Resources Security Advisories
{ SECURITY_ADVISORIES }

Threat intelligence.
From the front lines.

Vulnerability disclosures, zero-day research, and actionable advisories from the mindthehack offensive security team. We find it, we report it, we help the world fix it.

security@mindthehack.ai Request a Demo

23

Advisories Published

8

Zero-Days Discovered

4

Active Exploits in Wild

100%

Responsible Disclosure

Severity: Critical High Medium Low
{ ADVISORY_LOG }

Six advisories.
Coordinated. Disclosed. Patched.

MTH-2026-012 Critical Exploited in Wild Patch Available March 31, 2026

Critical RCE in Apache Struts via OGNL Injection

CVE-2026-21847 · Affected: Apache Struts 2.x < 2.5.34

A critical remote code execution vulnerability was identified in Apache Struts allowing unauthenticated attackers to execute arbitrary commands via crafted OGNL expressions in HTTP request parameters. The mindthehack research team discovered this vulnerability during a routine engagement and coordinated disclosure with the Apache Foundation.

Impact

Full system compromise. An attacker can execute arbitrary OS commands with the privileges of the application server. No authentication required.

Remediation

Upgrade to Apache Struts 2.5.34 or later. If immediate patching is not possible, deploy WAF rules to block OGNL expression patterns in request parameters.

MTH-2026-011 Critical Exploited in Wild Patch Available March 15, 2026

Authentication Bypass in FortiGate SSL VPN

CVE-2026-19332 · Affected: FortiOS 7.4.x < 7.4.5, 7.2.x < 7.2.9

An authentication bypass vulnerability in Fortinet FortiGate SSL VPN allows remote attackers to gain administrative access without valid credentials by sending specially crafted HTTP requests to the management interface.

Impact

Complete compromise of VPN gateway. Attackers gain full administrative control, enabling traffic interception, configuration changes, and lateral movement into the internal network.

Remediation

Apply FortiOS patches immediately. Restrict management interface access to trusted IP ranges. Enable MFA for all administrative sessions.

MTH-2026-009 High Patch Available February 20, 2026

Privilege Escalation in Linux Kernel via io_uring Subsystem

CVE-2026-17421 · Affected: Linux Kernel 6.1 through 6.7.2

A use-after-free vulnerability in the Linux kernel io_uring subsystem allows local attackers to escalate privileges to root. The vulnerability exists in the request cancellation path when handling concurrent operations on shared ring buffers.

Impact

Local privilege escalation to root. Any unprivileged user with access to the system can gain complete control. Particularly dangerous in multi-tenant and containerized environments.

Remediation

Update to Linux kernel 6.7.3 or apply the backported patches for LTS kernels. As a temporary mitigation, disable io_uring via sysctl (kernel.io_uring_disabled=2).

MTH-2026-007 High Patch Available February 5, 2026

Server-Side Request Forgery in Microsoft Exchange OWA

CVE-2026-14889 · Affected: Microsoft Exchange Server 2019 CU14, 2016 CU23

A server-side request forgery vulnerability in Microsoft Exchange Outlook Web Access (OWA) allows authenticated users to access internal network resources and cloud metadata endpoints from the Exchange server context.

Impact

Access to internal network services, cloud provider metadata endpoints (IMDS), and potential credential theft. Can be chained with other vulnerabilities for full environment compromise.

Remediation

Apply the February 2026 Microsoft security update. Restrict outbound network access from Exchange servers. Monitor for unusual outbound connections.

MTH-2026-005 Critical Exploited in Wild Patch Available January 18, 2026

SQL Injection in SAP NetWeaver Application Server

CVE-2026-12556 · Affected: SAP NetWeaver AS ABAP 7.50 through 7.93

A blind SQL injection vulnerability in SAP NetWeaver Application Server ABAP allows remote attackers to extract sensitive data from the underlying database. The vulnerability exists in the user management API and is exploitable by any authenticated user.

Impact

Full database compromise. Attackers can extract credentials, business data, and configuration details. In SAP environments, this typically leads to exposure of financial records, employee data, and supply chain information.

Remediation

Apply SAP Security Note 3412789. Implement database activity monitoring. Review and restrict user permissions on affected API endpoints.

MTH-2025-042 Critical Exploited in Wild Patch Available December 8, 2025

Remote Code Execution in Cisco IOS XE Web UI

CVE-2025-48912 · Affected: Cisco IOS XE 17.x with Web UI enabled

A remote code execution vulnerability in the Cisco IOS XE web management interface allows unauthenticated attackers to create privileged accounts and execute commands on the underlying operating system. The mindthehack threat intelligence team detected active exploitation across European infrastructure.

Impact

Complete device takeover. Attackers can implant persistent backdoors, intercept and modify network traffic, and use compromised devices as pivot points for lateral movement.

Remediation

Disable the web UI immediately if not required. Apply Cisco patches when available. Check for indicators of compromise including unauthorized user accounts and unexpected configuration changes.

{ RESPONSIBLE_DISCLOSURE }

Our commitment
to the security community.

When the mindthehack research team discovers a vulnerability, we follow a strict responsible disclosure process. We notify affected vendors immediately, provide technical details and proof-of-concept information, and work collaboratively on patches before any public disclosure.

We believe that security improves when researchers and vendors work together. Every advisory published here has gone through a coordinated disclosure process with the affected organization.

90-Day Disclosure Window Vendor Coordination CVE Assignment Proof of Concept
{ REPORT_A_VULNERABILITY }

Found something?

If you have discovered a vulnerability and want to coordinate disclosure, reach out to our security research team. We take every report seriously.

security@mindthehack.ai