u043e\u0432 \u043c\u0430\u0441\u0448\u0442\u0430\u0431.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u0441\u0443\u0434\u044f \u043f\u043e \u043a\u0440\u0430\u0442\u043a\u043e\u043c\u0443 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-32201 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438.\u00a0\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 SharePoint \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\u00a0\u0412 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435\u00a0KEV CISA\u00a0\u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043e 10 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2026-32201.\n\n\u0418\u0437 \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 Microsoft \u0432 \u0440\u0430\u043c\u043a\u0430\u0445\u00a0Patch Tuesday \u0437\u0430 \u0430\u043f\u0440\u0435\u043b\u044c 2026 \u0433\u043e\u0434\u0430, 19 \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u00ab\u0431\u043e\u043b\u0435\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\u00bb, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\u00a0\u00a0\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 - CVE-2026-33825 (CVSS: 7.8), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Microsoft Defender, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043c\u0438\u043a\u0440\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u0431\u044b\u043b\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0434\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u043e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e, \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0441\u044c \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0432 Defender \u0430\u0434\u0435\u043a\u0432\u0430\u0442\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 - \u044d\u0442\u043e \u0441\u043b\u0443\u0447\u0430\u0439 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0441\u043b\u0443\u0436\u0431\u044b \u043e\u0431\u043c\u0435\u043d\u0430 \u043a\u043b\u044e\u0447\u0430\u043c\u0438 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 (IKE) Windows. \u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-33824 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8 \u0438\u0437 10,0.\n\n\u0414\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c IKE v2, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Windows, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a, Active Directory, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0441\u0442\u043e\u043b, Hello, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430 \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0438\u0441\u043a, \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438 TDI, BitLocker, \u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, TCP/IP, \u043e\u0431\u0449\u0438\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u0445\u043e\u0441\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 UPnP, COM, \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0430, \u0441\u043b\u0443\u0436\u0431\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0438 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440 \u043e\u043a\u043e\u043d \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430, \u0442\u0430\u043a\u0436\u0435 \u0441 \u0431\u043e\u043b\u044c\u0448\u0435\u0439 \u0434\u043e\u043b\u0435\u0439 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u0438 \u0431\u0443\u0434\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u043d\u0435\u0434\u0430\u043b\u0435\u043a\u043e\u043c \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432 Tenable \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u0442\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u043f\u043e \u0432\u0435\u043b\u0438\u0447\u0438\u043d\u0435 \u00ab\u0412\u0442\u043e\u0440\u043d\u0438\u043a \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439\u00bb \u0437\u0430 \u0432\u0441\u044e \u0438\u0441\u0442\u043e\u0440\u0438\u044e, \u0438 \u043e\u043d \u043b\u0438\u0448\u044c \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043d\u0435 \u0434\u043e\u0442\u044f\u043d\u0443\u043b \u0434\u043e \u0440\u0435\u043a\u043e\u0440\u0434\u0430, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u00a0\u043e\u043a\u0442\u044f\u0431\u0440\u0435 2025 \u0433\u043e\u0434\u0430 (183 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438).\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 \u0446\u0438\u043a\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Patch Tuesday \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0432\u043e\u0441\u0435\u043c\u044c \u043c\u0435\u0441\u044f\u0446\u0435\u0432, \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u044b\u0435 57% \u0432\u0441\u0435\u0445 CVE, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e RCE \u0441\u043d\u0438\u0437\u0438\u043b\u043e\u0441\u044c \u0434\u043e 12%, \u0441\u0440\u0430\u0432\u043d\u044f\u0432\u0448\u0438\u0441\u044c \u0441 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.", "creation_timestamp": "2026-04-15T12:00:08.000000Z"}, {"uuid": "57fa5743-2ba9-4bf0-a6dd-43a8472cb6e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://t.me/kasperskyb2b/2142", "content": "\ud83d\udcbb \u0410\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439: \u0446\u0443\u043d\u0430\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Windows\n\nMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 \u0441\u0432\u043e\u0435\u0439 \u0438\u0441\u0442\u043e\u0440\u0438\u0438, \u0437\u0430\u043a\u0440\u044b\u0432 163 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445. \u0415\u0441\u043b\u0438 \u043f\u043e\u0441\u0447\u0438\u0442\u0430\u0442\u044c \u0435\u0449\u0451 \u0438 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043f\u0430\u043a\u0435\u0442 \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u043c \u0441\u043e\u0444\u0442\u0435, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0432 Chromium, \u0442\u043e \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0441\u0447\u0451\u0442 \u043f\u0430\u0442\u0447\u0435\u0439 \u043f\u0440\u0438\u0431\u043b\u0438\u0436\u0430\u0435\u0442\u0441\u044f \u043a \u0448\u043e\u043a\u0438\u0440\u0443\u044e\u0449\u0435\u0439 \u043e\u0442\u043c\u0435\u0442\u043a\u0435 250. \u0421 \u0443\u0447\u0451\u0442\u043e\u043c \u0443\u0441\u043f\u0435\u0445\u043e\u0432 \u0418\u0418 \u0432 \u043f\u043e\u0438\u0441\u043a\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a \u0442\u0430\u043a\u0438\u043c \u0446\u0438\u0444\u0440\u0430\u043c \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u0438\u0434\u0438\u043c\u043e \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f \u043f\u0440\u0438\u0432\u044b\u043a\u0430\u0442\u044c.\n\n\u041e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f, \u043e\u0434\u043d\u0430 \u0431\u044b\u043b\u0430 \u0434\u043e\u0441\u0440\u043e\u0447\u043d\u043e \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0430, \u0435\u0449\u0451 8 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c. \u0410\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0431\u0430\u0433\u043e\u0432 (131) \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 Windows, \u0434\u0430\u043b\u0435\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 Office \u0441 \u0434\u044e\u0436\u0438\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043e\u043a. \n93 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 20 \u2014 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, 20 \u2014 \u0443\u0442\u0435\u0447\u043a\u0430\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 12 \u2014 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 9 \u2014 DoS, 8  \u2014 spoofing.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f\n\u0412 \u0436\u0438\u0432\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0432\u044b\u043b\u043e\u0432\u0438\u043b\u0438 CVE-2026-32201 (CVSS 6.5) \u0432 SharePoint, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a\u0430\u043a \u0440\u0430\u0437 \u043a \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0443. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043b\u0430\u043a\u043e\u043d\u0438\u0447\u0435\u043d \u0432 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u043c\u0435\u0447\u0430\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f  \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0435\u0451. \u0413\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c, \u043a\u0442\u043e \u0435\u0451 \u043d\u0430\u0448\u0451\u043b \u2014 \u043d\u0438 \u0441\u043b\u043e\u0432\u0430. \n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 CVE-2026-33825 (CVSS 7.8), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 Defender. \u0415\u0451 \u0440\u0430\u0437\u0433\u043b\u0430\u0441\u0438\u043b\u0438 \u0434\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0438 Microsoft \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u0434\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c\u0441\u044f \u043e \u043f\u043e\u0440\u044f\u0434\u043a\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f \u0438 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u0435\u0444\u0435\u043a\u0442\u0430. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043d\u0430\u043b\u0438\u0447\u0438\u0435 PoC \u043d\u0430 GitHub, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Defender \u0441\u0442\u043e\u0438\u0442 \u043f\u043e\u0442\u043e\u0440\u043e\u043f\u0438\u0442\u044c\u0441\u044f \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438. \n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b\n\n\u0412 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0435\u0441\u0442\u044c \u0434\u0432\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e \u0441\u0435\u0442\u0438 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0436\u0435\u0440\u0442\u0432\u044b.\nCVE-2026-33827  \u2014 \u044d\u0442\u043e RCE \u0432 TCP/IP (\u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u044b IPv6 \u0438 IPSec), \u0430 CVE-2026-33824  \u2014 RCE \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 Windows Internet Key Exchange (IKE). \u041f\u0435\u0440\u0432\u0430\u044f \u043f\u043e\u0442\u044f\u043d\u0443\u043b\u0430 \u043d\u0430 CVSS 8.1, \u0430 \u0432\u0442\u043e\u0440\u0430\u044f \u0430\u0436 \u043d\u0430 9.8.  \n\n\u041d\u0435 \u043e\u0431\u043e\u0448\u043b\u043e\u0441\u044c \u0438 \u0431\u0435\u0437 RCE \u0432 Office (CVE-2026-32190 -33114 -33115, \u0432\u0441\u0435 CVSS 8.4), \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438\u0437 \u043f\u0430\u043d\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430. \u0421\u043d\u043e\u0432\u0430 \u0443\u043c\u043e\u043b\u044f\u0435\u043c \u0435\u0451 \u0443\u0436\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043d\u0430\u043a\u043e\u043d\u0435\u0446.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #Microsoft @\u041f2\u0422", "creation_timestamp": "2026-04-15T08:01:44.000000Z"}, {"uuid": "3f27583e-fce8-48e6-9778-8854d67415fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "c5366549-7c48-4217-ab1e-9c407384ed7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mji6xt2ydf2a", "content": "", "creation_timestamp": "2026-04-14T20:13:30.849542Z"}, {"uuid": "ae4178e7-2bd1-4514-884e-8cb9078a9cc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://infosec.exchange/users/briankrebs/statuses/116404903004574133", "content": "", "creation_timestamp": "2026-04-14T20:17:43.913682Z"}, {"uuid": "18eaa037-4577-4bc1-bf09-82eac249cd2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mji7bwz5av2z", "content": "", "creation_timestamp": "2026-04-14T20:19:10.757269Z"}, {"uuid": "7992ded8-b91d-4582-80bf-25bc6749ce99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33822", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjia6ph7f42o", "content": "", "creation_timestamp": "2026-04-14T20:35:15.981946Z"}, {"uuid": "0db064ea-32ca-4e7e-a6b9-20ce41573ea4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjiaw2ijes2o", "content": "", "creation_timestamp": "2026-04-14T20:48:18.658804Z"}, {"uuid": "0eab2958-9509-4287-85fc-482928b040ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjibhxgcxx2m", "content": "", "creation_timestamp": "2026-04-14T20:58:19.336960Z"}, {"uuid": "a9a62471-79f5-4ab8-8648-8a6d7ea1e3be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33826", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mjibzungkx2z", "content": "", "creation_timestamp": "2026-04-14T21:08:20.413864Z"}, {"uuid": "25aedeb5-06b4-48ff-8b4e-9ef636718d9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://nsm.no/fagomrader/digital-sikkerhet/nasjonalt-cybersikkerhetssenter/varsler-fra-nsm/microsoft-patchetirsdag-april", "content": "", "creation_timestamp": "2026-04-14T11:45:03.000000Z"}, {"uuid": "c46655a7-f8bd-4785-ae5e-34c289c78c4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-33822", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0116", "content": "", "creation_timestamp": "2026-04-14T12:20:56.000000Z"}, {"uuid": "7fef29bd-7038-41c8-aeaf-f41feb600f28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/thezdi.bsky.social/post/3mjidn4e63s2a", "content": "", "creation_timestamp": "2026-04-14T21:37:01.245422Z"}, {"uuid": "1bddb7b4-b619-4ce7-8eea-c6682328f178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://bsky.app/profile/thezdi.bsky.social/post/3mjidn4e63s2a", "content": "", "creation_timestamp": "2026-04-14T21:37:01.351442Z"}, {"uuid": "f21a04ed-ebc9-4356-b9b1-33e0d332af12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://infosec.exchange/users/thezdi/statuses/116405215068334476", "content": "", "creation_timestamp": "2026-04-14T21:37:03.098610Z"}, {"uuid": "23b020f2-cc12-40c2-b8f2-ccde9f023e31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://infosec.exchange/users/thezdi/statuses/116405215068334476", "content": "", "creation_timestamp": "2026-04-14T21:37:03.196906Z"}, {"uuid": "ce26fc14-32da-40f7-a6f1-14033e2b56d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/intel.overresearched.net/post/3mjigwwokrk2n", "content": "", "creation_timestamp": "2026-04-14T22:36:11.206021Z"}, {"uuid": "0d1e1074-001c-49d1-9c87-45ca4868bfcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/tamosan.bsky.social/post/3mjio27ywksw6", "content": "", "creation_timestamp": "2026-04-15T00:43:18.030845Z"}, {"uuid": "e7465f3b-70e2-4842-9f95-c8313169adb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/", "content": "", "creation_timestamp": "2026-04-14T19:47:59.000000Z"}, {"uuid": "e6e8a2e9-d887-4d57-9f17-cfc9e7f5b329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mjizhayss22q", "content": "", "creation_timestamp": "2026-04-15T04:07:25.564083Z"}, {"uuid": "64dfdbe2-722a-4edc-8e7c-f8c8a6a01bc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mjizhayss22q", "content": "", "creation_timestamp": "2026-04-15T04:07:25.694951Z"}, {"uuid": "c6548050-a5ff-436b-8a55-129333bea235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mjj4wcszqc2d", "content": "", "creation_timestamp": "2026-04-15T05:09:33.086532Z"}, {"uuid": "d25387e0-df42-45f0-9c1c-08998e11846a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116407476258376035", "content": "", "creation_timestamp": "2026-04-15T07:12:05.935806Z"}, {"uuid": "e3ed7691-9733-4757-89e8-8340d17fff3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://bsky.app/profile/jackc.kompost.cz.ap.brid.gy/post/3mjjikelep632", "content": "", "creation_timestamp": "2026-04-15T08:37:46.748901Z"}, {"uuid": "4c5ed3be-86f6-4165-bbcd-dc2a1dd4af10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mjjjrb7wrj2u", "content": "", "creation_timestamp": "2026-04-15T08:59:21.475407Z"}, {"uuid": "b1959e9f-e4b9-4199-8ef4-91662ff92e91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0115", "content": "", "creation_timestamp": "2026-04-15T06:54:16.000000Z"}, {"uuid": "e6e8e809-24dd-4a0e-ad79-9de457caa8cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33825", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mjjptvarjch2", "content": "", "creation_timestamp": "2026-04-15T10:48:22.938846Z"}, {"uuid": "cdf8c552-b551-49e1-8267-df02dacd02ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116408738478726419", "content": "", "creation_timestamp": "2026-04-15T12:33:06.347850Z"}, {"uuid": "16179c90-db08-4b1e-a2c8-9ce43f656780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33826", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mjjxc5vzbe2i", "content": "", "creation_timestamp": "2026-04-15T13:01:27.255308Z"}, {"uuid": "24059503-76f6-4247-9fa1-eb8c0d97497b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0119", "content": "", "creation_timestamp": "2026-04-15T06:53:38.000000Z"}, {"uuid": "e943d3a5-ead5-4906-8e7a-4f84b9bf532e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33826", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0119", "content": "", "creation_timestamp": "2026-04-15T06:53:38.000000Z"}, {"uuid": "1af38510-cb90-4a71-8c34-d25e0a1ad038", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0119", "content": "", "creation_timestamp": "2026-04-15T06:53:38.000000Z"}, {"uuid": "6377a29e-3051-4f41-9ec1-9c0790d5a21a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0119", "content": "", "creation_timestamp": "2026-04-15T06:53:38.000000Z"}, {"uuid": "459076bf-a351-41e7-94c1-834610a7b425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116408995714789924", "content": "", "creation_timestamp": "2026-04-15T13:38:32.217638Z"}, {"uuid": "f659fe51-d207-4c39-8d82-0ae6d0e788d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mjjzezg5fu2a", "content": "", "creation_timestamp": "2026-04-15T13:38:51.502973Z"}, {"uuid": "093edcda-90d7-4f14-9ccc-2fa473c4c481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-19", "content": "", "creation_timestamp": "2026-04-15T02:38:43.000000Z"}, {"uuid": "aa964cd4-10ec-4ff1-a525-18c044e447f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://www.ncsc.nl/alerts/kwetsbaarheid-in-microsoft-system-center", "content": "", "creation_timestamp": "2026-04-15T07:25:28.000000Z"}, {"uuid": "9ebaba80-dfe2-4188-91c5-b55e8dce205a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116410237019872989", "content": "", "creation_timestamp": "2026-04-15T18:54:11.840062Z"}, {"uuid": "0ca5376e-73c1-4676-92cc-ff2209779a1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33826", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116410289729685027", "content": "", "creation_timestamp": "2026-04-15T19:07:36.017454Z"}, {"uuid": "4b89e8fc-098c-45fa-8ba0-3647e13199d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mjl2txuvlv2a", "content": "", "creation_timestamp": "2026-04-15T23:37:45.577039Z"}, {"uuid": "a09a01f4-dc42-47a2-afd9-54f789bf8e69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mjl4gds4bq26", "content": "", "creation_timestamp": "2026-04-16T00:05:55.627144Z"}, {"uuid": "4a7f710a-cac0-4d2b-bfff-06aa8fbbf593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mjmeldnc35s2", "content": "", "creation_timestamp": "2026-04-16T12:05:16.582015Z"}, {"uuid": "f255ffab-60e0-41a1-b355-223538287c44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33826", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mjmexp6nrf2d", "content": "", "creation_timestamp": "2026-04-16T12:11:29.105467Z"}, {"uuid": "94d08bfd-c0ef-4909-b066-e41ac7f74ae8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33829", "type": "seen", "source": "https://bsky.app/profile/oxfemale.bsky.social/post/3mjmi3md3vm2q", "content": "", "creation_timestamp": "2026-04-16T13:07:20.708783Z"}, {"uuid": "0b9b826f-8c1f-4591-9f8a-d5efb2d1f094", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlhie2p", "content": "", "creation_timestamp": "2026-04-16T14:28:38.526152Z"}, {"uuid": "4e839c49-e22d-4dc3-b2bc-28f787c04c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlqbm2p", "content": "", "creation_timestamp": "2026-04-16T14:28:39.125601Z"}, {"uuid": "8cd84539-ccc7-4c4c-a23f-a9f7dabbd1a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlt7e2p", "content": "", "creation_timestamp": "2026-04-16T14:28:39.737383Z"}, {"uuid": "f95d7c3c-91fa-4409-a68f-2fdf330a49bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlu6m2p", "content": "", "creation_timestamp": "2026-04-16T14:28:40.391547Z"}, {"uuid": "7f67c97e-3f60-4f2e-bce6-cc38fc7e919e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlv5u2p", "content": "", "creation_timestamp": "2026-04-16T14:28:41.046881Z"}, {"uuid": "520a54b8-eca7-4009-8ffe-80f71a80a9ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlw542p", "content": "", "creation_timestamp": "2026-04-16T14:28:41.694124Z"}, {"uuid": "f35d6faa-e675-4da8-9d26-be165dbc1518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxlx4e2p", "content": "", "creation_timestamp": "2026-04-16T14:28:42.311094Z"}, {"uuid": "f4fa0510-ad21-4e7d-a04f-89222a840dff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxm2242p", "content": "", "creation_timestamp": "2026-04-16T14:28:42.912077Z"}, {"uuid": "8fcc355a-4474-40a9-aef0-550c04e678b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mjmmmxm2ze2p", "content": "", "creation_timestamp": "2026-04-16T14:28:43.532639Z"}, {"uuid": "e63e1d5c-c1fb-4307-a4a5-5a9e14f4fec9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33825", "type": "seen", "source": "https://swecyb.com/ap/users/116080658609901341/statuses/116415325532360750", "content": "", "creation_timestamp": "2026-04-16T16:33:15.624174Z"}, {"uuid": "f2500c42-6a0c-44bb-87d1-96cb84d59fdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mjmvbz4dfe2w", "content": "", "creation_timestamp": "2026-04-16T17:03:34.742000Z"}, {"uuid": "d4f8b176-8a2f-4352-bf00-4da1e44919f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/hmier.bsky.social/post/3mjmxf7aeyt2a", "content": "", "creation_timestamp": "2026-04-16T17:41:08.259372Z"}, {"uuid": "f13d5703-a7ee-4289-ba87-fd20cc4d3b54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/concisecyber.bsky.social/post/3mjn7ukccwu2r", "content": "", "creation_timestamp": "2026-04-16T20:13:05.297998Z"}, {"uuid": "641fda92-320c-4d34-b570-ca2d66a2e5cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3mjnsxrnciw23", "content": "", "creation_timestamp": "2026-04-17T01:54:42.339495Z"}, {"uuid": "650e2fc0-34fa-4d96-8b7a-1173b87f3e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33825", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mjnuxnm53n2z", "content": "", "creation_timestamp": "2026-04-17T02:30:25.760826Z"}, {"uuid": "d4f7daa5-92ff-4723-9016-fcafcdd6d873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33825", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mjo7wwh55m2n", "content": "", "creation_timestamp": "2026-04-17T05:46:52.537678Z"}, {"uuid": "14db1c70-8c4c-409a-b39b-6e9b342f3cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/cecallihelper.bsky.social/post/3mjou4ysqvc2w", "content": "", "creation_timestamp": "2026-04-17T11:48:21.216906Z"}, {"uuid": "0ffad791-c61a-4342-b507-699b56545037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mjovd6hugc2g", "content": "", "creation_timestamp": "2026-04-17T12:09:32.708219Z"}, {"uuid": "5a3f0821-5bb6-4eb8-b0cc-4811878c98ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://www.cert.se/2026/04/cert-se-veckobrev-v16.html", "content": "", "creation_timestamp": "2026-04-17T05:47:00.000000Z"}, {"uuid": "ab0ab5d0-9aa2-4892-ad6a-e8ec39c6d757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mjozd4o3il2o", "content": "", "creation_timestamp": "2026-04-17T13:21:06.432950Z"}, {"uuid": "c752f5e4-fd28-4b9d-97b8-80ccfe2b70b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mjp3onbsqg2i", "content": "", "creation_timestamp": "2026-04-17T14:03:19.883291Z"}, {"uuid": "f4de206e-3f8f-4c71-a35f-31a488b5d2a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-0bbc86fa-e3cfacd457643f30", "content": "", "creation_timestamp": "2026-04-17T14:38:38.845929Z"}, {"uuid": "9d523404-e1a3-4353-92ea-3600aa052638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33829", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/116420840827800206", "content": "", "creation_timestamp": "2026-04-17T15:50:53.070861Z"}, {"uuid": "bcc3932e-b21e-48c8-8399-2afaa8f550df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33829", "type": "seen", "source": "https://bsky.app/profile/obivan.infosec.exchange.ap.brid.gy/post/3mjpbp52yfg22", "content": "", "creation_timestamp": "2026-04-17T15:51:00.106241Z"}, {"uuid": "c15574c1-d4c6-4b68-998e-cb232a43d9ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3mjpcwri5he2t", "content": "", "creation_timestamp": "2026-04-17T16:13:08.070590Z"}, {"uuid": "737733a5-c7e7-4ca0-a9f6-3818410e68d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mjpgi4uqkp2o", "content": "", "creation_timestamp": "2026-04-17T17:16:31.938684Z"}, {"uuid": "62ad41b5-41f3-4e35-8d08-ad32cb470ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/116421493850538954", "content": "", "creation_timestamp": "2026-04-17T18:36:57.379401Z"}, {"uuid": "90ace934-66b2-48c0-815c-af5a2d916755", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mjppyqd4er2h", "content": "", "creation_timestamp": "2026-04-17T20:06:53.011897Z"}, {"uuid": "3eb6f59d-2471-47c1-8a28-40f85b34ec7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjppz6nrym2g", "content": "", "creation_timestamp": "2026-04-17T20:07:07.679765Z"}, {"uuid": "851a9bff-1fd3-4504-a385-2d6b3aa3401e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-april-2026-monthly-rollup-av26-352", "content": "", "creation_timestamp": "2026-04-17T12:53:33.000000Z"}, {"uuid": "50a66498-bb79-44c0-abee-25fc9e4bf748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjqe4vpoj42t", "content": "", "creation_timestamp": "2026-04-18T02:07:08.194591Z"}, {"uuid": "97040581-0d18-4818-bd38-2ecb0a60935d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33826", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjqfsjx7df2p", "content": "", "creation_timestamp": "2026-04-18T02:37:07.113553Z"}, {"uuid": "b92637db-6a27-4727-aab5-609679022f26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mjqkr2jhsw24", "content": "", "creation_timestamp": "2026-04-18T04:05:46.145033Z"}, {"uuid": "8aafff94-33f4-4ae5-bfa6-039a08c3beff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mjqkr2jhsw24", "content": "", "creation_timestamp": "2026-04-18T04:05:46.232385Z"}, {"uuid": "66cdd124-88c3-4c76-90da-33310839afb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mjsdlb4efd2x", "content": "", "creation_timestamp": "2026-04-18T21:02:35.902679Z"}, {"uuid": "1dba72ca-5c57-4fdd-bd3d-05e28fbb6c84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/keiwork35.bsky.social/post/3mjtiurnvjz25", "content": "", "creation_timestamp": "2026-04-19T08:10:03.747999Z"}, {"uuid": "af2868fd-b4bd-490f-b174-85f94a59ccfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/pwrdbyrog.bsky.social/post/3mjuew4ipi22p", "content": "", "creation_timestamp": "2026-04-19T16:31:57.508153Z"}, {"uuid": "a0f7e9ac-e3ed-46b8-ac58-0e619a613298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33825", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjuf7idxh42u", "content": "", "creation_timestamp": "2026-04-19T16:37:07.864625Z"}, {"uuid": "e68b9123-1d1c-4699-b446-92b36b7bb7bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mjugfctcnu2x", "content": "", "creation_timestamp": "2026-04-19T16:58:16.304429Z"}, {"uuid": "dce876f3-8ad3-40b3-9e3f-8092ef6866de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33826", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mjugulo5zx24", "content": "", "creation_timestamp": "2026-04-19T17:06:52.956552Z"}, {"uuid": "f7424414-c961-41af-8716-d1a63a724602", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mjvbdynhys2h", "content": "", "creation_timestamp": "2026-04-20T01:00:48.171728Z"}, {"uuid": "fa362c24-464d-4e4d-bfb1-1c09cd11b8cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3mjvoxzpxhd2i", "content": "", "creation_timestamp": "2026-04-20T05:04:33.958630Z"}, {"uuid": "dc956dcc-3252-4473-94f2-6c450c80719a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mjygwaq7jj2y", "content": "", "creation_timestamp": "2026-04-21T07:18:23.736819Z"}, {"uuid": "4af464c7-6ffc-479f-924f-067e75a9284d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/microsoft-monthly-security-update-april-2026", "content": "", "creation_timestamp": "2026-04-14T18:00:00.000000Z"}, {"uuid": "d8a2382a-f2ac-45aa-980c-c1b907a71216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/116446628571511470", "content": "", "creation_timestamp": "2026-04-22T05:09:02.809764Z"}, {"uuid": "31b974fd-ed26-4e16-a542-fa867161bf76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-33825", "type": "exploited", "source": "https://www.huntress.com/blog/nightmare-eclipse-intrusion", "content": "", "creation_timestamp": "2026-04-20T04:00:00.000000Z"}, {"uuid": "c631e6fa-c626-4342-bb28-2d04c8a83bf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://threatintel.cc/2026/04/22/exploits-turn-windows-defender-into.html", "content": "", "creation_timestamp": "2026-04-22T03:09:09.000000Z"}, {"uuid": "fca55ed5-2a92-47ab-a455-f49862814df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mk3d6oezyh2p", "content": "", "creation_timestamp": "2026-04-22T10:49:30.393817Z"}, {"uuid": "8dab4213-0de9-4563-bf3d-8889d37351f6", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2026-33825", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3dbc8661-27eb-45fc-b0f5-351682240d33", "content": "", "creation_timestamp": "2026-04-22T20:00:02.363111Z"}, {"uuid": "b71574a0-d5d7-4b74-82a2-06de6a05095b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/zettawire.com/post/3mk4ddmliay2h", "content": "", "creation_timestamp": "2026-04-22T20:24:55.938059Z"}, {"uuid": "5af90baa-e357-48e4-b088-a31b1d20f893", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/coldblacksun.bsky.social/post/3mk4gkgegls25", "content": "", "creation_timestamp": "2026-04-22T21:22:27.087296Z"}, {"uuid": "a14c5d3e-0902-4ac6-af23-63ebbd2e821d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6318004", "content": "", "creation_timestamp": "2026-04-22T21:38:17.313295Z"}, {"uuid": "359f53aa-b402-42e9-80c0-57270298081f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mk4ngtyz4w2q", "content": "", "creation_timestamp": "2026-04-22T23:25:42.135683Z"}, {"uuid": "1a80e8d5-47c5-46b8-9400-72ab3cf6717b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mk54tow3rt2p", "content": "", "creation_timestamp": "2026-04-23T04:01:19.808530Z"}, {"uuid": "b49d2b6b-47ff-467e-98ce-03f4385c82a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/giovanni-popolizio.bsky.social/post/3mk5lcqwiwc2r", "content": "", "creation_timestamp": "2026-04-23T08:20:17.938523Z"}, {"uuid": "2429f320-32a7-4a4f-946a-87cd236b2a7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mk5lpuau5c24", "content": "", "creation_timestamp": "2026-04-23T08:27:37.139369Z"}, {"uuid": "d9920d13-d541-43fb-803e-91867e6064be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mk5qvqtckx2z", "content": "", "creation_timestamp": "2026-04-23T10:00:23.089933Z"}, {"uuid": "b39919aa-7371-4a68-9108-67dcc2ea8841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://chaos.social/users/christopherkunz/statuses/116453984706785438", "content": "", "creation_timestamp": "2026-04-23T12:19:49.060453Z"}, {"uuid": "84682a8b-29cd-43f6-8e81-8cff270c8b36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/christopherkunz.bsky.social/post/3mk5yv6knu32x", "content": "", "creation_timestamp": "2026-04-23T12:23:13.566916Z"}, {"uuid": "3747997b-7471-4075-aad6-4a15b67e8ccc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mk65i5f5ce2q", "content": "", "creation_timestamp": "2026-04-23T13:45:26.413121Z"}, {"uuid": "f9a0dcea-8d5d-408c-965a-96074df184f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/thezdi.bsky.social/post/3mk6e5co22c2a", "content": "", "creation_timestamp": "2026-04-23T15:44:39.002185Z"}, {"uuid": "a9583340-b100-4fdb-87ed-31f7b9806308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33824", "type": "seen", "source": "https://infosec.exchange/users/thezdi/statuses/116454790355047074", "content": "", "creation_timestamp": "2026-04-23T15:44:42.014259Z"}, {"uuid": "19148cca-75fd-4f97-acb1-4a5014cab391", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mk6ha77ggf22", "content": "", "creation_timestamp": "2026-04-23T16:39:56.198922Z"}, {"uuid": "9ae9732d-cd80-430f-9229-60ad7d8e09a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33824", "type": "seen", "source": "https://bsky.app/profile/glitterbean.wehavecookies.social.ap.brid.gy/post/3mk6ivx5lh7a2", "content": "", "creation_timestamp": "2026-04-23T17:10:00.529349Z"}, {"uuid": "a820287b-1ec1-4814-8acd-9f09dc8e4ad2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/22/cve-2026-33824-remote-code-execution-in-windows-ikev2", "content": "", "creation_timestamp": "2026-04-23T13:42:11.000000Z"}, {"uuid": "aba57863-dba8-41f6-8580-0eedcf58eadc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mk6vwuh3rv23", "content": "", "creation_timestamp": "2026-04-23T21:03:16.734170Z"}, {"uuid": "210e17ca-d4ba-4be1-80a5-fa0594dbc032", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33824", "type": "seen", "source": "https://bsky.app/profile/tamosan.bsky.social/post/3mk7dgqv542ct", "content": "", "creation_timestamp": "2026-04-24T01:04:41.156717Z"}, {"uuid": "fd7fdb0a-3d51-47b4-b044-efb6ae6f0d5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mk7i6drwho2g", "content": "", "creation_timestamp": "2026-04-24T02:29:28.368206Z"}, {"uuid": "5c4889d9-1124-4a19-a5b6-ed3490ea0c45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33824", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mk7yue3r5krs", "content": "", "creation_timestamp": "2026-04-24T07:28:23.486657Z"}, {"uuid": "d65676c8-ed91-410c-bdd5-5ef87055d14c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mk7zu2ofbn2v", "content": "", "creation_timestamp": "2026-04-24T07:45:49.560551Z"}, {"uuid": "c19ab1bd-0e36-46c5-9407-49ef5be4b84a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/116459338293131686", "content": "", "creation_timestamp": "2026-04-24T11:01:17.841512Z"}, {"uuid": "0cb04f49-a098-4419-920b-a5cf2eb51d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "published-proof-of-concept", "source": "Telegram/YdSs7ODl4GqLLTJMVDK5lc2sRwnfVBIE8xXSYrBaURrpR0I", "content": "", "creation_timestamp": "2026-04-16T21:00:04.000000Z"}, {"uuid": "1a802a45-b7e4-493e-ab25-6eec786a9f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "Telegram/YePRnuOVksNqX9swUImajlZDrf4i0O7tGfeTl8wpT5HyD2Q", "content": "", "creation_timestamp": "2026-04-14T20:17:09.000000Z"}, {"uuid": "55aac764-47df-42be-8129-e129cfe6ba85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "Telegram/OdWvnEXTJIGy3ojxRddXSSYHf7eLNAg9j6KM3LLyKJyw1do", "content": "", "creation_timestamp": "2026-04-14T20:17:14.000000Z"}, {"uuid": "9c1f714d-e145-49bb-b7b8-7ce3b9e9968d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "Telegram/OdWvnEXTJIGy3ojxRddXSSYHf7eLNAg9j6KM3LLyKJyw1do", "content": "", "creation_timestamp": "2026-04-14T20:17:14.000000Z"}, {"uuid": "4c3f097a-d9c9-4a07-996a-e90888f632be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "Telegram/OdWvnEXTJIGy3ojxRddXSSYHf7eLNAg9j6KM3LLyKJyw1do", "content": "", "creation_timestamp": "2026-04-14T20:17:14.000000Z"}, {"uuid": "856b69a9-d18c-4df7-9b5e-84ee0db83f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33826", "type": "seen", "source": "Telegram/OdWvnEXTJIGy3ojxRddXSSYHf7eLNAg9j6KM3LLyKJyw1do", "content": "", "creation_timestamp": "2026-04-14T20:17:14.000000Z"}, {"uuid": "f7704d6c-dbfb-4c37-a2c9-ed87719eaa09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "Telegram/l9bSu4t-Z8RXv5R9-n5DGKDhjKFYmQA28Cy4bVCP0NEotQk", "content": "", "creation_timestamp": "2026-04-14T20:17:19.000000Z"}, {"uuid": "c6ad1517-41fa-4da3-9616-985649602c29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "published-proof-of-concept", "source": "Telegram/13SJvff8QI2qaATds71XzXY76pj2q7KNSKHIOkghUW-N2nM", "content": "", "creation_timestamp": "2026-04-16T15:00:13.000000Z"}, {"uuid": "0f2e180e-c0b5-45de-8bc3-20b65115c6ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mkiwscbi4c23", "content": "", "creation_timestamp": "2026-04-27T20:45:07.815577Z"}, {"uuid": "6370b5c8-eeb2-45b5-a473-c868ef96af97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mkizsxwyz223", "content": "", "creation_timestamp": "2026-04-27T21:39:13.393052Z"}, {"uuid": "86d08d77-caed-4725-873d-602f704d396b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mkizzj4yzc23", "content": "", "creation_timestamp": "2026-04-27T21:42:54.127805Z"}, {"uuid": "ee73cc27-05e4-432e-a368-5720b315991a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://bsky.app/profile/releaseport.com/post/3mkkub72qww23", "content": "", "creation_timestamp": "2026-04-28T15:05:05.466354Z"}, {"uuid": "10731303-1b45-4200-b53b-4088be62c58a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mkfsbeu6uo2o", "content": "", "creation_timestamp": "2026-04-26T14:46:04.475044Z"}, {"uuid": "2d05a280-f2bf-4a9e-ab4f-05a7064243c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/talalabbasi.com/post/3mkgjfxjiw224", "content": "", "creation_timestamp": "2026-04-26T21:40:19.053326Z"}, {"uuid": "6cf9e689-235a-4b5b-af36-314afb8b9230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/talalabbasi.com/post/3mkgjfxjiw224", "content": "", "creation_timestamp": "2026-04-26T21:40:19.168583Z"}, {"uuid": "5600743f-481e-4930-aea1-d4746c59032d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mkgx3mh4ml2c", "content": "", "creation_timestamp": "2026-04-27T01:44:59.663519Z"}, {"uuid": "cd5d4c01-f10e-4456-b84b-d3dacaca28d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33826", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mkh2m2glju2w", "content": "", "creation_timestamp": "2026-04-27T02:47:52.532872Z"}, {"uuid": "a16656fa-ac2e-412f-8f8b-aef29c22be69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mkh2m2glju2w", "content": "", "creation_timestamp": "2026-04-27T02:47:52.659853Z"}, {"uuid": "e70119ec-1487-4025-8822-21fa33384754", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mkh2m2glju2w", "content": "", "creation_timestamp": "2026-04-27T02:47:52.787197Z"}, {"uuid": "dd213a9a-ae0a-497c-abbd-8b450df75923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/hakksaww.bsky.social/post/3mkh2m2glju2w", "content": "", "creation_timestamp": "2026-04-27T02:47:52.918295Z"}, {"uuid": "ea6dfb96-fce7-42f1-9ee8-0536be27c42f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mkm2ipwdjk2w", "content": "", "creation_timestamp": "2026-04-29T02:29:19.778573Z"}, {"uuid": "1c839778-bba5-4d9d-aa89-145c9593054a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "published-proof-of-concept", "source": "Telegram/-5TmsWj813MupXUk3oAfbbPwkALq_IWcYveTIHrZR6Vdl1M", "content": "", "creation_timestamp": "2026-04-18T03:00:05.000000Z"}, {"uuid": "2f973daa-c214-4aa7-b101-d69ca5a90f8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "published-proof-of-concept", "source": "Telegram/UHDH5Dy8dLbKDvrSUjbHqZq8jdYbFApOrWWgQ31t4VSl0Kk", "content": "", "creation_timestamp": "2026-04-20T15:00:07.000000Z"}, {"uuid": "38c9f8d8-88c5-4966-a86f-4a549c94ae1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/82440", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-33825\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Joe1sn\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C++\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-02 06:55:27\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nRedSun PoC for self use\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-02T07:00:04.000000Z"}, {"uuid": "2759ea58-3fe7-4af6-891d-daa5f0fe8f08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33823", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlcdea5keo2z", "content": "\ud83d\udd34 CVE-2026-33823 - Critical (9.6)\n\nImproper authorization in Microsoft Teams allows an authorized attacker to disclose information o...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-33823/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-07T23:06:26.750710Z"}, {"uuid": "e941cd37-0461-451b-9651-186bd989f377", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33823", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlcdej3df22k", "content": "CVE-2026-33823 - Microsoft Team Events Portal Information Disclosure Vulnerability\nCVE ID : CVE-2026-33823\n \n Published : May 7, 2026, 8:58 p.m. | 1\u00a0hour, 22\u00a0minutes ago\n \n Description : None\n \n Severity: 9.6 | CRITICAL\n \n Visit the link for more details, such as CVSS details,...", "creation_timestamp": "2026-05-07T23:06:35.627484Z"}, {"uuid": "9caede4d-6e10-416e-96e2-a7c12a6a83e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33823", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mles6ptjhj2v", "content": "\ud83d\udccc CVE-2026-33823 - Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network. https://www.cyberhub.blog/cves/CVE-2026-33823", "creation_timestamp": "2026-05-08T22:37:07.156915Z"}, {"uuid": "d5feebf4-5c48-4ff7-9d47-a322e9e4d797", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-33823", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mlfl7vtn7u2x", "content": "CVE-2026-33823: Critical Information Disclosure in Microsoft Teams (CVSS 9.6)\n\nCVE-2026-33823 is a critical improper authorization vulnerability in Microsoft Teams with a CVSS score of 9.6. It allows autho...\n\n\ud83d\udd17 https://ipsec.live/blog/cve-2026-33823-microsoft-teams\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-09T06:05:10.580443Z"}, {"uuid": "5476c9e2-2dc2-45b2-a779-52511c22752b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33821", "type": "seen", "source": "https://www.thezdi.com/blog/2026/5/12/the-may-2026-security-update-review", "content": "I\u2019m currently in Berlin helping set up for Pwn2Own Berlin, but that doesn\u2019t stop Patch Tuesday from coming, and it\u2019s another big one. At least nothing is listed as being in the wild \u2013 for now. Take a break from your regularly scheduled activities and let\u2019s take a look at the latest security patches from Adobe and Microsoft. Due to technical difficulties, there will not be a video companion for this month.\nAdobe Patches for May 2026\nFor May, Adobe released 10 bulletins addressing 52 unique CVEs in Adobe Commerce, After Effects, Adobe Connect, Illustrator, Media Encoder, Premiere Pro, Substance 3D Painter, Substance 3D Sampler, Content Authenticity SDK, and the Adobe Substance 3D Designer. Here\u2019s this month\u2019s overview table:\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n  \n  \n\n\n\n\n  \n    \n\n\n\n<colgroup>\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n</colgroup>\n\n<tfoot>\n  \n</tfoot>\n\n\n  \n    Bulletin ID\n    Product\n    CVE Count\n    Highest Severity\n    Highest CVSS\n    Exploited\n    Deployment Priority\n  \n\n\n  \n    APSB26-49\n    Adobe Commerce\n    15\n    Critical\n    8.7\n    No\n    2\n  \n  \n    APSB26-48\n    Adobe After Effects\n    4\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-50\n    Adobe Connect\n    2\n    Critical\n    9.6\n    No\n    3\n  \n  \n    APSB26-51\n    Adobe Illustrator\n    4\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-47\n    Adobe Media Encoder\n    2\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-46\n    Adobe Premiere Pro\n    3\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-55\n    Adobe Substance 3D Painter\n    2\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-54\n    Adobe Substance 3D Sampler\n    1\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-53\n    Content Authenticity SDK\n    14\n    Critical\n    7.5\n    No\n    3\n  \n  \n    APSB26-52\n    Adobe Substance 3D Designer\n    5\n    Important\n    6.3\n    No\n    3\n  \n\n    TOTAL\n    10 bulletins\n    52\n    \n    \n    \n    \n  \n\n\n\n  \n\n\n\n\n  \nThe obvious priority this month is the patch for Commerce, with its 15 bugs and deployment priority of 2. The Connect fix should also rank up there since both of its CVEs are CVSS 9s. Beyond those, it\u2019s a pretty typical month for Adobe, with most of the bugs either being cross-site scripting (XSS) or open-and-own code executions.\nMicrosoft Patches for May 2026\nThis month, Microsoft released a whopping 138 new CVEs in Windows and Windows components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, .NET and Visual Studio, Copilot Chat, Github Copilot, M365 Copilot, SQL Server, TCP/IP, and the Telnet Client \u2013 yes, the Telnet client. Two of these bugs were reported through the TrendAI ZDI program. 30 of these bugs are rated Critical, three are rated as Moderate, one is rated Low, and the rest are rated Important in severity.\nThis large volume of fixes follows the largest monthly release in Microsoft\u2019s history and reflects the trend across the industry of a high number of submissions. While not all of these bugs were found by AI, it\u2019s likely they had an AI-related component \u2013 even if it was just AI writing the submission. I should also point out the Pwn2Own Berlin occurs in just a few days, and it\u2019s typical for vendors to patch as much as they can before the event.\nNone of the bugs patched by Microsoft this month are listed as publicly known or under active attack at the time of release, so we\u2019ve got that going for us. Let\u2019s take a closer look at some of the more interesting updates for this month, starting with a nasty-looking bug in DNS:\n-    CVE-2026-41096 - Windows DNS Client Remote Code Execution VulnerabilityThis patch fixes a heap-based buffer overflow in the DNS Client triggered by a malicious DNS response. No authentication or user interaction needed, and since the DNS Client runs on virtually every Windows machine, the attack surface is enormous. An attacker with a position to influence DNS responses (MitM, rogue server) could achieve unauthenticated RCE across your enterprise.\n-    CVE-2026-41089 - Windows Netlogon Remote Code Execution VulnerabilityThis update covers another CVSS 9.8 bug, which is a stack-based buffer overflow that lets an unauthenticated remote attacker execute code on a domain controller by sending a specially crafted network request \u2014 no credentials, no user interaction required. Yup \u2013 that makes it wormable. This is the highest-impact bug that requires immediate patching: a compromised domain controller is a compromised domain.\n-    CVE-2026-42898 - Microsoft Dynamics 365 On-Premises Remote Code Execution VulnerabilityThis bug rates a CVSS 9.9(!) and represents a code injection in Dynamics 365. It allows any authenticated user to execute code with a scope change, meaning exploitation can break out and affect resources beyond the vulnerable component itself. Scope changes are pretty rare, so if you\u2019re running Dynamics 365 On-Prem, definitely test and deploy this patch quickly.\n-    CVE-2026-40415 - Windows TCP/IP Remote Code Execution VulnerabilityThis bug in the TCP/IP stack results from a use-after-free (UAF) and could allow a remote, unauthenticated threat actor to execute code without user interaction. That makes this another wormable bug. However, this one is much less likely to be exploited. The target needs to be under sustained low-memory (memory pressure) conditions, which is pretty rare. Still, no need to tempt fate here. Test and deploy this one quickly.\nHere\u2019s the full list of CVEs released by Microsoft for May 2026:\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n  \n  \n\n\n\n\n  \n    \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n <col width=\"144\" />\n <col width=\"256\" />\n <col span=\"5\" width=\"104\" />\n \n\n  CVE\n  Title\n  Severity\n  CVSS\n  Public\n  Exploited\n  Type\n \n \n  <span>CVE-2026-35435</span>\n  Azure AI Foundry\n  Elevation of Privilege Vulnerability\n  Critical\n  8.6\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35428</span>\n  Azure Cloud Shell\n  Spoofing Vulnerability\n  Critical\n  9.6\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-42826</span>\n  Azure DevOps\n  Information Disclosure Vulnerability\n  Critical\n  10\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-32207</span>\n  Azure Machine Learning\n  Notebook Spoofing Vulnerability\n  Critical\n  8.8\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-33109</span>\n  Azure Managed Instance\n  for Apache Cassandra Remote Code Execution Vulnerability\n  Critical\n  9.9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33844</span>\n  Azure Managed Instance\n  for Apache Cassandra Remote Code Execution Vulnerability\n  Critical\n  9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41105</span>\n  Azure Monitor Action\n  Group Notification System Elevation of Privilege Vulnerability\n  Critical\n  8.1\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33111</span>\n  Copilot Chat\n  (Microsoft Edge) Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-26129</span>\n  M365 Copilot\n  Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-26164</span>\n  M365 Copilot\n  Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33821</span>\n  Microsoft Dynamics 365\n  Customer Insights Elevation of Privilege Vulnerability\n  Critical\n  7.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42898</span>\n  Microsoft Dynamics 365\n  On-Premises Remote Code Execution Vulnerability\n  Critical\n  9.9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40379</span>\n  Microsoft Enterprise\n  Security Token Service (ESTS) Spoofing Vulnerability\n  Critical\n  9.3\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40363</span>\n  Microsoft Office\n  Remote Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40358</span>\n  Microsoft Office\n  Remote Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-34327</span>\n  Microsoft Partner\n  Center Spoofing Vulnerability\n  Critical\n  8.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40365</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Critical\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41103</span>\n  Microsoft SSO Plugin\n  for Jira & Confluence Elevation of Privilege Vulnerability\n  Critical\n  9.1\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33823</span>\n  Microsoft Team Events\n  Portal Information Disclosure Vulnerability\n  Critical\n  9.6\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40364</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40366</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40361</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40367</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42831</span>\n  Office for Android\n  Remote Code Execution Vulnerability\n  Critical\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41096</span>\n  Windows DNS Client\n  Remote Code Execution Vulnerability\n  Critical\n  9.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-35421</span>\n  Windows GDI Remote\n  Code Execution Vulnerability\n  Critical\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40403</span>\n  Windows Graphics\n  Component Remote Code Execution Vulnerability\n  Critical\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40402</span>\n  Windows Hyper-V\n  Elevation of Privilege Vulnerability\n  Critical\n  9.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32161</span>\n  Windows Native WiFi\n  Miniport Driver Remote Code Execution Vulnerability\n  Critical\n  7.5\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41089</span>\n  Windows Netlogon\n  Remote Code Execution Vulnerability\n  Critical\n  9.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-32175</span>\n  .NET Core Tampering\n  Vulnerability\n  Important\n  4.3\n  No\n  No\n  Tampering\n \n \n  <span>CVE-2026-32177</span>\n  .NET Elevation of\n  Privilege Vulnerability\n  Important\n  7.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35433</span>\n  .NET Elevation of\n  Privilege Vulnerability\n  Important\n  7.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2025-54518 *</span>\n  AMD: CVE-2025-54518\n  CPU OP Cache Corruption\n  Important\n  \n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42899</span>\n  ASP.NET Core Denial of\n  Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40381</span>\n  Azure Connected\n  Machine Agent Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42823 \u2020</span>\n  Azure Logic Apps\n  Elevation of Privilege Vulnerability\n  Important\n  9.9\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33833</span>\n  Azure Machine Learning\n  Notebook Spoofing Vulnerability\n  Important\n  8.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-32204</span>\n  Azure Monitor Agent\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42830</span>\n  Azure Monitor Agent\n  Metrics Extension Elevation of Privilege Vulnerability\n  Important\n  6.5\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33117</span>\n  Azure SDK for Java\n  Security Feature Bypass Vulnerability\n  Important\n  9.1\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-41109</span>\n  GitHub Copilot and\n  Visual Studio Code Security Feature Bypass Vulnerability\n  Important\n  8.8\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-35424</span>\n  Internet Key Exchange\n  (IKE) Protocol Denial of Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-41614</span>\n  M365 Copilot for\n  Desktop Spoofing Vulnerability\n  Important\n  6.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41100</span>\n  Microsoft 365 Copilot\n  for Android Spoofing Vulnerability\n  Important\n  4.4\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40377</span>\n  Microsoft\n  Cryptographic Services Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41094</span>\n  Microsoft Data\n  Formulator Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40417</span>\n  Microsoft Dynamics 365\n  Business Central Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42833</span>\n  Microsoft Dynamics 365\n  On-Premises Remote Code Execution Vulnerability\n  Important\n  9.1\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42838</span>\n  Microsoft Edge\n  (Chromium-based) Elevation of Privilege Vulnerability\n  Important\n  5.4\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40360</span>\n  Microsoft Excel\n  Information Disclosure Vulnerability\n  Important\n  7.8\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40359</span>\n  Microsoft Excel Remote\n  Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40362</span>\n  Microsoft Excel Remote\n  Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42832</span>\n  Microsoft Excel\n  Spoofing Vulnerability\n  Important\n  7.7\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-34329</span>\n  Microsoft Message\n  Queuing (MSMQ) Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40419</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40418</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35436</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40420</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42893</span>\n  Microsoft Outlook for\n  iOS Tampering Vulnerability\n  Important\n  7.4\n  No\n  No\n  Tampering\n \n \n  <span>CVE-2026-40374</span>\n  Microsoft Power\n  Automate Desktop Information Disclosure Vulnerability\n  Important\n  6.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41102</span>\n  Microsoft PowerPoint\n  for Android Spoofing Vulnerability\n  Important\n  7.1\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35439</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40368</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33110</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33112</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40357</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-32185</span>\n  Microsoft Teams\n  Spoofing Vulnerability\n  Important\n  5.5\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41101</span>\n  Microsoft Word for\n  Android Spoofing Vulnerability\n  Important\n  7.1\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35440</span>\n  Microsoft Word\n  Information Disclosure Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40421</span>\n  Microsoft Word\n  Information Disclosure Vulnerability\n  Important\n  4.3\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41097</span>\n  Secure Boot Security\n  Feature Bypass Vulnerability\n  Important\n  6.7\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-40370 \u2020</span>\n  SQL Server Remote Code\n  Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41613</span>\n  Visual Studio Code\n  Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41612</span>\n  Visual Studio Code\n  Information Disclosure Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41611</span>\n  Visual Studio Code\n  Remote Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41610</span>\n  Visual Studio Code\n  Security Feature Bypass Vulnerability\n  Important\n  6.3\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-33839</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33840</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34330</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34331</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35423</span>\n  Windows 11 Telnet\n  Client Information Disclosure Vulnerability\n  Important\n  5.4\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-35438</span>\n  Windows Admin Center\n  Elevation of Privilege Vulnerability\n  Important\n  8.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41086</span>\n  Windows Admin Center\n  in Azure Portal Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34344</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34345</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35416</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41088</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34343</span>\n  Windows Application\n  Identity (AppID) Subsystem Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35418</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33835</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34337</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40407</span>\n  Windows Common Log\n  File System Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40397</span>\n  Windows Common Log\n  File System Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42896</span>\n  Windows DWM Core\n  Library Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35419</span>\n  Windows DWM Core\n  Library Information Disclosure<span> \n  </span>Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-34336</span>\n  Windows DWM Core\n  Library Information Disclosure<span> \n  </span>Vulnerability\n  Important\n  7.8\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33834</span>\n  Windows Event Logging\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32209</span>\n  Windows Filtering\n  Platform (WFP) Security Feature Bypass Vulnerability\n  Important\n  4.4\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-33841</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35420</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40369</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34332</span>\n  Windows Kernel-Mode\n  Driver Remote Code Execution Vulnerability\n  Important\n  8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-34339</span>\n  Windows Lightweight\n  Directory Access Protocol (LDAP) Denial of Service Vulnerability\n  Important\n  5.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-34341</span>\n  Windows Link-Layer\n  Discovery Protocol (LLDP) Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33838</span>\n  Windows Message\n  Queuing (MSMQ) Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34342</span>\n  Windows Print Spooler\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41095</span>\n  Windows Projected File\n  System Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34340</span>\n  Windows Projected File\n  System Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40398</span>\n  Windows Remote Desktop\n  Services Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-21530</span>\n  Windows Rich Text Edit\n  Elevation of Privilege Vulnerability\n  Important\n  6.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32170</span>\n  Windows Rich Text Edit\n  Elevation of Privilege Vulnerability\n  Important\n  6.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40410</span>\n  Windows SMB Client\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35415</span>\n  Windows Storage Spaces\n  Controller Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34350</span>\n  Windows Storport\n  Miniport Driver Denial of Service Vulnerability\n  Important\n  6.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40405</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40414</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.4\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40401</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  6.2\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40413</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.4\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-35422</span>\n  Windows TCP/IP Driver\n  Security Feature Bypass Vulnerability\n  Important\n  6.5\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-34351</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40399</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34334</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40406</span>\n  Windows TCP/IP\n  Information Disclosure Vulnerability\n  Important\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33837</span>\n  Windows TCP/IP Local\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40415</span>\n  Windows TCP/IP Remote\n  Code Execution Vulnerability\n  Important\n  8.1\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42825</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34338</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40382</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40380</span>\n  Windows Volume Manager\n  Extension Driver Remote Code Execution Vulnerability\n  Important\n  6.2\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40408</span>\n  Windows WAN ARP Driver\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34333</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34347</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35417</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42891</span>\n  Microsoft Edge\n  (Chromium-based) for Android Spoofing Vulnerability\n  Moderate\n  6.5\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35429</span>\n  Microsoft Edge\n  (Chromium-based) for Android Spoofing Vulnerability\n  Moderate\n  4.3\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41107</span>\n  Microsoft Edge\n  (Chromium-based) Information Disclosure Vulnerability\n  Moderate\n  7.4\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40416</span>\n  Microsoft\n  Edge (Chromium-based) for Android Spoofing Vulnerability\n  Low\n  4.3\n  No\n  No\n  Spoofing\n \n \n \n  \n  \n  \n  \n  \n  \n  \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n  \n\n\n\n\n  \n* Indicates this CVE had been released by a third party and is now being included in Microsoft releases.\n\u2020 Indicates further administrative actions are required to fully address the vulnerability.\n \nLooking at the other Critical-rated bugs in this month\u2019s release, there are quite a few scary-looking bugs (including a CVSS 10!), but there\u2019s no action for the end user as Microsoft has already mitigated these bugs and is just now documenting them. There\u2019s also this month\u2019s crop of Office bugs where the Preview Pane is an attack vector. However, the bug in Office for Android does not have the Preview Pane vector; it\u2019s simple open and own. The bug in the WiFi driver needs a network adjacent attacker. The SharePoint bug requires authentication, but anyone with site privileges has the authentication needed. The bug in SSO Plugin for Jira & Confluence should really be called an authentication bypass, since it allows an unauthenticated attacker to gain access to a system.\nLooking at the other code execution bugs, most are of the open and own variety as expected. The bug in Dynamic 365 (On Prem) requires high privileges. The Message Queueing bug requires an adjacent attacker. The bug in SQL Server requires authentication, but as usual, patching won\u2019t be straightforward. Finally, there\u2019s a bug in the kernel that leads to code execution. Most kernel bugs are privilege escalations, but this one could allow code execution if an attacker sends specially crafted NVMe over Fabrics (NVMe\u2011oF) response messages during the connection handshake process that contains an invalid header length value. Neat.\nAs usual, the vast majority of the Microsoft release fixes Elevation of Privilege (EoP) bugs. Also as usual, most simply lead to local attackers executing their code at SYSTEM-level privileges or administrative privileges, so there\u2019s not much to add without further technical details about the bugs themselves. There are also a few bugs that just state the attacker could \u201cgain ELEVATED privileges.\u201d How obtuse. The bugs in Azure allow an attacker to access data otherwise hidden from them. The Edge bug allows threat actors to elevate to the privileges of the running application. The bug in Visual Studio allows attackers to get permissions associated with the MCP Server\u2019s managed identity. Finally, there are a couple of sandbox escapes, too, which are always useful.\nThis month's update includes six Security Feature Bypass vulnerabilities. The most severe is in the Azure SDK for Java (CVSS 9.1). An attacker over the network can bypass the integrity protection provided by authentication tags on encrypted data, effectively manipulating encrypted input in a way that slips past integrity checks during decryption.  Close behind is the bypass affecting the GitHub Copilot integration in Visual Studio Code (CWE-74). This one requires a user interaction, but it allows an attacker to circumvent the path validation safeguards that normally control which files Copilot is permitted to modify. The other Visual Studio Code bypass involves cross-site scripting, improper link resolution, and information exposure triggered when a user opens or views a maliciously crafted notebook.  On the Windows networking side there are two bypasses. The first hits the Windows TCP/IP driver via an authentication bypass using an alternate channel. The other impacts the Windows Filtering Platform through improper access control, allowing a local, low-privileged attacker to bypass FQDN-based network security rules. Finally, there\u2019s a Secure Boot bypass that, you guessed it, bypasses secure boot features.\nMoving on to the Information Disclosure bugs fixed this month, we have 15 different CVEs. As usual, the majority of these simply result in info leaks consisting of unspecified memory contents or memory addresses. The bug in Power Automate could expose data marked \u201cSensitive\u201d within Power Automate Desktop flows. One of the Word bugs could disclose NLTM hashes. The bug in Edge could disclose your cookies, which seems rude. The bug in Visual Studio could expose file path information. Finally, there\u2019s a bug in Telnet for Windows 11 that leaks information being used by Telnet at the time. I didn\u2019t even realize Windows 11 still had a telnet client.\nThe May release contains 10 spoofing bugs (plus the ones already addressed by Microsoft). The bug in Azure Machine Learning Notebooks vulnerability requires user interaction, but it could expose info through the Azure ML web interface to the attacker. There\u2019s a cluster of fixes for Microsoft's mobile Office suite on Android. Excel, Word, and PowerPoint for Android all carry spoofing flaws rooted in improper access control. Two Copilot products are also affected by spoofing vulns. The M365 Copilot for Desktop has no details provided. The M365 Copilot for Android variant requires low privileges and producing only limited impact on confidentiality and integrity. Microsoft Teams for Android rounds out the mobile app spoofing bugs. Three Edge bugs close things out, all involving misrepresentation of information in the browser UI. \nThere are two Tampering bugs in this month\u2019s release. The one in .NET Core allows threat actors to write files to an affected system. The other is in Outlook for iOS and manifests as a command injection bug.\nThere are eight DoS bugs in the May release, but as always, Microsoft provides little to no actionable information about the vulnerabilities. The most interesting from a practical standpoint are two TCP/IP bugs that allow a low-privilege Hyper-V guest to crash the host. Both are triggered from the adjacent network. On the broader network-exposure side, the ASP.NET Core bug is a straightforward infinite loop condition \u2014 an unauthenticated attacker sends a crafted request over the network and the server stops responding.\nNo new advisories are being released this month.\nLooking Ahead\nAssuming I survive Pwn2Own Berlin (which is looking iffy at the moment), I\u2019ll return on June 9th on what will hopefully be a smaller release than this one. Until then, stay safe, happy patching, and may all your reboots be smooth and clean!", "creation_timestamp": "2026-05-12T16:38:43.000000Z"}, {"uuid": "a9f71d41-7606-41c6-9def-4f6c64bb9380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33823", "type": "seen", "source": "https://www.thezdi.com/blog/2026/5/12/the-may-2026-security-update-review", "content": "I\u2019m currently in Berlin helping set up for Pwn2Own Berlin, but that doesn\u2019t stop Patch Tuesday from coming, and it\u2019s another big one. At least nothing is listed as being in the wild \u2013 for now. Take a break from your regularly scheduled activities and let\u2019s take a look at the latest security patches from Adobe and Microsoft. Due to technical difficulties, there will not be a video companion for this month.\nAdobe Patches for May 2026\nFor May, Adobe released 10 bulletins addressing 52 unique CVEs in Adobe Commerce, After Effects, Adobe Connect, Illustrator, Media Encoder, Premiere Pro, Substance 3D Painter, Substance 3D Sampler, Content Authenticity SDK, and the Adobe Substance 3D Designer. Here\u2019s this month\u2019s overview table:\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n  \n  \n\n\n\n\n  \n    \n\n\n\n<colgroup>\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n  <col />\n</colgroup>\n\n<tfoot>\n  \n</tfoot>\n\n\n  \n    Bulletin ID\n    Product\n    CVE Count\n    Highest Severity\n    Highest CVSS\n    Exploited\n    Deployment Priority\n  \n\n\n  \n    APSB26-49\n    Adobe Commerce\n    15\n    Critical\n    8.7\n    No\n    2\n  \n  \n    APSB26-48\n    Adobe After Effects\n    4\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-50\n    Adobe Connect\n    2\n    Critical\n    9.6\n    No\n    3\n  \n  \n    APSB26-51\n    Adobe Illustrator\n    4\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-47\n    Adobe Media Encoder\n    2\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-46\n    Adobe Premiere Pro\n    3\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-55\n    Adobe Substance 3D Painter\n    2\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-54\n    Adobe Substance 3D Sampler\n    1\n    Critical\n    7.8\n    No\n    3\n  \n  \n    APSB26-53\n    Content Authenticity SDK\n    14\n    Critical\n    7.5\n    No\n    3\n  \n  \n    APSB26-52\n    Adobe Substance 3D Designer\n    5\n    Important\n    6.3\n    No\n    3\n  \n\n    TOTAL\n    10 bulletins\n    52\n    \n    \n    \n    \n  \n\n\n\n  \n\n\n\n\n  \nThe obvious priority this month is the patch for Commerce, with its 15 bugs and deployment priority of 2. The Connect fix should also rank up there since both of its CVEs are CVSS 9s. Beyond those, it\u2019s a pretty typical month for Adobe, with most of the bugs either being cross-site scripting (XSS) or open-and-own code executions.\nMicrosoft Patches for May 2026\nThis month, Microsoft released a whopping 138 new CVEs in Windows and Windows components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, .NET and Visual Studio, Copilot Chat, Github Copilot, M365 Copilot, SQL Server, TCP/IP, and the Telnet Client \u2013 yes, the Telnet client. Two of these bugs were reported through the TrendAI ZDI program. 30 of these bugs are rated Critical, three are rated as Moderate, one is rated Low, and the rest are rated Important in severity.\nThis large volume of fixes follows the largest monthly release in Microsoft\u2019s history and reflects the trend across the industry of a high number of submissions. While not all of these bugs were found by AI, it\u2019s likely they had an AI-related component \u2013 even if it was just AI writing the submission. I should also point out the Pwn2Own Berlin occurs in just a few days, and it\u2019s typical for vendors to patch as much as they can before the event.\nNone of the bugs patched by Microsoft this month are listed as publicly known or under active attack at the time of release, so we\u2019ve got that going for us. Let\u2019s take a closer look at some of the more interesting updates for this month, starting with a nasty-looking bug in DNS:\n-    CVE-2026-41096 - Windows DNS Client Remote Code Execution VulnerabilityThis patch fixes a heap-based buffer overflow in the DNS Client triggered by a malicious DNS response. No authentication or user interaction needed, and since the DNS Client runs on virtually every Windows machine, the attack surface is enormous. An attacker with a position to influence DNS responses (MitM, rogue server) could achieve unauthenticated RCE across your enterprise.\n-    CVE-2026-41089 - Windows Netlogon Remote Code Execution VulnerabilityThis update covers another CVSS 9.8 bug, which is a stack-based buffer overflow that lets an unauthenticated remote attacker execute code on a domain controller by sending a specially crafted network request \u2014 no credentials, no user interaction required. Yup \u2013 that makes it wormable. This is the highest-impact bug that requires immediate patching: a compromised domain controller is a compromised domain.\n-    CVE-2026-42898 - Microsoft Dynamics 365 On-Premises Remote Code Execution VulnerabilityThis bug rates a CVSS 9.9(!) and represents a code injection in Dynamics 365. It allows any authenticated user to execute code with a scope change, meaning exploitation can break out and affect resources beyond the vulnerable component itself. Scope changes are pretty rare, so if you\u2019re running Dynamics 365 On-Prem, definitely test and deploy this patch quickly.\n-    CVE-2026-40415 - Windows TCP/IP Remote Code Execution VulnerabilityThis bug in the TCP/IP stack results from a use-after-free (UAF) and could allow a remote, unauthenticated threat actor to execute code without user interaction. That makes this another wormable bug. However, this one is much less likely to be exploited. The target needs to be under sustained low-memory (memory pressure) conditions, which is pretty rare. Still, no need to tempt fate here. Test and deploy this one quickly.\nHere\u2019s the full list of CVEs released by Microsoft for May 2026:\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n  \n  \n\n\n\n\n  \n    \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n <col width=\"144\" />\n <col width=\"256\" />\n <col span=\"5\" width=\"104\" />\n \n\n  CVE\n  Title\n  Severity\n  CVSS\n  Public\n  Exploited\n  Type\n \n \n  <span>CVE-2026-35435</span>\n  Azure AI Foundry\n  Elevation of Privilege Vulnerability\n  Critical\n  8.6\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35428</span>\n  Azure Cloud Shell\n  Spoofing Vulnerability\n  Critical\n  9.6\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-42826</span>\n  Azure DevOps\n  Information Disclosure Vulnerability\n  Critical\n  10\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-32207</span>\n  Azure Machine Learning\n  Notebook Spoofing Vulnerability\n  Critical\n  8.8\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-33109</span>\n  Azure Managed Instance\n  for Apache Cassandra Remote Code Execution Vulnerability\n  Critical\n  9.9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33844</span>\n  Azure Managed Instance\n  for Apache Cassandra Remote Code Execution Vulnerability\n  Critical\n  9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41105</span>\n  Azure Monitor Action\n  Group Notification System Elevation of Privilege Vulnerability\n  Critical\n  8.1\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33111</span>\n  Copilot Chat\n  (Microsoft Edge) Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-26129</span>\n  M365 Copilot\n  Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-26164</span>\n  M365 Copilot\n  Information Disclosure Vulnerability\n  Critical\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33821</span>\n  Microsoft Dynamics 365\n  Customer Insights Elevation of Privilege Vulnerability\n  Critical\n  7.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42898</span>\n  Microsoft Dynamics 365\n  On-Premises Remote Code Execution Vulnerability\n  Critical\n  9.9\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40379</span>\n  Microsoft Enterprise\n  Security Token Service (ESTS) Spoofing Vulnerability\n  Critical\n  9.3\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40363</span>\n  Microsoft Office\n  Remote Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40358</span>\n  Microsoft Office\n  Remote Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-34327</span>\n  Microsoft Partner\n  Center Spoofing Vulnerability\n  Critical\n  8.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40365</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Critical\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41103</span>\n  Microsoft SSO Plugin\n  for Jira & Confluence Elevation of Privilege Vulnerability\n  Critical\n  9.1\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33823</span>\n  Microsoft Team Events\n  Portal Information Disclosure Vulnerability\n  Critical\n  9.6\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40364</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40366</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40361</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40367</span>\n  Microsoft Word Remote\n  Code Execution Vulnerability\n  Critical\n  8.4\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42831</span>\n  Office for Android\n  Remote Code Execution Vulnerability\n  Critical\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41096</span>\n  Windows DNS Client\n  Remote Code Execution Vulnerability\n  Critical\n  9.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-35421</span>\n  Windows GDI Remote\n  Code Execution Vulnerability\n  Critical\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40403</span>\n  Windows Graphics\n  Component Remote Code Execution Vulnerability\n  Critical\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40402</span>\n  Windows Hyper-V\n  Elevation of Privilege Vulnerability\n  Critical\n  9.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32161</span>\n  Windows Native WiFi\n  Miniport Driver Remote Code Execution Vulnerability\n  Critical\n  7.5\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41089</span>\n  Windows Netlogon\n  Remote Code Execution Vulnerability\n  Critical\n  9.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-32175</span>\n  .NET Core Tampering\n  Vulnerability\n  Important\n  4.3\n  No\n  No\n  Tampering\n \n \n  <span>CVE-2026-32177</span>\n  .NET Elevation of\n  Privilege Vulnerability\n  Important\n  7.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35433</span>\n  .NET Elevation of\n  Privilege Vulnerability\n  Important\n  7.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2025-54518 *</span>\n  AMD: CVE-2025-54518\n  CPU OP Cache Corruption\n  Important\n  \n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42899</span>\n  ASP.NET Core Denial of\n  Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40381</span>\n  Azure Connected\n  Machine Agent Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42823 \u2020</span>\n  Azure Logic Apps\n  Elevation of Privilege Vulnerability\n  Important\n  9.9\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33833</span>\n  Azure Machine Learning\n  Notebook Spoofing Vulnerability\n  Important\n  8.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-32204</span>\n  Azure Monitor Agent\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42830</span>\n  Azure Monitor Agent\n  Metrics Extension Elevation of Privilege Vulnerability\n  Important\n  6.5\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33117</span>\n  Azure SDK for Java\n  Security Feature Bypass Vulnerability\n  Important\n  9.1\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-41109</span>\n  GitHub Copilot and\n  Visual Studio Code Security Feature Bypass Vulnerability\n  Important\n  8.8\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-35424</span>\n  Internet Key Exchange\n  (IKE) Protocol Denial of Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-41614</span>\n  M365 Copilot for\n  Desktop Spoofing Vulnerability\n  Important\n  6.2\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41100</span>\n  Microsoft 365 Copilot\n  for Android Spoofing Vulnerability\n  Important\n  4.4\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-40377</span>\n  Microsoft\n  Cryptographic Services Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41094</span>\n  Microsoft Data\n  Formulator Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40417</span>\n  Microsoft Dynamics 365\n  Business Central Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42833</span>\n  Microsoft Dynamics 365\n  On-Premises Remote Code Execution Vulnerability\n  Important\n  9.1\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42838</span>\n  Microsoft Edge\n  (Chromium-based) Elevation of Privilege Vulnerability\n  Important\n  5.4\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40360</span>\n  Microsoft Excel\n  Information Disclosure Vulnerability\n  Important\n  7.8\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40359</span>\n  Microsoft Excel Remote\n  Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40362</span>\n  Microsoft Excel Remote\n  Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42832</span>\n  Microsoft Excel\n  Spoofing Vulnerability\n  Important\n  7.7\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-34329</span>\n  Microsoft Message\n  Queuing (MSMQ) Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40419</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40418</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35436</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40420</span>\n  Microsoft Office\n  Click-To-Run Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42893</span>\n  Microsoft Outlook for\n  iOS Tampering Vulnerability\n  Important\n  7.4\n  No\n  No\n  Tampering\n \n \n  <span>CVE-2026-40374</span>\n  Microsoft Power\n  Automate Desktop Information Disclosure Vulnerability\n  Important\n  6.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41102</span>\n  Microsoft PowerPoint\n  for Android Spoofing Vulnerability\n  Important\n  7.1\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35439</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40368</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33110</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-33112</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40357</span>\n  Microsoft SharePoint\n  Server Remote Code Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-32185</span>\n  Microsoft Teams\n  Spoofing Vulnerability\n  Important\n  5.5\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41101</span>\n  Microsoft Word for\n  Android Spoofing Vulnerability\n  Important\n  7.1\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35440</span>\n  Microsoft Word\n  Information Disclosure Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40421</span>\n  Microsoft Word\n  Information Disclosure Vulnerability\n  Important\n  4.3\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41097</span>\n  Secure Boot Security\n  Feature Bypass Vulnerability\n  Important\n  6.7\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-40370 \u2020</span>\n  SQL Server Remote Code\n  Execution Vulnerability\n  Important\n  8.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41613</span>\n  Visual Studio Code\n  Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41612</span>\n  Visual Studio Code\n  Information Disclosure Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-41611</span>\n  Visual Studio Code\n  Remote Code Execution Vulnerability\n  Important\n  7.8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-41610</span>\n  Visual Studio Code\n  Security Feature Bypass Vulnerability\n  Important\n  6.3\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-33839</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33840</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34330</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34331</span>\n  Win32k Elevation of\n  Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35423</span>\n  Windows 11 Telnet\n  Client Information Disclosure Vulnerability\n  Important\n  5.4\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-35438</span>\n  Windows Admin Center\n  Elevation of Privilege Vulnerability\n  Important\n  8.3\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41086</span>\n  Windows Admin Center\n  in Azure Portal Elevation of Privilege Vulnerability\n  Important\n  8.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34344</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34345</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35416</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41088</span>\n  Windows Ancillary\n  Function Driver for WinSock Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34343</span>\n  Windows Application\n  Identity (AppID) Subsystem Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35418</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33835</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34337</span>\n  Windows Cloud Files\n  Mini Filter Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40407</span>\n  Windows Common Log\n  File System Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40397</span>\n  Windows Common Log\n  File System Driver Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42896</span>\n  Windows DWM Core\n  Library Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35419</span>\n  Windows DWM Core\n  Library Information Disclosure<span> \n  </span>Vulnerability\n  Important\n  5.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-34336</span>\n  Windows DWM Core\n  Library Information Disclosure<span> \n  </span>Vulnerability\n  Important\n  7.8\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33834</span>\n  Windows Event Logging\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32209</span>\n  Windows Filtering\n  Platform (WFP) Security Feature Bypass Vulnerability\n  Important\n  4.4\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-33841</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35420</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40369</span>\n  Windows Kernel\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34332</span>\n  Windows Kernel-Mode\n  Driver Remote Code Execution Vulnerability\n  Important\n  8\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-34339</span>\n  Windows Lightweight\n  Directory Access Protocol (LDAP) Denial of Service Vulnerability\n  Important\n  5.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-34341</span>\n  Windows Link-Layer\n  Discovery Protocol (LLDP) Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-33838</span>\n  Windows Message\n  Queuing (MSMQ) Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34342</span>\n  Windows Print Spooler\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-41095</span>\n  Windows Projected File\n  System Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34340</span>\n  Windows Projected File\n  System Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40398</span>\n  Windows Remote Desktop\n  Services Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-21530</span>\n  Windows Rich Text Edit\n  Elevation of Privilege Vulnerability\n  Important\n  6.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-32170</span>\n  Windows Rich Text Edit\n  Elevation of Privilege Vulnerability\n  Important\n  6.7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40410</span>\n  Windows SMB Client\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35415</span>\n  Windows Storage Spaces\n  Controller Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34350</span>\n  Windows Storport\n  Miniport Driver Denial of Service Vulnerability\n  Important\n  6.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40405</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.5\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40414</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.4\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40401</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  6.2\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-40413</span>\n  Windows TCP/IP Denial\n  of Service Vulnerability\n  Important\n  7.4\n  No\n  No\n  DoS\n \n \n  <span>CVE-2026-35422</span>\n  Windows TCP/IP Driver\n  Security Feature Bypass Vulnerability\n  Important\n  6.5\n  No\n  No\n  SFB\n \n \n  <span>CVE-2026-34351</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40399</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34334</span>\n  Windows TCP/IP\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40406</span>\n  Windows TCP/IP\n  Information Disclosure Vulnerability\n  Important\n  7.5\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-33837</span>\n  Windows TCP/IP Local\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40415</span>\n  Windows TCP/IP Remote\n  Code Execution Vulnerability\n  Important\n  8.1\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-42825</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34338</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40382</span>\n  Windows Telephony\n  Service Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-40380</span>\n  Windows Volume Manager\n  Extension Driver Remote Code Execution Vulnerability\n  Important\n  6.2\n  No\n  No\n  RCE\n \n \n  <span>CVE-2026-40408</span>\n  Windows WAN ARP Driver\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34333</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-34347</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-35417</span>\n  Windows Win32k\n  Elevation of Privilege Vulnerability\n  Important\n  7.8\n  No\n  No\n  EoP\n \n \n  <span>CVE-2026-42891</span>\n  Microsoft Edge\n  (Chromium-based) for Android Spoofing Vulnerability\n  Moderate\n  6.5\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-35429</span>\n  Microsoft Edge\n  (Chromium-based) for Android Spoofing Vulnerability\n  Moderate\n  4.3\n  No\n  No\n  Spoofing\n \n \n  <span>CVE-2026-41107</span>\n  Microsoft Edge\n  (Chromium-based) Information Disclosure Vulnerability\n  Moderate\n  7.4\n  No\n  No\n  Info\n \n \n  <span>CVE-2026-40416</span>\n  Microsoft\n  Edge (Chromium-based) for Android Spoofing Vulnerability\n  Low\n  4.3\n  No\n  No\n  Spoofing\n \n \n \n  \n  \n  \n  \n  \n  \n  \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n  \n\n\n\n\n  \n* Indicates this CVE had been released by a third party and is now being included in Microsoft releases.\n\u2020 Indicates further administrative actions are required to fully address the vulnerability.\n \nLooking at the other Critical-rated bugs in this month\u2019s release, there are quite a few scary-looking bugs (including a CVSS 10!), but there\u2019s no action for the end user as Microsoft has already mitigated these bugs and is just now documenting them. There\u2019s also this month\u2019s crop of Office bugs where the Preview Pane is an attack vector. However, the bug in Office for Android does not have the Preview Pane vector; it\u2019s simple open and own. The bug in the WiFi driver needs a network adjacent attacker. The SharePoint bug requires authentication, but anyone with site privileges has the authentication needed. The bug in SSO Plugin for Jira & Confluence should really be called an authentication bypass, since it allows an unauthenticated attacker to gain access to a system.\nLooking at the other code execution bugs, most are of the open and own variety as expected. The bug in Dynamic 365 (On Prem) requires high privileges. The Message Queueing bug requires an adjacent attacker. The bug in SQL Server requires authentication, but as usual, patching won\u2019t be straightforward. Finally, there\u2019s a bug in the kernel that leads to code execution. Most kernel bugs are privilege escalations, but this one could allow code execution if an attacker sends specially crafted NVMe over Fabrics (NVMe\u2011oF) response messages during the connection handshake process that contains an invalid header length value. Neat.\nAs usual, the vast majority of the Microsoft release fixes Elevation of Privilege (EoP) bugs. Also as usual, most simply lead to local attackers executing their code at SYSTEM-level privileges or administrative privileges, so there\u2019s not much to add without further technical details about the bugs themselves. There are also a few bugs that just state the attacker could \u201cgain ELEVATED privileges.\u201d How obtuse. The bugs in Azure allow an attacker to access data otherwise hidden from them. The Edge bug allows threat actors to elevate to the privileges of the running application. The bug in Visual Studio allows attackers to get permissions associated with the MCP Server\u2019s managed identity. Finally, there are a couple of sandbox escapes, too, which are always useful.\nThis month's update includes six Security Feature Bypass vulnerabilities. The most severe is in the Azure SDK for Java (CVSS 9.1). An attacker over the network can bypass the integrity protection provided by authentication tags on encrypted data, effectively manipulating encrypted input in a way that slips past integrity checks during decryption.  Close behind is the bypass affecting the GitHub Copilot integration in Visual Studio Code (CWE-74). This one requires a user interaction, but it allows an attacker to circumvent the path validation safeguards that normally control which files Copilot is permitted to modify. The other Visual Studio Code bypass involves cross-site scripting, improper link resolution, and information exposure triggered when a user opens or views a maliciously crafted notebook.  On the Windows networking side there are two bypasses. The first hits the Windows TCP/IP driver via an authentication bypass using an alternate channel. The other impacts the Windows Filtering Platform through improper access control, allowing a local, low-privileged attacker to bypass FQDN-based network security rules. Finally, there\u2019s a Secure Boot bypass that, you guessed it, bypasses secure boot features.\nMoving on to the Information Disclosure bugs fixed this month, we have 15 different CVEs. As usual, the majority of these simply result in info leaks consisting of unspecified memory contents or memory addresses. The bug in Power Automate could expose data marked \u201cSensitive\u201d within Power Automate Desktop flows. One of the Word bugs could disclose NLTM hashes. The bug in Edge could disclose your cookies, which seems rude. The bug in Visual Studio could expose file path information. Finally, there\u2019s a bug in Telnet for Windows 11 that leaks information being used by Telnet at the time. I didn\u2019t even realize Windows 11 still had a telnet client.\nThe May release contains 10 spoofing bugs (plus the ones already addressed by Microsoft). The bug in Azure Machine Learning Notebooks vulnerability requires user interaction, but it could expose info through the Azure ML web interface to the attacker. There\u2019s a cluster of fixes for Microsoft's mobile Office suite on Android. Excel, Word, and PowerPoint for Android all carry spoofing flaws rooted in improper access control. Two Copilot products are also affected by spoofing vulns. The M365 Copilot for Desktop has no details provided. The M365 Copilot for Android variant requires low privileges and producing only limited impact on confidentiality and integrity. Microsoft Teams for Android rounds out the mobile app spoofing bugs. Three Edge bugs close things out, all involving misrepresentation of information in the browser UI. \nThere are two Tampering bugs in this month\u2019s release. The one in .NET Core allows threat actors to write files to an affected system. The other is in Outlook for iOS and manifests as a command injection bug.\nThere are eight DoS bugs in the May release, but as always, Microsoft provides little to no actionable information about the vulnerabilities. The most interesting from a practical standpoint are two TCP/IP bugs that allow a low-privilege Hyper-V guest to crash the host. Both are triggered from the adjacent network. On the broader network-exposure side, the ASP.NET Core bug is a straightforward infinite loop condition \u2014 an unauthenticated attacker sends a crafted request over the network and the server stops responding.\nNo new advisories are being released this month.\nLooking Ahead\nAssuming I survive Pwn2Own Berlin (which is looking iffy at the moment), I\u2019ll return on June 9th on what will hopefully be a smaller release than this one. Until then, stay safe, happy patching, and may all your reboots be smooth and clean!", "creation_timestamp": "2026-05-12T16:38:43.000000Z"}, {"uuid": "92166f44-0828-4a74-b370-cd95d9fd51bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33821", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0145", "content": "Microsoft heeft kwetsbaarheden verholpen in diverse componenten van Dynamics. Een geauthenticeerde kwaadwillende kan de kwetsbaarheden misbruiken om zich verhoogde rechten toe te kennen, willekeurige code uit te voeren en/of toegang te krijgen tot gevoelige gegevens.\n\nDe kwetsbaarheid met kenmerk CVE-2026-33821 is reeds centraal verholpen door Microsoft en slechts toegevoegd ter informatie. Er zijn geen acties benodigd voor deze kwetsbaarheid.\n\n```\nDynamics Business Central: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40417 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nMicrosoft Dynamics 365 (on-premises): \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-42898 | 9.90 | Uitvoeren van willekeurige code     | \n| CVE-2026-42833 | 9.10 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nPower Automate: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40374 | 6.50 | Toegang tot gevoelige gegevens      | \n|----------------|------|-------------------------------------|\n\nMicrosoft Dynamics 365 Customer Insights: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-33821 | 7.70 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n```", "creation_timestamp": "2026-05-12T15:53:37.000000Z"}, {"uuid": "e4af72fb-1f6f-40e4-9e29-8d337ce0cc9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33823", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0144", "content": "Microsoft heeft kwetsbaarheden verholpen in diverse Office producten. Een kwaadwillende kan de kwetsbaarheden misbruiken om zich voor te doen als andere gebruiker, of willekeurige code uit te voeren met rechten van het slachtoffer en mogelijk toegang te krijgen tot gevoelige gegevens in de context van het slachtoffer.\n\nVoor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide bestand te openen of link te volgen.\n\nDe kwetsbaarheid met kenmerk CVE-2026-33823 is reeds door Microsoft centraal verholpen en slechts toegevoegd ter informatie. Er zijn geen verdere acties benodigd voor deze kwetsbaarheid.\n\n```\nMicrosoft Teams: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-32185 | 5.50 | Voordoen als andere gebruiker       | \n| CVE-2026-33823 | 9.60 | Toegang tot gevoelige gegevens      | \n|----------------|------|-------------------------------------|\n\nMicrosoft Office PowerPoint: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-41102 | 7.10 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nM365 Copilot: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-42893 | 7.40 |                 | \n|----------------|------|-------------------------------------|\n\nMicrosoft Office Word: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35440 | 5.50 | Toegang tot gevoelige gegevens      | \n| CVE-2026-40364 | 8.40 | Uitvoeren van willekeurige code     | \n| CVE-2026-40366 | 8.40 | Uitvoeren van willekeurige code     | \n| CVE-2026-40421 | 4.30 | Toegang tot gevoelige gegevens      | \n| CVE-2026-40361 | 8.40 | Uitvoeren van willekeurige code     | \n| CVE-2026-40367 | 8.40 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nOffice for Android: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-42831 | 7.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nMicrosoft Office: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40363 | 8.40 | Uitvoeren van willekeurige code     | \n| CVE-2026-40419 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-40358 | 8.40 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nMicrosoft Office SharePoint: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-35439 | 8.80 | Uitvoeren van willekeurige code     | \n| CVE-2026-40368 | 8.00 | Uitvoeren van willekeurige code     | \n| CVE-2026-33110 | 8.80 | Uitvoeren van willekeurige code     | \n| CVE-2026-33112 | 8.80 | Uitvoeren van willekeurige code     | \n| CVE-2026-40357 | 8.80 | Uitvoeren van willekeurige code     | \n| CVE-2026-40365 | 8.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nMicrosoft Office Excel: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40360 | 7.80 | Toegang tot gevoelige gegevens      | \n| CVE-2026-40359 | 7.80 | Uitvoeren van willekeurige code     | \n| CVE-2026-40362 | 7.80 | Uitvoeren van willekeurige code     | \n| CVE-2026-42832 | 7.70 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n\nMicrosoft Office Click-To-Run: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2026-40418 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-35436 | 8.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2026-40420 | 8.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n```", "creation_timestamp": "2026-05-12T15:53:28.000000Z"}, {"uuid": "ad2f2846-2db2-47d2-87b6-1348434635e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-33823", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-20", "content": "", "creation_timestamp": "2026-05-13T01:08:48.000000Z"}, {"uuid": "8098cf38-1990-4138-b60c-3bc2a07198ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-33821", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-mensili-microsoft-20", "content": "", "creation_timestamp": "2026-05-13T01:08:48.000000Z"}, {"uuid": "0efa77d4-d796-4746-aa29-4e5b88308ff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33827", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mlr6bna3cw2t", "content": "Microsoft unveiled MDASH, an AI system with 100+ agents that found and proved 16 Windows flaws fixed in Patch Tuesday, including CVE-2026-33824 and CVE-2026-33827. #Microsoft #MDASH #Windows", "creation_timestamp": "2026-05-13T20:47:40.962666Z"}, {"uuid": "46459587-0be9-40d4-9918-44e776f23930", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://t.me/GithubRedTeam/84715", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-33825\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xBlackash\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-18 16:52:38\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-33825\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-18T17:00:05.000000Z"}, {"uuid": "87f9373b-4acb-4ef8-bf02-34764cd318fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://t.me/true_secator/8216", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 PoC \u0434\u043b\u044f 0-day, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 Windows \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 MiniPlasma. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0430\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044e Chaotic Eclipse \u0438\u043b\u0438 Nightmare Eclipse, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u043b\u043e\u0436\u0438\u043b \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b \u043d\u0430 GitHub, \u0437\u0430\u044f\u0432\u043b\u044f\u044f, \u0447\u0442\u043e Microsoft \u043d\u0435\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0440\u0430\u043d\u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 2020 \u0433\u043e\u0434\u0443.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 cldflt.sys \u0434\u0440\u0430\u0439\u0432\u0435\u0440 Cloud Filter \u0438 \u0435\u0433\u043e \u043f\u043e\u0434\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443 HsmOsBlockPlaceholderAccess, \n\u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u043e\u0431\u0449\u0438\u043b Microsoft\u00a0\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Google Project Zero \u0414\u0436\u0435\u0439\u043c\u0441 \u0424\u043e\u0440\u0448\u043e\u0443 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2020 \u0433\u043e\u0434\u0430.\n\n\u0412 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2020-17103, \u0438, \u043a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2020 \u0433\u043e\u0434\u0430.\n\nChaotic Eclipse \u043f\u043e\u044f\u0441\u043d\u0438\u043b: \u043f\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0442\u0430 \u0436\u0435 \u0441\u0430\u043c\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c Microsoft \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 Google Project Zero, \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0432\u0441\u0451 \u0435\u0449\u0451 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438 \u043d\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430. \u041e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u044b\u0439 PoC \u043e\u0442 Google \u0440\u0430\u0431\u043e\u0442\u0430\u043b \u0431\u0435\u0437 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u0435 \u0442\u0435\u0441\u0442\u044b \u043d\u0430 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows 11 Pro \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 Patch Tuesday \u0437\u0430 \u043c\u0430\u0439 2026 \u0433\u043e\u0434\u0430 \u043d\u0430 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0438, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043e\u0442\u043a\u0440\u044b\u043b\u0430\u0441\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u0430\u044f \u0441\u0442\u0440\u043e\u043a\u0430 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 SYSTEM.\n\n\u0423\u0438\u043b\u043b \u0414\u043e\u0440\u043c\u0430\u043d\u043d \u0438\u0437 Tharros \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b \u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0432 \u0445\u043e\u0434\u0435 \u0441\u0432\u043e\u0438\u0445 \u0442\u0435\u0441\u0442\u043e\u0432 \u043d\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Windows 11. \u041e\u0434\u043d\u0430\u043a\u043e \u043e\u043d \u043e\u0442\u043c\u0435\u0442\u0438\u043b, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0441\u0431\u043e\u0440\u043a\u0435 Windows 11 Insider Preview Canary.\n\n\u041f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043a\u043b\u044e\u0447\u0435\u0439 \u0440\u0435\u0435\u0441\u0442\u0440\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u043c Windows Cloud Filter \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 API CfAbortHydration.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u0424\u043e\u0440\u0448\u043e\u0443 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 \u0440\u0435\u0435\u0441\u0442\u0440\u0430 \u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u043c \u0440\u0430\u0437\u0434\u0435\u043b\u0435 .DEFAULT \u0431\u0435\u0437 \u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Microsoft \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u043e\u0433\u043e Patch Tuesday 2020 \u0433\u043e\u0434\u0430, \u043e\u0434\u043d\u0430\u043a\u043e Chaotic Eclipse \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0441\u0435 \u0435\u0449\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\nMiniPlasma - \u044d\u0442\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0438\u0437 \u0441\u0435\u0440\u0438\u0438 \u0443\u0442\u0435\u0447\u0435\u043a \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e 0-day \u0432 Windows, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0435\u043b\u044c.\n\n\u0421\u0435\u0440\u0438\u044f \u0440\u0430\u0437\u043e\u0431\u043b\u0430\u0447\u0435\u043d\u0438\u0439 \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 \u0441\u00a0BlueHammer, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows (CVE-2026-33825), \u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, RedSun, \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 DoS-\u0430\u0442\u0430\u043a \u0434\u043b\u044f Windows Defender, UnDefend.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u043e\u0441\u043b\u0435 \u0438\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043e, \u0447\u0442\u043e \u0432\u0441\u0435 \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f, Microsoft \u043d\u0435\u0437\u0430\u043c\u0435\u0442\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 RedSun, \u043d\u0435 \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u0432 \u0435\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE.\n\n\u0412 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0434\u0432\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 YellowKey \u0438 GreenPlasma, \u0441\u0434\u0435\u043b\u0430\u0432 \u044d\u0442\u043e \u0432 \u0437\u043d\u0430\u043a \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0430 \u043f\u0440\u043e\u0442\u0438\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u044f \u0437\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043e\u043a \u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Microsoft. \n\n\u0422\u0435\u043f\u0435\u0440\u044c \u043c\u044f\u0447 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u043c\u0438\u043a\u0440\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u043e\u0436\u0438\u0434\u0430\u0435\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0438 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0438 \u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432.", "creation_timestamp": "2026-05-18T18:30:06.000000Z"}, {"uuid": "e6e5b86f-9a97-4382-9ba8-79b465b99880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mmbftra5jh2y", "content": "Microsoft\u304cYellowKey Windows\u30bc\u30ed\u30c7\u30a4\u306e\u8efd\u6e1b\u7b56\u3092\u5171\u6709\n\nMicrosoft\u306f\u3001\u6700\u8fd1\u516c\u958b\u3055\u308c\u305fWindows BitLocker\u30bc\u30ed\u30c7\u30a4\u8106\u5f31\u6027YellowKey\u306e\u8efd\u6e1b\u7b56\u3092\u5171\u6709\u3057\u307e\u3057\u305f\u3002\u3053\u306e\u30bc\u30ed\u30c7\u30a4\u306f\u4fdd\u8b77\u3055\u308c\u305f\u30c9\u30e9\u30a4\u30d6\u3078\u306e\u30a2\u30af\u30bb\u30b9\u3092\u8a31\u53ef\u3059\u308b\u3082\u306e\u3067\u3059\u3002 \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6b20\u9665 \u5148\u6708\u3001\u5f7c\u3089\u306fBlueHammer\uff08CVE-2026-33825\uff09\u3068RedSun\uff08\u8b58\u5225\u5b50\u306a\u3057\uff09\u306e\u30ed\u30fc\u30ab\u30eb\u6a29\u9650", "creation_timestamp": "2026-05-20T07:43:27.711211Z"}, {"uuid": "90b0d313-7232-4f80-9723-dd628d3ae877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "published-proof-of-concept", "source": "Telegram/p6_7Fzr7AE5-s9SdgqzAFTlpxGf9IMuh2DhHzRrKndjq5KI", "content": "", "creation_timestamp": "2026-05-18T21:00:03.000000Z"}, {"uuid": "1dde003f-8f65-4773-8610-a1972ca9aacc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "published-proof-of-concept", "source": "Telegram/p6_7Fzr7AE5-s9SdgqzAFTlpxGf9IMuh2DhHzRrKndjq5KI", "content": "", "creation_timestamp": "2026-05-18T21:00:03.000000Z"}, {"uuid": "b018c136-9c29-436e-bf27-2addec26f765", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/85570", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a IKEV2-POC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a EpSiLoNPoInTOrI\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a C++\n\u2b50 Star\u6570\u91cf\uff1a 2  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-23 14:46:42\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nIKEv2, ikeext.dll, CVE-2026-33824, double free, heap grooming, ROP, SKF fragmentation, Windows exploit, anti-debug, obfuscation, API hooking, shellcode, reverse shell\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-23T15:00:04.000000Z"}, {"uuid": "eee1fe45-d6ea-4798-932a-4a36b3292b08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "Telegram/vpOabQVvb76izlIWt2pzp7PU5zl-D7jeeGQcHuuxEyFlkWM", "content": "", "creation_timestamp": "2026-05-21T09:00:04.000000Z"}, {"uuid": "b0c9ac80-78d3-43ab-9c45-777ef1042cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://bsky.app/profile/oxfemale.bsky.social/post/3mnd5ut2d7c2e", "content": "Same bug class. No CVE. No fix. The NTLM coercion primitive in the Windows search: URI handler is technically identical to CVE-2026-33829 in the Snipping Tool. Same severity rating, same mechanism,\nhttps://core-jmp.org/2026/06/one-click-one-hash-unpatched-ntlm-coercion-in-windows-search-uri-handler/", "creation_timestamp": "2026-06-02T17:51:24.944390Z"}, {"uuid": "3c022923-f116-4cba-94ba-ef8cbde09720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://thehackernews.com/2026/06/unpatched-windows-search-uri.html", "content": "Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to the attacker.\n\nLike in the case of CVE-2026-33829, which impacted the Windows Snipping Tool's ms-screensketch: URI handler, the newly flagged issue resides in the search: URI handler, per Huntress.\n\nCVE-2026-33829 refers to a spoofing vulnerability that could expose", "creation_timestamp": "2026-06-03T08:18:52.000000Z"}, {"uuid": "e1111636-da82-4b7c-ac08-22f348f29582", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "Telegram/x2qwCNvu1PGZuLFoFtok9OYnsOTKYazwumGAflAk82TqFw", "content": "", "creation_timestamp": "2026-06-03T12:01:59.000000Z"}, {"uuid": "7fb76f38-e91d-4dbc-8192-88e4b0143d04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mngy3pusi22h", "content": "Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes\n\nCybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to the attacker.\n\nLike in the case of CVE-2026-33829, which impacted the W\u2026\n#hackernews #news", "creation_timestamp": "2026-06-04T06:18:31.774055Z"}, {"uuid": "ff82333c-8994-4af3-8f97-94119cfc51a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33825", "type": "seen", "source": "https://bsky.app/profile/newstecnicas.com/post/3mnhnqqn3hc24", "content": "\ud83d\udee1\ufe0f #Alerta de #Seguridad: C\u00f3mo Proteger tus Sistemas de la Falla #Cr\u00edtica CVE-2026-33825 en #Oracle www.newstecnicas.com/2026/06/aler...", "creation_timestamp": "2026-06-04T12:46:09.595360Z"}, {"uuid": "e7c1b5b5-40e6-478e-baef-4ad89888f6de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33829", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnithx6gpx2v", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-33829\n\n\u2022 CVE ID: CVE-2026-33829\n\u2022 CVSS Score: 4.3 (Medium)\n\u2022 Affected: Unpatched Window\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T00:01:12.501292Z"}, {"uuid": "43eb11d1-4635-4a8e-9b8b-fd4ccb35a44a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnk57guyks24", "content": "CVE-2026-33824: Remote Code Execution in Windows IKEv2\n\nwww.zerodayinitiative.com/blog/2026/4/...\n\n#Cybersecurity #ThreatIntel #Vulnerability", "creation_timestamp": "2026-06-05T12:28:07.356162Z"}, {"uuid": "46709373-32ad-450f-82d8-1217b493f856", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-33824", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnk57guyks24", "content": "CVE-2026-33824: Remote Code Execution in Windows IKEv2\n\nwww.zerodayinitiative.com/blog/2026/4/...\n\n#Cybersecurity #ThreatIntel #Vulnerability", "creation_timestamp": "2026-06-05T12:28:07.342302Z"}]}