nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 38 of 54

266

TOTAL

—

CRITICAL

—

HIGH

—

ACTIONABLE

WALLBOARD ↗

AUTO-APPROVED TODAY —

LLM STATUS —

CRITICAL (page) 0

HIGH (page) 5

MEDIUM (page) 0

LOW (page) 0

HIGH 90% confidence cve

ZDI-26-099 Oracle VirtualBox VMSVGA Race Condition Vulnerability

Local attackers can escalate privileges on affected Oracle VirtualBox installations through a race condition in the VMSVGA driver, rated CVSS 7.5. Includes seve

['Allows for unauthorized privilege elevation', 'Increases risk of lateral movement and data exfiltration']

System administratorsSecurity professionals

action items (2)

Patch affected systems immediately
Review and restrict privileges granted to VM users

Zero Day Initiative · 2026-02-23T08:01

HIGH 95% confidence cve

ZDI-26-098: Oracle VirtualBox VMSVGA Use-After-Free Local Privilege Escalation Vulnerability

Local attackers can escalate privileges on affected Oracle VirtualBox installations through a use-after-free vulnerability. CVE-2026-21955, CVSS rating 8.2.

['Enables unauthorized access and privilege elevation', 'Affects system integrity and confidentiality']

Oracle VirtualBox usersIT administrators

action items (2)

Apply available security patches immediately
Monitor for suspicious activities in affected environments

Zero Day Initiative · 2026-02-23T07:31

HIGH 95% confidence cve

ZDI-26-097 Oracle VirtualBox VMSVGA Vulnerability

Local attackers can escalate privileges on affected Oracle VirtualBox installations through a heap-based buffer overflow. CVE-2026-21983 assigned. Includes seve

['Allows unauthorized access and control over guest systems', 'Increases risk of data breaches, system compromise']

Oracle VirtualBox usersSystem administrators managing virtualized environments

action items (2)

Patch systems immediately with the latest Oracle VirtualBox update
Review system logs for suspicious activity

Zero Day Initiative · 2026-02-23T07:01

HIGH 95% confidence cve

ZDI-26-096 Dassault eDrawings Viewer Vulnerability

['Remote code execution vulnerability in Dassault Systèmes eDrawings Viewer allows attackers to execute arbitrary code via malicious EPRT files. Requires user.

['Operators must address this vulnerability because it enables attackers to remotely execute arbitrary code, potentially leading to system compromise and data exfiltration. User interaction requirement lowers but does no

Dassault Systèmes eDrawings Viewer

action items (2)

Immediately update eDrawings Viewer to the latest version when a patch is released.
Implement network monitoring and intrusion detection systems (IDS) to detect and block malicious EPRT files.

Zero Day Initiative · 2026-02-23T06:31

HIGH 95% confidence cve

ZDI-26-095 Dassault eDrawings Viewer Vulnerability

Remote attackers can execute code on Dassault Systèmes eDrawings Viewer installations due to EPRT file parsing issue. CVSS rating: 7.8, CVE-2026-1284. Includes

['User interaction required for exploit', 'High CVSS score indicating significant risk']

WindowsMacOS

action items (2)

Install available software updates
Monitor for unusual activity

Zero Day Initiative · 2026-02-23T06:01

← PREV 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 NEXT →