HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2025-13491

Mar 13, 2026 23:16:33 UTC

IBM App Connect Enterprise Certified Container CD: 11.2.0 through 11.6.0, 12.1.0 through 12.19.0 and 12.0 LTS: 12.0.0 through 12.0.19 could allow an attacker to access sensitive files or modify configurations due to an untrusted search path...

CVE-2025-7195

Mar 13, 2026 23:08:45 UTC

Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/pass...

CVE-2026-0385

Mar 13, 2026 22:25:36 UTC

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

CVE-2026-26133

Mar 13, 2026 22:25:36 UTC

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

CVE-2026-26144

Mar 13, 2026 22:25:35 UTC

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

CVE-2026-26141

Mar 13, 2026 22:25:35 UTC

Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally.

CVE-2026-26130

Mar 13, 2026 22:25:34 UTC

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

CVE-2026-26123

Mar 13, 2026 22:25:33 UTC

Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.

CVE-2026-26118

Mar 13, 2026 22:25:33 UTC

Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a network.

CVE-2026-26117

Mar 13, 2026 22:25:32 UTC

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.

CVE-2026-26110

Mar 13, 2026 22:25:32 UTC

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-26109

Mar 13, 2026 22:25:31 UTC

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-26108

Mar 13, 2026 22:25:30 UTC

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-26107

Mar 13, 2026 22:25:30 UTC

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-26106

Mar 13, 2026 22:25:29 UTC

Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Page: 1