Critical Path Traversal Flaw in Unstructured.io AI Library Enables Remote Code Execution

Unstructured.io patched a critical path traversal vulnerability (CVE-2025-64712) that allows attackers to achieve remote code execution by processing malicious Outlook .msg files. The flaw enables arbitrary file writes, potentially compromising AI data pipelines across major cloud providers and Fortune 1000 enterprise environments.

**If you are processing mail attachments throuh AI, this is an important advisory. Check if you directly use Unstructured.io or update the systems that import and use this library. If you cannot update right away, disable attachment processing in your code and implement controls to sanitize filename attachments.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-path-traversal-flaw-in-unstructured-io-ai-library-enables-remote-code-execution-x-z-5-d-g/gD2P6Ple2L

HashiCorp Patches Critical RCE Vulnerability in next-mdx-remote Library

HashiCorp patched a critical remote code execution vulnerability (CVE-2026-0969) in the next-mdx-remote library that allowed attackers to execute arbitrary code during React server-side rendering.

**If your React application renders user-supplied MDX content, update next-mdx-remote to version 6.0.0 immediately to enable the new default security blocks. Avoid enabling JavaScript expressions for untrusted input, as even best-effort sanitization can be bypassed by determined attackers.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hashicorp-patches-critical-rce-vulnerability-in-next-mdx-remote-library-t-u-a-5-2/gD2P6Ple2L

CISA Warns of Active Exploitation in Microsoft Configuration Manager SQL Injection Flaw

CISA reports active exploitation of a critical SQL injection vulnerability in Microsoft Configuration Manager (CVE-2024-43468). The flaw allows unauthenticated attackers to execute arbitrary commands with system-level privileges on management servers and site databases.

**If you are using Microsoft Configuration Manager and haven't patched since 2024, this is urgent. Your MCM is being attacked. If possible, always isolate from the internet. And patch, because any isolation will be compromised given enough time.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/cisa-warns-of-active-exploitation-in-microsoft-configuration-manager-sql-injection-flaw-t-a-l-p-8/gD2P6Ple2L

Ubuntu Security Notice USN-8038-1 https://packetstorm.news/files/215567 #advisory

Debian Security Advisory 6133-1 https://packetstorm.news/files/215561 #advisory

SUSE Security Advisory - SUSE-SU-2026:0476-1 https://packetstorm.news/files/215554 #advisory

openSUSE Security Advisory - openSUSE-SU-2026:10182-1 https://packetstorm.news/files/215553 #advisory

Apple Patches Actively Exploited Flaw, Over 90 Vulnerabilities in macOS, iOS, and iPadOS in February 2026 Security Updates

Apple released security updates on February 11, 2026, patching over 90 vulnerabilities across macOS, iOS, and iPadOS, including an actively exploited zero-day (CVE-2026-20700) — a memory corruption flaw in dyld enabling arbitrary code execution, likely used by nation-state actors or commercial spyware vendors against targeted individuals.

**Time to update your Apple devices. Prioritize iOS 26 devices, especially if you are a journalist or active in economy and policy - those are the first ones targeted by state actors to take control of mobile phones. Then all the rest of devices. Even if you are not a high profile target, update because hackers will learn to exploit the same flaws, so it will be open season on every vulnerable device.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/apple-patches-actively-exploited-flaw-over-90-vulnerabilities-in-macos-ios-and-ipados-in-february-2026-security-updates-j-a-7-e-o/gD2P6Ple2L

Siemens COMOS Affected by Multiple Flaws, at Least One Critical

Siemens COMOS plant management software is affected by six vulnerabilities, including a critical severity 10 XSS flaw and a sandbox escape, which could lead to remote code execution or data theft.

**First priority, make sure your industrial systems including COMOS are isolated from the internet and accessible only from trusted networks. Plan a quick update of COMOS instances to latest versions of 10.4 and 10.5 branck. For branch 10.6 contact Siemens for instructions.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/siemens-comos-affected-by-multiple-flaws-at-least-one-critical-a-q-3-w-s/gD2P6Ple2L

Critical RCE Vulnerability Reported in WPvivid Backup Plugin

WPvivid Backup & Migration plugin for WordPress patched a critical RCE vulnerability (CVE-2026-1357) that allows unauthenticated attackers to upload malicious PHP files via predictable cryptographic keys.

**If you are using WPvivid plugin, update to version 0.9.124 ASAP. If you cannot update right away, ensure the 'receive backup from another site' feature is disabled to close the primary attack vector.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-rce-vulnerability-reported-in-wpvivid-backup-plugin-3-d-o-v-9/gD2P6Ple2L

Debian Security Advisory 6130-1 https://packetstorm.news/files/215501 #advisory

Ubuntu Security Notice USN-8035-1 https://packetstorm.news/files/215500 #advisory

SUSE Security Advisory - SUSE-SU-2026:0438-1 https://packetstorm.news/files/215495 #advisory

openSUSE Security Advisory - openSUSE-SU-2026:10172-1 https://packetstorm.news/files/215494 #advisory

Critical UUID Flaw in Fiber v2 Framework Enables Session Hijacking

Fiber v2 patched a critical vulnerability (CVE-2025-66630) that generates predictable all-zero UUIDs when secure randomness fails, enabling session hijacking and CSRF bypass.

**If you are running applications running Fiber v2, prioritize updating to version 2.52.11 and update environments to Go 1.24, This is a weird flaw that may not happen regularly and is hard to reproduce, but it will hit you if you leave the old version long enough. It's better to patch than to hope.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-uuid-flaw-in-fiber-v2-framework-enables-session-hijacking-s-n-a-1-9/gD2P6Ple2L

Ivanti Patches High-Severity Authentication Bypass in Endpoint Manager

Ivanti patched a high-severity authentication bypass (CVE-2026-1603) and a SQL injection flaw (CVE-2026-1602) in its Endpoint Manager software that could allow attackers to steal credentials and sensitive database information.

**If you are using Ivanti EPM, one more patch cycle. Plan a quick update to Ivanti EPM instance to version 2024 SU5 or later. If possible, make sure your management servers are not exposed directly to the public internet.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/ivanti-patches-high-severity-authentication-bypass-in-endpoint-manager-d-7-x-9-j/gD2P6Ple2L

Critical Authentication Bypass Flaws Reported in ZLAN Industrial Gateways

ZLAN5143D industrial gateways contain two critical vulnerabilities (CVE-2026-25084 and CVE-2026-24789) that allow unauthenticated remote attackers to bypass security and reset device passwords. The vendor has not yet responded to these issues and there are no patches.

**If you use ZLAN5143D gateways, make sure they are isolated from the internet and accessible only from trusted networks. Since the vendor hasn't provided a patch, network isolation and VPN-only access are your only defense. Reach out to the vendor for patches, and if no patches are available, start planning a replacement.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-flaws-uncovered-in-zlan-industrial-gateways-k-4-k-9-i/gD2P6Ple2L

HGiga Patches Critical Authentication Bypass and SQL Injection Flaws in C&Cm@il

HGiga patched three vulnerabilities in its C&Cm@il platform, including a critical missing authentication flaw (CVE-2026-2234) that allows unauthenticated attackers to read and modify any user's emails.

**If you use HGiga C&Cm@il, plan a quick update to version 7.0-978. Since the most severe flaw allows attackers to read mail without a password, treat this as a high-priority emergency patch.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/hgiga-patches-critical-authentication-bypass-and-sql-injection-flaws-in-c-cm-il-b-m-r-j-8/gD2P6Ple2L

Critical Gogs Vulnerabilities Enable Remote Code Execution and 2FA Bypass

Gogs released security updates to address a critical RCE vulnerability (CVE-2025-64111) and a 2FA bypass (CVE-2025-64175) affecting self-hosted Git instances. These flaws allow authenticated attackers to execute system commands via malicious Git configurations or take over user accounts by misusing recovery codes.

**If you are using self-hosted Gogs, this is important - especially if your Gogs is publicly accessible and free to register. Update to version 0.13.4. If you cannot patch right away, restrict network access to your Git service and ensure only trusted users can register and push code.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-gogs-vulnerabilities-enable-remote-code-execution-and-2fa-bypass-0-4-b-b-k/gD2P6Ple2L

Microsoft February 2026 Patch Tuesday Fixes 58 Vulnerabilities, Six actively Exploited Flaws

Microsoft's February 2026 Patch Tuesday patches 58 security vulnerabilities, including six actively exploited zero-days in Windows Shell, MSHTML, Word, Desktop Window Manager, Remote Access Connection Manager, and Remote Desktop Services. The update also patches five critical Azure-related flaws and covers elevation of privilege, RCE, security feature bypass, and other vulnerability classes in Windows, Office, Exchange, and other Microsoft products.

**This is an urgent update. Six zero-day vulnerabilities are actively exploited in the wild, three of which are publicly disclosed. Patch your Windows Operating Systems and Microsoft Office ASAP. Then review the advisory for Azure, Exchange Server, GitHub Copilot, and other Microsoft products and components you use.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/microsoft-february-2026-patch-tuesday-fixes-58-vulnerabilities-six-actively-exploited-flaws-0-y-l-t-j/gD2P6Ple2L