{"page":1,"per_page":10,"total_vulns":362,"total_pages":37,"vulnerabilities":[{"_id":"69bb0699cb1203cd35ca09a2","cveID":"CVE-2026-20963","dateAdded":"2026-03-18","dueDate":"2026-03-21","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20963 ; https://nvd.nist.gov/vuln/detail/CVE-2026-20963","product":"SharePoint","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft SharePoint Deserialization of Untrusted Data Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20963","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20963","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Modified"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":["Macsync","Shub","Infiniti stealer"],"affectedIndustries":[],"communityAdversaries":["Silver Fox, Powercat, BRUSHWORM and BRUSHLOGGER, Blank Grabber, Infiniti Stealer"],"communityMalwareFamilies":["Macsync","Shub","Infiniti stealer"],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"6994d929008952522ea3854c","cveID":"CVE-2008-0015","dateAdded":"2026-02-17","dueDate":"2026-03-10","notes":"https://web.archive.org/web/20110305211119/https://www.microsoft.com/technet/security/bulletin/ms09-032.mspx ; https://nvd.nist.gov/vuln/detail/CVE-2008-0015","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.","vendorProject":"Microsoft","vulnerabilityName":" Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.8,"nvdReferences":[{"url":"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx","source":"cve@mitre.org"},{"url":"http://isc.sans.org/diary.html?storyid=6733","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://osvdb.org/55651","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/36187","source":"cve@mitre.org"},{"url":"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.iss.net/threats/329.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.kb.cert.org/vuls/id/180513","source":"cve@mitre.org","tags":["US Government Resource"]},{"url":"http://www.microsoft.com/technet/security/advisory/972890.mspx","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/35558","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/35585","source":"cve@mitre.org"},{"url":"http://www.securitytracker.com/id?1022514","source":"cve@mitre.org"},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-187A.html","source":"cve@mitre.org","tags":["US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-195A.html","source":"cve@mitre.org","tags":["US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-223A.html","source":"cve@mitre.org","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2009/2232","source":"cve@mitre.org"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032","source":"cve@mitre.org"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037","source":"cve@mitre.org"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333","source":"cve@mitre.org"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363","source":"cve@mitre.org"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436","source":"cve@mitre.org"},{"url":"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://isc.sans.org/diary.html?storyid=6733","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://osvdb.org/55651","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/36187","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.iss.net/threats/329.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.kb.cert.org/vuls/id/180513","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.microsoft.com/technet/security/advisory/972890.mspx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/35558","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/35585","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id?1022514","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-187A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-195A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-223A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2009/2232","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Deferred"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":["StealthWorker/GoBrut (The adversary demonstrates advanced telemetry suppression within specialized s"],"communityMalwareFamilies":["Md5 hash: f8add7e7161460ea2b1970cf4ca535bf","Malware family: stealthworker / gobrut"],"communityAffectedIndustries":[]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698e2589951321aff5468da4","cveID":"CVE-2024-43468","dateAdded":"2026-02-12","dueDate":"2026-03-05","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43468 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43468","product":"Configuration Manager","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to the target environment which are processed in an unsafe manner enabling the attacker to execute commands on the server and/or underlying database.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Configuration Manager SQL Injection Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"CRITICAL","exploitabilityScore":3.9,"baseScore":9.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43468","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43468","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}],"vulnStatus":"Modified"}],"githubPocs":["https://github.com/nikallass/CVE-2024-43468_mTLS_go"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":["Threat"],"communityMalwareFamilies":["Ninja browser","Lumma","Threat","Tesla","Shinyhunters"],"communityAffectedIndustries":["","Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac9a","cveID":"CVE-2026-21514","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21514 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21514","product":"Office","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized attacker to elevate privileges locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21514","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21514","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":["Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac99","cveID":"CVE-2026-21519","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21519 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21519","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows Type Confusion Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21519","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21519","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":["","Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac98","cveID":"CVE-2026-21533","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21533 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21533","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows Improper Privilege Management Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21533","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21533","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":["https://github.com/Pairs34/RDPVulnarableCheck","https://github.com/fevar54/CVE-2026-21533_Scanner.py"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":["Tier-1 SaaS Reputation Parasitism Leveraging Wix Infrastructure","pi, pdfkit.net","Adversary Profile: Salt Typhoon Alignment The architectural gap identified by mudoSO mirrors the act"],"communityMalwareFamilies":["Unix.trojan.mirai-7646352-0","Tel:exploit:html/pswebkit","Spyfu","Alf:heraklezeval:trojan:win32/c2lop","#lowfi:hstr:pyinstaller_packaged_script","Nids","Et","Virtool:win32/vbinject.gen!jb","Win.trojan.vb-83922","#exploit:win32/blofeldscat"],"communityAffectedIndustries":["Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac97","cveID":"CVE-2026-21510","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21510 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21510 ","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network. ","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows Shell Protection Mechanism Failure Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21510","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21510","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":["https://github.com/andreassudo/CVE-2026-21510-CVSS-8.8-Important-Windows-Shell-security-feature-bypass"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":["Tier-1 SaaS Reputation Parasitism Leveraging Wix Infrastructure","Adversary Profile: Salt Typhoon Alignment The architectural gap identified by mudoSO mirrors the act","pi, pdfkit.net"],"communityMalwareFamilies":["Tel:exploit:html/pswebkit","Win.trojan.vb-83922","Unix.trojan.mirai-7646352-0","Spyfu","Virtool:win32/vbinject.gen!jb","#exploit:win32/blofeldscat","#lowfi:hstr:pyinstaller_packaged_script","Nids","Et","Alf:heraklezeval:trojan:win32/c2lop"],"communityAffectedIndustries":["Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac96","cveID":"CVE-2026-21525","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21525 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21525","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Windows NULL Pointer Dereference Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"MEDIUM","exploitabilityScore":2.5,"baseScore":6.2,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21525","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21525","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":["Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"698b8289dcaa7b1d40c6ac95","cveID":"CVE-2026-21513","dateAdded":"2026-02-10","dueDate":"2026-03-03","notes":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2026-21513 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21513","product":"Windows","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Internet Explorer Protection Mechanism Failure Vulnerability","nvdData":[{"attackVector":"NETWORK","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":2.8,"baseScore":8.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21513","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21513","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":[],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":[],"communityMalwareFamilies":[],"communityAffectedIndustries":["","Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in"]}],"knownRansomwareCampaignUse":"Unknown"},{"_id":"6977e6393d6e1ad80e1e49e3","cveID":"CVE-2026-21509","dateAdded":"2026-01-26","dueDate":"2026-02-16","notes":"Please adhere to Microsoft’s recommended guidelines to address this vulnerability. Implement all final mitigations provided by the vendor for Office 2021, and apply the interim corresponding mitigations for Office 2016 and Office 2019 until the final patch becomes available. For more information please see: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21509","product":"Office","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","shortDescription":"Microsoft Office contains a security feature bypass vulnerability in which reliance on untrusted inputs in a security decision in Microsoft Office could allow an unauthorized attacker to bypass a security feature locally.","vendorProject":"Microsoft","vulnerabilityName":"Microsoft Office Security Feature Bypass Vulnerability","nvdData":[{"attackVector":"LOCAL","attackComplexity":"LOW","baseSeverity":"HIGH","exploitabilityScore":1.8,"baseScore":7.8,"nvdReferences":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21509","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}],"vulnStatus":"Analyzed"}],"githubPocs":["https://github.com/Ashwesker/Ashwesker-CVE-2026-21509","https://github.com/SimoesCTT/SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-","https://github.com/SimoesCTT/CTT-NFS-Vortex-RCE","https://github.com/ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation","https://github.com/gavz/CVE-2026-21509-PoC","https://github.com/IncursioHack/CVE-2026-21509-PoC","https://github.com/nicole2ilodl/CVE-2026-21509-PoC","https://github.com/SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509","https://github.com/kimstars/Ashwesker-CVE-2026-21509","https://github.com/decalage2/detect_CVE-2026-21509","https://github.com/planetoid/cve-2026-21509-mitigation","https://github.com/suuhm/CVE-2026-21509-handler","https://github.com/DameDode/CVE-2026-21509-POC"],"openThreatData":[{"adversaries":[],"malwareFamiles":[],"affectedIndustries":[],"communityAdversaries":["APT28","Adversary Profile: Salt Typhoon Alignment The architectural gap identified by mudoSO mirrors the act","Winnti","Gentlemen Ransomware, Ruby Jumper, Moonrise RAT, Dust Specter, NoEscape, Ransom House, Steaelite","StealthWorker/GoBrut (The adversary demonstrates advanced telemetry suppression within specialized s","Bo_team","DTO malware, GoPix banking Trojan, SERPENTINE#CLOUD, FAUX#ELEVATE, Katana"],"communityMalwareFamilies":["#lowfi:hstr:pyinstaller_packaged_script","Md5 hash: f8add7e7161460ea2b1970cf4ca535bf","#exploit:win32/blofeldscat","Alf:heraklezeval:trojan:win32/c2lop","Tel:exploit:html/pswebkit","Malware family: stealthworker / gobrut"],"communityAffectedIndustries":["Military","Education","Government","Legal, financial, healthcare, government, municipal, real-estate, enterprise-technology, critical-in","Logistic","Aerospace","Transportation"]}],"knownRansomwareCampaignUse":"Unknown"}]}