NotCVE @notCVE
The !CVE mission is to provide a common space for cybersecurity !vulnerabilities that are not acknowledged by vendors but still are serious security issues. notcve.org Joined September 2022-
Tweets49
-
Followers59
-
Following48
-
Likes0
⚠️ ACTIVELY EXPLOITED — added to CISA KEV 2026-07-16 CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability CVSS 9.8 · EPSS 48.7% · 22 public exploits Details, versions & intel → notcve.org/cve/CVE-2026-3…
🎯 Most likely to be exploited next (EPSS): • CVE-2026-48356 — EPSS 28.3% · CVSS 9.6 • CVE-2026-50522 — EPSS 19.7% · CVSS 9.8 • CVE-2026-47992 — EPSS 19.6% · CVSS 7.2 📄 Full weekly tables → github.com/notcve/reports…
⚠️ New in CISA KEV this week — exploited in the wild: • SonicWall SMA1000 Appliances Code… — CVSS 10 notcve.org/cve/CVE-2026-1… • SonicWall SMA1000 Appliances… — CVSS 10 notcve.org/cve/CVE-2026-1… • Balbooa Forms Unrestricted Upload… — CVSS 10 notcve.org/cve/CVE-2026-5…
📊 Weekly Vulnerability Digest #2 (Jul 9–16): 📈 2,638 new CVEs — 377/day, peak 1,070 🔴 848 critical (CVSS ≥ 9) 💥 48 with a public exploit ⚠️ 9 added to CISA KEV — actively exploited Top vendors: microsoft (586) · adobe (54) Track your vendors → notcve.org/pricing/
⚠️ ACTIVELY EXPLOITED — added to CISA KEV 2026-07-14 CVE-2026-56155: Microsoft Active Directory Federation Services Insufficient Granularity of Access Control… CVSS 7.8 · 4 public exploits Details, versions & intel → notcve.org/cve/CVE-2026-5…
⚠️ ACTIVELY EXPLOITED — added to CISA KEV 2026-07-13 CVE-2008-4128: Cisco IOS Cross-Site Request Forgery Vulnerability CVSS 8.8 · EPSS 12% · 6 public exploits Details, versions & intel → notcve.org/cve/CVE-2008-4…
🚨 A NotCVE just became a CVE — 163 days later. Cloudflare has assigned CVE-2026-14440 (CVSS 9.1) to the Universal SSL CAA issue documented as NotCVE-2026-0001 on 2026-01-19. No CVE existed then. Public, timestamped record — preserved since day one: notcve.org/notcve/NotCVE-…
📊 Weekly Vulnerability Digest #1 (Jul 2–9): 📈 1,533 new CVEs — 219/day 🔴 336 critical (CVSS ≥ 9) ⚠️ 4 added to CISA KEV — actively exploited 💥 41 with a public exploit Top vendors: microsoft (101) · apache (49) · gitea (40) Search any of them → notcve.org
🚨 NotCVE-2026-0008 Microsoft Windows NTFS self-healing duplicate-name handling may allow delayed reparse point/symlink exposure from crafted file system images. CVSS 6.3 - No fixed version currently known notcve.org/notcve/NotCVE-… Credits: @errno_fail #NotCVE #Windows #NTFS
🚨 New NotCVE: NotCVE-2026-0007 Schlage/Allegion HandPunch & HandKey biometric access-control devices were documented with an unauthenticated TCP/3001 management protocol. Shodan still shows 500+ exposed online. notcve.org/notcve/NotCVE-… #NotCVE #OT
🚨 NotCVE-2026-0006 ClawVet API: hardcoded fallback JWT secret when JWT_SECRET is not configured may allow session token forgery for existing users. CVSS 9.8 Critical | SSVC: Attend notcve.org/notcve/NotCVE-… #NotCVE #JWT #APISecurity
🚨 NotCVE-2026-0005 TP-Link TL-WR741ND V5: authenticated OS command injection via SSID in the web management interface. Tested on firmware 3.16.9 Build 150605. CVSS 8.0 | SSVC: Attend notcve.org/notcve/NotCVE-… #NotCVE #TPLink
🚨 NotCVE-2026-0004 BestCrypt Volume Encryption for Windows: improper signature-based sector bypass may cause limited cleartext disclosure and plaintext injection under specific conditions. CVSS 5.7 | SSVC: Attend notcve.org/notcve/NotCVE-… #NotCVE
🚨 NotCVE-2026-0003 Deno @std/path prior to 1.1.2: inefficient regex in isGlob may cause excessive processing time on crafted long inputs, leading to high CPU utilization and DoS. CVSS 5.9 | SSVC: Attend notcve.org/notcve/NotCVE-… #NotCVE #Deno
🚨 NotCVE-2026-0002 NetScaler ADC (VPX) before 14.1-60.52: missing SSH host key validation in HA/HA-INC synchronization may enable adversary-in-the-middle, credential capture and root code execution. CVSS 7.5 | SSVC: Attend notcve.org/notcve/NotCVE-… #NotCVE
NotCVE-2026-0001 is now available: Cloudflare Universal SSL CAA augmentation may enable unauthorized DV certificate issuance by weakening RFC 8657 account binding. Severity: CVSS 8.7 (High). Full details: notcve.org/view.php?id=No… Credit: @David_z_Osipov
🚨 NotCVE-2025-0004: Go os.RemoveAll before 1.21.11 / 1.22.4 is vulnerable to a symlink race (TOCTOU). An attacker can hijack a recursive delete to erase any path on the host Fix: rebuild w/ Go 1.21.11+ or 1.22.4+. Details ➜ notcve.org/view.php?id=No… #golang #security
🚨 NotCVE-2025-0003: Kubernetes built with Go <1.21.11/<1.22.4 has a symlink race in os.RemoveAll. A malicious pod can swap a symlink during volume cleanup and delete any host path Patch: rebuild w/ Go 1.21.11+ Details➜ notcve.org/view.php?id=No… #Kubernetes #Security #SymlinkRace
🚨 NotCVE-2025-0002: IBM Instana lets attackers set any returnUrl, causing an open redirect. Auth’d users who click a crafted link are whisked to a phishing site in-session. Details notcve.org/view.php?id=No… #Instana #Security #OpenRedirect
🚨 NotCVE-2025-0001: Docker’s default bridge can expose unpublished container ports on LAN when FORWARD=ACCEPT & IP forwarding = 1. Fix: set FORWARD→DROP or use user-defined networks. Details ➜ notcve.org/view.php?id=No… #Docker #Security #DevOps
Mr.W01F @mrw01f_asm
29 Followers 307 Following
William Colvin Beene @WilliamColvinB
5 Followers 165 Following
Mau @Mau_DTH
0 Followers 41 Following
Stefan @IPv4v6
58 Followers 515 Following affiliated with IT security / My tweets are carefully handcrafted.
superdemon @0xsuperdemon
39 Followers 2K Following Unreadiness to following, reluctant to followers. A visionary path treader, rethinker, and on a second thought life overwhelms me, I do not know anything, AMA!
Vishwas @k4rn4_1
12 Followers 751 Following
spot @maplecard20101
2 Followers 85 Following
OpenSecDevOps @OpenSecDevOps
55 Followers 18 Following #OSDO project, bringing SecDevOps closer with free tools.
Rio Ogino @rioogino
60 Followers 4K Following
orangehat @Orangehat1337
1 Followers 41 Following
Dan @dangrad_
2 Followers 218 Following
CyberSec1337 @CyberSec1337
22 Followers 352 Following sudo apt-get Cyber Security -y && Ethical Hacker -y && Penetration Tester -y
keyth0s @keyth0s
53 Followers 151 Following
shay zipor @ZiporShay
8 Followers 244 Following
user @jack_swindell1
21 Followers 15 Following
Edgar David @3ddavid
1K Followers 2K Following Especialista en seguridad ofensiva. Si tiene un bug, es un reto. Si es "seguro", es una invitación.
Guayoyo @GuayoyoCyber
670 Followers 52 Following Unidad de ciberseguridad de @PyxisPortal #DevSecOps #CyberSecurity #InfoSec #AppSec
Ayyappan Rajesh @ayyappan162010
488 Followers 1K Following
TenForward🖖 @ten_forward
2K Followers 1K Following K-POP(雑食/UNICODE・MADEIN・CSR・ILY:1…)・윤쯔・韓国ドラマ・古墳・WRC・DS3・プログレ(辺境指向)・プログレメタル・JazzFusion・TechFeed公認エキスパートNo.138(コンテナ)・Linux Container Book(https://t.co/LmQB9zF77v)
CARIBSOC - Caribbean ... @caribcybersoc
27 Followers 155 Following CARIBSOC provides cyber security advice & services to protect the residents, businesses & tourists across the Caribbean region.
B3T4M3 @B3T4M31
2 Followers 106 Following
Ian Bell @ibell63
78 Followers 360 Following cybersecurity operations engineer | aviation enthusiast | tweets reflect my own opinions
Todd Stanton @ToddSta67453214
28 Followers 189 Following Pull the string and it will follow wherever you wish. Push it, and it will go nowhere - Dwight Eisenhower
Paul Wiles @wilesy101
44 Followers 654 Following Information & Cyber Security #InformationSecurity #CyberSecurity #Identity #DigitalRisk
John Hammond @_JohnHammond
322K Followers 3K Following Cybersecurity Researcher @HuntressLabs Just Hacking Training @JustHackingHQ w/ @ethicalhacker https://t.co/UtsNJiyQtS && https://t.co/narO3sz7y6
Chief Cynicism Office... @Duncrow
727 Followers 406 Following Ottakringer, Abenteurer, Philosoph, Schatzsucher, Koch, Rotweintrinker, Zyniker, Experte für nutzloses Wissen aller Art und irgendwas mit Security.
GDT @DiTerlizziGi
34 Followers 473 Following
André @klist_sessions
66 Followers 1K Following eJPT, eCDFP. Blue team - Following #infosec twitter.
Alan Coopersmith @ala... @alanc
2K Followers 934 Following Solaris Engineer at Sun^H^H^HOracle (Release management, Security, X11, GNOME); former board member of @XorgFoundation & @OpenSolaris. https://t.co/09dz3ZWwpQ
Cyber Intelligence S.... @cyberintel_es
13 Followers 36 Following Experts in software and hardware security. Helping private and public sectors solve real problems with real solutions.
CVE Trends @CVEtrends
8K Followers 0 Following Monitor trending CVEs in real-time; crowdsourced intel sourced from Twitter, NIST NVD, Reddit, and GitHub. Run by @SimonByte
SANS Cyber Defense �... @SANSDefense
38K Followers 497 Following Home of the Cyber Defense curriculum of @SANSInstitute, a hub for #CyberDefense, #BlueTeam, and #OSINT info, training, media, community, and events.
Threat Library Team @ThreatLibrary
773 Followers 43 Following APT Knowledge Base Creators at Deloitte #ThreatLibraryTeam
Unit 42 @Unit42_Intel
70K Followers 81 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
!CVE Announcements @notCVEannounce
15 Followers 2 Following Account maintained by the !CVE Program (@notCVE) to update the community on !CVE-related announcements.
CVE Announcements @CVEannounce
26K Followers 5 Following Account maintained by the CVE™ Program to update the community on CVE-related announcements. https://t.co/2P9qfFrKeu
CVE @CVEnew
58K Followers 3 Following Official account maintained by the CVE™ Program to notify the community of new CVE IDs. Posts contain abbreviated details. Full CVE Records on https://t.co/ALn4YvUtom
Microsoft Threat Inte... @MsftSecIntel
196K Followers 995 Following We are Microsoft's global network of security experts. Follow for security research and threat intelligence.
CrowdStrike @CrowdStrike
111K Followers 791 Following The first cloud-native platform that protects endpoints and cloud workloads, identity & data. #WeStopBreaches. Free trial: https://t.co/msBcUPjFKo
RSA @RSAsecurity
110K Followers 3K Following The identity standard for government, finance, and high-assurance organizations.
OWASP® Foundation @owasp
216K Followers 525 Following We improve the security of apps with community-led open source projects, 260 local chapters, and tens of thousands of members worldwide. Famous for OWASP Top 10
SANS Institute @SANSInstitute
193K Followers 413 Following SANS is the most trusted and by far the largest source for information & cyber security training, certification and research in the world.
Sony @Sony
6.1M Followers 970 Following The official X account for Sony. Discover stories, products, services that inspire and support creators worldwide.
Black Hat @BlackHatEvents
425K Followers 2K Following The World's Premier Technical Cybersecurity Conference Series
Cisco @Cisco
720K Followers 3K Following Official info on Cisco news, events and technology innovation. For help, reach out to @HeyCisco.
motorola @Moto
171K Followers 6 Following Official motorola Global X! Get the lowdown on everything you need to know - from new product launches, exclusive access to unique content & more.
Xiaomi @Xiaomi
4.3M Followers 364 Following Meet Xiaomi 17T Series. Every shot, every scenario, every distance is covered. #TheTelephotoMaster
Red Hat @RedHat
301K Followers 1K Following The leading provider of enterprise open source solutions, using a community-powered approach to deliver Linux, hybrid cloud, edge, and Kubernetes technologies.
GitHub @github
2.7M Followers 333 Following The AI-powered developer platform to build, scale, and deliver secure software.
Canonical @Canonical
111K Followers 523 Following Secure enterprise open source for the world. We're also the publisher of @Ubuntu, the most popular and reliable Linux OS. #AI #MLOps #Robotics #IoT #Cloud
Raspberry Pi @Raspberry_Pi
614K Followers 1K Following We make very small computers which you can buy from just $4. We are also the literal coolest. Be excellent to each other. Tech support: https://t.co/ZEBSfmuErK
Ubuntu @ubuntu
704K Followers 1K Following Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.
The Linux Foundation @linuxfoundation
589K Followers 9K Following A nonprofit organization enabling mass innovation through open source. #linux #kubernetes #riscv #hyperledger #anuket #openssf #openjs #o3de and more!
NSA Cyber @NSACyber
157K Followers 12 Following We protect our nation’s most sensitive systems against cyber threats. Likes, retweets, and follows ≠ endorsement.
National Institute of... @NIST
95K Followers 465 Following NIST promotes U.S. innovation & competitiveness by advancing measurement science, standards & tech to enhance economic security & improve our quality of life.
Huawei @Huawei
10.2M Followers 33 Following Welcome to the official Huawei X account. Huawei is a leading global provider of ICT infrastructure and smart devices.
Shodan @shodanhq
112K Followers 2 Following Monitor your external network, search the Internet of Things and perform empirical market research. You can also find us on https://t.co/nPLFbFy8R5
OPPO @oppo
1.1M Followers 249 Following OPPO is a leading global smart device brand. #MakeYourMoment For support: @OPPO__Support
Microsoft @Microsoft
13.1M Followers 1K Following We're on a mission to empower every person and every organization on the planet to achieve more. Support: @MicrosoftHelps
Intel @intel
4.5M Followers 29 Following Intel news, stories & events about global tech innovation. That’s the power of #IntelInside. Looking for support? Visit: https://t.co/ofvIi4CIFc
IBM @IBM
718K Followers 2K Following We're creating the future. With AI, hybrid cloud & quantum, we’re building a smarter world. Let’s create smarter business.
MediaTek @MediaTek
97K Followers 3K Following MediaTek powers the biggest brands around the world from #smartphones, #TVs, and #smartspeakers to #Chromebook, fitness equipment, #WiFi routers and more.
Broadcom @Broadcom
66K Followers 3K Following Broadcom provides semiconductors and infrastructure software for global organizations’ complex, mission-critical needs.
Samsung Electronics @Samsung
756K Followers 1 Following Follow us for the latest news about our insights, technologies, products and people. ※ Samsung Newsroom Korea: @SamsungNewsroom
Cybersecurity @ NIST @NISTcyber
99K Followers 522 Following Official handle covering all things cybersecurity at NIST
ATT&CK @MITREattack
117K Followers 514 Following MITRE ATT&CK® - A knowledge base for describing the behavior of adversaries. Replying/Following/Re-tweeting ≠ endorsement. @ https://t.co/wt46ArkZVt
MITRE @MITREcorp
20K Followers 2K Following Applying systems thinking to national challenges in AI, cybersecurity, healthcare, transportation, and national security.




























