CVE-2026-22769 | Dell | Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability | 2026-02-18 | Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allow an unauthenticated remote attacker to gain unauthorized access to the underlying operating system and root-level persistence. | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | 2026-02-21 |
CVE-2021-22175 | GitLab | GitLab Server-Side Request Forgery (SSRF) Vulnerability | 2026-02-18 | GitLab contains a server-side request forgery (SSRF) vulnerability when requests to the internal network for webhooks are enabled. | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | 2026-03-11 |
확인 시간 : 2026-02-19 06:15
KISA 보안취약점 정보포털 진흥원 : 취약점 정보 공유 > 보안공지
[게시판] https://knvd.krcert.or.kr/securityNotice.do
[게시글] https://knvd.krcert.or.kr/detailSecNo.do?IDX=6698
제목 : 美 CISA 발표 주요 Exploit 정보공유(Update. 2026-02-18)
현재 자주 악용되고 있는 취약점 목록으로, 취약한 버전의 SW를 사용 중인 경우 긴급 패치를 권고 드립니다.
* 참조 링크 : https://www.cisa.gov/known-exploited-vulnerabilities-catalog
cveID
vendorProject
vulnerabilityName
dateAdded
shortDescription
requiredAction
dueDate
CVE-2026-22769
Dell
Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability
2026-02-18
Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allow an unauthenticated remote attacker to gain unauthorized access to the underlying operating system and root-level persistence.
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
2026-02-21
CVE-2021-22175
GitLab
GitLab Server-Side Request Forgery (SSRF) Vulnerability
2026-02-18
GitLab contains a server-side request forgery (SSRF) vulnerability when requests to the internal network for webhooks are enabled.
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
2026-03-11