Skip to main content
RuntimeRebel

Coverage

Vulnerabilities

754 articles on vulnerability disclosures and exploits

Advertisement

TH
CRITICAL
Threat Intel

Cisco SD-WAN Exploitation: Critical Authentication Bypass & Escalation

CISA alerts on active global exploitation of Cisco SD-WAN, leveraging CVE-2026-20127 for initial access and CVE-2022-20775 for privilege escalation. Immediate action is

Runtime Rebel Intel
4 min read·Feb 25, 2026
VU
HIGH
Vulnerabilities

CISA Adds Two Cisco SD-WAN Exploits to KEV Catalog

CISA adds CVE-2022-20775 (Path Traversal) and CVE-2026-20127 (Auth Bypass) affecting Cisco SD-WAN to its Known Exploited Vulnerabilities Catalog.

Runtime Rebel Intel
4 min read·Feb 25, 2026
VU
CRITICAL
Vulnerabilities

Critical Cisco SD-WAN Zero-Day Exploited Since 2023

Cisco Catalyst SD-WAN critical authentication bypass (CVE-2026-20127) actively exploited since 2023, enabling remote compromise and rogue peer addition.

Runtime Rebel Intel
4 min read·Feb 25, 2026
Claude Code Flaws Enable RCE & API Key Exfiltration
CRITICAL
Vulnerabilities

Claude Code Flaws Enable RCE & API Key Exfiltration

Multiple security flaws in Anthropic's Claude Code AI coding assistant allow remote code execution and API credential theft via configuration mechanisms.

Runtime Rebel Intel
5 min read·Feb 25, 2026
TH
HIGH
Threat Intel

Ex-L3Harris Executive Sentenced for Selling Zero-Days to Russia

Former Trenchant CEO James Michael Robinson sentenced to 90 months for stealing zero-day exploits and selling them to a Russian state-linked broker.

Runtime Rebel Intel
4 min read·Feb 25, 2026
TH
INFO
Threat Intel

US Treasury Sanctions Russian Broker for Stolen Zero-Day Exploits

The US sanctions Artem Kruglov and associated firms for brokering stolen hacking tools and zero-day exploits for Russian intelligence services.

Runtime Rebel Intel
4 min read·Feb 25, 2026
L3Harris Insider Sentenced for Selling Zero-Days to Russian Broker
HIGH
Threat Intel

L3Harris Insider Sentenced for Selling Zero-Days to Russian Broker

Former defense contractor Peter Williams sentenced to seven years for selling eight zero-day exploits to Russian broker Operation Zero for millions in profit.

Runtime Rebel Intel
4 min read·Feb 25, 2026
CISA Adds FileZen CVE-2026-25108 Command Injection to KEV Catalog
HIGH
Vulnerabilities

CISA Adds FileZen CVE-2026-25108 Command Injection to KEV Catalog

CISA confirms active exploitation of FileZen CVE-2026-25108, an OS command injection flaw. Organizations must patch immediately to prevent command execution.

Runtime Rebel Intel
4 min read·Feb 25, 2026
SolarWinds Patches Four Critical RCE Flaws in Serv-U File Transfer
CRITICAL
Vulnerabilities

SolarWinds Patches Four Critical RCE Flaws in Serv-U File Transfer

SolarWinds addresses four critical vulnerabilities (CVSS 9.1) in Serv-U 15.5, including CVE-2025-40538, which allows unauthorized root code execution.

Runtime Rebel Intel
3 min read·Feb 25, 2026
January 2026 CVE Landscape: APT28 Zero-Day & Critical Flaws
CRITICAL
Vulnerabilities

January 2026 CVE Landscape: APT28 Zero-Day & Critical Flaws

Runtime Rebel details January 2026's 23 critical CVEs, including an APT28 zero-day in Microsoft Office and critical enterprise authentication bypass vulnerabilities.

Runtime Rebel Intel
5 min read·Feb 25, 2026
VU
HIGH
Vulnerabilities

macOS coreaudiod Type Confusion Exploitation: CVE-2024-54529

Analysis of CVE-2024-54529, a critical type confusion vulnerability in macOS coreaudiod, detailing its exploitation and necessary mitigations.

Runtime Rebel Intel
4 min read·Feb 25, 2026
VU
HIGH
Vulnerabilities

Windows Administrator Protection Bypassed via UI Access Abuse

Analysis of UI Access abuse techniques that bypassed Windows Administrator Protection, a new UAC feature, detailing historical context and fixes.

Runtime Rebel Intel
4 min read·Feb 25, 2026