CVE-2025-58074

Daily digests

During installation of Norton Secure VPN from the Microsoft Store, a low-privilege local user can swap out files in the install path. That lets them delete arbitrary files and escalate to higher privileges. This requires local access and the timing window of an active installation, so it's not remotely exploitable, but any shared workstation where Norton Secure VPN gets deployed is at risk.

• Daily Digest · May 5, 2026

  Linux ksmbd RCE (9.8) + 4 more to review