Forwarded from Taiwan Computer Network Crisis Management and Coordination Center, Cybersecurity Alert TWCERTCC-200-202605-00000014

[Content Description]
【CVE-2008-4250】Microsoft Windows Buffer Overflow Vulnerability (CVSS v3.1: 9.8)
【Exploited by Ransomware: Unknown】A buffer overflow vulnerability exists in Microsoft Windows' Windows Server Service. A remote attacker can trigger a buffer overflow during path normalization using a specially crafted RPC request, thereby executing arbitrary code.

【CVE-2009-1537】Microsoft DirectX NULL Byte Overwrite Vulnerability (CVSS v3.1: 8.8)
【Exploited by Ransomware: Unknown】A NULL byte overwrite vulnerability exists in the QuickTime Movie Parser Filter within the DirectShow component quartz.dll in Microsoft DirectX. A remote attacker could trigger this vulnerability using a specially crafted QuickTime media file, thereby executing arbitrary code.

【CVE-2009-3459】Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability (CVSS v3.1: 8.8)
【Exploited by Ransomware: Unknown】Adobe Acrobat and Reader has a heap-based buffer overflow vulnerability. A remote attacker could trigger memory corruption using a specially crafted PDF file, thereby executing arbitrary code.

【CVE-2010-0249】Microsoft Internet Explorer Use-After-Free Vulnerability (CVSS v3.1: 8.8)
【Exploited by Ransomware: Unknown】Microsoft Internet Explorer has a use-after-free memory vulnerability. A remote attacker could execute arbitrary code by accessing indicators associated with deleted objects.

【CVE-2010-0806】Microsoft Internet Explorer Use-After-Free Vulnerability (CVSS v3.1: 8.8)
【Exploited by Ransomware: Unknown】A use-after-free vulnerability exists in Microsoft Internet Explorer. A remote attacker could exploit this vulnerability by accessing invalid keys after an object is deleted, thereby executing arbitrary code.

【CVE-2026-41091】Microsoft Defender Link Following Vulnerability (CVSS v3.1: 7.8)
【Exploited by Ransomware: Unknown】A link following vulnerability exists in Microsoft Defender, allowing an authorized attacker to escalate privileges on the local machine.

【CVE-2026-45498】Microsoft Defender Denial of Service Vulnerability (CVSS v3.1: 4.0)
【Exploited by Ransomware: Unknown】An unspecified vulnerability exists in Microsoft Defender that could lead to service disruption.

【CVE-2025-34291】Langflow Origin Validation Error Vulnerability (CVSS v3.1: 8.8)
【[Exploited by Ransomware: Unknown】Langflow has an origin validation error vulnerability. Due to its overly lenient CORS settings and the refresh token cookie being set to SameSite=None, attackers could exploit this vulnerability to access authentication-required endpoints, execute arbitrary code, and ultimately gain complete system control.

【CVE-2026-34926】Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability (CVSS v3.1: 6.7)
【Exploited by Ransomware: Unknown】Trend Micro Apex One (on-premise) has a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify critical data tables on the server, inject malicious code, and distribute it to managed endpoint devices.

【CVE-2026-9082】Drupal Core SQL Injection Vulnerability (CVSS v3.1: 9.8)
【Exploitation by Ransomware: Unknown】Drupal Core contains an SQL injection vulnerability. Attackers can use the database abstraction API to send specially crafted requests, thereby achieving privilege escalation and remote code execution.

[Affected Platforms]
【CVE-2008-4250】Please refer to the official list of affected versions: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067

【CVE-2009-1537】Please refer to the official list of affected versions: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028

【CVE-2009-3459】Please refer to the official list of affected versions: https://helpx.adobe.com/security/security-bulletin.html

【CVE-2010-0249】Please refer to the official list of affected versions: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002

【CVE-2010-0806】Please refer to the official list of affected versions: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018

【CVE-2026-41091】Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091

【CVE-2026-45498】Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45498

【CVE-2025-34291】Langflow versions 1.6.9 and earlier

【CVE-2026-34926】Please refer to the official list of affected versions https://success.trendmicro.com/en-US/solution/KA-0023430

【CVE-2026-9082】Please refer to the affected versions listed in the official documentation: https://www.drupal.org/sa-core-2026-004

[Recommended Actions]
【CVE-2008-4250】An official patch update has been released for this vulnerability. Please update to the relevant version: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067

【CVE-2009-1537】An official patch update has been released for this vulnerability. Please update to the relevant version: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028

【CVE-2009-3459】Official updates have been released to fix the vulnerabilities. Please update to the relevant version: https://helpx.adobe.com/security/security-bulletin.html

【CVE-2010-0249】Official updates have been released to fix the vulnerabilities. Please update to the relevant version: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002

【CVE-2010-0806】Official updates have been released to fix the vulnerabilities. Please update to the relevant version: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018

【CVE-2026-41091】Official updates have been released to fix the vulnerabilities. Please update to the relevant version: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091

【CVE-2026-45498】An official patch update has been released for this vulnerability. Please update to the relevant version: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45498

【CVE-2025-34291】For the corresponding product, upgrade to the following version (or higher): Langflow 1.7.0

【CVE-2026-34926】An official patch update has been released for this vulnerability. Please update to the relevant version: https://success.trendmicro.com/en-US/solution/KA-0023430

【CVE-2026-9082】An official patch update has been released for this vulnerability. Please update to the relevant version: https://www.drupal.org/sa-core-2026-004