Tag Archives: TrendVulns

March “In the Trend of VM” (#25): once again, vulnerabilities are only in Microsoft products

Leave a reply

March In the Trend of VM (#25): once again, vulnerabilities are only in Microsoft products

March “In the Trend of VM” (#25): once again, vulnerabilities are only in Microsoft products. I present the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. As in February, it turned out to be quite compact and focused on a single vendor.

🗞 Post on Habr (rus)
🗒 Digest on the PT website (rus)

All four vulnerabilities are from the February Microsoft Patch Tuesday, and all are actively being exploited in the wild:

🔻 RCE – Windows Shell (CVE-2026-21510)
🔻 RCE – Microsoft Word (CVE-2026-21514)

💬 Microsoft classified the two vulnerabilities above as Security Feature Bypass, but in fact, they are Remote Code Execution.

🔻 EoP – Windows Remote Desktop Services (CVE-2026-21533)
🔻 EoP – Desktop Window Manager (CVE-2026-21519)

🟥 The full list of trending vulnerabilities can be found on the portal

February “In the Trend of VM” (#24): vulnerabilities in Microsoft products

Leave a reply

February In the Trend of VM (#24): vulnerabilities in Microsoft products

February “In the Trend of VM” (#24): vulnerabilities in Microsoft products. A traditional monthly roundup of trending vulnerabilities. This time, compact and all-Microsoft.

🗞 Post on Habr (rus)
🗒 Digest on the PT website (rus)

In total, two vulnerabilities:

🔻 RCE – Microsoft Office (CVE-2026-21509)
🔻 InfDisc – Desktop Window Manager (CVE-2026-20805)

🟥 Trending Vulnerabilities Portal

На русском

January “In the Trend of VM” (#23): vulnerabilities in Windows, React and MongoDB

Leave a reply

January In the Trend of VM (#23): vulnerabilities in Windows, React and MongoDB

January “In the Trend of VM” (#23): vulnerabilities in Windows, React and MongoDB. Traditional monthly roundup of trending vulnerabilities. Launching the 2026 season. 🙂

🗞 Post on Habr (rus)
🗒 Digest on the PT website (rus)

In total, three vulnerabilities:

🔻 EoP – Windows Cloud Files Mini Filter Driver (CVE-2025-62221)
🔻 RCE – React Server Components “React2Shell” (CVE-2025-55182)
🔻 InfDisc – MongoDB “MongoBleed” (CVE-2025-14847)

🟥 Trending Vulnerabilities Portal

На русском

December “In the Trend of VM” (#22): vulnerabilities in Windows, the expr-eval library, Control Web Panel, and Django

Leave a reply

December In the Trend of VM (#22): vulnerabilities in Windows, the expr-eval library, Control Web Panel, and Django

December “In the Trend of VM” (#22): vulnerabilities in Windows, the expr-eval library, Control Web Panel, and Django. A traditional monthly roundup of trending vulnerabilities – this time, a fairly compact one. 💽

🗞 Post on Habr (rus)
🗞 Post on SecurityLab (rus)
🗒 Digest on the PT website (rus)

Four vulnerabilities in total:

🔻 EoP – Windows Kernel (CVE-2025-62215)
🔻 RCE – expr-eval (CVE-2025-12735)
🔻 RCE – Control Web Panel (CVE-2025-48703)
🔻 SQLi – Django (CVE-2025-64459)

🟥 Trending Vulnerabilities Portal

На русском

November “In the Trend of VM” (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux

Leave a reply

November In the Trend of VM (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux

November “In the Trend of VM” (#21): vulnerabilities in Windows, SharePoint, Redis, XWiki, Zimbra Collaboration, and Linux. The usual monthly roundup. After several months, here’s a big one. 🔥

🗞 Post on Habr (rus)
🗞 Post on SecurityLab (rus)
🗒 Digest on the PT website (rus)

A total of nine vulnerabilities:

🔻 RCE – Windows Server Update Services (WSUS) (CVE-2025-59287)
🔻 RCE – Microsoft SharePoint “ToolShell” (CVE-2025-49704)
🔻 RCE – Windows LNK File (CVE-2025-9491)
🔻 EoP – Windows Remote Access Connection Manager (CVE-2025-59230)
🔻 EoP – Windows Agere Modem Driver (CVE-2025-24990)
🔻 RCE – Redis “RediShell” (CVE-2025-49844)
🔻 RCE – XWiki Platform (CVE-2025-24893)
🔻 XSS – Zimbra Collaboration (CVE-2025-27915)
🔻 EoP – Linux Kernel (CVE-2025-38001)

🟥 Trending Vulnerabilities Portal

На русском

October “In the Trend of VM” (#20): vulnerabilities in Cisco ASA/FTD and sudo

Leave a reply

October In the Trend of VM (#20): vulnerabilities in Cisco ASA/FTD and sudo

October “In the Trend of VM” (#20): vulnerabilities in Cisco ASA/FTD and sudo. A traditional monthly roundup. This time, once again, no Microsoft vulnerabilities. 😲

🗞 Post on Habr (rus)
🗞 Post on SecurityLab (rus)
🗒 Digest on the PT website (rus)

Only three identifiers in total:

🔻 Remote Code Execution – Cisco ASA/FTD (CVE-2025-20333, CVE-2025-20362). This vulnerability chain has been exploited in attacks since May 2025, but there are no public exploits yet.
🔻 Elevation of Privilege – Sudo (CVE-2025-32463). There are signs of in-the-wild exploitation and many public exploits are available.

На русском

September “In the Trend of VM” (#19): vulnerabilities in the WinRAR and 7-Zip archivers, SAP NetWeaver, and TrueConf Server

Leave a reply

September In the Trend of VM (#19): vulnerabilities in the WinRAR and 7-Zip archivers, SAP NetWeaver, and TrueConf Server

September “In the Trend of VM” (#19): vulnerabilities in the WinRAR and 7-Zip archivers, SAP NetWeaver, and TrueConf Server. A traditional monthly roundup – for the first time with NO Microsoft vulnerabilities! 😲🙂

🗞 Post on Habr (rus)
🗒 Digest on the PT website (rus)

A total of eight trending vulnerability IDs in four products:

🔻 Remote Code Execution – WinRAR (CVE-2025-6218, CVE-2025-8088). An exploitable RCE during archive extraction.
🔻 Remote Code Execution – SAP NetWeaver (CVE-2025-31324, CVE-2025-42999). An exploitable RCE in a component of a popular ERP system.
🔻 Remote Code Execution – 7-Zip (CVE-2025-55188). Mostly a Linux RCE during archive extraction – a public exploit is available.
🔻 Remote Code Execution – TrueConf Server (BDU:2025-10116, BDU:2025-10115, BDU:2025-10114). Critical flaws in Russian videoconferencing system.

На русском