# ![@CCBalert Avatar](https://lunarcrush.com/gi/w:26/cr:twitter::64812324.png) @CCBalert CCB Alert

CCB Alert posts on X about more info, command, gain, in the the most. They currently have [-----] followers and [---] posts still getting attention that total [-----] engagements in the last [--] hours.

### Engagements: [-----] [#](/creator/twitter::64812324/interactions)
![Engagements Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::64812324/c:line/m:interactions.svg)

- [--] Week [-----] +38%
- [--] Month [------] +54%
- [--] Months [------] +72%
- [--] Year [-------] +32%

### Mentions: [--] [#](/creator/twitter::64812324/posts_active)
![Mentions Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::64812324/c:line/m:posts_active.svg)

- [--] Months [---] +12%
- [--] Year [---] +29%

### Followers: [-----] [#](/creator/twitter::64812324/followers)
![Followers Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::64812324/c:line/m:followers.svg)

- [--] Week [-----] +0.04%
- [--] Month [-----] +0.46%
- [--] Months [-----] +1.50%
- [--] Year [-----] +1.90%

### CreatorRank: [-------] [#](/creator/twitter::64812324/influencer_rank)
![CreatorRank Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::64812324/c:line/m:influencer_rank.svg)

### Social Influence

**Social category influence**
[technology brands](/list/technology-brands)  13% [stocks](/list/stocks)  11% [finance](/list/finance)  3% [products](/list/products)  1%

**Social topic influence**
[more info](/topic/more-info) 13%, [command](/topic/command) 6%, [gain](/topic/gain) 4%, [in the](/topic/in-the) 4%, [the sandbox](/topic/the-sandbox) 2%, [sap](/topic/sap) 2%, [microsoft](/topic/microsoft) 2%, [dos](/topic/dos) 2%, [products](/topic/products) 2%, [code](/topic/code) 2%

**Top assets mentioned**
[Microsoft Corp. (MSFT)](/topic/microsoft) [ServiceNow Inc (NOW)](/topic/servicenow) [Dell Technologies, Inc. (DELL)](/topic/dell)
### Top Social Posts
Top posts by engagements in the last [--] hours

"Warning: Critical vulnerability in #Johnson Controls (Metasys SQL Express) allows remote command injection leading to arbitrary SQL execution. #CVE-2025-26385 CVSS: [---]. Mitigations available at: #RCE #Patch #Patch #Patch https://tyco.widen.net/s/crtwxjjcgm/jci-psa-2026-02 https://tyco.widen.net/s/crtwxjjcgm/jci-psa-2026-02"  
[X Link](https://x.com/CCBalert/status/2018376731158052916)  2026-02-02T17:31Z [----] followers, [---] engagements


"Warning: Critical signature verification issue in #Rapid7 InsightVM. CVE-2026-1568 CVSS: [---]. This can allow attackers to gain unauthorized access and perform a full account takeover #ATO #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2019124782738841866)  2026-02-04T19:03Z [----] followers, [---] engagements


"Warning: Critical prototype pollution vulnerability in #Qwik. CVE-2026-25150 CVSS: [---]. This vulnerability allows unauthenticated attackers to perform privilege escalation authentication bypass or denial of service #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2019125446944727432)  2026-02-04T19:06Z [----] followers, [---] engagements


"Warning: Critical untrusted deserialization vulnerability in #SolarWinds Web Help Desk version = 12.8.8 HF1. #CVE-2025-40551 CVSS: [---]. This vulnerability can lead to remote code execution without authentication #RCE #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2019131704586231887)  2026-02-04T19:31Z [----] followers, [---] engagements


"Warning: High authentication vulnerability in #EspoCRM. CVE-2020-37094 CVSS: [---]. This vulnerability can allow attackers to access other user accounts #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2019135382927950134)  2026-02-04T19:46Z [----] followers, [---] engagements


"Warning: Multiple critical vulnerabilities in #n8n Flaws including improper input validation XSS and more could lead to execution of arbitrary system commands and full takeover of automation servers. More information at: #RCE #Patch #Patch #Patch https://github.com/n8n-io/n8n/security https://github.com/n8n-io/n8n/security"  
[X Link](https://x.com/CCBalert/status/2019462834241909010)  2026-02-05T17:27Z [----] followers, [---] engagements


"Warning: #Fortinet patched multiple vulnerabilities in #FortiAuthenticator #FortiClient for Windows #FortiGate #FortiOS and #FortiSandbox including a medium severity flaw that effectively bypasses patches for previously exploited vulnerabilities. https://ccb.belgium.be/advisories/warning-multiple-vulnerabilities-were-patched-fortinet-products-patch-immediately https://ccb.belgium.be/advisories/warning-multiple-vulnerabilities-were-patched-fortinet-products-patch-immediately"  
[X Link](https://x.com/CCBalert/status/2021882703239336285)  2026-02-12T09:42Z [----] followers, [---] engagements


"Warning: Multiple Critical & High link-following buffer overflow in #QNAP #NAS #Qsync CVE-2025-66277 CVE-2025-30269 CVE-2025-30276 CVE-2025-48723 CVE-2025-48724 CVE-2025-48725 & CVE-2025-52868 CVSS: 9.2-8.1 A remote attacker without user interaction can exploit these #Patch"  
[X Link](https://x.com/CCBalert/status/2022236318646825039)  2026-02-13T09:08Z [----] followers, [---] engagements


"Warning: #WatchGuard patched a high impact unauthenticated #LDAP injection vulnerability (#CVE-2026-1498) in WatchGuard #Fireware OS and a medium impact privilege escalation #PoE vulnerability #NCPVE-2025-0626 in its mobile VPN with IPSec client. #Patch #Patch #Patch"  
[X Link](https://x.com/anyuser/status/2019786361541214429)  2026-02-06T14:52Z [----] followers, [---] engagements


"Warning: #Kubernetes disclosed four vulnerabilities in the #ingress-nginx including two high-severity issues: #CVE-2026-1580 (improper input validation) and #CVE-2026-24512 (configuration injection) enabling #RCE and authentication bypass. #Patch https://ccb.belgium.be/advisories/warning-multiple-vulnerabilities-kubernetes-ingres-nginx https://ccb.belgium.be/advisories/warning-multiple-vulnerabilities-kubernetes-ingres-nginx"  
[X Link](https://x.com/CCBalert/status/2020810013623676980)  2026-02-09T10:40Z [----] followers, [---] engagements


"Warning: CRITICAL #CVE-2026-21643 CVSS:9.8 affecting #Fortinet #FortiClientEMS allows unauthenticated attackers to execute commands on the system through an SQL injection. Immediate attention required #Patch #Patch #Patch https://fortiguard.fortinet.com/psirt/FG-IR-25-1142 https://fortiguard.fortinet.com/psirt/FG-IR-25-1142"  
[X Link](https://x.com/CCBalert/status/2020836343253725374)  2026-02-09T12:25Z [----] followers, [---] engagements


"Warning: Critical Remote Code Execution #RCE in #BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-remote-code-execution-beyondtrust-remote-support-and-privileged-remote-access-0 https://ccb.belgium.be/advisories/warning-remote-code-execution-beyondtrust-remote-support-and-privileged-remote-access-0"  
[X Link](https://x.com/CCBalert/status/2020887879774335429)  2026-02-09T15:49Z [----] followers, [---] engagements


"Warning: Critical host-side prototype pollution in #SandboxJS CVE-2026-25881 CVSS: [---] A remote unauthenticated attacker can escape the sandbox without user interaction and execute code remotely #RCE Update to 0.8.31 or later #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2021248115374735394)  2026-02-10T15:41Z [----] followers, [---] engagements


"Warning: High improper security check in #Keycloak #Redhat CVE-2026-1486 CVE-2026-1529 CVSS: 8.8-8.1. A remote attacker with low privileges can gain unauthorized access by impersonating users. Install the official patch: #Patch https://bugzilla.redhat.com/show_bug.cgiid=2433347 https://bugzilla.redhat.com/show_bug.cgiid=2433347"  
[X Link](https://x.com/CCBalert/status/2021248220869865668)  2026-02-10T15:41Z [----] followers, [---] engagements


"Warning: multiple critical in #FUXA #SCADA #ICS CVE-2026-25939 CVE-2026-25893 CVE-2026-25894 CVE-2026-25895 & CVE-2026-25938 CVSS: 10.0-9.3 Network based attackers can cause full system compromise. Update to 1.2.11 or later #Patch #Patch #Patch https://github.com/frangoteam/FUXA/releases/tag/v1.2.11 https://github.com/frangoteam/FUXA/releases/tag/v1.2.11"  
[X Link](https://x.com/CCBalert/status/2021250995561300088)  2026-02-10T15:52Z [----] followers, [---] engagements


"Warning: multiple critical Missing Authorization in #SAP #CRM #S4HANA #Netweaver CVE-2026-0488 & CVE-2026-0509 CVSS: 9.9-9.6 A network based attacker with low privileges can inject #SQL to compromise the database. See SAP Feb sec notes #Patch #Patch https://tinyurl.com/4xx3bavh https://tinyurl.com/4xx3bavh"  
[X Link](https://x.com/CCBalert/status/2021271713976054128)  2026-02-10T17:15Z [----] followers, [---] engagements


"#Microsoft has released security patches for [--] vulnerabilities. [--] vulnerabilities were identified as critical [--] as Important and [--] as moderate. [--] are 0-day vulnerabilities and [--] are actively exploited. Patches are available via Patch Tuesday. Time to #patch #patch #patch"  
[X Link](https://x.com/CCBalert/status/2021571514718376284)  2026-02-11T13:06Z [----] followers, [---] engagements


"Warning: CVE-2026-25993 a critical #SQL Injection vulnerability in #EverShop eCommerce platform could allow unauthenticated remote attackers to execute arbitrary SQL commands on the backend database. No user interaction required. Patched from v2.1.1 https://github.com/evershopcommerce/evershop/security/advisories/GHSA-3h84-9rhc-j2ch https://github.com/evershopcommerce/evershop/security/advisories/GHSA-3h84-9rhc-j2ch"  
[X Link](https://x.com/CCBalert/status/2021622410466726250)  2026-02-11T16:28Z [----] followers, [---] engagements


"Warning: Critical #authentication bypass vulnerability in #Apache Druid allows unauthenticated remote attackers to log in using the druid-basic-security extension with LDAP authentication. Disable anonymous LDAP bind and upgrade to Druid 36.0.0+. #Patch https://lists.apache.org/thread/2x9rv3kv6t1p577lvq4z0rl0zlt9g4sr https://lists.apache.org/thread/2x9rv3kv6t1p577lvq4z0rl0zlt9g4sr"  
[X Link](https://x.com/CCBalert/status/2021623224073621685)  2026-02-11T16:31Z [----] followers, [---] engagements


"Warning: #Ivanti released update for its #Endpoint Manager (EPM) to address #CVE-2026-1603 a high-severity #authentication bypass that allows a remote unauthenticated attacker to access stored credential data and # CVE-2026-1602 an #SQL injection flaw. https://ccb.belgium.be/advisories/warning-security-update-ivanti-endpoint-manager-vulnerabilities-patch-immediately https://ccb.belgium.be/advisories/warning-security-update-ivanti-endpoint-manager-vulnerabilities-patch-immediately"  
[X Link](https://x.com/CCBalert/status/2021698016172703790)  2026-02-11T21:29Z [----] followers, [---] engagements


"Warning: High Code Injection in #Keepass. CVE-2020-37178 CVSS: [---]. A remote attacker can cause app crash without privileges. There is a publicly available exploit. Update to [----] or later. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2021967119915585861)  2026-02-12T15:18Z [----] followers, [---] engagements


"Warning: Critical vulnerability in #Apple #iPhone #iPad #macOS Dynamic Link Editor CVE-2026-2070. This #0Day can lead to arbitrary code execution #RCE and it is actively exploited #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2021967341093892242)  2026-02-12T15:19Z [----] followers, [---] engagements


"Warning: Critical code injection in #Chevereto core. CVE-2020-37186 CVSS: [---]. A remote attacker without any user interaction can cause #RCE. It's actively exploited #CISA #KEV #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2021967463244558582)  2026-02-12T15:19Z [----] followers, [---] engagements


"Warning: High code injection in #MDX #Hashicorp. CVE-2026-0969 CVSS: [---]. A remote attacker with low privileges can compromise the CIA of the system. Upgrade to next-mdx-remote 6.0.0 or later. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2021967609642549274)  2026-02-12T15:20Z [----] followers, [---] engagements


"Warning: [--] high resource allocation/XSS in #GitLab #CE/EE CVE-2025-7659 CVE-2025-8099 CVE-2025-14560 CVE-2026-0595 & CVE-2026-0958 CVSS: 8.0-7.3 Network based attackers can inject code to access private repositories and cause denial of service #DoS #Patch"  
[X Link](https://x.com/CCBalert/status/2022242799131746743)  2026-02-13T09:33Z [----] followers, [---] engagements


"Warning: Actively Exploited #Vulnerabilities in #SolarWinds Web Help Desk (2026.1). These critical and high flaws allow authentication bypass & remote code execution #RCE Read our advisory #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-actively-exploited-vulnerabilities-solarwinds-web-help-desk-patch-immediately https://ccb.belgium.be/advisories/warning-actively-exploited-vulnerabilities-solarwinds-web-help-desk-patch-immediately"  
[X Link](https://x.com/CCBalert/status/2022344217792536767)  2026-02-13T16:16Z [----] followers, [---] engagements


"Warning: A Privilege Escalation in #SonicWall SMA1000. #CVE-2025-40602 CVSS: [---] chains with CVE-2025-23006 (CVSS 9.8) for unauthenticated RCE with root privileges on vulnerable appliances. #Patch #Patch #Patch Check our advisory https://ccb.belgium.be/advisories/warning-critical-rce-vulnerability-sonicwall-sma1000-appliance-management-console https://ccb.belgium.be/advisories/warning-critical-rce-vulnerability-sonicwall-sma1000-appliance-management-console"  
[X Link](https://x.com/CCBalert/status/2002029452289511596)  2025-12-19T14:53Z [----] followers, [---] engagements


"Warning: High severity XSS in Kibana tracked as #CVE-2025-68385 CVSS: [---]. Authenticated users can weaponize Vega charts for browser-side script execution and data theft. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2002029709115154769)  2025-12-19T14:54Z [----] followers, [---] engagements


"Warning: Critical #RCE in #n8n. #CVE-2025-68613 CVSS: [---]. Authenticated users can execute arbitrary code with process privileges. Full instance compromise possible #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-remote-code-execution-n8n-patch-immediately https://ccb.belgium.be/advisories/warning-remote-code-execution-n8n-patch-immediately"  
[X Link](https://x.com/CCBalert/status/2003492902840709428)  2025-12-23T15:48Z [----] followers, [---] engagements


"Warning: High vulnerability in #MongoDB. #CVE-2025-14847 CVSS: [---]. This vulnerability may allow a read of uninitialized heap memory by an unauthenticated client. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2003784024758632913)  2025-12-24T11:05Z [----] followers, [---] engagements


"Warning: Information disclosure vulnerability in #M-Files Server. #CVE-2025-13008 CVSS: [---]. This vulnerability allows authenticated attackers to capture session tokens of other users. Read the advisory: #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-information-disclosure-vulnerability-m-files-server-patch-immediatelyand https://ccb.belgium.be/advisories/warning-information-disclosure-vulnerability-m-files-server-patch-immediatelyand"  
[X Link](https://x.com/CCBalert/status/2003798138218332652)  2025-12-24T12:01Z [----] followers, [---] engagements


"Warning: Critical vulnerability in #Forgejo. #CVE-2025-68937 CVSS: [---]. This vulnerability allows attackers to write to unintended files possibly leading to remote code execution #RCE Read the advisory: and #Patch #Patch #Patch https://codeberg.org/forgejo/security-announcements/issues/43 https://codeberg.org/forgejo/security-announcements/issues/43"  
[X Link](https://x.com/CCBalert/status/2005638411349000382)  2025-12-29T13:53Z [----] followers, [---] engagements


"Warning: Multiple vulnerabilities in #LangChain. #CVE-2025-68664 CVSS: [---] #CVE-2025-68665 CVSS: [---]. These are both serialization injection vulnerabilities. #Patch #Patch #Patch https://github.com/langchain-ai/langchain/security/advisories/GHSA-c67j-w6g6-q2cm https://github.com/langchain-ai/langchain/security/advisories/GHSA-c67j-w6g6-q2cm"  
[X Link](https://x.com/CCBalert/status/2005639194333323346)  2025-12-29T13:57Z [----] followers, [---] engagements


"Warning: Critical vulnerability in #SmarterTools #SmarterMail #CVE-2025-52691 CVSS: [--]. It can allow an attacker to upload arbitrary files to the server potentially enabling remote code execution #RCE Update to version Build [----] immediately: #Patch https://ccb.belgium.be/nl/advisories/warning-critical-unauthenticated-arbitrary-file-upload-vulnerability-smartermail-server https://ccb.belgium.be/nl/advisories/warning-critical-unauthenticated-arbitrary-file-upload-vulnerability-smartermail-server"  
[X Link](https://x.com/CCBalert/status/2005663480985075794)  2025-12-29T15:33Z [----] followers, [---] engagements


"Warning: CVE-2025-68645 (CVSS 8.8) exposes a Local File Inclusion (#LFI) vulnerability in the #Zimbra Webmail Classic UI. An unauthenticated attacker can abuse a vulnerable endpoint to upload arbitrary files to the server. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2006002503507222857)  2025-12-30T14:00Z [----] followers, [---] engagements


"Warning: Following the November Pwn2Own event #QNAP has patched seven #0Day vulnerabilities affecting QNAP #QTS #QuTS hero OS and other products. These flaws could enable authentication bypass #RCE and additional impact. #Patch #Patch https://www.qnap.com/en/security-advisory/qsa-25-45 https://www.qnap.com/en/security-advisory/qsa-25-45"  
[X Link](https://x.com/CCBalert/status/2006004019123163638)  2025-12-30T14:06Z [----] followers, [---] engagements


"WARNING: Active Exploitation of Critical #MongoDB Vulnerability (CVE-2025-14847) #PoC available. #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-active-exploitation-critical-mongodb-vulnerability-cve-2025-14847-poc-available https://ccb.belgium.be/advisories/warning-active-exploitation-critical-mongodb-vulnerability-cve-2025-14847-poc-available"  
[X Link](https://x.com/CCBalert/status/2006038444468818135)  2025-12-30T16:23Z [----] followers, [---] engagements


"Warning: Critical vulnerability in WHILL Model C2 / Model F2 electric wheelchairs. CVE-2025-14346 CVSS: [---]. This vulnerability can lead to taking control over of the product. More #Patch #Patch https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-364-01 https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-364-01"  
[X Link](https://x.com/CCBalert/status/2006380324880634309)  2025-12-31T15:02Z [----] followers, [---] engagements


"Warning: A high-severity privilege escalation vulnerability in #Apache #StreamPipes allows authenticated attackers to gain administrative access to the system. #CVE-2025-47411 CVSS(3.1): [---]. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2007095638794616996)  2026-01-02T14:24Z [----] followers, [---] engagements


"Warning: A high-severity out-of-bounds write vulnerability in #GnuPG (before v2.4.9) could lead to memory corruption. #CVE-2025-68973 CVSS(3.1): [---]. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2007095826967843066)  2026-01-02T14:25Z [----] followers, [---] engagements


"Warning: A critical privilege escalation vulnerability in #Branda #WordPress plugin allows unauthenticated attackers to take over administrator accounts. #CVE-2025-14998 CVSS(3.1): [---]. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2007095981335101612)  2026-01-02T14:25Z [----] followers, [---] engagements


"Warning: High vulnerability in #OpenCTI version 6.8.1 CVE-2025-61781 CVSS: [---]. A remote attacker can delete the entire workspace without authentication or user interaction because of a #GraphQL mutation with improper checks. Read our advisory: #Patch https://ccb.belgium.be/advisories/warning-high-improper-authorization-vulnerability-opencti-can-lead-workspace-deletion https://ccb.belgium.be/advisories/warning-high-improper-authorization-vulnerability-opencti-can-lead-workspace-deletion"  
[X Link](https://x.com/CCBalert/status/2008831724814217618)  2026-01-07T09:23Z [----] followers, [---] engagements


"Warning: Critical command injection & SSH key exposure in #Coolify. #CVE-2025-64424 #CVE-2025-64420 #CVE-2025-64419. Patch and restrict access immediately. Read our advisory #Patch #Patch https://ccb.belgium.be/advisories/warning-critical-coolify-vulnerabilities-patch-immediately https://ccb.belgium.be/advisories/warning-critical-coolify-vulnerabilities-patch-immediately"  
[X Link](https://x.com/CCBalert/status/2008999931076391122)  2026-01-07T20:31Z [----] followers, [---] engagements


"Warning: Critical buffer overflow vulnerability in #zlib. CVE-2026-22184 CVSS: [---]. This vulnerability can lead to denial of service remote code execution or memory corruption depending on compiler build flags architecture and memory layout. #RCE #DoS #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2009381929041244509)  2026-01-08T21:49Z [----] followers, [---] engagements


"Warning: [--] vulnerabilities in #Veeam Backup & Replication including [--] that can lead to remote code execution (#CVE-2025-55125 #CVE-2025-59468 #CVE-2025-59470). #RCE #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-four-important-vulnerabilities-veeam-including-3-leading-remote-code-execution https://ccb.belgium.be/advisories/warning-four-important-vulnerabilities-veeam-including-3-leading-remote-code-execution"  
[X Link](https://x.com/CCBalert/status/2009384485679251616)  2026-01-08T21:59Z [----] followers, [---] engagements


"Warning: Remote Code Execution in #pnpm #CVE-2025-69264 CVSS: [---]. Git-hosted dependencies can bypass security in v10 and run arbitrary code during install even with lifecycle scripts disabled. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2009628138402177469)  2026-01-09T14:07Z [----] followers, [---] engagements


"Warning: Critical Sandbox Bypass in #n8n #CVE-2025-68668 CVSS: [---]. Authenticated users can execute arbitrary commands on host system via Python Code Node. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2009637117161329076)  2026-01-09T14:43Z [----] followers, [---] engagements


"Warning: High severity Stored Cross-Site Scripting #XSS vulnerability in #GitLab CE/EE. #CVE-2025-9222 CVSS: [---]. Authenticated attackers can exploit GitLab Flavored Markdown to inject malicious scripts and hijack sessions. #Patch #Patch #Patch More info: https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/ https://about.gitlab.com/releases/2026/01/07/patch-release-gitlab-18-7-1-released/"  
[X Link](https://x.com/CCBalert/status/2010761429599576532)  2026-01-12T17:10Z [----] followers, [---] engagements


"Warning: Multiple high severity Vulnerabilities in #Broadcom DX NetOps Spectrum including #CVE-2025-69267 & #CVE-2025-69273 CVSS: [---] & [---]. Attackers can bypass authentication and access restricted files remotely #Patch #Patch #Patch More info: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36756 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36756"  
[X Link](https://x.com/CCBalert/status/2010761903090327807)  2026-01-12T17:12Z [----] followers, [---] engagements


"Warning: Critical Root Remote Code Execution #RCE in #RUCKUS IOT Controller. #CVE-2025-69425 CVSS: [----]. Hardcoded TOTP secrets allow remote attackers to bypass authentication and execute commands as root. #Patch #Patch #Patch More info: https://support.ruckuswireless.com/security_bulletins/336 https://support.ruckuswireless.com/security_bulletins/336"  
[X Link](https://x.com/CCBalert/status/2010762148155187596)  2026-01-12T17:13Z [----] followers, [---] engagements


"Warning: Multiple High Severity Vulnerabilities in #React-Router. CVE-2025-61686 CVE-2026-22029 CVE-2026-59057 & others. Attackers can read sensitive files or hijack sessions #Patch #Patch #Patch More info: https://ccb.belgium.be/advisories/warning-high-severity-vulnerabilities-react-router-patch-immediately https://ccb.belgium.be/advisories/warning-high-severity-vulnerabilities-react-router-patch-immediately"  
[X Link](https://x.com/CCBalert/status/2010801651557306719)  2026-01-12T19:50Z [----] followers, [---] engagements


"Warning: Critical #RCE vulnerability in #LibreChat MCP transport. #CVE-2026-22252 (CVSS [---] Critical). Authenticated users can execute root commands inside the LibreChat container. Upgrade to v0.8.2-rc2 immediately #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2011102215591641171)  2026-01-13T15:45Z [----] followers, [---] engagements


"Warning: #XXE vulnerability in the XWork component of #ApacheStruts (versions 2.0.0 - 6.1.0). #CVE-2025-68493 (CVSS [---] High). Attackers can exploit this to read sensitive files or perform #SSRF. Time to patch #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2011107888891036076)  2026-01-13T16:07Z [----] followers, [---] engagements


"Warning: High vulnerability in #TC ROUTER and #CLOUD CLIENT industrial mobile network routers. CVE-2025-41717 CVSS: [---]. This vulnerability allows an unauthenticated remote attacker to trick a high privileged user into code injection as root. #RCE #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2011433193908424831)  2026-01-14T13:40Z [----] followers, [---] engagements


"Warning: Critical vulnerability in #jsPDF. CVE-2025-68428 CVSS: [---]. This vulnerability allows attackers to retrieve file contents of arbitrary files in the local file system. #PathTraversal #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2011433419419382019)  2026-01-14T13:41Z [----] followers, [---] engagements


"Warning: High vulnerability in #Anevia Flamingo XL. CVE-2024-58338 CVSS: [---]. This vulnerability allows remote attackers to escape the sandboxed environment and achieve remote code execution as root. #RCE #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2011433880960528575)  2026-01-14T13:43Z [----] followers, [---] engagements


"Warning: Critical vulnerability in #Siemens Industrial Edge Devices. CVE-2025-40805 CVSS: [----]. This vulnerability allows an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Time to #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2011459312535691638)  2026-01-14T15:24Z [----] followers, [---] engagements


"Warning: Critical vulnerability in #FortiSIEM. CVE-2025-64155 CVSS: [---]. This vulnerability may allow remote attackers to execute unauthorized code. #RCE Time to #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2011462574378815725)  2026-01-14T15:37Z [----] followers, [---] engagements


"Warning: Multiple vulnerabilities in #NodeJS (V8) CVE-2025-15284 CVSS: [---]. These various flaws can allow for data leakage between processes arbitrary file read/write and denial of service. More info: and #Patch #Patch #Patch https://nodejs.org/en/blog/vulnerability/january-2026-dos-mitigation-async-hooks https://nodejs.org/en/blog/vulnerability/december-2025-security-releases https://nodejs.org/en/blog/vulnerability/january-2026-dos-mitigation-async-hooks https://nodejs.org/en/blog/vulnerability/december-2025-security-releases"  
[X Link](https://x.com/CCBalert/status/2011922096134177205)  2026-01-15T22:03Z [----] followers, [---] engagements


"Warning: Critical privilege escalation vulnerability in the #ServiceNow AI Platform. CVE-2025-12420 CVSS: [---]. An unauthenticated attacker can impersonate an other user and perform operations as that other user. More info: #Patch #Patch #Patch https://support.servicenow.com/kbid=kb_article_view&sysparm_article=KB2587329 https://support.servicenow.com/kbid=kb_article_view&sysparm_article=KB2587329"  
[X Link](https://x.com/CCBalert/status/2011922273922404645)  2026-01-15T22:03Z [----] followers, [---] engagements


"Warning: Multiple vulnerabilities in #Elastic #Kibana. CVE-2026-0532 CVSS: [---]. An authenticated attacker with low privileges can read arbitrary files and cause denial of service #DoS More info in our advisory: #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-multiple-vulnerabilities-elastic-kibana-allowing-arbitrary-file-reads-and-dos https://ccb.belgium.be/advisories/warning-multiple-vulnerabilities-elastic-kibana-allowing-arbitrary-file-reads-and-dos"  
[X Link](https://x.com/CCBalert/status/2011928520276967921)  2026-01-15T22:28Z [----] followers, [---] engagements


"Warning: DoS vulnerability in #PaloAlto PAN-OS. CVE-2026-0227 CVSS: [---]. Exploitation can lead to unavailability of the affected firewall. More info: #Patch #Patch #Patch https://security.paloaltonetworks.com/CVE-2026-0227 https://security.paloaltonetworks.com/CVE-2026-0227"  
[X Link](https://x.com/CCBalert/status/2012158199214833681)  2026-01-16T13:41Z [----] followers, [---] engagements


"Warning: Vulnerability in #OpenStack. CVE-2026-22797. Exploitation can lead to privilege escalation. More info: #Patch #Patch #Patch https://seclists.org/oss-sec/2026/q1/66 https://seclists.org/oss-sec/2026/q1/66"  
[X Link](https://x.com/CCBalert/status/2012158375044223456)  2026-01-16T13:41Z [----] followers, [---] engagements


"Warning: Path traversal vulnerability in #MindsDB. CVE-2025-68472 CVSS [---]. Exploitation can lead to exposure of sensitive data. #PoCReleased More info: #Patch #Patch #Patch https://github.com/mindsdb/mindsdb/security/advisories/GHSA-qqhf-pm3j-96g7 https://github.com/mindsdb/mindsdb/security/advisories/GHSA-qqhf-pm3j-96g7"  
[X Link](https://x.com/CCBalert/status/2012158760098107756)  2026-01-16T13:43Z [----] followers, [---] engagements


"Warning: Buffer overflow vulnerability in #Fortinet FortiOS and FortiSwitchManager. #CVE-2025-25249 CVSS: [---] This #0Day can lead to remote code execution #RCE #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2012160987235799111)  2026-01-16T13:52Z [----] followers, [---] engagements


"Warning: #CVE-2025-60021 (CVSSv3 9.8) is a vulnerability in #Apache bRPC that allows an attacker to execute remote commands. Time to #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2013351905968193581)  2026-01-19T20:44Z [----] followers, [---] engagements


"Warning: A sandbox escape vulnerability (#CVE-2026-0863 CVSSv3 8.5) in the #n8n Python task runner can lead to arbitrary code execution on the host. Time to #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2013599238895092196)  2026-01-20T13:07Z [----] followers, [---] engagements


"Warning: Critical sandbox escape vulnerability in #Enclave VM. # CVSS: [--]. Successful exploitation can allow untrusted sandboxed JavaScript to execute arbitrary code in the host Node.js runtime. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2013633626747879854)  2026-01-20T15:24Z [----] followers, [---] engagements


"Warning: Oracle released their Critical Patch Update for January [----] containing multiple critical vulnerabilities. Check which apply to your organisation: #patch #patch #patch https://www.oracle.com/security-alerts/cpujan2026.html https://www.oracle.com/security-alerts/cpujan2026.html"  
[X Link](https://x.com/CCBalert/status/2014007584957649075)  2026-01-21T16:10Z [----] followers, [---] engagements


"Warning: Critical RCE in Cisco Unified Communications. #CVE-2026-20045. Actively exploited & unauthenticated remote code execution #RCE Read our advisory and #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-critical-cisco-unified-communications-remote-code-execution-vulnerability-patch https://ccb.belgium.be/advisories/warning-critical-cisco-unified-communications-remote-code-execution-vulnerability-patch"  
[X Link](https://x.com/CCBalert/status/2014469876975329590)  2026-01-22T22:47Z [----] followers, [---] engagements


"Warning: a SQL Injection vulnerability in #Dell Unisphere for PowerMax #CVE-2025-36588 CVSS: [---]. A low privileged attacker with remote access could potentially exploit this vulnerability leading to Command execution. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2014749724377588053)  2026-01-23T17:19Z [----] followers, [---] engagements


"Warning: Many sources reported the active exploitation of #CVE-2025-52691 CVSS: [--]. A remote unauthenticated attacker can upload arbitrary files to the server potentially enabling remote code execution #RCE Check our advisory here: . #Patch #Patch #Patch https://ccb.belgium.be/nl/advisories/warning-critical-unauthenticated-arbitrary-file-upload-vulnerability-smartermail-server https://ccb.belgium.be/nl/advisories/warning-critical-unauthenticated-arbitrary-file-upload-vulnerability-smartermail-server"  
[X Link](https://x.com/CCBalert/status/2014758092068598195)  2026-01-23T17:52Z [----] followers, [---] engagements


"Warning: Critical 2FA Bypass in #GitLab CE/EE #CVE-2026-0723 CVSS: [---] Forged device responses can bypass two-factor authentication & enable account takeover. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2014763509569970210)  2026-01-23T18:13Z [----] followers, [---] engagements


"Warning: Critical vulnerability in Broadcom #VMware #vCenter Server CVE-2024-37079 potentially leading to Remote Code Execution (#RCE) was added to CISA's Known Exploited Vulnerabilities (#KEV) Catalogue. Time to #patch"  
[X Link](https://x.com/CCBalert/status/2015821255945969745)  2026-01-26T16:16Z [----] followers, [---] engagements


"Warning: Local File Inclusion vulnerability (CVE-2025-68645) in the Webmail Classic UI of #Zimbra Collaboration has been added to CISA's Known Exploited Vulnerabilities (#KEV) Catalogue. Time to #patch"  
[X Link](https://x.com/CCBalert/status/2015821391778508942)  2026-01-26T16:17Z [----] followers, [---] engagements


"Warning: CVE-2025-13878 vulnerability in some #BIND9 versions causes "named" to crash. Authoritative servers and resolvers are affected. #Patch #Patch #Patch https://kb.isc.org/docs/cve-2025-13878 https://kb.isc.org/docs/cve-2025-13878"  
[X Link](https://x.com/CCBalert/status/2015821599065125120)  2026-01-26T16:18Z [----] followers, [---] engagements


"Warning: Critical Command Injection in #Zoom Node Multimedia Routers. #CVE-2026-22844 CVSS: [---]. Allows Remote Code Execution (#RCE). Read our advisory and #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-critical-os-command-injection-premises-zoom-node-deployments-patch-immediately https://ccb.belgium.be/advisories/warning-critical-os-command-injection-premises-zoom-node-deployments-patch-immediately"  
[X Link](https://x.com/CCBalert/status/2015852450352075220)  2026-01-26T18:20Z [----] followers, [---] engagements


"Warning: Critical vulnerability in #Cal.com. CVE-2026-23478 CVSS: [----]. This vulnerability allows attackers to gain full authenticated access to any user account. #ATO #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2011433588277821475)  2026-01-14T13:41Z [----] followers, [---] engagements


"Warning: [--] critical actively-exploited authentication bypass vulnerabilities in #SmarterTools #SmartMail. #CVE-2026-24423 #CVE-2026-23760 CVSS: [---]. They can lead to unauthenticated remote code execution #RCE More info: #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-two-critical-actively-exploited-authentication-bypass-vulnerabilities https://ccb.belgium.be/advisories/warning-two-critical-actively-exploited-authentication-bypass-vulnerabilities"  
[X Link](https://x.com/CCBalert/status/2016182608015536476)  2026-01-27T16:12Z [----] followers, [---] engagements


"Warning: Actively-exploited security bypass vulnerability in #Microsoft #Office. #CVE-2026-21509 CVSS: [---]. Office versions [----] & later are auto protected. If you have earlier versions please install the updates. See MS advisory: #Patch #Patch #Patch https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509"  
[X Link](https://x.com/CCBalert/status/2016197259738624111)  2026-01-27T17:11Z [----] followers, [---] engagements


"Warning: Multiple critical vulnerabilities in #dormakaba access manager #exos9300. #CVE-2025-59090 #CVE-2026-59097 #CVE-2026-59108 #CVE-2025-59103 CVSS: 9.3-9.2. See official advisories: #Patch #Patch #Patch https://www.dormakabagroup.com/en/security-advisories https://www.dormakabagroup.com/en/security-advisories"  
[X Link](https://x.com/CCBalert/status/2016198542822351176)  2026-01-27T17:16Z [----] followers, [---] engagements


"Warning: [--] high to critical vulnerabilities in #SolarWinds Help Desk. CVE-2025-40551 and CVE-2025-40553 (CVSS: 9.8) could be exploited by remote attackers to achieve remote code execution #RCE #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2016510558443380741)  2026-01-28T13:55Z [----] followers, [---] engagements


"Warning: Critical authentication bypass vulnerability in #Juniper routers. CVE-2025-21589 CVSS: [---]. Successful exploitation allows a remote attacker to bypass authentication and take administrative control of the device. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2016510708788154542)  2026-01-28T13:56Z [----] followers, [---] engagements


"Warning: Critical vulnerability in #n8n. CVE-2026-1470 CVSS: [---]. Authenticated users can bypass the Expression sandbox mechanism to achieve full remote code execution on n8ns main node which could lead to full compromise of the affected instance. #RCE #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2016510874781937839)  2026-01-28T13:57Z [----] followers, [---] engagements


"Warning: Critical sandbox escape vulnerability affecting #vm2 library. CVE-2026-22709 CVSS: [---]. A remote attacker could exploit it escape the sandbox and run arbitrary code. #RCE #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2016511029123985468)  2026-01-28T13:57Z [----] followers, [---] engagements


"Warning: Critical buffer overflow vulnerability in #OpenSSL. CVE-2025-15467 CVSS: [---]. Successful exploitation could lead to a crash causing denial of service #DoS or remote code execution RCE #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2016511188339671402)  2026-01-28T13:58Z [----] followers, [---] engagements


"Warning: Critical authentication bypass vulnerability in #FortiOs #FortiManager and #FortiAnalyzer. CVE-2026-24858 is a 0-day with a CVSS score of [---]. CVE-2026-24858 is actively exploited #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2016511869117247490)  2026-01-28T14:01Z [----] followers, [---] engagements


"Warning: Critical vulnerability in #SAP S/4HANA Private Cloud and On-Premise (Financials General Ledger). CVE-2026-0501 CVSS: [---]. An authenticated user could execute crafted SQL queries to read modify and delete backend database data. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2016537519651713371)  2026-01-28T15:43Z [----] followers, [---] engagements


"Warning: Critical Code Injection in #Ivanti Endpoint Manager Mobile (#EPMM). #CVE-2026-1281 & #CVE-2026-1340 CVSS: [---]. These flaws allow unauthenticated attackers to achieve remote code execution #RCE #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-remote-code-execution-ivanti-epmm-endpoint-manager-mobile-patch-immediately https://ccb.belgium.be/advisories/warning-remote-code-execution-ivanti-epmm-endpoint-manager-mobile-patch-immediately"  
[X Link](https://x.com/CCBalert/status/2017224008207376784)  2026-01-30T13:10Z [----] followers, [---] engagements


"Warning: Critical Command Injection in #OpenProject. #CVE-2026-24685 CVSS: [---]. This command injection allows attackers to overwrite files leading to data loss and causing Denial of Service. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2017224437611831595)  2026-01-30T13:12Z [----] followers, [---] engagements


"Warning: Critical Scope Bypass in #vCluster Platform. #CVE-2026-22806 CVSS: [---]. This flaw allows limited access keys to bypass restrictions and access unauthorized resources #Kubernetes #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2017224541878005899)  2026-01-30T13:13Z [----] followers, [---] engagements


"Warning: Multiple vulnerabilities in #HewlettPackard Enterprise #StoreOnce lead to Remote Code Execution and Authentication Bypass. #RCE #CVE-2025-37093 CVSS(3.1): [---]. #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/1929907879940648994)  2025-06-03T14:27Z [----] followers, [---] engagements


"Warning: Critical stored XSS vulnerability in #Juniper Networks Junos Space. #CVE-2025-59978 CVSS: [---]. This vulnerability can lead to compromised accounts #XSS. Read our advisory: #Patch #Patch #Patch https://bit.ly/4q53Xnaand https://bit.ly/4q53Xnaand"  
[X Link](https://x.com/CCBalert/status/1976638826878501145)  2025-10-10T13:19Z [----] followers, [---] engagements


"Warning: Command Injection Vulnerability #CVE-2025-14756 affecting #TP-Link Archer MR600 could allow an authenticated attacker to execute arbitrary system commands leading to service disruption or full control #Patch #Patch #Patch"  
[X Link](https://x.com/CCBalert/status/2016946068030619895)  2026-01-29T18:46Z [----] followers, [---] engagements


"Warning: Critical vulnerability (#CVE202625253 CVSS 8.8) in #OpenClaw (Clawdbot / Moltbot) allows 1click remote code execution when processing attackercontrolled content. More info at: #RCE #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-critical-vulnerability-openclaw-allows-1-click-remote-code-execution-when https://ccb.belgium.be/advisories/warning-critical-vulnerability-openclaw-allows-1-click-remote-code-execution-when"  
[X Link](https://x.com/CCBalert/status/2018375743235895530)  2026-02-02T17:27Z [----] followers, [---] engagements


"Warning: Critical RCE in #Intermesh #Group-Office #CRM (CVE-2026-25134 CVSS 9.4). Attackers can abuse the zipLanguage action with a crafted ZIP to achieve remote code execution. More info: #RCE #Patch #Patch #Patch https://github.com/Intermesh/groupoffice/security/advisories/GHSA-v39j-549w-8849 https://github.com/Intermesh/groupoffice/security/advisories/GHSA-v39j-549w-8849"  
[X Link](https://x.com/CCBalert/status/2018688306637099395)  2026-02-03T14:09Z [----] followers, [---] engagements


"Warning: Critical exposure in #Odoo on #NixOS (#CVE-2026-25137 CVSS:9.1). By default every NixOS based Odoo setup publicly exposes the database manager without any authentication letting anyone with access dump or delete the database. #Patch #Patch https://ccb.belgium.be/advisories/warning-critical-unauthenticated-database-manager-exposure-odoo-nixos-patch-immediately https://ccb.belgium.be/advisories/warning-critical-unauthenticated-database-manager-exposure-odoo-nixos-patch-immediately"  
[X Link](https://x.com/CCBalert/status/2018712222768193924)  2026-02-03T15:44Z [----] followers, [---] engagements


"Warning: Critical file-overwrite flaw in ASUSTOR ADM (CVE-2026-24936 CVSS 9.5). Unauthenticated attackers can exploit improper input validation in AD join functionality to write arbitrary files and potentially take over the device. #Patch #Patch #Patch https://ccb.belgium.be/advisories/warning-critical-file-overwrite-asustor-adm-unauthenticated-attackers-can-compromise-nas https://ccb.belgium.be/advisories/warning-critical-file-overwrite-asustor-adm-unauthenticated-attackers-can-compromise-nas"  
[X Link](https://x.com/CCBalert/status/2018780979884597357)  2026-02-03T20:17Z [----] followers, [---] engagements


"Warning: [--] vulnerabilities were patched in #Advantech WISE-DeviceOnServer. The most critical CVE #CVE-2025-34256 (CVSSv3 9.8) allows remote attackers to forge authentication tokens enabling unauthorised access or session manipulation.#Path Patch #Patch"  
[X Link](https://x.com/CCBalert/status/1998090427208024141)  2025-12-08T18:00Z [----] followers, [---] engagements


"Warning: Critical SQL Injection vulnerability in #Advantech IoTSuite & IoT Edge products. #CVE-2025-52694 (CVSS [----] Critical). Unauthenticated remote attackers can execute arbitrary SQL commands leading to full system compromise. Patch immediately #Patch https://ccb.belgium.be/advisories/warning-critical-severity-vulnerability-advantech-iotsuite-and-iot-edge-products-patch https://ccb.belgium.be/advisories/warning-critical-severity-vulnerability-advantech-iotsuite-and-iot-edge-products-patch"  
[X Link](https://x.com/CCBalert/status/2011378754149343535)  2026-01-14T10:03Z [----] followers, [---] engagements

Limited data mode. Full metrics available with subscription: lunarcrush.com/pricing