category_news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 9.3	SECURELIST:2FCB...	Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload_SECURELIST:2FCB8D07E3287A4A6D4C4DC2D658F98F ![](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2026/05/22085059/cloud-atlas-2026-scaled-1-990x400.jpg) In 2025, we observed...	N/A	N/A	May 22, 2026	SECURELIST
NONE	THN:96E878CC719...	Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks_THN:96E878CC71987AB6D7C729C400BE873D ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5VYMnsK-UMv3L8TZp1KhZ4PQti0VtUXkbDREtK-R9Hbtj6bdYrPRwwn8VItL49asZcHEMSOFJyfV25Da96C...	N/A	N/A	May 22, 2026	THN
CRITICAL 9.4	THN:542DCC54A54...	CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV_THN:542DCC54A54A4BA7149FC37622AFB0AD ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi04a_rowIzNPvHHvDTUE34d3bZlOhBeQXtC0UdXyjlf988G4zVE89QKWqSWASKd2LD0T8O2XhkDVgG7UGFIx...	N/A	N/A	May 22, 2026	THN
NONE	MS:CVE-2026-47280	Azure Resource Manager Elevation of Privilege Vulnerability_MS:CVE-2026-47280 Improper authentication in Azure Resource Manager (ARM) allows an unauthorized attacker to elevate privileges over a network.	N/A	N/A	May 21, 2026	MSCVE
NONE	MS:CVE-2026-26147	Azure Stack HCI Information Disclosure Vulnerability_MS:CVE-2026-26147 Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network.	N/A	N/A	May 21, 2026	MSCVE
NONE	MS:CVE-2026-35430	Azure Privileged Identity Management (PIM) Elevation of Privilege Vulnerability_MS:CVE-2026-35430 Authorization bypass through user-controlled key in Azure Privileged Identity Management (PIM) allows an authorized attacker to elevate privileges ...	N/A	N/A	May 21, 2026	MSCVE
NONE	MS:CVE-2026-45659	Microsoft SharePoint Remote Code Execution Vulnerability_MS:CVE-2026-45659 Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.	N/A	N/A	May 21, 2026	MSCVE
NONE	MS:CVE-2026-40412	Azure Orbital Spatio Remote Code Execution Vulnerability_MS:CVE-2026-40412 Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.	N/A	N/A	May 21, 2026	MSCVE
NONE	MS:CVE-2026-41090	Microsoft Copilot Tampering Vulnerability_MS:CVE-2026-41090 Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform...	N/A	N/A	May 21, 2026	MSCVE
NONE	MS:CVE-2026-42901	Microsoft Entra ID Elevation of Privilege Vulnerability_MS:CVE-2026-42901 Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.	N/A	N/A	May 21, 2026	MSCVE