CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2026-24061: GNU Inetutils telnetd Remote Authentication Bypass
CVE-2026-24061 is a pre-authentication remote authentication bypass in GNU Inetutils telnetd. The flaw carries a Critical CVSS:3.1 severity score of 9.8 and allows an attacker…
Read more >
CVE-2026-0227: PAN-OS GlobalProtect Denial-of-Service Vulnerability
CVE-2026-0227 is a high-severity denial-of-service vulnerability affecting Palo Alto Networks PAN-OS and Prisma Access deployments where GlobalProtect Gateway or Portal is enabled. The flaw allows…
Read more >
CVE-2026-20805: Windows Desktop Window Manager (DWM) Zero-Day
CVE-2026-20805 is a Windows Desktop Window Manager (DWM) information disclosure vulnerability that has been exploited in the wild as a zero-day.While the CVSS v3.1 base…
Read more >
CVE-2025-12420 (“BodySnatcher”): Unauthenticated User Impersonation in ServiceNow AI Platform
CVE-2025-12420 is a critical (CVSS 9.3) vulnerability in the ServiceNow AI Platform that can allow a remote, unauthenticated attacker to impersonate another user and then…
Read more >
N8MARE / Ni8mare: Critical n8n Flaw Enables Unauthenticated File Access: CVE-2026-21858
On January 7, 2026, n8n disclosed a critical vulnerability tracked as CVE-2026-21858 (CVSS 10.0), dubbed “Ni8mare” (often referenced as “N8MARE”). The issue can allow an…
Read more >
MongoDB Zlib Protocol Vulnerability (MongoBleed): CVE-2025-14847
MongoDB has issued an urgent security advisory warning administrators to patch a high-severity vulnerability affecting MongoDB Server deployments. The vulnerability, tracked as CVE-2025-14847, stems from…
Read more >
