https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 26 Jun 2026 18:15:03 +0000 https://vulnerability.circl.lu/sighting/93b2955e-be50-41c9-8511-4cda1e16937b/export {"uuid": "93b2955e-be50-41c9-8511-4cda1e16937b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmw6t4oxtt2l", "content": "7/ \ud83d\udcbb Windows Kernel CVE-2026-40369: full SYSTEM escalation from restricted accounts. Also: Microsoft Defender CVEs 41091 + 45498 in CISA KEV, patch by June 3.", "creation_timestamp": "2026-05-28T14:03:57.557170Z"} {"uuid": "93b2955e-be50-41c9-8511-4cda1e16937b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmw6t4oxtt2l", "content": "7/ \ud83d\udcbb Windows Kernel CVE-2026-40369: full SYSTEM escalation from restricted accounts. Also: Microsoft Defender CVEs 41091 + 45498 in CISA KEV, patch by June 3.", "creation_timestamp": "2026-05-28T14:03:57.557170Z"} https://vulnerability.circl.lu/sighting/93b2955e-be50-41c9-8511-4cda1e16937b/export Thu, 28 May 2026 14:03:57 +0000 https://vulnerability.circl.lu/sighting/d7d4393c-f178-47d3-b725-a30b9a412932/export {"uuid": "d7d4393c-f178-47d3-b725-a30b9a412932", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmw6t4oxtu2l", "content": "7/ \ud83d\udcbb Windows Kernel CVE-2026-40369: full SYSTEM escalation from restricted accounts. Also: Microsoft Defender CVEs 41091 + 45498 in CISA KEV, patch by June 3.", "creation_timestamp": "2026-05-28T14:03:59.688216Z"} {"uuid": "d7d4393c-f178-47d3-b725-a30b9a412932", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mmw6t4oxtu2l", "content": "7/ \ud83d\udcbb Windows Kernel CVE-2026-40369: full SYSTEM escalation from restricted accounts. Also: Microsoft Defender CVEs 41091 + 45498 in CISA KEV, patch by June 3.", "creation_timestamp": "2026-05-28T14:03:59.688216Z"} https://vulnerability.circl.lu/sighting/d7d4393c-f178-47d3-b725-a30b9a412932/export Thu, 28 May 2026 14:03:59 +0000 https://vulnerability.circl.lu/sighting/f5a46847-bbd9-4840-a3fa-844d0dcb0402/export {"uuid": "f5a46847-bbd9-4840-a3fa-844d0dcb0402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mmyp77pzma2p", "content": "\ud83d\udd12 Show HN: CVE-2026-40369 Windows Kernel Arbitrary Write Chrome SBX\n\nSecurity researcher Ori Nimron has publicly disclosed CVE-2026-40369, a critical Windows kernel vulnerability af...\n\nhttps://tinyurl.com/4z9xxjh7 #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-05-29T14:02:09.112449Z"} {"uuid": "f5a46847-bbd9-4840-a3fa-844d0dcb0402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mmyp77pzma2p", "content": "\ud83d\udd12 Show HN: CVE-2026-40369 Windows Kernel Arbitrary Write Chrome SBX\n\nSecurity researcher Ori Nimron has publicly disclosed CVE-2026-40369, a critical Windows kernel vulnerability af...\n\nhttps://tinyurl.com/4z9xxjh7 #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-05-29T14:02:09.112449Z"} https://vulnerability.circl.lu/sighting/f5a46847-bbd9-4840-a3fa-844d0dcb0402/export Fri, 29 May 2026 14:02:09 +0000 https://vulnerability.circl.lu/sighting/520277bd-e638-4719-b33c-6e49ad81a192/export {"uuid": "520277bd-e638-4719-b33c-6e49ad81a192", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116678213699999783", "content": "Attention, elevated activities detected targeting Microsoft Windows (CVE-2026-40369) https://vuldb.com/vuln/363183/cti", "creation_timestamp": "2026-06-02T02:45:49.352047Z"} {"uuid": "520277bd-e638-4719-b33c-6e49ad81a192", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116678213699999783", "content": "Attention, elevated activities detected targeting Microsoft Windows (CVE-2026-40369) https://vuldb.com/vuln/363183/cti", "creation_timestamp": "2026-06-02T02:45:49.352047Z"} https://vulnerability.circl.lu/sighting/520277bd-e638-4719-b33c-6e49ad81a192/export Tue, 02 Jun 2026 02:45:49 +0000 https://vulnerability.circl.lu/sighting/22266a99-abad-4555-9765-4ce2c5294c6a/export {"uuid": "22266a99-abad-4555-9765-4ce2c5294c6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0141", "content": "Microsoft heeft kwetsbaarheden verholpen in Windows. Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Uitvoeren van willekeurige code (root/admin-rechten)\n- Uitvoeren van willekeurige code (gebruikersrechten)\n- Verkrijgen van verhoogde rechten\n- Omzeilen van een beveiligingsmaatregel\n- Toegang tot gevoelige gegevens\n\nDe ernstigste kwetsbaarheden hebben kenmerken CVE-2026-40402, CVE-2026-41089 en CVE-2026-41096 toegewezen gekregen en bevinden zich respectievelijk in Hyper-V, NETLOGON en de DNS Client. De kwetsbaarheid in Hyper-V stelt een geauthenticeerde kwaadwillende in staat om uit de Guest-VM te breken en toegang te krijgen tot geheugen van de host en mogelijk willekeurige code uit te voeren op de host. De kwetsbaarheden in NETLOGON en de DNS Client stellen een ongeauthenticeerde kwaadwillende op afstand in staat om willekeurige code uit te voeren op het kwetsbare systeem.\n\n**Met name Domain Controllers die toegankelijk zijn vanaf externe netwerken lopen een hoog risico voor actief misbruik van de kwetsbaarheid in NETLOGON.**\n\nHet verdient altijd aanbeveling om een systeem met de rol van Domain Controller niet publiek toegankelijk te hebben en, indien dit noodzakelijk is, additionele maatregelen te hebben genomen.\n\n**Update:** Inmiddels wordt door diverse partijen actief misbruik gemeld van CVE-2026-41089, de kwetsbaarheid in NETLOGON.\n\n```\nWindows Projected File System: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34340 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Application Identity (AppID) Subsystem: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34343 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nUndisclosed: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41095 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40398 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Windows DNS: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41096 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Ancillary Function Driver for WinSock: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34344 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34345 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35416 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-41088 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Kernel: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33841 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35420 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40369 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Secure Boot: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41097 | 6.70 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Native WiFi Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32161 | 7.50 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Kernel-Mode Drivers: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40408 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34332 | 8.00 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nTelnet Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35423 | 5.40 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Print Spooler Components: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34342 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows SMB Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40410 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Storage Spaces Controller: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35415 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Filtering Platform (WFP): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32209 | 4.40 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Volume Manager Extension Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40380 | 6.20 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Cryptographic Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40377 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - GRFX: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33839 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34330 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34331 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34333 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34347 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40403 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Admin Center: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35438 | 8.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Hyper-V: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40402 | 9.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit Control: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32170 | 6.70 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Event Logging Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33834 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Internet Key Exchange (IKE) Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35424 | 7.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Netlogon: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41089 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Storport Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34350 | 6.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Common Log File System Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40407 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40397 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Cloud Files Mini Filter Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35418 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-33835 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34337 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - ICOMP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33840 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35417 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows GDI: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35421 | 7.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-21530 | 6.70 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows TCP/IP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34351 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35422 | 6.50 | Omzeilen van beveiligingsmaatregel | \n| CVE-2026-40399 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40405 | 7.50 | Denial-of-Service | \n| CVE-2026-40406 | 7.50 | Toegang tot gevoelige gegevens | \n| CVE-2026-40414 | 7.40 | Denial-of-Service | \n| CVE-2026-40415 | 8.10 | Uitvoeren van willekeurige code | \n| CVE-2026-33837 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34334 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40401 | 6.20 | Denial-of-Service | \n| CVE-2026-40413 | 7.40 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows LDAP - Lightweight Directory Access Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34339 | 5.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Telephony Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-42825 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34338 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40382 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Message Queuing: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34329 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2026-33838 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows DWM Core Library: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35419 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2026-42896 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34336 | 7.80 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Link-Layer Discovery Protocol (LLDP): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34341 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\n```", "creation_timestamp": "2026-06-02T09:33:41.000000Z"} {"uuid": "22266a99-abad-4555-9765-4ce2c5294c6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0141", "content": "Microsoft heeft kwetsbaarheden verholpen in Windows. Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Uitvoeren van willekeurige code (root/admin-rechten)\n- Uitvoeren van willekeurige code (gebruikersrechten)\n- Verkrijgen van verhoogde rechten\n- Omzeilen van een beveiligingsmaatregel\n- Toegang tot gevoelige gegevens\n\nDe ernstigste kwetsbaarheden hebben kenmerken CVE-2026-40402, CVE-2026-41089 en CVE-2026-41096 toegewezen gekregen en bevinden zich respectievelijk in Hyper-V, NETLOGON en de DNS Client. De kwetsbaarheid in Hyper-V stelt een geauthenticeerde kwaadwillende in staat om uit de Guest-VM te breken en toegang te krijgen tot geheugen van de host en mogelijk willekeurige code uit te voeren op de host. De kwetsbaarheden in NETLOGON en de DNS Client stellen een ongeauthenticeerde kwaadwillende op afstand in staat om willekeurige code uit te voeren op het kwetsbare systeem.\n\n**Met name Domain Controllers die toegankelijk zijn vanaf externe netwerken lopen een hoog risico voor actief misbruik van de kwetsbaarheid in NETLOGON.**\n\nHet verdient altijd aanbeveling om een systeem met de rol van Domain Controller niet publiek toegankelijk te hebben en, indien dit noodzakelijk is, additionele maatregelen te hebben genomen.\n\n**Update:** Inmiddels wordt door diverse partijen actief misbruik gemeld van CVE-2026-41089, de kwetsbaarheid in NETLOGON.\n\n```\nWindows Projected File System: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34340 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Application Identity (AppID) Subsystem: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34343 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nUndisclosed: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41095 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40398 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Windows DNS: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41096 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Ancillary Function Driver for WinSock: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34344 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34345 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35416 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-41088 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Kernel: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33841 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35420 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40369 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Secure Boot: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41097 | 6.70 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Native WiFi Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32161 | 7.50 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Kernel-Mode Drivers: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40408 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34332 | 8.00 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nTelnet Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35423 | 5.40 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Print Spooler Components: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34342 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows SMB Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40410 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Storage Spaces Controller: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35415 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Filtering Platform (WFP): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32209 | 4.40 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Volume Manager Extension Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40380 | 6.20 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Cryptographic Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40377 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - GRFX: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33839 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34330 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34331 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34333 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34347 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40403 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Admin Center: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35438 | 8.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Hyper-V: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40402 | 9.30 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit Control: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-32170 | 6.70 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Event Logging Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33834 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Internet Key Exchange (IKE) Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35424 | 7.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Netlogon: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-41089 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Storport Miniport Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34350 | 6.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Common Log File System Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-40407 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40397 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Cloud Files Mini Filter Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35418 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-33835 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34337 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - ICOMP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-33840 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35417 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows GDI: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35421 | 7.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Rich Text Edit: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-21530 | 6.70 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows TCP/IP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34351 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-35422 | 6.50 | Omzeilen van beveiligingsmaatregel | \n| CVE-2026-40399 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40405 | 7.50 | Denial-of-Service | \n| CVE-2026-40406 | 7.50 | Toegang tot gevoelige gegevens | \n| CVE-2026-40414 | 7.40 | Denial-of-Service | \n| CVE-2026-40415 | 8.10 | Uitvoeren van willekeurige code | \n| CVE-2026-33837 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34334 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40401 | 6.20 | Denial-of-Service | \n| CVE-2026-40413 | 7.40 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows LDAP - Lightweight Directory Access Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34339 | 5.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Telephony Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-42825 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34338 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-40382 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Message Queuing: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34329 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2026-33838 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows DWM Core Library: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-35419 | 5.50 | Toegang tot gevoelige gegevens | \n| CVE-2026-42896 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-34336 | 7.80 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Link-Layer Discovery Protocol (LLDP): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-34341 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\n```", "creation_timestamp": "2026-06-02T09:33:41.000000Z"} https://vulnerability.circl.lu/sighting/22266a99-abad-4555-9765-4ce2c5294c6a/export Tue, 02 Jun 2026 09:33:41 +0000 https://vulnerability.circl.lu/sighting/1afb15f5-3d7d-45dd-839e-5a5c04eb8a45/export {"uuid": "1afb15f5-3d7d-45dd-839e-5a5c04eb8a45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mnltxdkhsa2k", "content": "CVE-2026-40369 Exploit in the Wild: Single Syscall Grants SYSTEM from Browser Sandbox +\u00a0Video\n\nIntroduction: A newly disclosed Windows Kernel vulnerability, identified as CVE-2026-40369, has sent shockwaves through the cybersecurity community. Discovered by researcher Ori Nimron, this flaw allows\u2026", "creation_timestamp": "2026-06-06T04:47:48.901004Z"} {"uuid": "1afb15f5-3d7d-45dd-839e-5a5c04eb8a45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mnltxdkhsa2k", "content": "CVE-2026-40369 Exploit in the Wild: Single Syscall Grants SYSTEM from Browser Sandbox +\u00a0Video\n\nIntroduction: A newly disclosed Windows Kernel vulnerability, identified as CVE-2026-40369, has sent shockwaves through the cybersecurity community. Discovered by researcher Ori Nimron, this flaw allows\u2026", "creation_timestamp": "2026-06-06T04:47:48.901004Z"} https://vulnerability.circl.lu/sighting/1afb15f5-3d7d-45dd-839e-5a5c04eb8a45/export Sat, 06 Jun 2026 04:47:48 +0000 https://vulnerability.circl.lu/sighting/54daf722-5c96-4645-aa90-c11d910e0f32/export {"uuid": "54daf722-5c96-4645-aa90-c11d910e0f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mnsbwv4hpw2f", "content": "I originally prepared this bug for Pwn2Own Berlin. A few days before the contest, a CVE got assigned. So, here is my technical analysis and exploitation strategy for CVE-2026-40369: a 12-byte kernel increm\u2026\n\n\ud83d\udd01 RT @Void_Sec | reposted by @hasherezade\nhttps://x.com/Void_Sec/status/2057491609936331126", "creation_timestamp": "2026-06-08T18:14:04.417723Z"} {"uuid": "54daf722-5c96-4645-aa90-c11d910e0f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mnsbwv4hpw2f", "content": "I originally prepared this bug for Pwn2Own Berlin. A few days before the contest, a CVE got assigned. So, here is my technical analysis and exploitation strategy for CVE-2026-40369: a 12-byte kernel increm\u2026\n\n\ud83d\udd01 RT @Void_Sec | reposted by @hasherezade\nhttps://x.com/Void_Sec/status/2057491609936331126", "creation_timestamp": "2026-06-08T18:14:04.417723Z"} https://vulnerability.circl.lu/sighting/54daf722-5c96-4645-aa90-c11d910e0f32/export Mon, 08 Jun 2026 18:14:04 +0000 https://vulnerability.circl.lu/sighting/00c77a49-cdc1-4238-b15a-fa515566a4b9/export {"uuid": "00c77a49-cdc1-4238-b15a-fa515566a4b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnxecdq3a326", "content": "Windows 11 Local Privilege Escalation Claim (CVE-2026-40369) Sparks Security Alarm Across Underground Forums \u2014 Dark Web recent claims +\u00a0Video\n\nIntroduction: A Quiet Alert That Echoes Loudly Through Cybersecurity Circles A recent post attributed to the Dark Web Intelligence community has triggered\u2026", "creation_timestamp": "2026-06-10T18:39:35.159404Z"} {"uuid": "00c77a49-cdc1-4238-b15a-fa515566a4b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnxecdq3a326", "content": "Windows 11 Local Privilege Escalation Claim (CVE-2026-40369) Sparks Security Alarm Across Underground Forums \u2014 Dark Web recent claims +\u00a0Video\n\nIntroduction: A Quiet Alert That Echoes Loudly Through Cybersecurity Circles A recent post attributed to the Dark Web Intelligence community has triggered\u2026", "creation_timestamp": "2026-06-10T18:39:35.159404Z"} https://vulnerability.circl.lu/sighting/00c77a49-cdc1-4238-b15a-fa515566a4b9/export Wed, 10 Jun 2026 18:39:35 +0000 https://vulnerability.circl.lu/sighting/5eb7f185-9f00-4b77-a557-89e1eabeef78/export {"uuid": "5eb7f185-9f00-4b77-a557-89e1eabeef78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/116742457490759004", "content": "En las \u00faltimas 24 horas, se han descubierto vulnerabilidades cr\u00edticas en Splunk Enterprise y Windows que permiten ejecuci\u00f3n remota y evasi\u00f3n de sandbox, mientras un fallo de m\u00e1s de una d\u00e9cada en phpBB revela la necesidad de auditor\u00edas continuas; adem\u00e1s, la IA ampl\u00eda la superficie de ataque y AMD enfrenta controversia por retraso en parche y rechazo a recompensa. Descubre estos y m\u00e1s detalles en el siguiente listado de noticias sobre seguridad inform\u00e1tica:\n\ud83d\uddde\ufe0f \u00daLTIMAS NOTICIAS EN SEGURIDAD INFORM\u00c1TICA \ud83d\udd12====| \ud83d\udd25 LO QUE DEBES SABER HOY \ufeff\ufeff13/06/26\ufeff\ufeff \ud83d\udcc6 |==== \n\ud83d\udd10 VULNERABILIDAD CR\u00cdTICA EN SPLUNK ENTERPRISE CVE-2026-20253\nSe ha revelado una grave vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) en Splunk Enterprise, identificada como CVE-2026-20253, que permite a atacantes comprometer sistemas antes de la autenticaci\u00f3n. Este fallo pone en riesgo datos sensibles en entornos empresariales, subrayando la importancia de implementar autenticaci\u00f3n a nivel de aplicaci\u00f3n adem\u00e1s de la propia base de datos. Mantenerse actualizado con los parches y reforzar las capas de seguridad es clave para mitigar este tipo de amenazas. Descubre el an\u00e1lisis completo y recomendaciones de protecci\u00f3n aqu\u00ed \ud83d\udc49 https://djar.co/D5AoI\n\ud83e\udd16 LA INTELIGENCIA ARTIFICIAL EXPANDE LA SUPERFICIE DE ATAQUE\nLa r\u00e1pida adopci\u00f3n de inteligencia artificial est\u00e1 transformando no solo el desarrollo de software, sino tambi\u00e9n la seguridad, ampliando notablemente la superficie de ataque en proyectos de c\u00f3digo abierto, SaaS y equipos \u00e1giles. El desaf\u00edo radica en detectar y anticipar brechas potenciales que ahora pueden surgir desde m\u00faltiples puntos de entrada y procesos automatizados. Adoptar una mentalidad proactiva que asuma la posibilidad de compromiso es vital para fortalecer defensas y limitar da\u00f1os. Profundiza en c\u00f3mo prepararte ante esta nueva realidad de ciberseguridad \ud83d\udc49 https://djar.co/TMCu\n\u26a0\ufe0f AMD RECHAZA PAGO DE RECOMPENSA POR FALLA CR\u00cdTICA QUE TARD\u00d3 124 D\u00cdAS EN PARCHEARSE\nUna vulnerabilidad cr\u00edtica en el actualizador autom\u00e1tico de AMD puso en riesgo sistemas durante m\u00e1s de cuatro meses antes de ser corregida. A pesar de la gravedad, la empresa neg\u00f3 la recompensa de 10,000 d\u00f3lares solicitada por el investigador que report\u00f3 el fallo. Este caso refleja la complejidad y controversia en la gesti\u00f3n de programas de bug bounty, adem\u00e1s de la necesidad de mejorar los tiempos de respuesta ante vulnerabilidades que afectan la cadena de suministro tecnol\u00f3gica. Explora los detalles y lecciones de este incidente aqu\u00ed \ud83d\udc49 https://djar.co/B0LC\n\ud83d\udee1\ufe0f PHPBB SOLUCIONA VULNERABILIDAD DE EVASI\u00d3N DE AUTENTICACI\u00d3N DE M\u00c1S DE UNA D\u00c9CADA\nUna brecha presente durante m\u00e1s de diez a\u00f1os en phpBB, uno de los foros m\u00e1s populares, permit\u00eda a atacantes sortear la autenticaci\u00f3n y obtener acceso con privilegios administrativos. Esta vulnerabilidad cr\u00edtica resalta la importancia de auditor\u00edas continuas en software de larga vida y en proyectos comunitarios. Los administradores deben actualizar inmediatamente para proteger sus comunidades y evitar accesos no autorizados que pueden comprometer la integridad de sus plataformas. Lee el informe completo y aplique las medidas recomendadas \ud83d\udc49 https://t.co/eUXZqMUPpu\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f CVE-2026-40369: FUGA DE LA SANDBOX DEL NAVEGADOR EN WINDOWS\nUna vulnerabilidad t\u00e9cnica en Windows, identificada como CVE-2026-40369, permite a atacantes evadir la sandbox de los navegadores mediante una manipulaci\u00f3n directa en el kernel, abriendo la puerta a la ejecuci\u00f3n de c\u00f3digo malicioso fuera del entorno seguro habitual. Esta falla representa un riesgo para la seguridad del usuario y la integridad de los datos, especialmente en entornos de navegaci\u00f3n restringida. Mantener los sistemas actualizados y utilizar herramientas de protecci\u00f3n avanzadas es fundamental para mitigar este tipo de amenazas. Revisa el an\u00e1lisis detallado y recomendaciones aqu\u00ed \ud83d\udc49 https://djar.co/vBsmF", "creation_timestamp": "2026-06-13T11:02:14.310348Z"} {"uuid": "5eb7f185-9f00-4b77-a557-89e1eabeef78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40369", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/116742457490759004", "content": "En las \u00faltimas 24 horas, se han descubierto vulnerabilidades cr\u00edticas en Splunk Enterprise y Windows que permiten ejecuci\u00f3n remota y evasi\u00f3n de sandbox, mientras un fallo de m\u00e1s de una d\u00e9cada en phpBB revela la necesidad de auditor\u00edas continuas; adem\u00e1s, la IA ampl\u00eda la superficie de ataque y AMD enfrenta controversia por retraso en parche y rechazo a recompensa. Descubre estos y m\u00e1s detalles en el siguiente listado de noticias sobre seguridad inform\u00e1tica:\n\ud83d\uddde\ufe0f \u00daLTIMAS NOTICIAS EN SEGURIDAD INFORM\u00c1TICA \ud83d\udd12====| \ud83d\udd25 LO QUE DEBES SABER HOY \ufeff\ufeff13/06/26\ufeff\ufeff \ud83d\udcc6 |==== \n\ud83d\udd10 VULNERABILIDAD CR\u00cdTICA EN SPLUNK ENTERPRISE CVE-2026-20253\nSe ha revelado una grave vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) en Splunk Enterprise, identificada como CVE-2026-20253, que permite a atacantes comprometer sistemas antes de la autenticaci\u00f3n. Este fallo pone en riesgo datos sensibles en entornos empresariales, subrayando la importancia de implementar autenticaci\u00f3n a nivel de aplicaci\u00f3n adem\u00e1s de la propia base de datos. Mantenerse actualizado con los parches y reforzar las capas de seguridad es clave para mitigar este tipo de amenazas. Descubre el an\u00e1lisis completo y recomendaciones de protecci\u00f3n aqu\u00ed \ud83d\udc49 https://djar.co/D5AoI\n\ud83e\udd16 LA INTELIGENCIA ARTIFICIAL EXPANDE LA SUPERFICIE DE ATAQUE\nLa r\u00e1pida adopci\u00f3n de inteligencia artificial est\u00e1 transformando no solo el desarrollo de software, sino tambi\u00e9n la seguridad, ampliando notablemente la superficie de ataque en proyectos de c\u00f3digo abierto, SaaS y equipos \u00e1giles. El desaf\u00edo radica en detectar y anticipar brechas potenciales que ahora pueden surgir desde m\u00faltiples puntos de entrada y procesos automatizados. Adoptar una mentalidad proactiva que asuma la posibilidad de compromiso es vital para fortalecer defensas y limitar da\u00f1os. Profundiza en c\u00f3mo prepararte ante esta nueva realidad de ciberseguridad \ud83d\udc49 https://djar.co/TMCu\n\u26a0\ufe0f AMD RECHAZA PAGO DE RECOMPENSA POR FALLA CR\u00cdTICA QUE TARD\u00d3 124 D\u00cdAS EN PARCHEARSE\nUna vulnerabilidad cr\u00edtica en el actualizador autom\u00e1tico de AMD puso en riesgo sistemas durante m\u00e1s de cuatro meses antes de ser corregida. A pesar de la gravedad, la empresa neg\u00f3 la recompensa de 10,000 d\u00f3lares solicitada por el investigador que report\u00f3 el fallo. Este caso refleja la complejidad y controversia en la gesti\u00f3n de programas de bug bounty, adem\u00e1s de la necesidad de mejorar los tiempos de respuesta ante vulnerabilidades que afectan la cadena de suministro tecnol\u00f3gica. Explora los detalles y lecciones de este incidente aqu\u00ed \ud83d\udc49 https://djar.co/B0LC\n\ud83d\udee1\ufe0f PHPBB SOLUCIONA VULNERABILIDAD DE EVASI\u00d3N DE AUTENTICACI\u00d3N DE M\u00c1S DE UNA D\u00c9CADA\nUna brecha presente durante m\u00e1s de diez a\u00f1os en phpBB, uno de los foros m\u00e1s populares, permit\u00eda a atacantes sortear la autenticaci\u00f3n y obtener acceso con privilegios administrativos. Esta vulnerabilidad cr\u00edtica resalta la importancia de auditor\u00edas continuas en software de larga vida y en proyectos comunitarios. Los administradores deben actualizar inmediatamente para proteger sus comunidades y evitar accesos no autorizados que pueden comprometer la integridad de sus plataformas. Lee el informe completo y aplique las medidas recomendadas \ud83d\udc49 https://t.co/eUXZqMUPpu\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f CVE-2026-40369: FUGA DE LA SANDBOX DEL NAVEGADOR EN WINDOWS\nUna vulnerabilidad t\u00e9cnica en Windows, identificada como CVE-2026-40369, permite a atacantes evadir la sandbox de los navegadores mediante una manipulaci\u00f3n directa en el kernel, abriendo la puerta a la ejecuci\u00f3n de c\u00f3digo malicioso fuera del entorno seguro habitual. Esta falla representa un riesgo para la seguridad del usuario y la integridad de los datos, especialmente en entornos de navegaci\u00f3n restringida. Mantener los sistemas actualizados y utilizar herramientas de protecci\u00f3n avanzadas es fundamental para mitigar este tipo de amenazas. Revisa el an\u00e1lisis detallado y recomendaciones aqu\u00ed \ud83d\udc49 https://djar.co/vBsmF", "creation_timestamp": "2026-06-13T11:02:14.310348Z"} https://vulnerability.circl.lu/sighting/5eb7f185-9f00-4b77-a557-89e1eabeef78/export Sat, 13 Jun 2026 11:02:14 +0000 https://vulnerability.circl.lu/sighting/3cb39ca5-f05c-4f2c-9aa1-fd7f5c7ebfb3/export {"uuid": "3cb39ca5-f05c-4f2c-9aa1-fd7f5c7ebfb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40369", "type": "seen", "source": "https://bsky.app/profile/oxfemale.bsky.social/post/3mofgdiwvnj2k", "content": "Original text: \"CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox\" \u2014 voidsec, VoidSec (20 May 2026). Hex-Rays excerpts, exploit pseudo-code, and offsets below are reproduced verbatim with attribution captions; \nhttps://core-jmp.org/2026/06/cve-2026-40369-twelve-bytes-browser-sandbox-escape/", "creation_timestamp": "2026-06-16T08:53:18.849351Z"} {"uuid": "3cb39ca5-f05c-4f2c-9aa1-fd7f5c7ebfb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40369", "type": "seen", "source": "https://bsky.app/profile/oxfemale.bsky.social/post/3mofgdiwvnj2k", "content": "Original text: \"CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox\" \u2014 voidsec, VoidSec (20 May 2026). Hex-Rays excerpts, exploit pseudo-code, and offsets below are reproduced verbatim with attribution captions; \nhttps://core-jmp.org/2026/06/cve-2026-40369-twelve-bytes-browser-sandbox-escape/", "creation_timestamp": "2026-06-16T08:53:18.849351Z"} https://vulnerability.circl.lu/sighting/3cb39ca5-f05c-4f2c-9aa1-fd7f5c7ebfb3/export Tue, 16 Jun 2026 08:53:18 +0000