Critical vulnerabilities, curated daily for security professionals
π― SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
π
Today's Security Brief
Monday's vulnerability disclosures reveal 3 critical-severity flaws affecting Changing IDExpert Windows Logon Agent and e-Excellence U-Office Force, all scoring CVSS 9.8. Critical CVE count rose from 0 to 3 compared to the prior day, while high-priority vulnerabilities dropped 57% from 35 to 15. CVE-2026-2999 and CVE-2026-3000 target Changing IDExpert's Windows Logon Agent, and CVE-2026-3422 impacts e-Excellence U-Office Force, each enabling potential remote code execution or authentication bypass. Active exploitation spans 17 vulnerabilities across Microsoft Windows, Microsoft Office, Apple OS, Google Chromium, GitLab, Roundcube Webmail, and Notepad++, indicating broad targeting of enterprise infrastructure and productivity tools. No patches are currently available for the newly disclosed CVEs, requiring organizations to prioritize compensating controls and monitoring.
Changing IDExpert Windows Logon Agent affected by two CVSS 9.8 critical vulnerabilities (CVE-2026-2999, CVE-2026-3000) enabling potential authentication bypass
Critical CVE count increased from 0 to 3 (+100%), including e-Excellence U-Office Force CVE-2026-3422 at CVSS 9.8
High-priority CVEs declined 57% from 35 to 15, narrowing the day's disclosure scope to fewer but more severe issues
Active exploitation observed across Microsoft Windows, Office, Apple OS, Google Chromium, GitLab, and Roundcube Webmail, spanning remote code execution and privilege escalation vectors
Patch availability at 0% for newly disclosed CVEs β compensating controls and network segmentation recommended
17 vulnerabilities confirmed actively exploited, including legacy CVEs dating back to 2008 and 2020
Immediate action: Prioritize review of Changing IDExpert Windows Logon Agent and e-Excellence U-Office Force deployments, applying network segmentation and access restrictions until patches are released. Monitor for exploitation activity targeting Microsoft Windows, Apple OS, Google Chromium, and Roundcube Webmail, and apply any available vendor mitigations for the 17 actively exploited vulnerabilities.
π‘ Tip: Swipe CVE cards left to β star, right to β remove
Section Navigation
β οΈ
CISA Known Exploited Vulnerabilities
β οΈ CISA KEVURGENT
CVE-2026-21513
9.5π
MicrosoftWindows
β° Federal Deadline:March 2, 2026(1 days remaining)
A protection mechanism failure in the MSHTML Framework allows an unauthenticated attacker to bypass security features over a network, potentially leading to unauthorized system access.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2026-21525
9.5
MicrosoftWindows
β° Federal Deadline:March 2, 2026(1 days remaining)
Microsoft Windows NULL Pointer Dereference Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2026-21510
9.5π
MicrosoftWindows
β° Federal Deadline:March 2, 2026(1 days remaining)
A protection mechanism failure in the Windows Shell allows an unauthenticated attacker to bypass security features over a network connection.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2026-21533
9.5π
MicrosoftWindows
β° Federal Deadline:March 2, 2026(1 days remaining)
Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate their privileges locally on the affected system.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2026-21519
9.5π
MicrosoftWindows
β° Federal Deadline:March 2, 2026(1 days remaining)
A type confusion vulnerability in the Desktop Window Manager (DWM) allows an authorized local attacker to elevate their privileges to a higher level.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2026-21514
9.5π
MicrosoftOffice
β° Federal Deadline:March 2, 2026(1 days remaining)
A security feature bypass vulnerability in Microsoft Office Word exists due to reliance on untrusted inputs, allowing an unauthorized local attacker to circumvent security protections.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2026-20700
9.5π
AppleApple OS
β° Federal Deadline:March 4, 2026(3 days remaining)
A memory corruption vulnerability in Apple software was addressed through improved state management to prevent potential exploitation.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2024-43468
9.5π Late Disclosure
MicrosoftConfiguration Manager
β° Federal Deadline:March 4, 2026(3 days remaining)
Microsoft Configuration Manager SQL Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEVURGENT
CVE-2025-15556
9.5
Notepad++Notepad++
β° Federal Deadline:March 4, 2026(3 days remaining)
Notepad++ Download of Code Without Integrity Check Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2020-7796
9.5π Late Disclosure
SynacorZimbra Collaboration Suite
β° Federal Deadline:March 9, 2026(8 days remaining)
Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2024-7694
9.5π Late Disclosure
TeamT5ThreatSonar Anti-Ransomware
β° Federal Deadline:March 9, 2026(8 days remaining)
TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2008-0015
9.5π Late Disclosure
MicrosoftWindows
β° Federal Deadline:March 9, 2026(8 days remaining)
Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2026-2441
9.5π
GoogleChromium
β° Federal Deadline:March 9, 2026(8 days remaining)
Google Chrome is vulnerable to a "Use After Free" condition in its CSS engine, which could allow a remote attacker to execute arbitrary code via a crafted webpage.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2021-22175
9.5π Late Disclosure
GitLabGitLab
β° Federal Deadline:March 10, 2026(9 days remaining)
GitLab Server-Side Request Forgery (SSRF) Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2025-49113
9.5
RoundcubeWebmail
β° Federal Deadline:March 12, 2026(11 days remaining)
RoundCube Webmail Deserialization of Untrusted Data Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2025-68461
9.5
RoundcubeWebmail
β° Federal Deadline:March 12, 2026(11 days remaining)
RoundCube Webmail Cross-site Scripting Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
β
CRSSelect profile
β οΈ CISA KEV
CVE-2026-25108
9.5π
Soliton Systems K.KFileZen
β° Federal Deadline:March 16, 2026(15 days remaining)
FileZen is affected by a high-severity OS command injection vulnerability that allows a threat actor to execute arbitrary commands on the underlying operating system.
CVSS Base9.5
β
CRSSelect profile
π¨
Critical Vulnerabilities
CVE-2026-2999
9.8π
ChangingIDExpert Windows Logon Agent
A remote code execution vulnerability in IDExpert Windows Logon Agent allows unauthenticated attackers to force arbitrary file downloads and execution from remote sources.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-3000
9.8π
ChangingIDExpert Windows Logon Agent
IDExpert Windows Logon Agent is vulnerable to unauthenticated remote code execution via unauthorized remote DLL downloads and execution.
CVSS Base9.8
β
CRSSelect profile
CVE-2026-3422
9.8π
e-ExcellenceU-Office Force
An insecure deserialization vulnerability in U-Office Force allows unauthenticated remote attackers to execute arbitrary code via crafted serialized content.
CVSS Base9.8
β
CRSSelect profile
β οΈ
High Priority Updates
CVE-2026-28562
8.2π
WordPressdatabase
The wpForo 2 forum plugin for WordPress contains a high-severity vulnerability that could lead to unauthorized database access or system compromise.
CVSS Base8.2
β
CRSSelect profile
CVE-2026-3406
7.3π
HPof the
A vulnerability in projectworlds Online Art Gallery Shop version 1 could allow attackers to compromise the e-commerce platform's security.
CVSS Base7.3
β
CRSSelect profile
CVE-2026-3395
7.3π
F5MaxSite CMS
A security flaw in MaxSite CMS up to version 109 presents a high-severity risk to the integrity of the content management system.
CVSS Base7.3
β
CRSSelect profile
CVE-2026-3410
7.3π
HPSociety Management System
A security weakness has been identified in itsourcecode Society Management System version 1, potentially allowing for unauthorized data access.
CVSS Base7.3
β
CRSSelect profile
CVE-2026-3411
7.3π
HPUniversity Management System
A security vulnerability in itsourcecode University Management System version 1 could lead to unauthorized access to academic and administrative records.
CVSS Base7.3
β
CRSSelect profile
CVE-2026-3413
7.3π
HPUniversity Management System
A flaw in itsourcecode University Management System version 1 presents a high-severity security risk to the application's environment.
CVSS Base7.3
β
CRSSelect profile
CVE-2026-3376
8.8π
TendaF453
A security vulnerability has been detected in the Tenda F453 router, version 1, potentially allowing for remote device compromise.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3377
8.8π
TendaF453
A high-severity vulnerability has been identified in the Tenda F453 router, which may allow an attacker to compromise the device's integrity and gain unauthorized access.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3378
8.8π
TendaF453
A critical flaw has been discovered in the Tenda F453 router that could lead to unauthorized system manipulation or a complete compromise of the device.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3379
8.8π
TendaF453
A vulnerability in the Tenda F453 router has been identified that could permit unauthorized actors to interfere with device operations or gain elevated privileges.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3380
8.8π
TendaF453
A security vulnerability found in the Tenda F453 router could allow for unauthorized access or execution of arbitrary actions by an attacker.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3398
8.8π
TendaF453
A high-severity vulnerability has been determined in the Tenda F453 router, which could lead to unauthorized administrative access or system failure.
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3399
8.8
TendaF453
A vulnerability was identified in Tenda F453 1
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3400
8.8
TendaAC15 up
A security flaw has been discovered in Tenda AC15 up to 15
CVSS Base8.8
β
CRSSelect profile
CVE-2026-3409
7.3π
eosphoros-aidb-gpt
A security vulnerability has been identified in eosphoros-ai db-gpt version 0, potentially impacting the security of AI-driven database interactions.