ThreatScope by DIAMATIX
Critical Vulnerabilities Actively Exploited (16–22 February 2026)
February 2026, the dominant risk pattern shifted toward developer environments, AI tooling, authentication failures, and exposed bridge services.
This week’s findings highlight a critical reality:
When development tools, SDKs, collaboration bridges, and backup platforms fail in authentication or isolation, compromise does not stay local. It propagates across systems.
Below, vulnerabilities are grouped by operational impact layer.
Summary Overview
| Affected Area | Vulnerability Type | Potential Impact |
|---|---|---|
| Developer tooling (VS Code) | File exfiltration / code execution | Local compromise & data leakage |
| AI & ML tooling | Remote Code Execution | Full system compromise |
| Backup & security platforms | Improper authentication | Data disclosure & manipulation |
| Collaboration bridges | Session hijack | Account takeover & message interception |
| Enterprise recovery systems | Hardcoded credentials | Remote root persistence |
| AI SDK frameworks | Remote Code Execution | Application-level compromise |
1. Developer Environments. File Exfiltration & Code Execution
Observed vulnerabilities:
CVE-2025-65717 – Live Server file exfiltration
CVE-2025-65716 – Markdown Preview Enhanced arbitrary JavaScript execution
CVE-2025-65715 – Code Runner arbitrary code execution
Microsoft Live Preview – Local file exposure (no CVSS)
Multiple VS Code extensions allowed attackers to trick developers into visiting malicious pages or opening crafted markdown files. These exploits enabled:
Local file crawling via localhost services
Port enumeration
Arbitrary JavaScript execution
Manipulation of settings.json through social engineering
Why this matters:
Developer workstations are increasingly privileged environments.
When development extensions expose localhost services without isolation, attackers can pivot from phishing into local compromise and credential harvesting.
2. AI & Machine Learning Tooling. Supply-Chain RCE
Observed vulnerability:
NLTK Downloader RCE – CVE-2025-14009 (CVSS 10.0)
The _unzip_iter function used zipfile.extractall() without path validation, allowing malicious packages to overwrite files and execute arbitrary Python code.
Because NLTK assumes downloaded packages are trusted, attackers could:
Deploy malicious Python files
Trigger automatic execution upon import
Achieve full system compromise
Why this matters:
AI and ML tooling increasingly runs inside production environments.
When package trust assumptions fail, compromise extends beyond development into data pipelines and production systems.
3. Backup & Security Platforms. Improper Authentication
Observed vulnerabilities:
Acronis Cyber Protect – CVE-2025-30411
CVE-2025-30412
CVE-2025-30416
(CVSS 10.0)
Improper authentication allowed sensitive data disclosure and manipulation in multiple product builds.
Why this matters:
Backup and cyber protection platforms operate with elevated system trust.
Authentication failures at this layer directly impact integrity, recovery, and compliance posture.
4. Collaboration Infrastructure. Session Hijacking
Observed vulnerability:
Nanobot WhatsApp Bridge – CVE-2026-2577 (CVSS 10.0)
The WebSocket server binds to all interfaces and does not require authentication.
An attacker can:
Hijack active WhatsApp sessions
Send messages on behalf of the user
Intercept messages and media
Capture authentication QR codes
Why this matters:
Collaboration bridges extend messaging into automation ecosystems.
When authentication is absent, attackers gain immediate access to communication channels and social engineering leverage.
5. Enterprise Recovery Systems. Hardcoded Credentials
Observed vulnerability:
Dell RecoverPoint for Virtual Machines – CVE-2026-22769 (CVSS 10.0)
Hardcoded credentials allowed unauthenticated remote attackers to obtain root-level access and persistence.
Why this matters:
Hardcoded credentials remain one of the most dangerous architectural failures.
When embedded secrets exist in recovery infrastructure, attackers can achieve durable control over critical systems.
6. AI SDK Frameworks. Remote Code Execution
Observed vulnerability:
Microsoft Semantic Kernel Python SDK – CVE-2026-26030 (CVSS 10.0)
A remote code execution vulnerability in the InMemoryVectorStore filter functionality affects versions prior to 1.39.4.
Why this matters:
AI SDKs are rapidly integrated into production workflows.
RCE at the SDK layer exposes applications, API integrations, and potentially backend infrastructure.
Key Observations
Developer tooling has become a primary attack surface
AI ecosystems introduce new supply-chain execution risks
Improper authentication remains a recurring failure class
Hardcoded credentials continue to appear in enterprise systems
Collaboration bridges expand identity-based attack surfaces
Trust assumptions in SDKs and extensions are frequently misplaced
This week reinforces a strategic reality.
Security boundaries are shifting toward development environments and automation layers.
When local services, SDKs, and bridges operate without strict authentication and isolation, risk expands rapidly.
ThreatScope by DIAMATIX analyzes how vulnerabilities intersect with real operational layers — not just how severe they appear on paper.
Trusted · Innovative · Vigilant
