CVE-2025-15556 | NotePad++

Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the updater to download and execute an attacker-controlled installer, resulting in arbitrary code execution with the privileges of the user.

CVE-2026-2441 | Chrome

The high-severity vulnerability, tracked as CVE-2026-2441 (CVSS score: 8.8), has been described as a use-after-free bug in CSS. Security researcher Shaheen Fazim has been credited with discovering and reporting the shortcoming on February 11, 2026. “Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page,”

CVE-2026-22769 | Dell

A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Threat Intelligence Group (GTIG). The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials affecting versions prior to 6.0.3.1 HF1. Other products, including RecoverPoint Classic, are not vulnerable to the flaw. “This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability, leading to unauthorized access to the underlying operating system and root-level persistence,”

CVE-2025-40536 | SolarWinds

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality.

CVE-2026-1281 | Ivanti

Ivanti has observed exploitation of CVE-2026-1281 and CVE-2026-1340 in the wild and the US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-1281 to it’s Known Exploited Vulnerabilities (KEV) Catalog. Edge devices like EPMM are internet-facing by design and are highly attractive targets to attackers, and there are an increasing number of edge device vulnerabilities disclosed each year that are rapidly exploited by attackers. The NHS England National CSOC assesses it is highly likely vulnerabilities discovered in edge devices will continue to be exploited as zero-day vulnerabilities, or shortly after vendor disclosure.

CVE-2026-20700 | Apple IOS 

Active exploitation of CVE-2026-20700 Apple have stated that CVE-2026-20700 has been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. Apple has released a security update to address multiple vulnerabilities in iOS and iPadOS. CVE-2026-20700 – An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.

CVE-2025-40536 | SolarWinds

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality.

CVE-2024-7694 | TeamT5 ThreatSonar

CVE-2024-7694 (CVSS score: 7.2) – An arbitrary file upload vulnerability in TeamT5 ThreatSonar Anti-Ransomware versions 3.4.5 and earlier that could allow an attacker to upload malicious files and achieve arbitrary system command execution on the server.

CVE-2026-21514 | Microsoft

CVE-2026-21514 (CVSS 7.8), affects Microsoft Word and involves user interaction for a successful exploit. In this case, an attacker who tricks a user into opening a malicious Word document can bypass OLE security controls in Microsoft 365 and Microsoft Office to execute arbitrary code. Microsoft issued an emergency out-of-band patch for a similar vulnerability in Office CVE-2026-21509 on Jan. 26 amid reports of active exploit activity.

 CVE-2026-21513 | Microsoft

CVE-2026-21513 (CVSS 8.8) affects Microsoft’s MSHTML framework. Attackers can abuse the flaw by tricking users into opening a specially crafted HTML file or shortcut link and tricking the browser and operating system into executing it like code instead of treating it like data.

 CVE-2026-21525 | Microsoft

CVE-2026-21525 (CVSS 6.2) in Windows Remote Access Connection Manager allows an attacker to trigger denial-of-service conditions locally. “An attacker with a foothold as a standard, non-admin user can run a small script that crashes the RAS manager service,”

 CVE-2026-21519 | Microsoft

CVE-2026-21519 (CVSS 6.2) and CVE-2026-21533 both allow attackers to escalate their privileges on a system to administrator-level access.

 CVE-2024-43468 | Microsoft

CVE-2024-43468 is a critical remote code execution vulnerability affecting Microsoft Configuration Manager (SCCM/ConfigMgr). This SQL Injection vulnerability allows unauthenticated attackers to execute arbitrary code on affected systems by sending specially crafted requests to the Configuration Manager server. The vulnerability requires no user interaction and can be exploited remotely over the network, making it particularly dangerous for enterprise environments that rely on Configuration Manager for system management. Unauthenticated remote attackers can achieve complete system compromise through SQL Injection, potentially gaining full control over the Configuration Manager infrastructure and all managed endpoints.

CVE-2008-0015 | Microsoft

CVE-2008-0015 (CVSS score: 8.8) – A stack-based buffer overflow vulnerability in Microsoft Windows Video ActiveX Control that could allow an attacker to achieve remote code execution by setting up a specially crafted web page.

CVE-2020-7796 | Zimbra

CVE-2020-7796 (CVSS score: 9.8) – A server-side request forgery (SSRF) vulnerability in Synacor Zimbra Collaboration Suite (ZCS) that could allow an attacker to send a crafted HTTP request to a remote host and obtain unauthorized access to sensitive information.

CVE-2026-1731 | BeyondTrust

“BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability,” the company said in an advisory released February 6, 2026. “By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.” The vulnerability, categorized as an operating system command injection, has been assigned the CVE identifier CVE-2026-1731. It’s rated 9.9 on the CVSS scoring system