NVD disclosure day
CVE-2026-2441
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in Google Chrome's CSS processing could allow attackers to execute arbitrary code. This could impact organizations by potentially compromising systems and data if employees access malicious HTML pages. The business risk is associated with unauthorized code execution within a sandbox.
CVE-2026-23112
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
A vulnerability in the Linux kernel's NVMe-oF TCP component allows an attacker to cause system instability or crashes by sending specially crafted data. This could lead to denial of service for storage infrastructure. Organizations using affected Linux kernel versions should update their systems to mitigate this risk.
CVE-2026-25108
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in FileZen's Antivirus Check Option allows a logged-in user to execute arbitrary OS commands via crafted HTTP requests. This impacts system integrity and data confidentiality. Affected organizations face risks of unauthorized access and service disruption.