Protecting Privacy Build Trust

Protecting Privacy Build Trust

Protecting Privacy Build Trust

Privacy Trust

on February 25, 2026 at 4:13 pm — Active exploitation of Cisco Catalyst SD-WAN by UAT-8616

Leave a Comment / Uncategorized / Privacy Trust

Cisco Talos is tracking the active exploitation of CVE-2026-20127, a vulnerability in Cisco Catalyst SD-WAN Controller, formerly vSmart, that allows an unauthenticated remote attacker to bypass authentication and obtain administrative privileges on the affected system by sending a crafted request to an affected system. Successful exploitation may allow the attacker to gain administrative privileges on […]

on February 25, 2026 at 4:13 pm — Active exploitation of Cisco Catalyst SD-WAN by UAT-8616 Read More »

on February 25, 2026 at 9:03 am — CVE-2026-21620 TFTP Path Traversal

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on February 25, 2026 at 9:03 am — CVE-2026-21620 TFTP Path Traversal Read More »

on February 25, 2026 at 9:03 am — CVE-2026-27199 Werkzeug safe_join() allows Windows special device names

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on February 25, 2026 at 9:03 am — CVE-2026-27199 Werkzeug safe_join() allows Windows special device names Read More »

on February 25, 2026 at 9:03 am — CVE-2026-2739 This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely.

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on February 25, 2026 at 9:03 am — CVE-2026-2739 This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely. Read More »

on February 25, 2026 at 9:38 am — CVE-2026-26960 node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on February 25, 2026 at 9:38 am — CVE-2026-26960 node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction Read More »

on February 25, 2026 at 9:03 am — CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on February 25, 2026 at 9:03 am — CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse Read More »

on February 21, 2026 at 11:27 am — CVE-2021-24119 In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on February 21, 2026 at 11:27 am — CVE-2021-24119 In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. Read More »

on February 21, 2026 at 11:28 am — CVE-2020-36426 An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on February 21, 2026 at 11:28 am — CVE-2020-36426 An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte). Read More »

on February 21, 2026 at 10:18 am — CVE-2025-21846 acct: perform last write from workqueue

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on February 21, 2026 at 10:18 am — CVE-2025-21846 acct: perform last write from workqueue Read More »

on February 21, 2026 at 10:21 am — CVE-2025-21847 ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on February 21, 2026 at 10:21 am — CVE-2025-21847 ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() Read More »