serverok.pl is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.

This server runs the snac software and there is no automatic sign-up process.

Site description
lonely small server
Admin email
postmaster@serverok.pl
Admin account
@mend0za@serverok.pl

Search results for tag #zen

ZEN SecDB » 🤖
@secdb@infosec.exchange

📈 CVE Published in last days (2026-06-29 - 2026-06-29)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230

Status:
- : 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113

CISA KEVs:
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0701 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40

Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8

Top EPSS Score:
- CVE-2026-27771 - 40.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13773 - 3.41 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56413 - 3.08 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56415 - 3.07 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56782 - 3.02 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13545 - 2.71 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58452 - 2.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58453 - 1.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56700 - 1.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58457 - 1.67 % (secdb.nttzen.cloud/cve/detail/)

    ZEN SecDB » 🤖
    @secdb@infosec.exchange

    🚨 Bad Epoll (CVE-2026-46242) has been identified as a notable vulnerability.

    In the Linux kernel, the following vulnerability has been resolved:

    eventpoll: fix ep_remove struct eventpoll / struct file UAF

    ℹ️ Additional information on ZEN SecDB:

    - BadEpoll: secdb.nttzen.cloud/updates/791

    - CVE details, sightings and advisories: secdb.nttzen.cloud/cve/detail/

      ZEN SecDB » 🤖
      @secdb@infosec.exchange

      🚨 [CISA-2026:0701] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

      CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

      ⚠️ CVE-2026-45659 (secdb.nttzen.cloud/cve/detail/)
      - Name: Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
      - Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
      - Known To Be Used in Ransomware Campaigns? Unknown
      - Vendor: Microsoft
      - Product: SharePoint Server
      - Notes: msrc.microsoft.com/update-guid ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

        ZEN SecDB » 🤖
        @secdb@infosec.exchange

        📈 CVE Published in last days (2026-06-01 - 2026-06-01)
        See more at secdb.nttzen.cloud/dashboard

        Total CVEs:

        Severity:
        - Critical: 855
        - High: 3079
        - Medium: 2559
        - Low: 534
        - None: 684

        Status:
        - : 344
        - Analyzed: 2815
        - Awaiting Analysis: 562
        - Deferred: 3102
        - Modified: 173
        - Received: 551
        - Rejected: 49
        - Undergoing Analysis: 115

        CISA KEVs:
        - CISA-2026:0601 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0602 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0603 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0605 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0608 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0609 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0611 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0612 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0618 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0623 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0625 (secdb.nttzen.cloud/security-ad)
        - CISA-2026:0629 (secdb.nttzen.cloud/security-ad)

        Top CNAs:
        - GitHub, Inc.: 1163
        - Patchstack: 731
        - VulnCheck: 612
        - Chrome: 584
        - kernel.org: 514
        - VulDB: 468
        - N/A: 344
        - MITRE: 329
        - Wordfence: 256
        - Oracle: 242

        Top Affected Products:
        - UNKNOWN: 4698
        - Google Chrome: 583
        - Google Android: 118
        - Microsoft Windows 11 26h1: 111
        - Microsoft Windows Server 2025: 109
        - Microsoft Windows 11 24h2: 105
        - Microsoft Windows 11 25h2: 105
        - Microsoft Windows Server 2022: 104
        - Microsoft Windows 11 23h2: 99
        - Microsoft Windows 10 22h2: 91

        Top EPSS Score:
        - CVE-2026-10520 - 98.94 % (secdb.nttzen.cloud/cve/detail/)
        - CVE-2026-35273 - 92.33 % (secdb.nttzen.cloud/cve/detail/)
        - CVE-2026-20253 - 88.17 % (secdb.nttzen.cloud/cve/detail/)
        - CVE-2026-48907 - 80.43 % (secdb.nttzen.cloud/cve/detail/)
        - CVE-2026-50751 - 71.05 % (secdb.nttzen.cloud/cve/detail/)
        - CVE-2026-49160 - 48.44 % (secdb.nttzen.cloud/cve/detail/)
        - CVE-2026-10523 - 47.19 % (secdb.nttzen.cloud/cve/detail/)
        - CVE-2026-20230 - 41.69 % (secdb.nttzen.cloud/cve/detail/)
        - CVE-2026-0826 - 26.47 % (secdb.nttzen.cloud/cve/detail/)
        - CVE-2026-25089 - 23.39 % (secdb.nttzen.cloud/cve/detail/)

          ZEN SecDB » 🤖
          @secdb@infosec.exchange

          🚨 DirtyClone (CVE-2026-43503)

          In the Linux kernel, the following vulnerability has been resolved:

          net: skbuff: propagate shared-frag marker through frag-transfer helpers

          ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/updates/9a1


            ZEN SecDB » 🤖
            @secdb@infosec.exchange

            🚨 [CISA-2026:0629] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

            CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

            ⚠️ CVE-2026-48558 (secdb.nttzen.cloud/cve/detail/)
            - Name: SimpleHelp Authentication Bypass Vulnerability
            - Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
            - Known To Be Used in Ransomware Campaigns? Unknown
            - Vendor: SimpleHelp
            - Product: SimpleHelp
            - Notes: simple-help.com/security/simpl ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

              ZEN SecDB » 🤖
              @secdb@infosec.exchange

              🚨 [CISA-2026:0625] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

              CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

              ⚠️ CVE-2026-12569 (secdb.nttzen.cloud/cve/detail/)
              - Name: PTC Windchill and FlexPLM Improper Input Validation Vulnerability
              - Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
              - Known To Be Used in Ransomware Campaigns? Unknown
              - Vendor: PTC
              - Product: Windchill and FlexPLM
              - Notes: ptc.com/en/support/article/CS4 ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

              ⚠️ CVE-2026-20230 (secdb.nttzen.cloud/cve/detail/)
              - Name: Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
              - Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
              - Known To Be Used in Ransomware Campaigns? Unknown
              - Vendor: Cisco
              - Product: Unified Communications Manager
              - Notes: cisco.com/c/en/us/support/docs ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

                ZEN SecDB » 🤖
                @secdb@infosec.exchange

                📈 CVE Published in last days (2026-06-15 - 2026-06-15)
                See more at secdb.nttzen.cloud/dashboard

                Total CVEs:

                Severity:
                - Critical: 374
                - High: 827
                - Medium: 471
                - Low: 67
                - None: 235

                Status:
                - : 204
                - Analyzed: 394
                - Awaiting Analysis: 88
                - Deferred: 744
                - Modified: 35
                - Received: 417
                - Rejected: 14
                - Undergoing Analysis: 78

                CISA KEVs:
                - CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
                - CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
                - CISA-2026:0618 (secdb.nttzen.cloud/security-ad)

                Top CNAs:
                - Patchstack: 489
                - Oracle: 240
                - N/A: 204
                - VulnCheck: 202
                - GitHub, Inc.: 133
                - MITRE: 84
                - Wordfence: 64
                - VulDB: 49
                - Mozilla Corporation: 44
                - Google Devices: 39

                Top Affected Products:
                - UNKNOWN: 1471
                - Google Android: 55
                - Mozilla Thunderbird: 42
                - Mozilla Firefox: 42
                - Google Chrome: 33
                - Oracle Webcenter Content: 32
                - Openclaw: 27
                - Oracle Jd Edwards Enterpriseone Tools: 14
                - Oracle Enterprise Manager Base Platform: 14
                - Oracle Weblogic Server: 13

                Top EPSS Score:
                - CVE-2026-11409 - 2.79 % (secdb.nttzen.cloud/cve/detail/)
                - CVE-2026-11410 - 2.79 % (secdb.nttzen.cloud/cve/detail/)
                - CVE-2026-12197 - 2.38 % (secdb.nttzen.cloud/cve/detail/)
                - CVE-2026-53876 - 1.79 % (secdb.nttzen.cloud/cve/detail/)
                - CVE-2026-50871 - 1.57 % (secdb.nttzen.cloud/cve/detail/)
                - CVE-2026-12223 - 1.53 % (secdb.nttzen.cloud/cve/detail/)
                - CVE-2026-12219 - 1.52 % (secdb.nttzen.cloud/cve/detail/)
                - CVE-2026-38065 - 1.35 % (secdb.nttzen.cloud/cve/detail/)
                - CVE-2026-20262 - 1.15 % (secdb.nttzen.cloud/cve/detail/)
                - CVE-2026-50874 - 1.12 % (secdb.nttzen.cloud/cve/detail/)

                  ethanOS »
                  @ethanOS@infosec.exchange

                  "How do you do this?" And her answer was, "It's like I'm already dead."
                  Jeff Bridges, Bernie Glassman, The Dude and the Zen Master

                    ZEN SecDB » 🤖
                    @secdb@infosec.exchange

                    🚨 [CISA-2026:0615] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

                    CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

                    ⚠️ CVE-2026-20262 (secdb.nttzen.cloud/cve/detail/)
                    - Name: Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability
                    - Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
                    - Known To Be Used in Ransomware Campaigns? Unknown
                    - Vendor: Cisco
                    - Product: Catalyst SD-WAN Manager
                    - Notes: sec.cloudapps.cisco.com/securi ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

                    ⚠️ CVE-2026-54420 (secdb.nttzen.cloud/cve/detail/)
                    - Name: LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability
                    - Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
                    - Known To Be Used in Ransomware Campaigns? Unknown
                    - Vendor: LiteSpeed
                    - Product: cPanel Plugin
                    - Notes: blog.litespeedtech.com/2026/06 ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

                      ZEN SecDB » 🤖
                      @secdb@infosec.exchange

                      🚨 [CISA-2026:0609] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

                      CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

                      ⚠️ CVE-2026-11645 (secdb.nttzen.cloud/cve/detail/)
                      - Name: Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
                      - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
                      - Known To Be Used in Ransomware Campaigns? Unknown
                      - Vendor: Google
                      - Product: Chromium V8
                      - Notes: chromereleases.googleblog.com/ ; issues.chromium.org/issues/506 ; nvd.nist.gov/vuln/detail/CVE-2

                      ⚠️ CVE-2026-7473 (secdb.nttzen.cloud/cve/detail/)
                      - Name: Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability
                      - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
                      - Known To Be Used in Ransomware Campaigns? Unknown
                      - Vendor: Arista
                      - Product: Extensible Operating System
                      - Notes: arista.com/en/support/advisori ; nvd.nist.gov/vuln/detail/CVE-2

                        ethanOS »
                        @ethanOS@infosec.exchange

                        "Let's say my fingers ache. What do I do? I can take Advil; I can also give myself a little injection of heroin."
                        Jeff Bridges and Bernie Glassman, The Dude and the Zen Master

                          ZEN SecDB » 🤖
                          @secdb@infosec.exchange

                          🚨 [CISA-2026:0529] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

                          CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

                          ⚠️ CVE-2026-0257 (secdb.nttzen.cloud/cve/detail/)
                          - Name: Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
                          - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
                          - Known To Be Used in Ransomware Campaigns? Unknown
                          - Vendor: Palo Alto Networks
                          - Product: PAN-OS
                          - Notes: security.paloaltonetworks.com/ ; nvd.nist.gov/vuln/detail/CVE-2

                            Bob the Traveler » 🤖
                            @bobthetraveler@mastodon.world

                            Shunryū Suzuki, who died OTD in 1971, helped popularize in the United States, and founded the first Buddhist monastery outside Asia cromwell-intl.com/travel/japan

                              ZEN SecDB » 🤖
                              @secdb@infosec.exchange

                              🚨 CVE-2026-45185 (Dead.Letter)

                              Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitrary code.

                              ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/


                              CVE-2026-45185 (Dead.Letter)

                              Alt...CVE-2026-45185 (Dead.Letter)

                                Ring2 🏴‍☠️ »
                                @ring2@stpauli.social

                                Aus der Wut in die Akzeptanz.

                                Kann man als FC St. Pauli Fan gerade gut üben. Zen Pauli quasi. (Hier erkläre ich das meinem Freund Oliver, der ein feiner Dude ist, außer seiner Zuneigung zum HSV). Quelle: fyyd.de/episode/15539469

                                Alt...Video

                                  Klaus Zimmermann :unverified: »
                                  @kzimmermann@c.im

                                  Sunday

                                  buddhist temple garden with a small creek with stepping stones to cross it. There are a few red momiji on the top

                                  Alt...buddhist temple garden with a small creek with stepping stones to cross it. There are a few red momiji on the top

                                    ZEN SecDB » 🤖
                                    @secdb@infosec.exchange

                                    🚨 CVE-2026-41651 (Pack2TheRoot)

                                    PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root

                                    PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5.

                                    ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/cve/detail/


                                      Scott Wilson 🌈 »
                                      @scottwilson@infosec.exchange

                                      RE: floss.social/@downey/116337415

                                      Yet another reason to continue using , , , etc.

                                        corq »
                                        @corq@infosec.exchange

                                        If you need some sweet in your life, please let me recommend Martin & Mads!

                                        Extreme traffic during walk with Martin and Mads - YouTube

                                        youtube.com/watch?v=OJmzakZUSMA

                                          Solar Branka :mw: »
                                          @solarbranka@mastodon.world

                                          3/24. Do you have a writerly "third place"?

                                          I prefer my “third place” to be a state of giggles or zen mindfulness on a weekday afternoon.

                                          Location is flexible. ❤️‍🔥

                                            ZEN SecDB » 🤖
                                            @secdb@infosec.exchange

                                            🚨 CVE-2026-24291 (RegPwn)
                                            Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability

                                            Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally.

                                            secdb.nttzen.cloud/cve/detail/