// LIVE
OPSLago (YC S21) Is Hiring
OPSPoland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the E
OPS'Traces of unauthorized access': Mazda confirms data breach exposing employee an
OPSSurfshark launches HeyPolo, a privacy-first location sharing app to kill "always
OPSOpenClaw is fun. OpenClaw is dangerous. Here's where Tailscale helps.
OPSShow HN: Email.md – Markdown to responsive, email-safe HTML
OPSDo Security Teams Use tools like Cursor , WindSurf , co-pilot etc.. ?
OPSAutomated knowledge graph of server setup by agentic LLM - good idea?
OPSShould I buy R230 for $200 and will it support my needs?
OPSWhat trends are you seeing around self-hosted software at KubeCon EU?
OPSLightning-fast exploits make it essential to patch fast, ask questions later
OPSTool updates: lots of security and logic fixes, (Mon, Mar 23rd)
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
OPSLago (YC S21) Is Hiring
OPSPoland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the E
OPS'Traces of unauthorized access': Mazda confirms data breach exposing employee an
OPSSurfshark launches HeyPolo, a privacy-first location sharing app to kill "always
OPSOpenClaw is fun. OpenClaw is dangerous. Here's where Tailscale helps.
OPSShow HN: Email.md – Markdown to responsive, email-safe HTML
OPSDo Security Teams Use tools like Cursor , WindSurf , co-pilot etc.. ?
OPSAutomated knowledge graph of server setup by agentic LLM - good idea?
OPSShould I buy R230 for $200 and will it support my needs?
OPSWhat trends are you seeing around self-hosted software at KubeCon EU?
OPSLightning-fast exploits make it essential to patch fast, ask questions later
OPSTool updates: lots of security and logic fixes, (Mon, Mar 23rd)
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 20 of 54
266
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 3
HIGH (page) 2
MEDIUM (page) 0
LOW (page) 0
HIGH 95% confidence cve

ZDI-26-068 Docker Desktop for Windows Privilege Escalation Vulnerability

Local attackers can escalate privileges on affected Docker Desktop for Windows installations via incorrect permission assignment. Requires admin interaction.

['Incorrect permission assignment exposes systems to unauthorized access and privilege escalation attempts']

Windows
action items (2)
  • Update Docker Desktop for Windows to the latest version
  • Review and adjust permission settings

Zero Day Initiative ·

HIGH 93% confidence cve

ZDI-26-067 Docker Desktop Windows Privilege Escalation Vulnerability

['Local attackers can escalate privileges on Docker Desktop for Windows due to incorrect permission assignment. CVSS rating: 6.7, CVE-2025-14740.', 'Requires.

["Administrators must intervene and follow mitigation steps due to this flaw's requirement for user interaction to exploit, posing a moderate risk to affected systems."]

Windows
action items (3)
  • Update Docker Desktop to a version that includes a fix for CVE-2025-14740.
  • Review and adjust user permissions to minimize exposure risk.
  • Educate staff on the importance of administrative privileges management.

Zero Day Initiative ·

CRITICAL 90% confidence cve

ZDI-26-066: Lexmark CX532adwe Heap-based Buffer Overflow RCE Vulnerability

Network-adjacent attackers can execute arbitrary code on Lexmark CX532adwe printers due to a heap-based buffer overflow. No authentication required. Includes se

['Critical network devices like printers should not have exploitable vulnerabilities', 'Remote code execution can lead to full control over the device and potentially lateral movement within a network']

Printer AdministratorsNetwork Security Teams
action items (2)
  • Review network segmentation for critical devices like Lexmark CX532adwe
  • Implement or update Intrusion Detection Systems to monitor for suspicious getCFFNames API activity

Zero Day Initiative ·

CRITICAL 95% confidence cve

(Pwn2Own) Lexmark CX532adwe usecmap Type Confusion Remote Code Execution Vulnerability

A critical remote code execution flaw in Lexmark CX532adwe printers allows unauthenticated attackers to execute arbitrary commands. Includes severity, confidenc

['Lack of proper validation and sanitization in usecmap processing', 'Permissive access control configuration allowing network-adjacent attacks']

network printersoffice equipment
action items (2)
  • Check if devices are impacted and assess exposure risk
  • Update firmware and apply security updates immediately

Zero Day Initiative ·

CRITICAL 95% confidence cve

(Pwn2Own) Lexmark CX532adwe execuserobject Heap-based Buffer Overflow Remote Code Execution Vulnerability ZDI-26-064

Lexmark CX532adwe printers are vulnerable to a heap-based buffer overflow leading to remote code execution. Auth isn't required. Includes severity, confidence,

['Buffer overflow can lead to unauthorized system access', 'No auth needed for exploitation']

Network administratorsIT security professionals
action items (2)
  • Identify and patch all instances of affected hardware
  • Monitor for unusual activity on network segments containing the printers

Zero Day Initiative ·

ONLINE | ARIA: aria-32b | COMMIT: 8a445b6 | UPTIME: 29d 03:27 | LAST SCAN: 672H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--