// LIVE
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
nsysops@ops-intel:~$ ls -lt --range live
OPS INTEL
209 items · ARIA-monitored · page 32 of 42
209
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 2
HIGH (page) 2
MEDIUM (page) 1
LOW (page) 0
CRITICAL 95% confidence cve

GIMP XWD File Parsing OOB Write RCE Vulnerability ZDI-26-119

ZDI-26-119 details a critical GIMP XWD file parsing out-of-bounds write vulnerability, enabling remote code execution. Requires user interaction. Includes sever

['User interaction required, posing less immediate threat but necessitating prompt updates', 'High CVSS score indicates severe potential impact on affected systems']

LinuxmacOSWindows
action items (2)
  • Check for and install available software updates
  • Monitor system logs for signs of exploitation attempts

Zero Day Initiative · 2026-02-22T08:01

CRITICAL 95% confidence cve

ZDI-26-118: GIMP PGM File Parsing RCE Vulnerability

A critical remote code execution vulnerability in GIMP's PGM file parsing functionality. Visit us for mitigation advice and detection indicators. Includes sever

['Uninitialized memory in the parsing function leads to unexpected behavior and potential execution of injected malicious code when affected files are processed']

LinuxWindowsmacOS
action items (2)
  • Apply available security patches immediately
  • Review and update policies regarding handling of PGM files

Zero Day Initiative · 2026-02-22T07:31

MEDIUM 90% confidence cve

ZDI-26-117: RustDesk Client Windows File Link Disclosure

Local attackers can disclose sensitive info in RustDesk Client for Windows via file link following. Requires low priv code execution to exploit. Includes severi

['Local attackers can obtain low-privilege code execution and exploit the vulnerability']

Windows OS
action items (2)
  • Review system configurations and security policies
  • Apply software updates from trusted sources promptly

Zero Day Initiative · 2026-02-22T07:01

HIGH 90% confidence cve

ZDI-26-116 TensorFlow HDF5 Library Vulnerability

A local privilege escalation vulnerability in TensorFlow's HDF5 library. Affected installations must address this CVSS-rated 7.0 flaw. Includes severity, confid

['Ensures systems running TensorFlow applications are secure from potential local attacks aiming for elevated privileges.', 'Improves overall system integrity and security posture by addressing known vulnerabilities in c

TensorFlow usersData scientistsMachine learning engineers
action items (2)
  • Review systems running TensorFlow with HDF5 library
  • Update to patched versions of TensorFlow and/or HDF5

Zero Day Initiative · 2026-02-22T06:31

HIGH 95% confidence cve

ZDI-26-115 Fortinet FortiClient FCConfig Privilege Escalation Vulnerability

['Fortinet FortiClient FCConfig Utility suffers from a local privilege escalation vulnerability. Affected versions must be updated immediately to prevent. Read

['The exploit enables attackers with low-privileged user access to escalate their privileges on the system.', 'This can lead to unauthorized access and control over affected systems, potentially compromising data integri

Fortinet FortiClient usersNetwork administrators
action items (2)
  • Update to non-vulnerable version immediately if patch is available.
  • Review and enhance security policies around least privilege access principles.

Zero Day Initiative · 2026-02-22T06:01

ONLINE | ARIA: aria-32b | COMMIT: 55adc43 | UPTIME: 24d 15:52 | LAST SCAN: 14H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--