{"page":1,"per_page":25,"total_vulns":377,"total_pages":16,"vulnerabilities":[{"_id":"6a0deae9d5f9c3f2c2b822c3","cveID":"CVE-2010-0249","dateAdded":"2026-06-03","dueDate":"2026-06-03","notes":"https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2010/979352 ; https://nvd.nist.gov/vuln/detail/CVE-2010-0249","product":"Internet Explorer","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Internet Explorer Use-After-Free Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.8,"nvdReferences":[{"url":"http://blogs.technet.com/msrc/archive/2010/01/14/security-advisory-979352.aspx","source":"secure@microsoft.com","tags":["Broken Link","Vendor Advisory"]},{"url":"http://news.cnet.com/8301-27080_3-10435232-245.html","source":"secure@microsoft.com","tags":["Broken Link"]},{"url":"http://osvdb.org/61697","source":"secure@microsoft.com","tags":["Broken Link"]},{"url":"http://securitytracker.com/id?1023462","source":"secure@microsoft.com","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http://support.microsoft.com/kb/979352","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.exploit-db.com/exploits/11167","source":"secure@microsoft.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://www.kb.cert.org/vuls/id/492515","source":"secure@microsoft.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.microsoft.com/technet/security/advisory/979352.mspx","source":"secure@microsoft.com","tags":["Broken Link","Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/37815","source":"secure@microsoft.com","tags":["Broken Link","Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA10-055A.html","source":"secure@microsoft.com","tags":["Broken Link","Third Party Advisory","US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2010/0135","source":"secure@microsoft.com","tags":["Broken Link"]},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/55642","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6835","source":"secure@microsoft.com","tags":["Broken Link"]},{"url":"http://blogs.technet.com/msrc/archive/2010/01/14/security-advisory-979352.aspx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]},{"url":"http://news.cnet.com/8301-27080_3-10435232-245.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"http://osvdb.org/61697","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"http://securitytracker.com/id?1023462","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http://support.microsoft.com/kb/979352","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.exploit-db.com/exploits/11167","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://www.kb.cert.org/vuls/id/492515","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.microsoft.com/technet/security/advisory/979352.mspx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/37815","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA10-055A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2010/0135","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/55642","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6835","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}],"vulnStatus":"Modified"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":[""]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"6a0deae9d5f9c3f2c2b822c9","cveID":"CVE-2026-45498","dateAdded":"2026-05-20","dueDate":"2026-06-03","notes":"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45498 ; https://nvd.nist.gov/vuln/detail/CVE-2026-45498","product":"Defender","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Defender contains an unspecified vulnerability that allows for denial of service.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Defender Denial of Service Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"MEDIUM","exploitabilityScore":2.5,"baseScore":4.0,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45498","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-45498","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory","US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"6a0deae9d5f9c3f2c2b822c8","cveID":"CVE-2026-41091","dateAdded":"2026-05-20","dueDate":"2026-06-03","notes":"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-41091 ; https://nvd.nist.gov/vuln/detail/CVE-2026-41091","product":"Defender","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Defender Link Following Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-41091","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource","Third Party Advisory"]}],"vulnStatus":"Analyzed"}],"githubPocs":["https://github.com/ridhinva/defender-vulnerability-scanner","https://github.com/0xBlackash/CVE-2026-41091"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"6a0deae9d5f9c3f2c2b822c7","cveID":"CVE-2010-0806","dateAdded":"2026-05-20","dueDate":"2026-06-03","notes":"https://learn.microsoft.com/en-us/security-updates/securityadvisories/2010/981374 ; https://nvd.nist.gov/vuln/detail/CVE-2010-0806","product":"Internet Explorer","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Internet Explorer Use-After-Free Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"MEDIUM","baseSeverity":"HIGH","exploitabilityScore":8.6,"baseScore":9.3,"nvdReferences":[{"url":"http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-released.aspx","source":"secure@microsoft.com"},{"url":"http://osvdb.org/62810","source":"secure@microsoft.com"},{"url":"http://secunia.com/advisories/38860","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"http://www.kb.cert.org/vuls/id/744549","source":"secure@microsoft.com","tags":["Patch","US Government Resource"]},{"url":"http://www.microsoft.com/technet/security/advisory/981374.mspx","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/38615","source":"secure@microsoft.com"},{"url":"http://www.us-cert.gov/cas/techalerts/TA10-068A.html","source":"secure@microsoft.com","tags":["US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA10-089A.html","source":"secure@microsoft.com","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2010/0567","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"http://www.vupen.com/english/advisories/2010/0744","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018","source":"secure@microsoft.com"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/56772","source":"secure@microsoft.com"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8446","source":"secure@microsoft.com"},{"url":"http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-released.aspx","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://osvdb.org/62810","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/38860","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.kb.cert.org/vuls/id/744549","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","US Government Resource"]},{"url":"http://www.microsoft.com/technet/security/advisory/981374.mspx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/38615","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.us-cert.gov/cas/techalerts/TA10-068A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA10-089A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2010/0567","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.vupen.com/english/advisories/2010/0744","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/56772","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8446","source":"af854a3a-2127-422b-91ae-364da2661108"}],"vulnStatus":"Modified"}],"githubPocs":[],"openThreatData":[{"adversaries":["APT41"],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":["Threat"],"communityMalwareFamilies":["Raspberry robin","Cozybear","Beaconloader","Cobalt strike","Shadowpad","Graphsteel","Fancybear","Beacon","Shadow chaser","Darkside","Pcap","Bumblebee","Gold blackburn","Win32.agent","Grimplant","Nbtscan","Ransomhub","Conti","Elf","Socgholish","Microbackdoor","Avoslocker","Netsupport","Win api","Frp","Doorme","Generic.933739","Socgholish netsupport","Credomap","Ryuk","Win32.bitcoinminer","Matanbuchus","Plugx","Threat","Handleref","Threat analysis","Hades","Primary threat","Bazarloader","Trickbot","Stellarparticle","Apt29","Cyclops","Gootloader","Kronos"],"communityAffectedIndustries":["Aviation","Telecommunications","Energy","Transportation","Financial","Aerospace","Media","Logistics","Gas","Legal","Manufacturing","Military","Banking","Defense","Technology","Political","Foreign affairs","Academics","Diplomatic","Industrial","Transport","Government","Pharmaceutical"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"6a0deae9d5f9c3f2c2b822c5","cveID":"CVE-2009-1537","dateAdded":"2026-05-20","dueDate":"2026-06-03","notes":"https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028 ; https://nvd.nist.gov/vuln/detail/CVE-2009-1537","product":"DirectX","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a crafted QuickTime media file.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft DirectX NULL Byte Overwrite Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"MEDIUM","baseSeverity":"HIGH","exploitabilityScore":8.6,"baseScore":9.3,"nvdReferences":[{"url":"http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx","source":"secure@microsoft.com"},{"url":"http://isc.sans.org/diary.html?storyid=6481","source":"secure@microsoft.com"},{"url":"http://osvdb.org/54797","source":"secure@microsoft.com"},{"url":"http://secunia.com/advisories/35268","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"http://www.microsoft.com/technet/security/advisory/971778.mspx","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/35139","source":"secure@microsoft.com"},{"url":"http://www.securitytracker.com/id?1022299","source":"secure@microsoft.com"},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-195A.html","source":"secure@microsoft.com","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2009/1445","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"http://www.vupen.com/english/advisories/2009/1886","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028","source":"secure@microsoft.com"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237","source":"secure@microsoft.com"},{"url":"http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://isc.sans.org/diary.html?storyid=6481","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://osvdb.org/54797","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/35268","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.microsoft.com/technet/security/advisory/971778.mspx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/35139","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id?1022299","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-195A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2009/1445","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.vupen.com/english/advisories/2009/1886","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237","source":"af854a3a-2127-422b-91ae-364da2661108"}],"vulnStatus":"Modified"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"6a0deae9d5f9c3f2c2b822c4","cveID":"CVE-2008-4250","dateAdded":"2026-05-20","dueDate":"2026-06-03","notes":"https://learn.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067 ; https://nvd.nist.gov/vuln/detail/CVE-2008-4250","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows Buffer Overflow Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":10.0,"baseScore":10.0,"nvdReferences":[{"url":"http://blogs.securiteam.com/index.php/archives/1150","source":"secure@microsoft.com","tags":["Permissions Required"]},{"url":"http://marc.info/?l=bugtraq&m=122703006921213&w=2","source":"secure@microsoft.com","tags":["Issue Tracking","Mailing List","Third Party Advisory"]},{"url":"http://secunia.com/advisories/32326","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.kb.cert.org/vuls/id/827267","source":"secure@microsoft.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.securityfocus.com/archive/1/497808/100/0/threaded","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/archive/1/497816/100/0/threaded","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/bid/31874","source":"secure@microsoft.com","tags":["Exploit","Patch","Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id?1021091","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA08-297A.html","source":"secure@microsoft.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-088A.html","source":"secure@microsoft.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2008/2902","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46040","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093","source":"secure@microsoft.com","tags":["Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/6824","source":"secure@microsoft.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/6841","source":"secure@microsoft.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/7104","source":"secure@microsoft.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/7132","source":"secure@microsoft.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://blogs.securiteam.com/index.php/archives/1150","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"http://marc.info/?l=bugtraq&m=122703006921213&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Mailing List","Third Party Advisory"]},{"url":"http://secunia.com/advisories/32326","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.kb.cert.org/vuls/id/827267","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.securityfocus.com/archive/1/497808/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/archive/1/497816/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/bid/31874","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id?1021091","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA08-297A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-088A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2008/2902","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46040","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6093","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/6824","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/6841","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/7104","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/7132","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}],"vulnStatus":"Modified"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":["Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"6a076179ed41aae5c71e8839","cveID":"CVE-2026-42897","dateAdded":"2026-05-15","dueDate":"2026-05-29","notes":"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-42897 ; https://learn.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/security-best-practices/exchange-emergency-mitigation-service ; https://nvd.nist.gov/vuln/detail/CVE-2026-42897","product":"Microsoft","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Exchange Server Cross-Site Scripting Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.1,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42897","source":"secure@microsoft.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-42897","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":["https://github.com/atiilla/CVE-2026-42897"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":["Hulud"],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"69f0f7f9e6834804394afb5f","cveID":"CVE-2026-32202","dateAdded":"2026-04-28","dueDate":"2026-05-12","notes":"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32202 ; https://nvd.nist.gov/vuln/detail/CVE-2026-32202","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows Protection Mechanism Failure Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"MEDIUM","exploitabilityScore":2.8,"baseScore":4.3,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202","source":"secure@microsoft.com","tags":["Vendor Advisory"]}],"vulnStatus":"Analyzed"}],"githubPocs":["https://github.com/virus-or-not/CVE-2026-32202"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":["Threat","Trigona, SHub Stealer v2.0, Malicious Compiled HTML Help File, Vidar"],"communityMalwareFamilies":["Pcap","Beaconloader","Generic.933739","Avoslocker","Threat analysis","Ryuk","Elf","Frp","Shadowpad","Credomap","Primary threat","Bazarloader","Hades","Shadow chaser","Fancybear","Ransomhub","Grimplant","Darkside","Threat","Win32.agent","Nbtscan","Graphsteel","Raspberry robin","Doorme","Socgholish netsupport","Gold blackburn","Win api","Socgholish","Gootloader","Netsupport","Conti","Trickbot","Cobalt strike","Microbackdoor","Kronos","Matanbuchus","Plugx","Beacon","Stellarparticle","Win32.bitcoinminer","Handleref","Apt29","Bumblebee","Cozybear","Cyclops"],"communityAffectedIndustries":["Industrial","Telecommunications","Financial","Political","Energy","Diplomatic","Technology","Transport","Aviation","Aerospace","Legal","Logistics","Banking","Pharmaceutical","Transportation","Government","Defense","Military","Academics","Media","Gas","Manufacturing","Foreign affairs"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"69e92b19f36ed5298bf72d6e","cveID":"CVE-2026-33825","dateAdded":"2026-04-22","dueDate":"2026-05-06","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33825 ; https://nvd.nist.gov/vuln/detail/CVE-2026-33825","product":"Defender","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Defender Insufficient Granularity of Access Control Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33825","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.huntress.com/blog/nightmare-eclipse-intrusion","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Modified"}],"githubPocs":["https://github.com/Bilal3755/Detecting_blue_hammer_vuln","https://github.com/Letlaka/redsun-bluehammer-undefend-detection-pack","https://github.com/Joe1sn/CVE-2026-33825","https://github.com/0xBlackash/CVE-2026-33825"],"openThreatData":[{"adversaries":[],"malwareFamiles":["Undefend","Bluehammer","Redsun","Beigeburrow"],"affectedIndustries":[],"communityAdversaries":["STX RAT, Deploying NetSupport RAT via Compromised Websites, AngrySpark, Abusing n8n platform","GopherWhisper, Seedworm (MuddyWater), Adware Bundles Delivering RAT, Donot"],"communityMalwareFamilies":["Bluehammer","Huntress","Undefend","Beigeburrow","Redsun"],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"69de82f92c5c1df9d4b24d23","cveID":"CVE-2026-32201","dateAdded":"2026-04-14","dueDate":"2026-04-28","notes":"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32201 ; https://nvd.nist.gov/vuln/detail/CVE-2026-32201","product":"SharePoint Server","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft SharePoint Server Improper Input Validation Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"MEDIUM","exploitabilityScore":3.9,"baseScore":6.5,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32201","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-32201","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource","Third Party Advisory"]}],"vulnStatus":"Analyzed"}],"githubPocs":["https://github.com/B1tBit/CVE-2026-32201-exploit"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"69de82f92c5c1df9d4b24d22","cveID":"CVE-2009-0238","dateAdded":"2026-04-14","dueDate":"2026-04-28","notes":"https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009 ; https://nvd.nist.gov/vuln/detail/CVE-2009-0238","product":"Office","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially crafted Excel file that includes a malformed object.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Office Remote Code Execution","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.8,"nvdReferences":[{"url":"http://blogs.zdnet.com/security/?p=2658","source":"secure@microsoft.com"},{"url":"http://isc.sans.org/diary.html?storyid=5923","source":"secure@microsoft.com"},{"url":"http://securitytracker.com/id?1021744","source":"secure@microsoft.com"},{"url":"http://www.microsoft.com/technet/security/advisory/968272.mspx","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/33870","source":"secure@microsoft.com"},{"url":"http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99","source":"secure@microsoft.com"},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-104A.html","source":"secure@microsoft.com","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2009/1023","source":"secure@microsoft.com"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009","source":"secure@microsoft.com"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48875","source":"secure@microsoft.com"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968","source":"secure@microsoft.com"},{"url":"http://blogs.zdnet.com/security/?p=2658","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://isc.sans.org/diary.html?storyid=5923","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securitytracker.com/id?1021744","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.microsoft.com/technet/security/advisory/968272.mspx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/33870","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-104A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2009/1023","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48875","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-0238","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Deferred"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"69dd3179a77fe194a6a23e1c","cveID":"CVE-2023-36424","dateAdded":"2026-04-13","dueDate":"2026-04-27","notes":"https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-36424 ; https://nvd.nist.gov/vuln/detail/CVE-2023-36424","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows Out-of-Bounds Read Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36424","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-36424","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Modified"}],"githubPocs":["https://github.com/Nassim-Asrir/CVE-2023-36424"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"69dd3179a77fe194a6a23e1b","cveID":"CVE-2023-21529","dateAdded":"2026-04-13","dueDate":"2026-04-27","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21529 ; https://nvd.nist.gov/vuln/detail/CVE-2023-21529","product":"Exchange Server","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21529","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21529","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-21529","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"},{"url":"https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Modified"}],"githubPocs":[],"openThreatData":[{"adversaries":["Storm-1175"],"malwareFamiles":["Medusa"],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"69dd3179a77fe194a6a23e1a","cveID":"CVE-2025-60710","dateAdded":"2026-04-13","dueDate":"2026-04-27","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60710 ; https://nvd.nist.gov/vuln/detail/CVE-2025-60710","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows contains a link following vulnerability that allows for privilege escalation","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows Link Following Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-60710","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.vicarius.io/vsociety/posts/cve-2025-60710-detection-script-eop-vulnerability-in-host-process-for-windows-tasks","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.vicarius.io/vsociety/posts/cve-2025-60710-mitigation-script-eop-vulnerability-in-host-process-for-windows-tasks","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-60710","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Modified"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"69dd3179a77fe194a6a23e19","cveID":"CVE-2012-1854","dateAdded":"2026-04-13","dueDate":"2026-04-27","notes":"https://learn.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-046 ; https://nvd.nist.gov/vuln/detail/CVE-2012-1854","product":"Visual Basic for Applications (VBA)","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"http://www.us-cert.gov/cas/techalerts/TA12-192A.html","source":"secure@microsoft.com","tags":["US Government Resource"]},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-046","source":"secure@microsoft.com"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14950","source":"secure@microsoft.com"},{"url":"http://www.us-cert.gov/cas/techalerts/TA12-192A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-046","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14950","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://learn.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-046","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-1854","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Deferred"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"69bb0699cb1203cd35ca09a2","cveID":"CVE-2026-20963","dateAdded":"2026-03-18","dueDate":"2026-03-21","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20963 ; https://nvd.nist.gov/vuln/detail/CVE-2026-20963","product":"SharePoint","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft SharePoint Deserialization of Untrusted Data Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20963","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20963","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Modified"}],"githubPocs":[],"openThreatData":[{"adversaries":["Interlock Ransomware Group"],"malwareFamiles":["Ghostblade","Plasmaloader","Plasmagrid","Ghostsaber","Ghostknife"],"affectedIndustries":[],"communityAdversaries":["Silver Fox, Powercat, BRUSHWORM and BRUSHLOGGER, Blank Grabber, Infiniti Stealer","Insikt"],"communityMalwareFamilies":["Insikt"],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"6994d929008952522ea3854c","cveID":"CVE-2008-0015","dateAdded":"2026-02-17","dueDate":"2026-03-10","notes":"https://web.archive.org/web/20110305211119/https://www.microsoft.com/technet/security/bulletin/ms09-032.mspx ; https://nvd.nist.gov/vuln/detail/CVE-2008-0015","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.","vendorProject":"Microsoft","vulnerabilityName":" Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.8,"nvdReferences":[{"url":"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx","source":"cve@mitre.org"},{"url":"http://isc.sans.org/diary.html?storyid=6733","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://osvdb.org/55651","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/36187","source":"cve@mitre.org"},{"url":"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.iss.net/threats/329.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.kb.cert.org/vuls/id/180513","source":"cve@mitre.org","tags":["US Government Resource"]},{"url":"http://www.microsoft.com/technet/security/advisory/972890.mspx","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/35558","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/35585","source":"cve@mitre.org"},{"url":"http://www.securitytracker.com/id?1022514","source":"cve@mitre.org"},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-187A.html","source":"cve@mitre.org","tags":["US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-195A.html","source":"cve@mitre.org","tags":["US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-223A.html","source":"cve@mitre.org","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2009/2232","source":"cve@mitre.org"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032","source":"cve@mitre.org"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037","source":"cve@mitre.org"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333","source":"cve@mitre.org"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363","source":"cve@mitre.org"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436","source":"cve@mitre.org"},{"url":"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://isc.sans.org/diary.html?storyid=6733","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://osvdb.org/55651","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/36187","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.iss.net/threats/329.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.kb.cert.org/vuls/id/180513","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.microsoft.com/technet/security/advisory/972890.mspx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/35558","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/35585","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id?1022514","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-187A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-195A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-223A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2009/2232","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Deferred"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":["StealthWorker/GoBrut (The adversary demonstrates advanced telemetry suppression within specialized s"],"communityMalwareFamilies":["Md5 hash: f8add7e7161460ea2b1970cf4ca535bf","Malware family: stealthworker / gobrut"],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698e2589951321aff5468da4","cveID":"CVE-2024-43468","dateAdded":"2026-02-12","dueDate":"2026-03-05","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43468 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43468","product":"Configuration Manager","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to the target environment which are processed in an unsafe manner enabling the attacker to execute commands on the server and/or underlying database.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Configuration Manager SQL Injection Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"CRITICAL","exploitabilityScore":3.9,"baseScore":9.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43468","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43468","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Modified"}],"githubPocs":["https://github.com/nikallass/CVE-2024-43468_mTLS_go"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":["","Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac9a","cveID":"CVE-2026-21514","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21514 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21514","product":"Office","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21514","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21514","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":["https://github.com/ChaitanyaHaritash/CVE-2026-21514_CVE-2026-21510"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":["Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac99","cveID":"CVE-2026-21519","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21519 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21519","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows Type Confusion Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21519","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21519","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":["Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in",""]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac98","cveID":"CVE-2026-21533","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21533 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21533","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows Improper Privilege Management Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21533","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21533","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":["https://github.com/Pairs34/RDPVulnarableCheck","https://github.com/fevar54/CVE-2026-21533_Scanner.py"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":["Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac97","cveID":"CVE-2026-21510","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21510 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21510 ","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network. ","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows Shell Protection Mechanism Failure Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21510","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21510","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":["https://github.com/andreassudo/CVE-2026-21510-CVSS-8.8-Important-Windows-Shell-security-feature-bypass","https://github.com/EpSiLoNPoInTOrI/EpSiLoNPoInTlnk"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":["Trigona, SHub Stealer v2.0, Malicious Compiled HTML Help File, Vidar"],"communityMalwareFamilies":[],"communityAffectedIndustries":["Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac96","cveID":"CVE-2026-21525","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21525 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21525","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows NULL Pointer Dereference Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"MEDIUM","exploitabilityScore":2.5,"baseScore":6.2,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21525","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21525","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":["Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac95","cveID":"CVE-2026-21513","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2026-21513 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21513","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Internet Explorer Protection Mechanism Failure Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21513","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21513","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":["","Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"6977e6393d6e1ad80e1e49e3","cveID":"CVE-2026-21509","dateAdded":"2026-01-26","dueDate":"2026-02-16","notes":"Please adhere to Microsoft’s recommended guidelines to address this vulnerability. Implement all final mitigations provided by the vendor for Office 2021, and apply the interim corresponding mitigations for Office 2016 and Office 2019 until the final patch becomes available. For more information please see: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21509","product":"Office","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Office contains a security feature bypass vulnerability in which reliance on untrusted inputs in a security decision in Microsoft Office could allow an unauthorized attacker to bypass a security feature locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Office Security Feature Bypass Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21509","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":["https://github.com/Ashwesker/Ashwesker-CVE-2026-21509","https://github.com/SimoesCTT/SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-","https://github.com/SimoesCTT/CTT-NFS-Vortex-RCE","https://github.com/ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation","https://github.com/gavz/CVE-2026-21509-PoC","https://github.com/IncursioHack/CVE-2026-21509-PoC","https://github.com/nicole2ilodl/CVE-2026-21509-PoC","https://github.com/SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509","https://github.com/kimstars/Ashwesker-CVE-2026-21509","https://github.com/decalage2/detect_CVE-2026-21509","https://github.com/planetoid/cve-2026-21509-mitigation","https://github.com/suuhm/CVE-2026-21509-handler","https://github.com/DameDode/CVE-2026-21509-POC"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":["Threat","DTO malware, GoPix banking Trojan, SERPENTINE#CLOUD, FAUX#ELEVATE, Katana","Turla Group","Mirax RAT, Marimo Exploitation, DesckVB RAT, Payouts King"],"communityMalwareFamilies":["Hades","Gold blackburn","Doorme","Ryuk","Win32.agent","Grimplant","Bazarloader","Handleref","Cobalt strike","Apt29","Win32.bitcoinminer","Threat analysis","Shadowpad","Darkside","Shadow chaser","Stellarparticle","Pcap","Threat","Primary threat","Nbtscan","Frp","Beacon","Plugx","Ransomhub","Graphsteel","Cozybear","Socgholish netsupport","Generic.933739","Bumblebee","Beaconloader","Cyclops","Matanbuchus","Microbackdoor","Avoslocker","Conti","Fancybear","Gootloader","Trickbot","Netsupport","Kronos","Raspberry robin","Elf","Credomap","Socgholish","Win api"],"communityAffectedIndustries":["Government","Airlines","Gas","Banking","Telecommunications","Energy","Technology","Consulting","Defense","Transportation","Manufacturing","Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in","Legal","Critical infrastructure","Finance","Diplomatic","Aerospace","Travel","Transport","Healthcare","Military","Academics","Political","Pharmaceutical","Aviation","Satellite","Foreign affairs","Financial","Logistics","Industrial","Media"]}],"knownRansomwareCampaignUse":"Unknown"}]}