FLIR Thermal Camera FC-S/PT firmware version 8
Description
FLIR Thermal Camera FC-S/PT firmware version 8
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Search and filter 18149 vulnerabilities with AI analyst insights
FLIR Thermal Camera FC-S/PT firmware version 8
FLIR Thermal Camera FC-S/PT firmware version 8
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
FLIR Thermal Camera F/FC/PT/D firmware version 8
FLIR Thermal Camera F/FC/PT/D firmware version 8
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shel...
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command
---METADATA---
VENDOR: Orpak
PRODUCT: SiteOmat OrCU
AFFECTED_VERSIONS: Orpak SiteOmat versions prior to 6.4.414.122.
---END_METADATA---
Description Summary:
The Orpak SiteOmat OrCU component contains a code injection vulnerability caused by a search query utilizing a direct shell command, enabling remote code execution.
Executive Summary:
A critical code injection vulnerability in the Orpak SiteOmat OrCU component allows unauthenticated attackers to execute arbitrary shell commands, risking full system compromise.
Vulnerability Details
CVE-ID: CVE-2017-14853
Affected Software: Orpak SiteOmat
Affected Versions: Orpak SiteOmat versions prior to 6.4.414.122.
Vulnerability: The vulnerability exists in the OrCU component, which fails to sanitize input in a search query that triggers a direct shell command. By injecting malicious parameters into the request, an attacker can execute arbitrary commands on the underlying operating system.
Business Impact
With a CVSS score of 8.6, this vulnerability poses a severe threat, allowing for unauthorized access to view and edit payment information, system configurations, and monitoring data. Successful exploitation could lead to full remote code execution, enabling attackers to disrupt critical business operations or exfiltrate sensitive financial records.
Remediation Plan
Immediate Action: Upgrade the Orpak SiteOmat software to version 6.4.414.122 or later immediately to patch the command injection vector.
Proactive Monitoring: Review system logs for suspicious shell commands or unauthorized requests targeting the OrCU component.
Compensating Controls: Deploy a Web Application Firewall (WAF) to inspect and block malicious input strings containing shell metacharacters before they reach the application.
Exploitation Status
Public Exploit Available: true
Analyst Notes: As of June 4, 2026, there is evidence of active exploitation in the wild, which significantly elevates the urgency of this advisory.
Analyst Recommendation
This vulnerability is critical due to the confirmed existence of public exploit code and active exploitation observed in the field. Administrators should treat this as a high-priority incident and apply the recommended version update without delay to prevent unauthorized remote code execution.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate
An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate
---METADATA---
VENDOR: Orpak
PRODUCT: SiteOmat management console
AFFECTED_VERSIONS: All known versions
---END_METADATA---
Description Summary:
The Orpak SiteOmat management console is vulnerable to insecure communication due to the use of an invalid SSL certificate across all known software versions.
Executive Summary:
All versions of the Orpak SiteOmat management console are susceptible to man-in-the-middle attacks resulting from invalid SSL certificate implementations.
Vulnerability Details
CVE-ID: CVE-2017-14852
Affected Software: Orpak SiteOmat management console
Affected Versions: All known versions
Vulnerability: The vulnerability stems from an insecure communication channel between the user and the management console. By utilizing an invalid SSL certificate, the system fails to verify the identity of the server, allowing an attacker to intercept or manipulate sensitive traffic.
Business Impact
With a CVSS score of 8.6, this vulnerability creates a high risk of credential theft and unauthorized administrative access. Successful exploitation could lead to full compromise of the management console, potentially impacting the operational integrity of the systems it governs.
Remediation Plan
Immediate Action: Consult the vendor for available security updates or configuration guidance to replace invalid certificates with trusted, valid ones.
Proactive Monitoring: Monitor network traffic to the SiteOmat console for anomalous SSL certificate warnings or evidence of interception attempts.
Compensating Controls: Restrict access to the management console to authorized internal networks only, utilizing VPNs or firewalls to minimize exposure to external threats.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 4, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The reliance on invalid certificates undermines the fundamental security of the management console. Organizations should treat this as a high-priority configuration issue and seek updated documentation or patches from the vendor to remediate the certificate trust chain.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Jenkins Remote Code Execution Vulnerability - Active in CISA KEV catalog.
Jenkins Remote Code Execution Vulnerability - Active in CISA KEV catalog.
FEDERAL DEADLINE: October 22, 2025 (21 days). Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. FEDERAL DEADLINE: October 22, 2025 (21 days). Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Deadline: October 22, 2025
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
An issue was discovered in Moxa NPort 5110 versions prior to 2
An issue was discovered in Moxa NPort 5110 versions prior to 2
---METADATA---
VENDOR: Moxa
PRODUCT: NPort
AFFECTED_VERSIONS: Moxa NPort 5110 versions prior to 2.9
---END_METADATA---
Description Summary:
A stack-based buffer overflow in Moxa NPort 5110 allows remote attackers to execute arbitrary code or cause a denial-of-service.
Executive Summary:
Moxa NPort 5110 serial device servers are affected by a stack-based buffer overflow that could permit remote code execution or system crashes.
Vulnerability Details
CVE-ID: CVE-2016-9365
Affected Software: Moxa NPort 5110
Affected Versions: Moxa NPort 5110 versions prior to 2.9.
Vulnerability: This is a stack-based buffer overflow vulnerability that can be triggered by a remote attacker. The flaw allows for the execution of arbitrary code with high privileges or the triggering of a denial-of-service condition on the device.
Business Impact
With a CVSS score of 8.8, this vulnerability poses a high risk to infrastructure relying on Moxa NPort serial servers. Exploitation could allow an attacker to gain control over connected industrial equipment or cause significant disruption to serial communications, impacting plant-floor operations.
Remediation Plan
Immediate Action: Update the firmware of all affected Moxa NPort 5110 devices to version 2.9 or later.
Proactive Monitoring: Monitor network traffic for unusual activity directed at the NPort devices and maintain strict access control lists (ACLs) to limit management interface exposure.
Compensating Controls: Isolate the NPort devices on a dedicated, non-routable management network to prevent unauthorized remote access.
Exploitation Status
Public Exploit Available: False
Analyst Notes: As of June 3, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations using legacy Moxa NPort 5110 devices must ensure they are updated to firmware version 2.9 or later. Given the potential for remote code execution, this should be treated as a high-priority remediation task to secure serial-to-ethernet connectivity.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
SKYSEA Client View Improper Authentication Vulnerability - Active in CISA KEV catalog.
SKYSEA Client View Improper Authentication Vulnerability - Active in CISA KEV catalog.
FEDERAL DEADLINE: November 3, 2025 (21 days). Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. FEDERAL DEADLINE: November 3, 2025 (21 days). Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Deadline: November 3, 2025
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Matrix42 Remote Control Host 3
Matrix42 Remote Control Host 3
---METADATA---
VENDOR: Matrix42
PRODUCT: Remote Control Host
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability exists in Matrix42 Remote Control Host 3 that may expose the system to unauthorized access or control.
Executive Summary:
Matrix42 Remote Control Host 3 contains a high-severity vulnerability that could allow unauthorized actors to gain elevated control over affected systems.
Vulnerability Details
CVE-ID: CVE-2016-20095
Affected Software: Matrix42 Remote Control Host
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability involves an issue within the Remote Control Host component, potentially allowing an authenticated or unauthenticated attacker (depending on configuration) to interact with the host environment in an unintended manner.
Business Impact
Successful exploitation of this flaw could lead to a total compromise of the host system, resulting in unauthorized data access, lateral movement within the network, and potential disruption of critical business operations. With a CVSS score of 7.8, this vulnerability represents a significant risk to organizational integrity and should be addressed as a priority to prevent unauthorized administrative access.
Remediation Plan
Immediate Action: Identify all instances of Matrix42 Remote Control Host 3 and apply the latest security patches provided by the vendor.
Proactive Monitoring: Audit remote access logs for unusual connection patterns or unauthorized login attempts originating from unexpected IP addresses.
Compensating Controls: Restrict access to the Remote Control Host service via network-level controls or VPN requirements to minimize the attack surface until patching is complete.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high severity of this vulnerability, administrators must prioritize the identification and remediation of all affected Matrix42 installations. Failure to patch these systems leaves the environment vulnerable to remote exploitation; immediate action is required to maintain the security posture of the network.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
AnyDesk 2
AnyDesk 2
---METADATA---
VENDOR: AnyDesk Software GmbH
PRODUCT: AnyDesk
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability identified in AnyDesk version 2 could potentially permit unauthorized access or system-level exploitation.
Executive Summary:
A high-severity security flaw in AnyDesk version 2 presents a critical risk, potentially enabling unauthorized actors to compromise remote desktop sessions or host systems.
Vulnerability Details
CVE-ID: CVE-2016-20094
Affected Software: AnyDesk Software GmbH AnyDesk
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability concerns an undisclosed security weakness in AnyDesk version 2. Because AnyDesk operates with elevated system privileges to facilitate remote control, any flaw in this software represents a severe vector for privilege escalation or unauthorized remote access.
Business Impact
With a CVSS score of 7.8, this vulnerability represents a substantial threat to organizational security. An exploit could allow an attacker to bypass authentication mechanisms, leading to full remote control of the host system, theft of sensitive data, and further lateral movement within the network.
Remediation Plan
Immediate Action: Immediately update the AnyDesk client to the latest stable version provided by the vendor to eliminate the underlying vulnerability.
Proactive Monitoring: Audit remote access logs and monitor for anomalous connection attempts or unrecognized sessions originating from external IP addresses.
Compensating Controls: Implement network-level access controls to restrict AnyDesk traffic to known, trusted endpoints and disable the service when it is not actively required for business operations.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
AnyDesk is a high-value target for attackers due to its inherent remote access capabilities. It is imperative that organizations verify their current versioning and deploy updates immediately to mitigate the risk of unauthorized remote system control.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Wise Care 365 4
Wise Care 365 4
---METADATA---
VENDOR: WiseCleaner
PRODUCT: Wise Care 365
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A vulnerability in Wise Care 365 version 4 may expose the system to unauthorized access or potential compromise.
Executive Summary:
A high-severity vulnerability in Wise Care 365 version 4 poses a significant security risk to host systems, potentially allowing for unauthorized system manipulation.
Vulnerability Details
CVE-ID: CVE-2016-20093
Affected Software: WiseCleaner Wise Care 365
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability involves an unspecified security flaw within the Wise Care 365 application. Due to the lack of detailed disclosure, the precise authentication requirements are currently undetermined, though users should assume potential local or remote impact.
Business Impact
The identified vulnerability carries a CVSS score of 7.8, indicating a high level of risk. Successful exploitation could lead to unauthorized system access, data integrity loss, or the execution of arbitrary code, which may result in severe operational disruption and potential compromise of sensitive host information.
Remediation Plan
Immediate Action: Review the official WiseCleaner security portal and apply all available patches or recommended version upgrades immediately.
Proactive Monitoring: Monitor system logs for unusual process execution or unauthorized attempts to access core application files associated with Wise Care 365.
Compensating Controls: Restrict application execution privileges and ensure that the software is run within a hardened environment with minimal necessary permissions.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the High severity rating, administrators must prioritize the assessment of their Wise Care 365 deployments. Until a definitive patch is applied, ensure that the software is not exposed to untrusted network segments and maintain rigorous monitoring of system-level activities.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
NetDrive 2
NetDrive 2
---METADATA---
VENDOR: NetDrive
PRODUCT: NetDrive 2
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
NetDrive 2 contains a security vulnerability that could potentially be leveraged by an attacker to compromise the affected system.
Executive Summary:
A high-severity vulnerability in NetDrive 2 presents a significant security risk, requiring immediate attention to prevent unauthorized system exploitation.
Vulnerability Details
CVE-ID: CVE-2016-20092
Affected Software: NetDrive 2
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects NetDrive 2, potentially allowing an attacker to manipulate the application's functionality to gain unauthorized access. The flaw resides within the software's architecture, which may be susceptible to exploitation if not properly patched.
Business Impact
The CVSS score of 7.8 underscores the urgency of this vulnerability. As NetDrive 2 is often used to map network drives, successful exploitation could lead to unauthorized access to remote file systems, sensitive data exfiltration, or the lateral movement of attackers within the internal network.
Remediation Plan
Immediate Action: Verify the version of NetDrive 2 currently in use and apply the latest security updates provided by the vendor immediately.
Proactive Monitoring: Monitor file access logs and network drive connection attempts for anomalous activity that deviates from established user access patterns.
Compensating Controls: Implement strict access control lists (ACLs) on network shares and ensure that endpoint security software is configured to block unauthorized remote connection attempts.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the potential for unauthorized access to network resources, it is imperative that organizations prioritize the patching of NetDrive 2. Security administrators should ensure that all systems are updated and that additional monitoring is in place to detect any potential indicators of compromise.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Windows Firewall Control 4
Windows Firewall Control 4
---METADATA---
VENDOR: Malwarebytes
PRODUCT: Windows Firewall Control
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A vulnerability in Malwarebytes Windows Firewall Control may allow for unauthorized security policy manipulation.
Executive Summary:
Windows Firewall Control contains a high-severity vulnerability that could allow an attacker to bypass or modify critical security policies on the host system.
Vulnerability Details
CVE-ID: CVE-2016-20091
Affected Software: Malwarebytes Windows Firewall Control
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the Windows Firewall Control utility, potentially allowing an attacker to interact with the software to weaken or disable firewall rules. Such flaws typically involve insecure handling of process communications or improper authorization checks for administrative tasks.
Business Impact
A CVSS score of 7.8 indicates a high risk to host security. If an attacker successfully exploits this flaw, they could disable firewall protections, effectively leaving the system vulnerable to further exploitation, lateral movement, and unauthorized network access.
Remediation Plan
Immediate Action: Update Windows Firewall Control to the latest version provided by Malwarebytes to ensure all security patches are applied.
Proactive Monitoring: Monitor system logs for unauthorized configuration changes to the Windows Firewall or unexpected termination of security services.
Compensating Controls: Ensure that Endpoint Detection and Response (EDR) tools are configured to alert on unauthorized modifications to firewall settings or local security policies.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Because this vulnerability directly impacts the integrity of the host's firewall protection, it must be addressed immediately. Administrators should prioritize updating the software across all managed endpoints to prevent attackers from bypassing network security controls.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Comodo Dragon Browser versions up to 52
Comodo Dragon Browser versions up to 52
---METADATA---
VENDOR: Comodo
PRODUCT: Dragon Browser
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
Comodo Dragon Browser versions up to 52 contain a security vulnerability that may facilitate unauthorized system access.
Executive Summary:
A high-severity security flaw in Comodo Dragon Browser allows for potential exploitation, necessitating urgent updates to maintain endpoint integrity.
Vulnerability Details
CVE-ID: CVE-2016-20090
Affected Software: Comodo Dragon Browser
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This issue impacts Comodo Dragon Browser versions up to 52. The vulnerability could be leveraged to bypass security controls, potentially granting an attacker the ability to execute arbitrary code or interfere with browser operations.
Business Impact
With a CVSS score of 7.8, this vulnerability represents a substantial risk to organizational security. Compromise of the browser environment often leads to the exposure of credentials, cookies, and sensitive browsing data, which can be further leveraged to escalate access within the corporate network.
Remediation Plan
Immediate Action: Update all deployments of Comodo Dragon Browser to the latest version provided by the vendor to remediate the underlying flaw.
Proactive Monitoring: Monitor endpoint logs for suspicious behavior, specifically focusing on unauthorized child processes spawned by the browser application.
Compensating Controls: Utilize Web Application Firewalls (WAF) and network-level traffic analysis to detect and block malicious payloads that attempt to exploit browser vulnerabilities.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Security teams should immediately audit their asset inventory to locate all instances of the affected browser. Prompt remediation is critical to neutralizing the risk of unauthorized access and ensuring that browser security remains commensurate with organizational standards.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Iperius Remote 1
Iperius Remote 1
---METADATA---
VENDOR: Iperius
PRODUCT: Iperius Remote
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
Iperius Remote 1 contains a security vulnerability that may allow for unauthorized access or control within the remote desktop environment.
Executive Summary:
A high-severity vulnerability in Iperius Remote 1 presents a significant risk for unauthorized remote access, requiring immediate attention.
Vulnerability Details
CVE-ID: CVE-2016-20089
Affected Software: Iperius Remote 1
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the Iperius Remote software, potentially exposing the application to unauthorized control or access. As a remote administration tool, the flaw likely impacts the authentication or session management mechanisms of the software.
Business Impact
The CVSS score of 7.8 (High) indicates a high potential for unauthorized access to sensitive systems. An exploit could lead to complete system takeover, unauthorized access to corporate data, and severe reputational damage to the organization.
Remediation Plan
Immediate Action: Upgrade to the latest stable version of Iperius Remote immediately to ensure all known security flaws are mitigated.
Proactive Monitoring: Conduct audits of remote access logs and monitor for unauthorized sessions or unrecognized IP addresses connecting to the software.
Compensating Controls: Implement multi-factor authentication (MFA) where possible and restrict remote access tools to authorized personnel via network segmentation.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high-risk nature of remote access software, patching this vulnerability is of the utmost importance. Failure to update the software could provide attackers with a direct pathway into the internal network; therefore, immediate remediation is required.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Comodo Chromodo Browser 52
Comodo Chromodo Browser 52
---METADATA---
VENDOR: Comodo
PRODUCT: Chromodo Browser
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
Comodo Chromodo Browser version 52 is susceptible to a security vulnerability that may allow for unauthorized system compromise.
Executive Summary:
A high-severity vulnerability in the Comodo Chromodo Browser poses a significant risk of system exploitation and potential unauthorized access.
Vulnerability Details
CVE-ID: CVE-2016-20088
Affected Software: Comodo Chromodo Browser
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the Comodo Chromodo Browser, potentially allowing an attacker to leverage system weaknesses to execute unauthorized actions. While specific exploit vectors are limited, the nature of browser-based flaws typically involves the manipulation of untrusted content to achieve code execution or security bypass.
Business Impact
The CVSS score of 7.8 classifies this as a High-severity vulnerability. Successful exploitation could lead to full browser compromise, potentially resulting in the theft of sensitive user data, session hijacking, or the deployment of malicious software within the local environment.
Remediation Plan
Immediate Action: Identify all instances of Chromodo Browser within the environment and apply the latest vendor-provided security patches immediately.
Proactive Monitoring: Review browser logs and endpoint security telemetry for signs of unusual process execution or anomalous network activity originating from the browser.
Compensating Controls: Ensure endpoint detection and response (EDR) solutions are active to identify and block suspicious shell executions or unauthorized file modifications.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the severity of this browser-based vulnerability, organizations must prioritize the identification and patching of all affected Chromodo installations. Failure to address this flaw leaves end-user systems exposed to potential remote code execution and data exfiltration threats.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Fortitude HTTP 1
Fortitude HTTP 1
---METADATA---
VENDOR: Fortitude
PRODUCT: HTTP Server
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
Fortitude HTTP 1 contains a security vulnerability that may allow for unauthorized system access or remote exploitation.
Executive Summary:
A high-severity vulnerability in Fortitude HTTP 1 poses a significant risk to the security and integrity of the affected web server environment.
Vulnerability Details
CVE-ID: CVE-2016-20087
Affected Software: Fortitude HTTP Server
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability involves flaws within the Fortitude HTTP 1 server implementation. The vulnerability likely allows an attacker to manipulate server-side processes, potentially leading to unauthorized access or service disruption.
Business Impact
The CVSS score of 7.8 indicates a high potential for impact, including the compromise of data transmitted through the server or full system takeover. Such an event would result in significant reputational damage and the potential for a large-scale data breach, necessitating immediate remediation efforts.
Remediation Plan
Immediate Action: Update the Fortitude HTTP Server to the latest patched release provided by the vendor.
Proactive Monitoring: Monitor server logs for abnormal request patterns or suspicious HTTP response codes that indicate exploitation attempts.
Compensating Controls: Utilize a Web Application Firewall (WAF) to filter malicious traffic and block known attack vectors targeting the server.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Security teams should immediately assess their exposure to this vulnerability by identifying all instances of the Fortitude HTTP Server. Applying the necessary security updates is the only definitive way to eliminate the risk of exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Vembu StoreGrid 4
Vembu StoreGrid 4
---METADATA---
VENDOR: Vembu
PRODUCT: StoreGrid
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
Vembu StoreGrid 4 contains a security vulnerability that may allow for unauthorized system access or compromise.
Executive Summary:
A high-severity vulnerability identified in Vembu StoreGrid 4 requires immediate attention to prevent potential unauthorized system access.
Vulnerability Details
CVE-ID: CVE-2016-20086
Affected Software: Vembu StoreGrid
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability pertains to security flaws within the Vembu StoreGrid 4 architecture. While specific technical triggers are limited, the issue generally involves weaknesses that can be exploited by an authenticated attacker to compromise the application.
Business Impact
With a CVSS score of 7.8, this vulnerability represents a substantial threat to the confidentiality and availability of backup data managed by StoreGrid. Unauthorized access could lead to the exposure of sensitive corporate backups or the disruption of critical data protection services, severely impacting business continuity.
Remediation Plan
Immediate Action: Upgrade to the latest version of Vembu StoreGrid as directed by the vendor.
Proactive Monitoring: Review application access logs for unusual administrative activity or unauthorized configuration changes.
Compensating Controls: Isolate the StoreGrid management interface behind a VPN or restricted network segment to prevent unauthorized exposure.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the critical role of backup infrastructure, security teams must prioritize updating Vembu StoreGrid. Failure to mitigate this vulnerability could allow attackers to bypass security controls and gain persistent access to backup repositories.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Realtek High Definition Audio Driver 6
Realtek High Definition Audio Driver 6
---METADATA---
VENDOR: Realtek
PRODUCT: High Definition Audio Driver
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A vulnerability exists in the Realtek High Definition Audio Driver that may allow for unauthorized system interaction or privilege escalation.
Executive Summary:
The Realtek High Definition Audio Driver contains a high-severity vulnerability that could potentially allow an attacker to compromise system integrity.
Vulnerability Details
CVE-ID: CVE-2016-20085
Affected Software: Realtek High Definition Audio Driver
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability relates to the Realtek High Definition Audio Driver; while specific technical triggers remain limited in the advisory, such driver-level flaws typically require local, authenticated access to execute malicious code with elevated privileges.
Business Impact
Successful exploitation of this driver vulnerability could lead to a full system compromise, allowing an attacker to bypass security controls or gain persistent access to the host machine. With a CVSS score of 7.8, this flaw represents a significant risk to organizational endpoints, potentially leading to data exfiltration or the deployment of secondary malware payloads.
Remediation Plan
Immediate Action: Identify and update the Realtek High Definition Audio Driver to the latest version provided by the hardware manufacturer or system vendor.
Proactive Monitoring: Monitor system logs for unusual process execution or unauthorized attempts to access kernel-mode drivers.
Compensating Controls: Ensure endpoint protection software is active and configured to detect and block suspicious behavior originating from audio subsystem processes.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high CVSS score, organizations should treat this vulnerability with urgency. Prioritize patching all workstations and servers utilizing the affected Realtek hardware to eliminate the risk of privilege escalation and potential system-wide compromise.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
WordPress Ultimate Product Catalog 3
WordPress Ultimate Product Catalog 3
---METADATA---
VENDOR: WordPress
PRODUCT: Ultimate Product Catalog
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A vulnerability exists in the WordPress Ultimate Product Catalog plugin, requiring immediate investigation.
Executive Summary:
A high-severity vulnerability in the WordPress Ultimate Product Catalog plugin presents a significant risk to the integrity and security of the host website.
Vulnerability Details
CVE-ID: CVE-2016-20075
Affected Software: WordPress Ultimate Product Catalog
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability involves an issue within the plugin's architecture that may allow for unauthorized actions or data access, depending on the specific exploitation vector.
Business Impact
With a CVSS score of 8.8, this vulnerability poses a high risk to business operations. Exploitation could lead to the unauthorized modification of product data, potential data theft, or the compromise of the WordPress administration interface, resulting in significant operational downtime and loss of customer trust.
Remediation Plan
Immediate Action: Update the Ultimate Product Catalog plugin to the latest version immediately.
Proactive Monitoring: Review audit logs for unauthorized administrative actions or modifications to product catalog settings.
Compensating Controls: Implement strict file permission settings and use a security plugin to monitor for unauthorized changes to the WordPress plugin directory.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 16, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the late disclosure and high CVSS score, administrators should treat this vulnerability with urgency. Ensure that the plugin is updated to a patched version, and perform a security review of the WordPress site to ensure no malicious activity has occurred in the interim.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
Answer My Question 1
Answer My Question 1
---METADATA---
VENDOR: WordPress
PRODUCT: Answer My Question
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
The Answer My Question plugin for WordPress contains a security vulnerability that may allow for unauthorized access or data manipulation.
Executive Summary:
A high-severity vulnerability in the Answer My Question plugin presents a critical risk to the security of the WordPress platform.
Vulnerability Details
CVE-ID: CVE-2016-20073
Affected Software: WordPress Answer My Question
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability resides within the Answer My Question plugin and appears to allow for unauthorized interactions, potentially exposing the site to malicious exploitation of plugin functions.
Business Impact
The CVSS score of 8.2 signifies a high risk, where an attacker could potentially manipulate the question-and-answer functionality to compromise data or gain unauthorized access. This could lead to a breach of user confidentiality or the injection of malicious content into the site.
Remediation Plan
Immediate Action: Update the Answer My Question plugin to the latest version immediately to address this vulnerability.
Proactive Monitoring: Monitor for any irregular activity related to user-submitted content or questions on the site.
Compensating Controls: Utilize a Web Application Firewall (WAF) to inspect incoming requests and block suspicious inputs targeting the plugin.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 16, 2026, there is no public information indicating active exploitation of this vulnerability. However, the high severity score necessitates rapid remediation to maintain system security.
Analyst Recommendation
Given the high-severity rating, it is critical to prioritize the update of the Answer My Question plugin. Administrators should ensure that all security patches are applied and evaluate the necessity of the plugin if regular updates are not maintained by the developer.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
BBS e-Franchise 1
BBS e-Franchise 1
---METADATA---
VENDOR: BBS
PRODUCT: e-Franchise
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
The BBS e-Franchise plugin for WordPress is affected by a security vulnerability that could lead to unauthorized system access.
Executive Summary:
The BBS e-Franchise plugin contains a high-severity vulnerability that poses a significant risk to the security and integrity of the WordPress site.
Vulnerability Details
CVE-ID: CVE-2016-20072
Affected Software: WordPress BBS e-Franchise
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the e-Franchise plugin and potentially allows an attacker to interact with the plugin’s backend functions in an unauthorized manner.
Business Impact
A CVSS score of 8.2 reflects the high potential for impact, including the compromise of sensitive franchise-related data or unauthorized administrative access. Such incidents can result in severe reputational damage and the loss of proprietary business information.
Remediation Plan
Immediate Action: Update the BBS e-Franchise plugin to the most recent version provided by the vendor.
Proactive Monitoring: Review application-level logs for signs of unauthorized access or exploitation attempts targeting the plugin’s specific functionality.
Compensating Controls: Use a Web Application Firewall to restrict unauthorized access to sensitive plugin endpoints.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 16, 2026, there is no evidence of active exploitation for this CVE. However, given the high severity, immediate patching is recommended to prevent future exploitation.
Analyst Recommendation
Due to the severity of this vulnerability, immediate action is required to update the affected software. Security administrators must verify that the plugin is patched to ensure the continued security of the WordPress infrastructure.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
The 404 Redirection Manager plugin version 1
The 404 Redirection Manager plugin version 1
---METADATA---
VENDOR: WordPress
PRODUCT: 404 Redirection Manager
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
The WordPress 404 Redirection Manager plugin contains a security vulnerability that may expose the application to unauthorized actions.
Executive Summary:
A high-severity vulnerability in the 404 Redirection Manager plugin exposes the host WordPress environment to potential security compromises.
Vulnerability Details
CVE-ID: CVE-2016-20071
Affected Software: WordPress 404 Redirection Manager
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability involves a flaw in the 404 Redirection Manager plugin, which may permit unauthorized access or manipulation of site redirection settings.
Business Impact
The CVSS score of 8.2 indicates a high risk to the business, as an attacker could potentially redirect traffic to malicious sites or manipulate site navigation, leading to a loss of user trust. Unauthorized control over redirection settings can also be leveraged to facilitate phishing campaigns against site visitors.
Remediation Plan
Immediate Action: Update the 404 Redirection Manager plugin to the latest version recommended by the vendor.
Proactive Monitoring: Regularly audit redirection rules and monitor logs for unexpected changes to site configuration files.
Compensating Controls: Implement a WAF to monitor and block suspicious HTTP requests that deviate from normal site navigation patterns.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 16, 2026, there is no public information indicating active exploitation of this vulnerability. Nevertheless, the high-severity classification requires prompt remediation.
Analyst Recommendation
Security teams should prioritize updating the 404 Redirection Manager plugin to mitigate this high-risk vulnerability. If the plugin is not actively required for business operations, it should be removed to reduce the overall attack surface.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
WordPress Booking Calendar Contact Form 1
WordPress Booking Calendar Contact Form 1
---METADATA---
VENDOR: WordPress
PRODUCT: Booking Calendar
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security flaw has been identified in the WordPress Booking Calendar Contact Form, potentially impacting the confidentiality and integrity of the site.
Executive Summary:
The WordPress Booking Calendar plugin is affected by a high-severity vulnerability that requires immediate attention to prevent unauthorized access.
Vulnerability Details
CVE-ID: CVE-2016-20069
Affected Software: WordPress Booking Calendar
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability exists within the Booking Calendar Contact Form. It likely stems from inadequate security controls, potentially allowing an attacker to bypass intended restrictions within the plugin’s functionality.
Business Impact
With a CVSS score of 8.2, this vulnerability allows for serious security compromises, including the potential for unauthorized data access or malicious configuration changes. Failure to remediate this flaw could lead to unauthorized administrative control over the affected WordPress instance.
Remediation Plan
Immediate Action: Apply the latest security patch or update for the Booking Calendar plugin as soon as it becomes available.
Proactive Monitoring: Monitor WordPress administrative logs for unusual user activity or unauthorized plugin configuration changes.
Compensating Controls: Utilize a Web Application Firewall (WAF) to filter malicious traffic and block requests targeting vulnerable plugin parameters.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 16, 2026, there is no public information indicating active exploitation of this vulnerability. However, the nature of the flaw warrants a proactive security posture.
Analyst Recommendation
The high-severity rating necessitates an urgent review of all active plugins. Administrators must ensure the Booking Calendar plugin is fully updated and audited to prevent exploitation of this identified security deficiency.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
WordPress Booking Calendar Contact Form version 1
WordPress Booking Calendar Contact Form version 1
---METADATA---
VENDOR: WordPress
PRODUCT: Booking Calendar
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability exists in the WordPress Booking Calendar Contact Form plugin that may allow for unauthorized access or execution.
Executive Summary:
The WordPress Booking Calendar plugin contains a high-severity vulnerability that poses a significant risk of unauthorized system interaction.
Vulnerability Details
CVE-ID: CVE-2016-20068
Affected Software: WordPress Booking Calendar
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the Booking Calendar Contact Form component. While specific technical details are limited, such flaws often involve improper input validation or insufficient authentication checks that could be leveraged by an attacker.
Business Impact
Successful exploitation of this high-severity vulnerability (CVSS 8.2) could lead to unauthorized access to administrative functions or exposure of sensitive user data stored within the WordPress environment. This risk could result in significant operational disruption, loss of data integrity, and potential reputational damage to the organization.
Remediation Plan
Immediate Action: Update the Booking Calendar plugin to the latest available version provided by the vendor immediately.
Proactive Monitoring: Review web server access logs for anomalous request patterns or unauthorized attempts to access plugin-specific directories.
Compensating Controls: Deploy a Web Application Firewall (WAF) with updated virtual patching rules to block known exploit patterns targeting WordPress plugin vulnerabilities.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 16, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the high severity score, the potential for exploitation remains elevated.
Analyst Recommendation
Given the CVSS score of 8.2, this vulnerability represents a substantial security risk to the WordPress environment. Administrators should verify the current plugin version and apply available updates immediately. If an update is unavailable, consider disabling or removing the plugin until a secure version is released.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
sheed AntiVirus 2
sheed AntiVirus 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Hotspot Shield 6
Hotspot Shield 6
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
IObit Malware Fighter 4
IObit Malware Fighter 4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Netgate AMITI Antivirus build 23
Netgate AMITI Antivirus build 23
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
NETGATE Registry Cleaner build 16
NETGATE Registry Cleaner build 16
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Spy Emergency build 23
Spy Emergency build 23
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
IObit Advanced SystemCare 10
IObit Advanced SystemCare 10
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Snews CMS 1.7 contains an unrestricted file upload vulnerability, allowing unauthenticated attackers to upload and execute arbitrary PHP files to achi...
Snews CMS 1.7 contains an unrestricted file upload vulnerability, allowing unauthenticated attackers to upload and execute arbitrary PHP files to achieve remote code execution.
---METADATA---
VENDOR: Snews
PRODUCT: Snews CMS
AFFECTED_VERSIONS: 1.7
---END_METADATA---
Description Summary:
Snews CMS 1.7 contains an unrestricted file upload vulnerability, allowing unauthenticated attackers to upload and execute arbitrary PHP files to achieve remote code execution.
Executive Summary:
A critical unrestricted file upload vulnerability in Snews CMS 1.7 allows unauthenticated attackers to execute arbitrary code on the web server.
Vulnerability Details
CVE-ID: CVE-2016-20052
Affected Software: Snews CMS
Affected Versions: 1.7
Vulnerability: The application fails to validate file extensions during the upload process within the snews_files directory. This allows an unauthenticated attacker to upload malicious PHP scripts via a multipart form-data request and execute them directly via the web browser.
Business Impact
With a CVSS score of 9.8, this vulnerability allows for full control of the web server. This leads to potential unauthorized access to site databases, defacement, or the use of the server as a vector for further attacks against the organization, resulting in severe reputational and data security damage.
Remediation Plan
Immediate Action: Upgrade to the latest version of Snews CMS immediately and remove any suspicious files found within the snews_files directory.
Proactive Monitoring: Regularly audit the web root for unauthorized files and review server access logs for requests to files with suspicious extensions.
Compensating Controls: Configure the web server (e.g., Apache or Nginx) to disable script execution within the upload directory to prevent the activation of uploaded malicious files.
Exploitation Status
Public Exploit Available: true
Analyst Notes: As of April 4, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability is critical as it provides an easy path to remote code execution. Security teams must ensure that the CMS is updated and that strict file upload policies are enforced to mitigate the risk of unauthorized server access.
Update HP executables to to the latest version. Monitor for exploitation attempts and review access logs.
JAD 1.5.8e-1kali1 and prior allows arbitrary code execution via a stack-based buffer overflow triggered by input strings exceeding 8150 bytes.
JAD 1.5.8e-1kali1 and prior allows arbitrary code execution via a stack-based buffer overflow triggered by input strings exceeding 8150 bytes.
---METADATA---
VENDOR: JAD
PRODUCT: Java Decompiler
AFFECTED_VERSIONS: 1.5.8e-1kali1 and prior
---END_METADATA---
Description Summary:
JAD 1.5.8e-1kali1 and prior allows arbitrary code execution via a stack-based buffer overflow triggered by input strings exceeding 8150 bytes.
Executive Summary:
A critical stack-based buffer overflow in JAD 1.5.8e-1kali1 enables attackers to execute shellcode by supplying oversized input strings during the decompilation process.
Vulnerability Details
CVE-ID: CVE-2016-20049
Affected Software: JAD (Java Decompiler)
Affected Versions: 1.5.8e-1kali1 and prior
Vulnerability: The software fails to perform boundary checks on input strings, specifically allowing strings exceeding 8150 bytes to overwrite the stack. This unauthenticated local vulnerability allows an attacker to overwrite return addresses and execute arbitrary shellcode within the application context.
Business Impact
Exploitation can lead to the total compromise of the host system's integrity and confidentiality if the utility is used to process untrusted files. The CVSS score of 9.8 emphasizes the extreme risk, as the vulnerability provides a direct path to arbitrary code execution on developer workstations.
Remediation Plan
Immediate Action: Discontinue use of JAD version 1.5.8e-1kali1 and update to the latest version or transition to a modern decompiler such as Jadx or Fernflower.
Proactive Monitoring: Audit developer environments for the presence of legacy JAD binaries and monitor for execution of shellcode patterns in memory.
Compensating Controls: Use Endpoint Detection and Response (EDR) tools to identify and block buffer overflow exploitation attempts at the process level.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Mar 28, 2026, there is no public information indicating active exploitation of this vulnerability. The technical requirements for exploitation are well-understood, making this a high-risk flaw for environments still utilizing legacy tools.
Analyst Recommendation
Immediate removal or replacement of the affected software is the only effective mitigation. Organizations must ensure that legacy development tools are included in their vulnerability management program to prevent them from becoming entry points for attackers.
Update JAD Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
iSelect 1
iSelect 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
EKG Gadu 1
EKG Gadu 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
zFTP Client 20061220+dfsg3-4
zFTP Client 20061220+dfsg3-4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
HNB Organizer 1
HNB Organizer 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
PInfo 0
PInfo 0
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
NRSS RSS Reader 0
NRSS RSS Reader 0
---METADATA---
VENDOR: NRSS
PRODUCT: RSS Reader
AFFECTED_VERSIONS: Version 0.x
---END_METADATA---
Description Summary:
A critical vulnerability has been disclosed in the NRSS RSS Reader version 0.x. This flaw could lead to significant system compromise if exploited by a remote attacker.
Executive Summary:
The NRSS RSS Reader is affected by a high-severity vulnerability that could allow for unauthorized code execution or data compromise.
Vulnerability Details
CVE-ID: CVE-2016-20043
Affected Software: NRSS RSS Reader
Affected Versions: Version 0.x
Vulnerability: Although this is a late disclosure of a 2016 vulnerability, the flaw in NRSS RSS Reader version 0.x likely involves improper handling of remote RSS feeds. This could allow an attacker to trigger a memory corruption or command injection through a specially crafted feed.
Business Impact
A successful exploit could grant an attacker complete control over the host system, leading to data exfiltration or the use of the system as a pivot point for internal network attacks. The CVSS score of 8.4 justifies the High severity rating, as it represents a significant threat to the confidentiality, integrity, and availability of the affected workstation or server.
Remediation Plan
Immediate Action: Discontinue the use of NRSS RSS Reader version 0.x immediately and migrate to a modern, supported RSS client.
Proactive Monitoring: Scan systems for the presence of the NRSS binary and review network logs for outbound connections to untrusted or malicious RSS feed sources.
Compensating Controls: If the software cannot be immediately removed, run it within a strictly sandboxed environment or a virtual machine with no access to sensitive local resources.
Exploitation Status
Public Exploit Available: false
Analyst Notes: This is a late-disclosure vulnerability from 2016. While there is no current evidence of active exploitation, the high CVSS score suggests that the underlying flaw is potent.
Analyst Recommendation
Given the high CVSS score of 8.4 and the age of the software, the most effective remediation is the complete removal of the NRSS RSS Reader. Organizations should prioritize identifying and decommissioning this legacy software to eliminate the risk of exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
TRN 3
TRN 3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Yasr 0
Yasr 0
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
TiEmu 3
TiEmu 3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Multi Emulator Super System 0
Multi Emulator Super System 0
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
yTree 1
yTree 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
xwpe 1
xwpe 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Wowza Streaming Engine 4
Wowza Streaming Engine 4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Wowza Streaming Engine 4
Wowza Streaming Engine 4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
ZKTeco ZKAccess Security System 5
ZKTeco ZKAccess Security System 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: Moxa
PRODUCT: NPort
AFFECTED_VERSIONS: Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior.
---END_METADATA---
Description Summary:
Moxa NPort devices are vulnerable to an information exposure flaw caused by improper handling of Ethernet frame padding, potentially allowing unauthorized access to sensitive data.
Executive Summary:
A critical information exposure vulnerability in Moxa NPort serial device servers may allow unauthorized parties to access sensitive data due to flawed Ethernet frame padding handling.
Vulnerability Details
CVE-ID: CVE-2017-16715
Affected Software: Moxa NPort
Affected Versions: Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior.
Vulnerability: This vulnerability involves an information exposure flaw within the device's handling of Ethernet frame padding. An attacker on the local network could potentially leverage this flaw to intercept or view data that should remain protected.
Business Impact
The CVSS score of 8.6 indicates a high-severity risk, primarily regarding the confidentiality and integrity of industrial communication traffic. Unauthorized exposure of this data can lead to the compromise of proprietary operational configurations or sensitive process information, potentially resulting in significant operational downtime or loss of intellectual property.
Remediation Plan
Immediate Action: Update all affected NPort devices to the latest firmware versions provided by Moxa at the official support portal.
Proactive Monitoring: Monitor network traffic for unusual Ethernet frames or unexpected communication patterns originating from serial device servers.
Compensating Controls: Implement network segmentation to isolate industrial devices from untrusted network segments and restrict access to these devices via firewalls.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 4, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high CVSS score of 8.6, organizations utilizing Moxa NPort devices must prioritize firmware updates. Failure to remediate could allow attackers to gain unauthorized visibility into industrial networks; therefore, patching should be scheduled immediately to mitigate the risk of information leakage.