VDB
GHSA-929j-57v4-m4wf
GHSA-929j-57v4-m4wf
PUBLISHED
Exploit Intelligence
- AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc-repo)
- AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc-repo)
- AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc)
- AD AutoPwn v4.10.0 — automated AD attack chain, zero-auth to Domain Admin. Discover/Kerberoast/AS-REP/AD CS ESC1-16/Shadow Creds/RBCD+KCD/Ghost-SPN/TGS-rewrite/Dollar-Ticket/WPAD/WSUS/PXE/SCCM/BloodHound auto-action/Loot/DCSync/DPAPI + Synacktiv 2026 reflection (CVE-2025-58726/2026-24294/2026-26128). Authorized pentesting only. (github-poc)
Timeline
- CVE Published
- Apr 10, 2026 Security Advisory