// LIVE
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 20 of 54
266
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 3
HIGH (page) 2
MEDIUM (page) 0
LOW (page) 0
HIGH 95% confidence cve

ZDI-26-068 Docker Desktop for Windows Privilege Escalation Vulnerability

Local attackers can escalate privileges on affected Docker Desktop for Windows installations via incorrect permission assignment. Requires admin interaction.

['Incorrect permission assignment exposes systems to unauthorized access and privilege escalation attempts']

Windows
action items (2)
  • Update Docker Desktop for Windows to the latest version
  • Review and adjust permission settings

Zero Day Initiative ·

HIGH 93% confidence cve

ZDI-26-067 Docker Desktop Windows Privilege Escalation Vulnerability

['Local attackers can escalate privileges on Docker Desktop for Windows due to incorrect permission assignment. CVSS rating: 6.7, CVE-2025-14740.', 'Requires.

["Administrators must intervene and follow mitigation steps due to this flaw's requirement for user interaction to exploit, posing a moderate risk to affected systems."]

Windows
action items (3)
  • Update Docker Desktop to a version that includes a fix for CVE-2025-14740.
  • Review and adjust user permissions to minimize exposure risk.
  • Educate staff on the importance of administrative privileges management.

Zero Day Initiative ·

CRITICAL 90% confidence cve

ZDI-26-066: Lexmark CX532adwe Heap-based Buffer Overflow RCE Vulnerability

Network-adjacent attackers can execute arbitrary code on Lexmark CX532adwe printers due to a heap-based buffer overflow. No authentication required. Includes se

['Critical network devices like printers should not have exploitable vulnerabilities', 'Remote code execution can lead to full control over the device and potentially lateral movement within a network']

Printer AdministratorsNetwork Security Teams
action items (2)
  • Review network segmentation for critical devices like Lexmark CX532adwe
  • Implement or update Intrusion Detection Systems to monitor for suspicious getCFFNames API activity

Zero Day Initiative ·

CRITICAL 95% confidence cve

(Pwn2Own) Lexmark CX532adwe usecmap Type Confusion Remote Code Execution Vulnerability

A critical remote code execution flaw in Lexmark CX532adwe printers allows unauthenticated attackers to execute arbitrary commands. Includes severity, confidenc

['Lack of proper validation and sanitization in usecmap processing', 'Permissive access control configuration allowing network-adjacent attacks']

network printersoffice equipment
action items (2)
  • Check if devices are impacted and assess exposure risk
  • Update firmware and apply security updates immediately

Zero Day Initiative ·

CRITICAL 95% confidence cve

(Pwn2Own) Lexmark CX532adwe execuserobject Heap-based Buffer Overflow Remote Code Execution Vulnerability ZDI-26-064

Lexmark CX532adwe printers are vulnerable to a heap-based buffer overflow leading to remote code execution. Auth isn't required. Includes severity, confidence,

['Buffer overflow can lead to unauthorized system access', 'No auth needed for exploitation']

Network administratorsIT security professionals
action items (2)
  • Identify and patch all instances of affected hardware
  • Monitor for unusual activity on network segments containing the printers

Zero Day Initiative ·

ONLINE | ARIA: aria-32b | COMMIT: 32fceff | UPTIME: 45d 13:24 | LAST SCAN: 116H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--