68Articles
7Categories
2026-02-10Date
🚨 CISA KEV 1[−]
10 Feb KEVCISA Adds Six Known Exploited Vulnerabilities to CatalogCISA has added six new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation.  CVE-2026-21510 Microsoft Windows Shell Protection Mechanism Failure Vulnerability CVE-2026-21513 Microsoft MSHTML Framework Security Featu…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 50[−]
10 FebCVE-2026-21519 Desktop Window Manager Elevation of Privilege VulnerabilityAccess of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21518 GitHub Copilot and Visual Studio Code Security Feature Bypass VulnerabilityImproper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21512 Azure DevOps Server Cross-Site Scripting VulnerabilityServer-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21259 Microsoft Excel Elevation of Privilege VulnerabilityHeap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21258 Microsoft Excel Information Disclosure VulnerabilityImproper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21260 Microsoft Outlook Spoofing VulnerabilityExposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21248 Windows Hyper-V Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21247 Windows Hyper-V Remote Code Execution VulnerabilityImproper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21246 Windows Graphics Component Elevation of Privilege VulnerabilityHeap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21242 Windows Subsystem for Linux Elevation of Privilege VulnerabilityUse after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21235 Windows Graphics Component Elevation of Privilege VulnerabilityUse after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21234 Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21236 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21218 .NET Spoofing VulnerabilityImproper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-23655 Microsoft ACI Confidential Containers Information Disclosure VulnerabilityCleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21523 GitHub Copilot and Visual Studio Code Remote Code Execution VulnerabilityTime-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21229 Power BI Remote Code Execution VulnerabilityImproper input validation in Power BI allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21533 Windows Remote Desktop Services Elevation of Privilege VulnerabilityImproper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21513 MSHTML Framework Security Feature Bypass VulnerabilityProtection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21522 Microsoft ACI Confidential Containers Elevation of Privilege VulnerabilityImproper neutralization of special elements used in a command ('command injection') in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21527 Microsoft Exchange Server Spoofing VulnerabilityUser interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21531 Azure SDK for Python Remote Code Execution VulnerabilityDeserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21510 Windows Shell Security Feature Bypass VulnerabilityProtection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21537 Microsoft Defender for Endpoint Linux Extension Remote Code Execution VulnerabilityImproper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21529 Azure HDInsight Spoofing VulnerabilityImproper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsights allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21514 Microsoft Word Security Feature Bypass VulnerabilityReliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21525 Windows Remote Access Connection Manager Denial of Service VulnerabilityNull pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21516 GitHub Copilot for Jetbrains Remote Code Execution VulnerabilityImproper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21508 Windows Storage Elevation of Privilege VulnerabilityImproper authentication in Windows Storage allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21261 Microsoft Excel Information Disclosure VulnerabilityOut-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21257 GitHub Copilot and Visual Studio Elevation of Privilege VulnerabilityImproper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21253 Mailslot File System Elevation of Privilege VulnerabilityUse after free in Mailslot File System allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21251 Cluster Client Failover (CCF) Elevation of Privilege VulnerabilityUse after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21250 Windows HTTP.sys Elevation of Privilege VulnerabilityUntrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21249 Windows NTLM Spoofing VulnerabilityExternal control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21244 Windows Hyper-V Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21243 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityNull pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21240 Windows HTTP.sys Elevation of Privilege VulnerabilityTime-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21241 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityUse after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21239 Windows Kernel Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21238 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImproper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21237 Windows Subsystem for Linux Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21232 Windows HTTP.sys Elevation of Privilege VulnerabilityUntrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21231 Windows Kernel Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-21228 Azure Local Remote Code Execution VulnerabilityImproper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
10 FebCVE-2026-21222 Windows Kernel Information Disclosure VulnerabilityInsertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
10 FebCVE-2026-20846 GDI+ Denial of Service VulnerabilityBuffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network.MSRC.MICROSOFT.COM
10 FebCVE-2023-2804 Red Hat, Inc. CVE-2023-2804: Heap Based Overflow libjpeg-turboA heap‑based buffer overflow exists in libjpeg‑turbo’s h2v2_merged_upsample_internal() function when processing 12‑bit lossless JPEG images. An attacker could craft an image containing out‑of‑range 12‑bit samples that, when decompressed with merged upsampling enabled, may trigger…MSRC.MICROSOFT.COM
10 FebCVE-2026-21255 Windows Hyper-V Security Feature Bypass Vulnerability**How could an attacker exploit this vulnerability?** Exploitation requires an attacker who already has local execution on a VBS‑enabled guest VM to run a specially crafted application or driver that abuses the hypervisor’s overlay handling to bypass VBS/VTL protections and compr…MSRC.MICROSOFT.COM
10 FebCVE-2026-21245 Windows Kernel Elevation of Privilege VulnerabilityAcknowledgement UpdatedMSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 10[−]
10 FebMultiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Authentication BypassMultiple vulnerabilities have been discovered in Ivanti Endpoint Manager, the most severe of which could allow for authentication bypass. Ivanti Endpoint Manager is a client-based unified endpoint management software. Successful exploitation of the most severe of these vulnerabil…CISECURITY.ORG
10 FebMultiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution. FortiAuthenticator is a centralized identity and access management (IAM) solution that secures network access by managing user identities, Multi-…CISECURITY.ORG
10 FebCritical Patches Issued for Microsoft Products, February 10, 2026Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. …CISECURITY.ORG
10 FebMultiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe After Effects is a digital effects, motion graphics, and compositing application. Adobe Audition is a comprehensive toolset that includes mult…CISECURITY.ORG
10 FebPatch Tuesday, February 2026 EditionMicrosoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six "zero-day" vulnerabilities that attackers are already exploiting in the wild.KREBSONSECURITY.COM
10 FebPoland Energy Sector Cyber Incident Highlights OT and ICS Security GapsThe purpose of this Alert is to amplify Poland’s Computer Emergency Response Team (CERT Polska’s) Energy Sector Incident Report published on Jan. 30, 2026, and highlight key mitigations for Energy Sector stakeholders.  In December 2025, a malicious cyber actor(s) targeted an…CISA.GOV
10 FebLocal tools should still use vaultssubmitted by codeinabox to security 4 points | 0 comments https://pierce.dev/notes/local-tools-should-still-use-vaultsPROGRAMMING.DEV
10 FebIntego X9: When your macOS antivirus becomes your enemyThis blog post dives into the most common classes of macOS Local Privilege Escalation vulnerabilities, from time-of-check to time-of-use (TOCTOU) Race Conditions and insecure XPC communications to a range of implementation and configuration oversights. We will explore how attacke…QUARKSLAB.COM
10 FebBeyond the Battlefield: Threats to the Defense Industrial BaseIntroduction In modern warfare, the front lines are no longer confined to the battlefield; they extend directly into the servers and supply chains of the industry that safeguards the nation. Today, the defense sector faces a relentless barrage of cyber operations conducted by sta…CLOUD.GOOGLE.COM
10 FebVU#458422: CASL Ability contains a prototype pollution vulnerabilityOverview A prototype pollution vulnerability present in CASL Ability versions 2.4.0 through 6.7.4 is triggered through the rulesToFields() function in the extra module. The program’s library contains a method called setByPath() that does not properly sanitize property names, allo…KB.CERT.ORG
📢 SECURITY ADVISORIES 1[−]
🔥 INCIDENT REPORTING 2[−]
10 FebToy Battles - 1,017 breached accountsIn February 2026, the online gaming community Toy Battles suffered a data breach. The incident exposed 1k unique email addresses alongside usernames, IP addresses and chat logs. Following the breach, Toy Battles self-submitted the data to Have I Been Pwned.HAVEIBEENPWNED.COM
10 FebAssociation Nationale des Premiers Secours - 5,600 breached accountsIn January 2026, a data breach impacting the French non-profit Association Nationale des Premiers Secours (ANPS) was posted to a hacking forum . The breach exposed 5.6k unique email addresses along with names, dates of birth and places of birth. ANPS self-submitted the data to HI…HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 1[−]
10 Feb80% of Fortune 500 use active AI Agents: Observability, governance, and security shape the new frontierRead Microsoft's new Cyber Pulse report for straightforward, practical insights and guidance on new cybersecurity risks. The post 80% of Fortune 500 use active AI Agents: Observability, governance, and security shape the new frontier appeared first on Microsoft Security Blog .MICROSOFT.COM
📡 INFOSEC NEWS 3[−]
10 FebWeekly Threat Bulletin – February 11th, 2026These are the top threats you should know about this week.F5.COM
10 FebNew OpenClaw AI agent found unsafe for use | Kaspersky official blogWe explore whether OpenClaw can be safely installed and configured, and the risks involved in running this experiment.KASPERSKY.COM
10 FebTaxing times: Top IRS scams to look out for in 2026It’s time to file your tax return. And cybercriminals are lurking to make an already stressful period even more edgy.WELIVESECURITY.COM