⚠️ LiveThreat Vulnerability Brief — Apr 17, 2026
📊 9 vulnerabilities & exploits tracked impacting the supply chain
━━━━━━━━━━━━━━━━━━━━━━
⚠️ Critical Remote Code Execution Zero‑Day (CVE‑2026‑XXXX) Discovered in Microsoft Defender for Endpoint
A critical RCE zero‑day (CVE‑2026‑XXXX) in Microsoft Defender for Endpoint allows unauthenticated attackers to gain SYSTEM privileges on Windows 10/11 devices. …
🔗 https://www.livethreat.ai/intelligence/threatsday-bulletin-defender-0-day-sonicwall-brute-force-17-year-old-excel-rce-and-15-more-stories-15772
⚠️ Critical Remote Code Execution & Privilege Escalation in Anviz Access‑Control Firmware (CVE‑2026‑32648 … CVE‑2026‑40461)…
CISA has flagged eleven critical CVEs in Anviz CX2 Lite, CX7 and CrossChex devices. Exploits grant unauthenticated attackers full control, exposing commercial f…
🔗 https://www.livethreat.ai/intelligence/anviz-multiple-products-15846
⚠️ Critical Stack Buffer Overflow in Delta Electronics ASDA-Soft (CVE-2026-5726) Threatens Industrial Control Systems
Delta Electronics' ASDA-Soft industrial automation software (≤ 7.2.2.0) contains a stack‑based buffer overflow (CVE‑2026‑5726) that can be triggered by a crafte…
🔗 https://www.livethreat.ai/intelligence/delta-electronics-asda-soft-15845
💥 Zero‑Day LPE in Microsoft Defender “RedSun” Grants SYSTEM Privileges on Patched Windows 10/11 and Server
A proof‑of‑concept exploit called “RedSun” abuses a local‑privilege‑escalation flaw in Microsoft Defender, granting SYSTEM rights on fully patched Windows 10, W…
🔗 https://www.livethreat.ai/intelligence/new-microsoft-defender-redsun-zero-day-poc-grants-system-privileges-15853
⚠️ Critical Vulnerabilities in Cisco Identity Services Engine and Webex Enable Code Execution and User Impersonation
Cisco disclosed four critical CVEs (2026‑20184, 20147, 20180, 20186) that allow unauthenticated attackers to impersonate users or authenticated admins to execut…
🔗 https://www.livethreat.ai/intelligence/cisco-fixed-four-critical-flaws-in-identity-services-and-webex-15900
⚠️ Critical Arbitrary Code Execution Flaws in Cisco Identity Services & Webex (CVE‑2026‑20184) Threaten Enterprise Collabor…
🔗 https://www.livethreat.ai/intelligence/cisco-patches-four-critical-identity-services-webex-flaws-enabling-code-execution-15594
⚠️ Critical RCE in HP DeskJet 2855e (CVE‑2026‑4682) Enables Remote Code Execution via SOAP Buffer Overflow
🔗 https://www.livethreat.ai/intelligence/zdi-26-280-pwn2own-hp-deskjet-2855e-jobstatusevent-stack-based-buffer-overflow-remote-code-execution-vulnerability-15620
⚠️ Critical Remote Code Execution in Fortinet FortiWeb (CVE‑2026‑40688) – Out‑Of‑Bounds Write Vulnerability
🔗 https://www.livethreat.ai/intelligence/zdi-26-266-fortinet-fortiweb-cat-cgi-paths-out-of-bounds-write-remote-code-execution-vulnerability-15634
━━━━━━━━━━━━━━━━━━━━━━
📌 + 1 more vulnerabilities on our live feed
🛡️ How many of your vendors are running these affected systems?
📖 View all → https://www.livethreat.ai/vulnerabilities
🔔 Follow LiveThreat for daily TPRM intelligence
#Cybersecurity #ThreatIntel #TPRM #InfoSec #VendorRisk #BreachWatch #DoNotBeLarry #VerisqAI #LiveThreat