<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9" xmlns:image="http://www.google.com/schemas/sitemap-image/1.1">
  <url>
    <loc>https://0daynews.com/articles/2026-07-06-gitlab-exiftool-rce-cve-2021-22205/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-06T13:00:00.000Z</news:publication_date>
      <news:title>GitLab&apos;s ExifTool RCE: A Patch That Sat Unrecognized for Months</news:title>
      <news:keywords>CVE-2021-22205, GitLab, ExifTool, remote code execution, patch adoption gap</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-06-gitlab-exiftool-rce-cve-2021-22205/cover.jpg</image:loc>
      <image:title>GitLab&apos;s ExifTool RCE: A Patch That Sat Unrecognized for Months</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-05-barracuda-esg-zero-day-cve-2023-2868/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-05T15:30:00.000Z</news:publication_date>
      <news:title>Barracuda Told Customers to Replace Their Appliances, Not Just Patch Them. Here&apos;s Why.</news:title>
      <news:keywords>CVE-2023-2868, Barracuda ESG, Email Security Gateway, appliance replacement, persistent backdoor</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-05-barracuda-esg-zero-day-cve-2023-2868/cover.jpg</image:loc>
      <image:title>Barracuda Told Customers to Replace Their Appliances, Not Just Patch Them. Here&apos;s Why.</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-05-winrar-path-traversal-cve-2023-38831/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-05T13:00:00.000Z</news:publication_date>
      <news:title>The WinRAR Bug That Hid a Malicious Script Behind a Fake Photo</news:title>
      <news:keywords>CVE-2023-38831, WinRAR, RARLAB, path traversal, spoofed file extension</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-05-winrar-path-traversal-cve-2023-38831/cover.jpg</image:loc>
      <image:title>The WinRAR Bug That Hid a Malicious Script Behind a Fake Photo</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-04-vmware-vcenter-vsphere-client-rce-cve-2021-21972/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-04T15:30:00.000Z</news:publication_date>
      <news:title>vCenter&apos;s Unrestricted-Upload Bug: A Reminder That Management Planes Shouldn&apos;t Face the Internet</news:title>
      <news:keywords>CVE-2021-21972, VMware vCenter Server, vSphere Client, unrestricted file upload, virtualization security</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-04-vmware-vcenter-vsphere-client-rce-cve-2021-21972/cover.jpg</image:loc>
      <image:title>vCenter&apos;s Unrestricted-Upload Bug: A Reminder That Management Planes Shouldn&apos;t Face the Internet</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-04-spring4shell-vmware-spring-framework-rce/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-04T13:00:00.000Z</news:publication_date>
      <news:title>Spring4Shell: Why This One Needed Careful Triage, Not Panic</news:title>
      <news:keywords>Spring4Shell, CVE-2022-22965, Spring Framework, VMware, data binding</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-04-spring4shell-vmware-spring-framework-rce/cover.jpg</image:loc>
      <image:title>Spring4Shell: Why This One Needed Careful Triage, Not Panic</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-pegasus-mep-kouloglou-citizen-lab-analysis/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T23:15:00.000Z</news:publication_date>
      <news:title>Pegasus on the MEP investigating Pegasus</news:title>
      <news:keywords>Pegasus, NSO Group, Citizen Lab, Stelios Kouloglou, European Parliament, PEGA committee, commercial spyware</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-fatfs-runzero-seven-flaws-embedded-firmware/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T22:15:00.000Z</news:publication_date>
      <news:title>runZero discloses seven FatFs flaws in embedded firmware, six unpatched</news:title>
      <news:keywords>FatFs, embedded firmware, supply chain, runZero, CVE-2026-6682, JPCERT/CC, RTOS</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-bad-epoll-linux-kernel-lpe-cve-2026-46242/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T21:00:00.000Z</news:publication_date>
      <news:title>Bad Epoll (CVE-2026-46242): Linux kernel LPE hits Android too</news:title>
      <news:keywords>CVE-2026-46242, Linux kernel, epoll, use-after-free, local privilege escalation, Android security</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-avalon-crownx-modular-malware-framework/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T20:20:00.000Z</news:publication_date>
      <news:title>Avalon: modular malware framework bundles CrownX ransomware — Blackpoint</news:title>
      <news:keywords>Avalon malware framework, CrownX ransomware, Blackpoint Cyber, MSBuild loader, ETW bypass, Proton Drive phishing, modular malware</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-cisco-unified-cm-active-exploitation-confirmed/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T19:15:00.000Z</news:publication_date>
      <news:title>Cisco confirms active exploitation of Unified CM flaw patched in early June</news:title>
      <news:keywords>Cisco, Unified Communications Manager, Cisco Unified CM, active exploitation, vendor advisory, Cisco PSIRT, patch prioritization</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-03-cisco-unified-cm-active-exploitation-confirmed/cover.jpg</image:loc>
      <image:title>Cisco confirms active exploitation of Unified CM flaw patched in early June</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-argo-cd-repo-server-unauth-rce-unpatched/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T18:15:00.000Z</news:publication_date>
      <news:title>Unpatched Argo CD repo-server flaw lets unauth callers reach cluster takeover</news:title>
      <news:keywords>Argo CD, repo-server, Kubernetes, GitOps, unauthenticated RCE, Synacktiv, cluster takeover</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-03-argo-cd-repo-server-unauth-rce-unpatched/cover.jpg</image:loc>
      <image:title>Unpatched Argo CD repo-server flaw lets unauth callers reach cluster takeover</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-dprk-npm-rollup-polyfill-supply-chain/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T17:15:00.000Z</news:publication_date>
      <news:title>DPRK-linked npm packages impersonate a Rollup polyfill to steal developer secrets</news:title>
      <news:keywords>npm, supply-chain, North Korea, DPRK, Rollup, JFrog, developer secrets, typosquatting</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-anubis-ransomware-citrix-bleed-2-cve-2025-5777/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T16:00:00.000Z</news:publication_date>
      <news:title>Anubis ransomware seen exploiting Citrix Bleed 2 for initial access</news:title>
      <news:keywords>CVE-2025-5777, Citrix Bleed 2, NetScaler, Anubis ransomware, BYOVD, RMM abuse, initial access</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-confluence-ognl-injection-cve-2022-26134/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T15:30:00.000Z</news:publication_date>
      <news:title>The Confluence Bug That Went From Zero-Day to Mass Ransomware Precursor in Days</news:title>
      <news:keywords>CVE-2022-26134, Atlassian Confluence, OGNL injection, ransomware precursor, webshell</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-03-confluence-ognl-injection-cve-2022-26134/cover.jpg</image:loc>
      <image:title>The Confluence Bug That Went From Zero-Day to Mass Ransomware Precursor in Days</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-fortios-fortiproxy-auth-bypass-cve-2022-40684/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T13:00:00.000Z</news:publication_date>
      <news:title>FortiOS Auth Bypass: Why Fortinet Warned Select Customers Before Going Public</news:title>
      <news:keywords>CVE-2022-40684, FortiOS, FortiProxy, authentication bypass, SSH key persistence</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-03-fortios-fortiproxy-auth-bypass-cve-2022-40684/cover.jpg</image:loc>
      <image:title>FortiOS Auth Bypass: Why Fortinet Warned Select Customers Before Going Public</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-kemp-loadmaster-cve-2026-8037-pre-auth-rce/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T13:00:00.000Z</news:publication_date>
      <news:title>Kemp LoadMaster pre-auth RCE (CVE-2026-8037): PoC is out, patch now</news:title>
      <news:keywords>CVE-2026-8037, Progress Kemp LoadMaster, pre-auth RCE, OS command injection, load balancer, patch management</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-fbi-netnut-popa-botnet-takedown/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T05:00:00.000Z</news:publication_date>
      <news:title>FBI seizes NetNut proxy platform, Google degrades Popa botnet</news:title>
      <news:keywords>NetNut, Popa botnet, FBI seizure, residential proxy, Alarum Technologies, Google Threat Intelligence Group, botnet takedown</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-03-sharepoint-cve-2026-45659-kev-active-exploitation/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T04:30:00.000Z</news:publication_date>
      <news:title>SharePoint RCE now on CISA KEV: patch it this week, not next</news:title>
      <news:keywords>CVE-2026-45659, Microsoft SharePoint, CISA KEV, deserialization, remote code execution, patch management</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-02-f5-big-ip-icontrol-rest-auth-bypass/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-02T15:00:00.000Z</news:publication_date>
      <news:title>F5 BIG-IP&apos;s Maximum-Severity Auth Bypass: What CVE-2022-1388 Actually Exposed</news:title>
      <news:keywords>CVE-2022-1388, F5 BIG-IP, iControl REST, authentication bypass, application delivery controller</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-02-f5-big-ip-icontrol-rest-auth-bypass/cover.jpg</image:loc>
      <image:title>F5 BIG-IP&apos;s Maximum-Severity Auth Bypass: What CVE-2022-1388 Actually Exposed</image:title>
    </image:image>
  </url>
  <url>
    <loc>https://0daynews.com/articles/2026-07-02-follina-msdt-zero-day-explained/</loc>
    <news:news>
      <news:publication>
        <news:name>0dayNews</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-02T13:00:00.000Z</news:publication_date>
      <news:title>Follina Explained: The MSDT Bug That Skipped the Macro Warning Entirely</news:title>
      <news:keywords>Follina, CVE-2022-30190, MSDT, Windows Support Diagnostic Tool, zero-day</news:keywords>
    </news:news>
    <image:image>
      <image:loc>https://0daynews.com/articles/2026-07-02-follina-msdt-zero-day-explained/cover.jpg</image:loc>
      <image:title>Follina Explained: The MSDT Bug That Skipped the Macro Warning Entirely</image:title>
    </image:image>
  </url>
</urlset>