 | CVE-2026-48095: 7-Zip Heap Buffer Overflow Can Lead to Code Execution | 2026-05-26 | True | SOC Prime Team | True | | |
| UAC-0057 Attack Detection: OYSTERFRESH, OYSTERSHUCK, and OYSTERBLUES Fuel Phishing Campaigns Against Ukrainian State Organizations | 2026-05-25 | True | SOC Prime Team | True | | |
| CVE-2026-9082: Highly Critical Drupal Core SQL Injection Flaw Threatens PostgreSQL Sites | 2026-05-22 | True | SOC Prime Team | True | | |
| CVE-2026-45585: YellowKey BitLocker Bypass Exposes Encrypted Data on Windows Devices | 2026-05-22 | True | SOC Prime Team | True | | |
| CVE-2026-20182: Critical Authentication Bypass in Cisco SD-WAN Can Grant Admin Access | 2026-05-15 | True | SOC Prime Team | True | | |
| CVE-2026-42897: Exchange Server OWA Spoofing Flaw Exploited via Crafted Email | 2026-05-15 | True | SOC Prime Team | True | | |
| CVE-2026-42945: 18-Year-Old NGINX Rewrite Flaw May Enable Unauthenticated RCE | 2026-05-14 | True | SOC Prime Team | True | | |
| CVE-2026-46300: Fragnesia Linux Kernel Flaw Grants Root via Page Cache Corruption | 2026-05-14 | True | SOC Prime Team | True | | |
| CVE-2026-43500 and CVE-2026-43284: Dirty Frag Linux Privilege Escalation Flaw Raises Post-Compromise Risk | 2026-05-11 | True | SOC Prime Team | True | | |
| CVE-2026-23918: Critical Apache HTTP/2 Flaw Can Trigger DoS and Possible RCE | 2026-05-06 | True | SOC Prime Team | True | | |
| CVE-2026-23918: Critical Apache HTTP/2 Flaw Can Trigger DoS and Possible RCE | 2026-05-06 | True | SOC Prime Team | True | | |
| CVE-2026-0300: Palo Alto PAN-OS Zero-Day Enables Root RCE on Exposed Firewalls | 2026-05-06 | True | SOC Prime Team | True | | |
| CVE-2026-0300: Palo Alto PAN-OS Zero-Day Enables Root RCE on Exposed Firewalls | 2026-05-06 | True | SOC Prime Team | True | | |
| CVE-2026-41940: Critical cPanel & WHM Authentication Bypass Exposes Hosting Servers to Admin Takeover | 2026-04-30 | True | SOC Prime Team | True | | |
| CVE-2026-28950: Apple Fixes iOS Flaw That Retained Deleted Notification Data | 2026-04-23 | True | SOC Prime Team | True | | |
| CVE-2026-40372: Critical ASP.NET Core Flaw May Let Attackers Gain SYSTEM Privileges | 2026-04-23 | True | SOC Prime Team | True | | |
| UAC-0247 Attack Detection: AGINGFLY Malware Targets Hospitals, Local Governments, and FPV Operators in Ukraine | 2026-04-16 | True | SOC Prime Team | True | | |
| UAC-0255 Attack Detection: Threat Actors Impersonate CERT-UA to Infect Ukrainian Public and Private Sector Organizations With AGEWHEEZE RAT | 2026-04-01 | True | Daryna Olyniychuk | True | | |
| CVE-2026-20643: Vulnerability in WebKit Navigation API May Bypass Same Origin Policy | 2026-03-18 | True | Daryna Olyniychuk | True | | |
| CVE-2026-3910: Chrome V8 Zero-Day Used for In-the-Wild Attacks | 2026-03-13 | True | Daryna Olyniychuk | True | | |
| CVE-2026-21262: SQL Server Zero-Day Fixed in Microsoft’s March Patch Tuesday Release | 2026-03-12 | True | Daryna Olyniychuk | True | | |
| CVE-2026-21385: Google Patches Qualcomm Zero-Day Exploited in Targeted Android Attacks | 2026-03-04 | True | Daryna Olyniychuk | True | | |
| UAC-0252 Attack Detection: SHADOWSNIFF and SALATSTEALER Fuel Phishing Campaigns in Ukraine | 2026-03-03 | True | Daryna Olyniychuk | True | | |
| CVE-2026-20127: Cisco SD-WAN Zero-Day Exploited Since 2023 | 2026-02-26 | True | Daryna Olyniychuk | True | | |
| CVE-2026-22769: Critical Dell RecoverPoint Zero-Day Exploited in the Wild | 2026-02-18 | True | Daryna Olyniychuk | True | | |
| CVE-2026-2441: Google Patches Chrome Zero-Day Exploited in the Wild | 2026-02-16 | True | Daryna Olyniychuk | True | | |
| CVE-2026-20700: Apple Patches Zero-Day Exploited in Sophisticated Cyber Attacks | 2026-02-12 | True | Daryna Olyniychuk | True | | |
| CVE-2026-20841: Windows Notepad RCE Fixed in Microsoft’s February Patch Tuesday Release | 2026-02-11 | True | Daryna Olyniychuk | True | | |
| CVE-2026-21643: Critical FortiClient EMS Vulnerability Enables Unauthenticated Remote Code Execution | 2026-02-10 | True | Daryna Olyniychuk | True | | |
| UAC-0001 (APT28) Attack Detection: russia-Backed Actor Actively Exploits CVE-2026-21509 Targeting Ukraine and the EU | 2026-02-02 | True | Daryna Olyniychuk | True | | |
| CVE-2025-15467: OpenSSL Vulnerability Leads to Denial-of-Service, Remote Code Execution | 2026-01-29 | True | Daryna Olyniychuk | True | | |
| CVE-2026-24858: FortiOS SSO Zero-Day Exploited in the Wild | 2026-01-28 | True | Daryna Olyniychuk | True | | |
| CVE-2026-21509: Actively Exploited Microsoft Office Zero-Day Forces Emergency Patch | 2026-01-27 | True | Daryna Olyniychuk | True | | |
| CVE-2026-24061: Decade-Old Vulnerability in GNU InetUtils telnetd Enables Remote Root Access | 2026-01-23 | True | Daryna Olyniychuk | True | | |
| CVE-2026-20045: Critical Zero-Day in Cisco Products Is Actively Exploited in the Wild | 2026-01-22 | True | Daryna Olyniychuk | True | | |
| CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption | 2026-01-16 | True | Daryna Olyniychuk | True | | |
| CVE-2026-20805: Microsoft Fixes Actively Exploited Windows Desktop Manager Zero-Day | 2026-01-15 | True | Daryna Olyniychuk | True | | |
| UAC-0190 Attack Detection: Fake Charity Lures Used to Deploy the PLUGGYAPE Backdoor Against the Ukrainian Armed Forces | 2026-01-14 | True | Daryna Olyniychuk | True | | |
| CVE-2026-21858 aka Ni8mare: Critical Unauthenticated Remote Code Execution Vulnerability in n8n Platform | 2026-01-09 | True | Daryna Olyniychuk | True | | |
| CVE-2025-14733 Vulnerability: WatchGuard Addresses a Critical RCE Affecting Firebox Firewalls, Actively Exploited for Real-World Attacks | 2025-12-23 | True | Daryna Olyniychuk | True | | |
| CVE-2025-20393 Exploitation: A Maximum-Severity Zero-Day Vulnerability in Cisco AsyncOS Software Abused in Attacks by the China-Backed APT UAT-9686 | 2025-12-18 | True | Veronika Telychko | True | | |
| CVE-2025-14174 Vulnerability: A New Memory Corruption Zero-Day Vulnerability in Apple WebKit Exploited in Targeted Attacks | 2025-12-16 | True | Veronika Telychko | True | | |
| CVE-2025-55183 and CVE-2025-55184: New React RSC Vulnerabilities Expose Applications to Denial of Service Attacks and Source Code Leaks | 2025-12-15 | True | Veronika Telychko | True | | |
| CVE-2025-62221 and CVE-2025-54100: Windows Elevation of Privilege and RCE Zero-Day Vulnerabilities Patched | 2025-12-11 | True | Veronika Telychko | True | | |
| CVE-2025-66516: Maximum-Severity Vulnerability in Apache Tika Could Lead to XML External Entity Injection Attack | 2025-12-08 | True | Veronika Telychko | True | | |
| React2Shell Vulnerability: Maximum-Severity Flaw in React Server Components Actively Exploited by China-Backed Groups | 2025-12-05 | True | Veronika Telychko | True | | |
| CVE-2025-48633 and CVE-2025-48572: Android Framework Information Disclosure and Privilege Escalation Vulnerabilities Exploited in the Wild | 2025-12-04 | True | Veronika Telychko | True | | |
| CVE-2025-41115: A Maximum-Severity Privilege Escalation Vulnerability in the Grafana SCIM Component | 2025-11-24 | True | Veronika Telychko | True | | |
| CVE-2025-62215: Microsoft Patches Windows Kernel Zero-Day Vulnerability Under Active Exploitation | 2025-11-12 | True | Daryna Olyniychuk | True | | |
| CVE-2025-12480 Detection: Hackers Exploit the Now-Patched Unauthenticated Access Control Vulnerability in Gladinet’s Triofox | 2025-11-11 | True | Veronika Telychko | True | | |
