ScanForge Security Digest 2614-02

April 2, 2026200 items

17 critical0 high10 news

This week presented a moderate threat landscape with 17 critical vulnerabilities identified but no actively exploited zero-days reported by CISA. The most pressing concern is CVE-2025-9962, a pre-authentication buffer overflow in Novakon P series devices that grants immediate root access, requiring urgent patching for affected systems. Additionally, three separate RCE vulnerabilities in Backup Server products pose significant risk to authenticated domain users, and organizations should prioritize applying available patches. Notable security incidents include a Cisco IMC authentication bypass enabling admin access and a supply chain compromise through LiteLLM, highlighting the continued threat from both direct vulnerabilities and third-party dependencies. Security teams should prioritize patching the Novakon and Backup Server vulnerabilities while reviewing Cisco IMC deployments and auditing LiteLLM implementations for potential compromise.

Critical

10.0 A buffer overflow vulnerability in Novakon P series allows attackers to gain root permission without CVE-2025-9962

9.9 A vulnerability 3 CVEs

CVE-2026-21669, CVE-2026-21667, CVE-2026-21666

9.9 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i CVE-2024-30236

9.8 A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the z CVE-2026-5121

9.8 Unrestricted Upload of File with Dangerous Type vulnerabilit 2 CVEs

CVE-2024-37555, CVE-2024-37228

9.8 Missing Authorization vulnerability in tainacan Tainacan tainacan.This issue affects Tainacan: from CVE-2024-30529

9.8 Missing Authorization vulnerability in typps Calendarista Basic Edition calendarista-basic-edition.T CVE-2024-30534

9.8 Incorrect Privilege Assignment vulnerability in DeluxeThemes Userpro userpro.This issue affects User CVE-2024-35700

9.8 Incorrect Privilege Assignment vulnerability in masteriyo Masteriyo - LMS learning-management-system CVE-2024-24882

9.8 Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-ph CVE-2024-30221

9.8 An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online F CVE-2023-30122

9.8 An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System CVE-2023-24646

Security News

Critical Cisco IMC auth bypass gives attackers Admin access Bleeping Computer

Cisco has patched several critical and high-severity vulnerabilities, including an Integrated Management Controller (IMC

Mercor Hit by LiteLLM Supply Chain Attack SecurityWeek

The AI recruiting firm is investigating the incident as Lapsus$ claimed the theft of 4TB of Mercor data. The post Mercor

Sophisticated CrystalX RAT Emerges SecurityWeek

The malware can spy on victims, steal their information, and make configuration changes on devices. The post Sophisticat

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action The Hacker News

Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version

Microsoft links Classic Outlook issue to email delivery problems Bleeping Computer

Microsoft is investigating a known issue that prevents some Classic Outlook users from sending emails via Outlook.com. [

Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks Bleeping Computer

Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks e

Variance Raises $21.5M for Compliance Investigation Platform Powered by AI Agents SecurityWeek

Variance has raised a total of $26 million in funding and the latest investment will fuel platform growth. The post Vari

Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit The Hacker News

Apple on Wednesday expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of d