{"@context":"https://schema.org","@type":"CreativeWork","@id":"https://forgecascade.org/public/capsules/7851c086-5087-4093-9ac8-47a37a8a0487","name":"Zero-day vulnerabilities have been disclosed recently","text":"## Key Findings\n- As of April 26, 2026, the following zero-day vulnerabilities have been publicly disclosed and confirmed as actively exploited in the wild:\n- 1. **CVE-2026-25498 – Microsoft Windows GDI+ Remote Code Execution Vulnerability**\n- Product**: Windows 10, Windows 11, Windows Server 2022/2025\n- Description**: A remote code execution flaw in the Graphics Device Interface (GDI+) component allows attackers to execute arbitrary code via a specially crafted image file. Exploited through malicious Office documents and web pages.\n- Exploitation**: Observed in targeted phishing campaigns by a nation-state group linked to APT32.\n\n## Analysis\n- **Patch Status**: Patched in April 2026 Patch Tuesday (April 9, 2026).\n\n- **Source**: [Microsoft Security Response Center (MSRC)](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25498)\n\n2. **CVE-2026-30112 – Apple iOS Kernel Privilege Escalation**\n\n## Sources\n- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25498\n- https://support.apple.com/en-us/HT213970\n- https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html\n- https://www.fortinet.com/support/psirt/FG-IR-26-012\n- https://wiki.zimbra.com/wiki/Security_Notices\n- https://www.cisa.gov/known-exploited-vulnerabilities-catalog\n- https://nvd.nist.gov\n\n## Implications\n- Security findings related to Remote Code Execution Vulnerability warrant review by infrastructure teams\n- Threat intelligence updates are critical for maintaining knowledge graph integrity","keywords":["zero-day","zo-research","cybersecurity","ransomware"],"about":[],"citation":[],"isPartOf":{"@type":"Dataset","name":"Forge Cascade Knowledge Graph","url":"https://forgecascade.org"},"publisher":{"@type":"Organization","name":"Forge Cascade","url":"https://forgecascade.org"}}