# cyber.inova.in > Radar de segurança cibernética da Inova. Agrega fontes públicas de notícias de segurança (CVEs, vulnerabilidades, ameaças e incidentes), classifica por severidade (0 a 9) e resume em português do Brasil. Atualiza duas vezes ao dia (06:00 e 18:00, horário de Brasília). Conteúdo público e sanitizado. ## Feeds - [Feed geral (Atom)](https://cyber.inova.in/feed.xml): todos os itens publicados. - [Feed de críticos (Atom)](https://cyber.inova.in/feed-critical.xml): apenas severidade maior ou igual a 7. ## Páginas - [Feed geral](https://cyber.inova.in/): últimos itens publicados. - [Críticos](https://cyber.inova.in/criticos): itens de severidade maior ou igual a 7. ## Itens críticos atuais (107) - [CVE-2026-47291: Remote Code Execution in the Windows HTTP.sys](https://www.thezdi.com/blog/2026/7/9/cve-2026-47291-remote-code-execution-in-the-windows-httpsys) — ADVISORY, severidade 9/9, 2026-07-10 - [CVE-2026-40009: Apache IoTDB: Authenticated users can escalate to full tree-path access by renaming themselves to __internal_auditor](https://seclists.org/oss-sec/2026/q3/116) — PATCH, severidade 7/9, 2026-07-10 - [CVE-2026-40008: Apache IoTDB: Arbitrary Class Instantiation via Pipe Transfer RPC](https://seclists.org/oss-sec/2026/q3/115) — ADVISORY, severidade 7/9, 2026-07-10 - [CVE-2026-40006: Apache IoTDB: Unauthenticated heap-exhaustion DoS via unbounded allocation in IoTDB AirGap pipe receiver](https://seclists.org/oss-sec/2026/q3/113) — ADVISORY, severidade 7/9, 2026-07-10 - [CVE-2026-40005: Apache IoTDB: Path Traversal in Pipe File Transfer Receiver](https://seclists.org/oss-sec/2026/q3/112) — ADVISORY, severidade 7/9, 2026-07-10 - [USN-8529-1: Linux kernel vulnerabilities](https://ubuntu.com/security/notices/USN-8529-1) — ADVISORY, severidade 7/9, 2026-07-10 - [USN-8527-1: Linux kernel (Raspberry Pi) vulnerabilities](https://ubuntu.com/security/notices/USN-8527-1) — ADVISORY, severidade 7/9, 2026-07-10 - [USN-8525-1: curl vulnerabilities](https://ubuntu.com/security/notices/USN-8525-1) — ADVISORY, severidade 7/9, 2026-07-09 - [[oss-security][CVE-2026-15308] Incremental HTMLParser allows CPU-exhaustion DoS via repeated unterminated markup declarations](https://seclists.org/oss-sec/2026/q3/110) — ADVISORY, severidade 7/9, 2026-07-09 - [Re: Linux: GhostLock / CVE-2026-43499 / stack-UAF and LPE in kernels 2.6.39 till 7.1](https://seclists.org/oss-sec/2026/q3/108) — ADVISORY, severidade 7/9, 2026-07-09 - [USN-8523-1: libsoup vulnerabilities](https://ubuntu.com/security/notices/USN-8523-1) — ADVISORY, severidade 7/9, 2026-07-09 - [Security updates for Thursday](https://lwn.net/Articles/1082030/) — PATCH, severidade 7/9, 2026-07-09 - [USN-8522-1: LibRaw vulnerabilities](https://ubuntu.com/security/notices/USN-8522-1) — ADVISORY, severidade 7/9, 2026-07-09 - [Re: Linux: GhostLock / CVE-2026-43499 / stack-UAF and LPE in kernels 2.6.39 till 7.1](https://seclists.org/oss-sec/2026/q3/107) — ADVISORY, severidade 8/9, 2026-07-09 - [Re: CVE-2026-46242 ("Bad Epoll") local privilege escalation on Linux, including Android](https://seclists.org/oss-sec/2026/q3/106) — ADVISORY, severidade 9/9, 2026-07-09 - [CVE-2026-46242 ("Bad Epoll") local privilege escalation on Linux, including Android](https://seclists.org/oss-sec/2026/q3/105) — ADVISORY, severidade 9/9, 2026-07-09 - [Linux: GhostLock / CVE-2026-43499 / stack-UAF and LPE in kernels 2.6.39 till 7.1](https://seclists.org/oss-sec/2026/q3/104) — ADVISORY, severidade 8/9, 2026-07-08 - [ClickFix to Cash-Out: Anatomy of a Mexican Banking-Fraud Toolkit](https://www.elastic.co/security-labs/mexican-banking-fraud-scmbanker-ref6045) — RESEARCH, severidade 9/9, 2026-07-08 - [Security updates for Tuesday](https://lwn.net/Articles/1081644/) — ADVISORY, severidade 7/9, 2026-07-07 - [UAT-7810 continues building ORB networks using new malware](https://blog.talosintelligence.com/uat-7810/) — RESEARCH, severidade 7/9, 2026-07-07