Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
118 articles

#Critical

All CosmicBytez Labs articles tagged #Critical, across news, security advisories, how-to guides, and projects.

  • SecurityJul 16, 2026

    CVE-2026-12492: WooCommerce OTP Login Plugin Auth Bypass — Full Admin Takeover

    The Happy Coders OTP Login for WooCommerce plugin before 2.8 allows unauthenticated attackers to bypass OTP verification and log in as any WordPress user, including administrators.

  • SecurityJul 16, 2026

    CVE-2026-15013: WordPress SAML SSO Plugin — Algorithm Confusion Auth Bypass

    The miniOrange SAML Single Sign On plugin for WordPress through version 5.4.3 allows unauthenticated attackers to log in as any user via an RSA-to-HMAC algorithm confusion attack against the SAML signature verification logic.

  • SecurityJul 16, 2026

    CVE-2026-46339: 9Router Unauthenticated Plugin Registration & MCP Command Execution

    A critical CVSS 10 vulnerability in 9Router AI router versions 0.4.30–0.4.36 allows unauthenticated attackers to register custom plugins and execute arbitrary commands via an unprotected MCP bridge endpoint.

  • SecurityJul 16, 2026

    CVE-2026-49352: 9Router Hardcoded JWT Secret Allows Complete Authentication Bypass

    A critical CVSS 9.8 vulnerability in 9Router versions 0.2.21–0.4.43 exposes a hardcoded fallback JWT secret in source code, enabling attackers to forge authentication tokens and gain full administrative access.

  • SecurityJul 16, 2026

    CVE-2026-51380: Tenda AC10 v3 Buffer Overflow Enables DoS and Remote Code Execution

    A critical CVSS 9.8 buffer overflow vulnerability in Tenda AC10 v3 firmware V03.03.16.09 allows remote attackers to cause permanent denial of service or execute arbitrary code via the /cgi-bin/UploadCfg endpoint.

  • SecurityJul 16, 2026

    CVE-2026-56699: Critical NDJSON Injection in Wazuh Manager (CVSS 10.0)

    CVSS 10.0 flaw in Wazuh Manager 5.0 beta lets enrolled agents inject NDJSON ops into OpenSearch under admin credentials, deleting logs and corrupting alerts.

  • SecurityJul 12, 2026

    CVE-2026-60090: PraisonAI SQL Injection via Unvalidated Dimension Parameter in Vector Store Backends

    A CVSS 9.8 critical SQL injection vulnerability in PraisonAI before 4.6.78 allows attackers to exploit the unvalidated dimension argument in PGVector and...

  • SecurityJul 12, 2026

    CVE-2026-61445: PraisonAI AICoder Arbitrary File Write and Command Injection via LLM Tool Calls

    A CVSS 9.9 critical vulnerability in PraisonAI before 4.6.78 allows attackers to write files to arbitrary filesystem locations and execute arbitrary OS...

  • SecurityJul 12, 2026

    CVE-2026-61447: PraisonAI CodeAgent Remote Code Execution via Unsandboxed Python Execution

    A CVSS 10.0 critical vulnerability in PraisonAI before 1.6.78 allows attackers to achieve remote code execution by injecting malicious prompts that...

  • SecurityJul 11, 2026

    CVE-2026-13353: WordPress WP Ultimate CSV Importer RCE via MappedFields Parameter

    A critical CVSS 8.8 remote code execution vulnerability in WP Ultimate CSV Importer allows unauthenticated attackers to execute arbitrary PHP code on...

  • SecurityJul 10, 2026

    CVE-2026-15158: WordPress Blocksy Companion Arbitrary File Upload (CVSS 9.8)

    A critical arbitrary file upload vulnerability in the Blocksy Companion WordPress plugin (versions up to 2.1.46) allows unauthenticated attackers to...

  • SecurityJul 10, 2026

    CVE-2026-2342: ValeApp Stored Cross-Site Scripting (CVSS 9.3)

    A critical stored XSS vulnerability in OceanicSoft's ValeApp allows attackers to inject persistent JavaScript payloads that execute in every victim's...

  • SecurityJul 10, 2026

    CVE-2026-5955: BiEticaret E-Commerce SQL Injection (CVSS 9.8)

    A critical SQL injection vulnerability in Inrove Software's BiEticaret e-commerce platform (versions before v3.3.57) allows unauthenticated attackers to...

  • SecurityJul 8, 2026

    CVE-2011-10043: Perl Module::Load Arbitrary Module Injection Resurfaces

    A decade-old CVSS 9.8 flaw in Perl's Module::Load (before 0.22) allows attackers to load arbitrary modules outside @INC via '::'-prefixed names. Now...

  • SecurityJul 8, 2026

    CVE-2026-33264: Apache Airflow Scheduler RCE via DAG Deserialization

    A critical deserialization flaw in Apache Airflow allows malicious DAG authors to execute arbitrary code on the Scheduler and API Server, scoring CVSS...

  • SecurityJul 8, 2026

    CVE-2026-53481: Dell PowerProtect Data Domain Path Traversal — CVSS 9.8

    A critical path traversal vulnerability in Dell PowerProtect Data Domain backup appliances allows authenticated low-privilege users to read and write...

  • SecurityJul 8, 2026

    CVE-2026-53483: Dell PowerProtect Data Domain Authentication Bypass — CVSS 9.8

    A critical authentication bypass in Dell PowerProtect Data Domain allows unauthenticated remote attackers to gain access to the backup platform. Combined...

  • SecurityJul 7, 2026

    CVE-2026-34038: Critical Coolify RCE via Authenticated Command Injection (CVSS 9.9)

    A critical command injection vulnerability in Coolify's deployment pipeline allows any authenticated user with write access to execute arbitrary OS...

  • SecurityJul 7, 2026

    CVE-2026-56290: Joomlack Page Builder Unauthenticated File Upload RCE — CISA KEV

    A CVSS 10.0 unauthenticated arbitrary file upload vulnerability in the Joomlack Page Builder CK Joomla extension allows any remote attacker to upload a...

  • SecurityJul 4, 2026

    CVE-2026-20896: Gitea Docker Image Authentication Bypass

    All official Gitea Docker images through v1.26.2 ship with a wildcard trusted proxy setting that lets any unauthenticated attacker impersonate any user...

  • SecurityJul 4, 2026

    CVE-2026-22874: Gitea SSRF Filter Bypass Exposes Cloud Credentials

    Gitea versions through 1.26.2 use an incomplete IP filter that allows authenticated users to reach AWS Instance Metadata, Azure WireServer, and...

  • SecurityJul 3, 2026

    CVE-2026-41106: M365 Copilot Open Redirect Allows Unauthenticated Privilege Escalation

    A critical open redirect vulnerability in Microsoft 365 Copilot rated CVSS 9.3 enables unauthenticated attackers to perform privilege escalation over the...

  • SecurityJul 3, 2026

    CVE-2026-45499: Azure OpenAI SSRF Enables Privilege Escalation — CVSS 9.9

    A critical server-side request forgery vulnerability in Azure OpenAI rated CVSS 9.9 allows an authorized attacker to escalate privileges over the network,...

  • SecurityJul 3, 2026

    UniFi Connect Critical RCE via Command Injection CVE-2026-50746

    A maximum-severity command injection vulnerability in Ubiquiti's UniFi Connect Application allows any network-accessible attacker to execute arbitrary OS...

  • SecurityJul 3, 2026

    UniFi Talk SQL Injection Chain Enables Host Privilege Escalation CVE-2026-50747

    Multiple authenticated SQL injection vulnerabilities in Ubiquiti's UniFi Talk Application can be chained to escalate privileges to host-level access on...

  • SecurityJul 3, 2026

    UniFi Access Application Command Injection RCE CVE-2026-50748

    An improper input validation flaw in Ubiquiti's UniFi Access Application enables low-privileged network attackers to inject OS commands and execute...

  • SecurityJul 3, 2026

    CVE-2026-52830: fast-mcp-telegram Path Traversal Enables Bearer Token Bypass

    A critical path traversal vulnerability in the fast-mcp-telegram Telegram MCP Server allows attackers to bypass Bearer token authentication and read...

  • SecurityJul 3, 2026

    UniFi Access Improper Access Control Allows Host Privilege Escalation CVE-2026-54400

    A critical improper access control vulnerability in Ubiquiti's UniFi Access Application enables high-privileged network attackers to further escalate...

  • SecurityJul 3, 2026

    CVE-2026-9725: Critical WordPress WooCommerce Plugin File Deletion

    A CVSS 9.1 critical unauthenticated arbitrary file deletion vulnerability in the Printcart Web to Print Product Designer for WooCommerce plugin affects...

  • SecurityJul 1, 2026

    CVE-2026-9711: Critical SQL Injection in EventON WordPress Plugin (CVSS 9.8)

    A critical unauthenticated SQL injection vulnerability in the EventON WordPress Virtual Event Calendar Plugin affects versions up to 5.0.11, exposing...

  • SecurityJun 30, 2026

    CVE-2026-57331: Critical Arbitrary File Deletion in Paid Videochat Turnkey Site

    A CVSS 9.9 critical vulnerability in the Paid Videochat Turnkey Site WordPress plugin allows authenticated performer-role users to delete arbitrary files...

  • SecurityJun 27, 2026

    CVE-2026-54350: Budibase Unauthenticated Database Read & Write (CVSS 10.0)

    A critical CVSS 10.0 flaw in Budibase allows unauthenticated visitors of any published app to read every document in backing database collections and...

  • SecurityJun 27, 2026

    CVE-2026-54352: Budibase Zip Upload Path Traversal Enables Remote Code Execution (CVSS 9.6)

    A critical path traversal vulnerability in Budibase's zip upload endpoint allows attackers to write arbitrary files outside the intended temp directory,...

  • SecurityJun 19, 2026

    CVE-2026-54414: FileRise Path Traversal Enables Arbitrary File Write and Admin Takeover

    A critical path traversal vulnerability in FileRise before 3.16.0 allows unauthenticated attackers to write arbitrary files and completely compromise...

  • SecurityJun 19, 2026

    CVE-2026-7515: BetterDocs Pro WordPress Plugin — Unauthenticated Local File Inclusion

    A critical Local File Inclusion vulnerability in the BetterDocs Pro WordPress plugin (up to v3.8.0) allows unauthenticated attackers to include and...

  • SecurityJun 13, 2026

    CVE-2026-11849: IRM-IEI Remote Management Hardcoded Credentials

    A critical CVSS 9.8 hardcoded credentials vulnerability in IEI Integration Corp's IRM-IEI Remote Management software allows unauthenticated remote...

  • SecurityJun 13, 2026

    CVE-2026-47131: vm2 Sandbox Escape via Buffer Prototype Hijack (CVSS 10.0)

    A CVSS 10.0 critical sandbox escape in vm2 for Node.js allows sandboxed code to obtain the host TypeError constructor via Buffer.__lookupGetter__ abuse,...

  • SecurityJun 13, 2026

    CVE-2026-47137: vm2 Sandbox Escape via Strict Equality require Bypass (CVSS 10.0)

    A CVSS 10.0 critical sandbox escape in vm2 for Node.js allows attackers to bypass the require: false security option using falsy values, circumventing the...

  • SecurityJun 13, 2026

    CVE-2026-47140: vm2 Sandbox Escape via Incomplete Builtin Denylist (CVSS 10.0)

    A CVSS 10.0 critical sandbox escape in vm2 for Node.js allows sandboxed code to access the host process via the process and inspector/promises builtins,...

  • SecurityJun 13, 2026

    CVE-2026-47208: vm2 General Sandbox Breakout — Arbitrary Host Execution (CVSS 10.0)

    A CVSS 10.0 critical vulnerability in vm2 for Node.js allows sandbox code to escape and execute arbitrary OS commands on the host system. Patched in vm2 3.11.4.

  • SecurityJun 12, 2026

    CVE-2026-11839: Unrestricted File Upload Enables Web Shell Deployment in Rotaban

    A critical unrestricted file upload vulnerability in the Rotaban platform by Basarsoft Information Technologies allows authenticated attackers to upload...

  • SecurityJun 11, 2026

    CVE-2025-6254: WordPress Doctreat Core Plugin Privilege Escalation (CVSS 9.8)

    A critical unauthenticated privilege escalation vulnerability in the Doctreat Core WordPress plugin allows attackers to register with elevated roles,...

  • SecurityJun 10, 2026

    CVE-2025-10263: ARM CPU Privilege Escalation Across Multiple Processor Families

    Critical CVSS 9.1 flaw in ARM Cortex-X and Neoverse processors may allow writes to resources owned by a higher exception level.

  • SecurityJun 10, 2026

    CVE-2026-10520: Ivanti Sentry OS Command Injection — CVSS 10.0

    A maximum-severity OS command injection vulnerability in Ivanti Sentry allows unauthenticated remote attackers to achieve root-level code execution. Patch...

  • SecurityJun 10, 2026

    CVE-2026-47928: Adobe ColdFusion Critical RCE — CVSS 9.6

    Adobe ColdFusion 2023.19 and 2025.8 are affected by a critical improper input validation flaw enabling unauthenticated remote code execution with scope change.

  • SecurityJun 5, 2026

    CVE-2026-49777: CVSS 10 Flaw in WooCommerce Product Slider Pro Enables Malware Implantation

    A maximum-severity input validation vulnerability in Product Slider Pro for WooCommerce allows attackers to implant malicious software. Affects all versions…

  • SecurityJun 5, 2026

    CVE-2026-50208: TLS Bypass and Hard-Coded DES Keys Enable MITM Attacks

    A critical CVSS 9.4 vulnerability disables TLS certificate validation via TrustAllCerts routines and combines this with hard-coded DES symmetric encryption…

  • SecurityJun 5, 2026

    CVE-2026-50211: Leftover Engineering Diagnostics Grant Malicious Apps NVRAM Write Access

    A critical CVSS 9.8 vulnerability exposes factory-level diagnostic interfaces left in retail firmware builds, allowing malicious applications to gain write…

  • SecurityJun 5, 2026

    CVE-2026-6274: Critical Authentication Bypass in DTS Redline WR3200 Router

    A critical authentication bypass vulnerability in the DTS Electronics Redline WR3200 router allows unauthenticated attackers to access functionality protected…

  • SecurityJun 4, 2026

    CVE-2026-41283: OpenStack Mistral Critical RCE Vulnerability (CVSS 9.9)

    A critical unauthenticated remote code execution flaw in OpenStack Mistral through 22.0.0 allows attackers to execute arbitrary commands via exposed API…

  • SecurityJun 3, 2026

    CVE-2025-14771: ABB T-MAC Plus Critical File & Directory Exposure (CVSS 9.9)

    A CVSS 9.9 critical vulnerability in ABB T-MAC Plus v4.0-24 exposes internal files and directories to external parties, allowing unauthenticated attackers to…

  • SecurityJun 3, 2026

    CVE-2026-35075: Hardcoded Default Password in Firmware Enables Full Device Takeover (CVSS 9.8)

    A CVSS 9.8 critical vulnerability allows unauthenticated remote attackers to recover a default hardcoded password from a firmware image, granting full…

  • SecurityJun 3, 2026

    CVE-2026-4035: MLflow AI Gateway Credential Exfiltration via Env Variable Resolution

    A CVSS 9.1 critical flaw in MLflow AI Gateway allows server-side environment variables in api_key fields to be resolved and exfiltrated to attacker-controlled…

  • SecurityJun 3, 2026

    CVE-2026-42849: authentik Critical XSS in AutosubmitStage (CVSS 9.3)

    A critical cross-site scripting vulnerability in authentik's Simple Flow Executor AutosubmitStage allows attackers to execute arbitrary JavaScript via a…

  • SecurityJun 3, 2026

    CVE-2026-47065: Java Deserialization Filter Bypass via resolveProxyClass (CVSS 9.8)

    A CVSS 9.8 critical Java deserialization vulnerability allows attackers to bypass ObjectInputFilter via TC_PROXYCLASSDESC, circumventing acceptMatchers…

  • SecurityJun 3, 2026

    CVE-2026-49448: authentik Source Stage Authentication Bypass (CVSS 9.8)

    A critical authentication bypass in authentik allows attackers to skip the Source stage entirely by sending an empty POST request, completely circumventing…

  • SecurityMay 30, 2026

    CVE-2026-9558: Critical SSTI in Mautic Enables Authenticated RCE

    A Server-Side Template Injection flaw in Mautic's Twig-based theme engine allows authenticated users with theme upload permissions to execute arbitrary...

  • SecurityMay 28, 2026

    CVE-2025-12686: Synology BeeStation OS Critical Buffer Overflow RCE

    Buffer overflow in Synology BeeStation OS AdminCenter lets unauthenticated attackers execute code remotely (CVSS 9.8) — patch to 1.3.2-65648 now.

  • SecurityMay 27, 2026

    CVE-2026-44444: Lumiverse AI Plugin Install Scripts Enable RCE (CVSS 9.1)

    Critical Lumiverse <0.9.7 flaw lets malicious extensions execute arbitrary code via package.json lifecycle scripts run by the Spindle build pipeline.

  • SecurityMay 27, 2026

    CVE-2026-44451: Lumiverse AI Chat TSX Sandbox Escape (CVSS 9.3)

    Critical sandbox escape in Lumiverse <0.9.7 lets attackers bypass JS global shadowing via crafted TSX component overrides, enabling code execution.

  • SecurityMay 22, 2026

    CVE-2026-5433: Honeywell CNM Critical Command Injection RCE

    A CVSS 9.1 critical command injection vulnerability in Honeywell's Control Network Module web interface allows remote attackers to execute arbitrary...

  • SecurityMay 21, 2026

    CVE-2026-20223: Cisco Secure Workload REST API Auth Bypass

    A CVSS 10.0 authentication bypass in Cisco Secure Workload allows unauthenticated remote attackers to access internal REST APIs with full Site Admin privileges.

  • SecurityMay 19, 2026

    CVE-2026-7301: SGLang ROUTER Socket Exposes Unsafe

    A critical CVSS 9.8 vulnerability in SGLang's multimodal AI runtime scheduler binds its ROUTER socket to 0.0.0.0 by default and passes incoming messages...

  • SecurityMay 19, 2026

    CVE-2026-7302: SGLang Unauthenticated Path Traversal

    A critical CVSS 9.1 path traversal vulnerability in SGLang's multimodal AI runtime allows unauthenticated attackers to write arbitrary files anywhere the...

  • SecurityMay 16, 2026

    CVE-2026-41258: OpenMRS Velocity Template Injection Enables

    A critical unsandboxed Apache Velocity template injection vulnerability in OpenMRS Core allows authenticated attackers to execute arbitrary code on the...

  • SecurityMay 14, 2026

    CVE-2026-40621: ELECOM Wireless LAN Access Point

    Critical authentication bypass vulnerability in ELECOM wireless LAN access point devices allows unauthenticated attackers to access protected URLs and...

  • NewsMay 13, 2026

    New Critical Exim Mailer Flaw Allows Remote Code Execution

    A critical vulnerability in certain configurations of the Exim open-source mail transfer agent allows unauthenticated remote attackers to execute...

  • SecurityMay 9, 2026

    CVE-2026-25199: Apache CloudStack Proxmox Extension Allows

    A critical tenant isolation vulnerability in Apache CloudStack's Proxmox extension (CVSS 9.1) allows one tenant to access and control VM instances...

  • SecurityMay 2, 2026

    CVE-2026-42779: Critical Apache MINA Deserialization Class

    An incomplete fix for CVE-2026-41635 leaves Apache MINA 2.1.x and 2.2.x branches exposed to a critical deserialization bypass via...

  • SecurityApr 30, 2026

    CVE-2026-36841: TOTOLINK N200RE V5 Command Injection

    A critical CVSS 9.8 command injection vulnerability in TOTOLINK N200RE V5 allows unauthenticated remote code execution via the macstr and bandstr...

  • SecurityApr 27, 2026

    CVE-2026-7037: Unauthenticated OS Command Injection in Totolink A8000RU

    A critical CVSS 9.8 OS command injection vulnerability in the Totolink A8000RU router allows unauthenticated remote attackers to execute arbitrary...

  • SecurityApr 23, 2026

    CVE-2026-4119: WordPress Create DB Tables Plugin

    A critical CVSS 9.1 authorization bypass in the WordPress Create DB Tables plugin (all versions up to 1.2.1) allows unauthenticated users to create or...

  • SecurityApr 22, 2026

    CVE-2026-6748: Critical Uninitialized Memory Flaw in Firefox and Thunderbird Web Codecs

    A critical CVSS 9.8 uninitialized memory vulnerability in Firefox and Thunderbird's Audio/Video Web Codecs component allows remote code execution. Update...

  • SecurityApr 21, 2026

    CVE-2026-29646: OpenXiangShan NEMU RISC-V Hypervisor

    A critical privilege escalation flaw in OpenXiangShan NEMU's RISC-V hypervisor extension allows a VS-mode guest write to the supervisor interrupt-enable...

  • SecurityApr 21, 2026

    CVE-2026-32604: Spinnaker Clouddriver Remote Code Execution

    A critical unauthenticated RCE vulnerability in Spinnaker's clouddriver service allows attackers to execute arbitrary commands on clouddriver pods,...

  • SecurityApr 21, 2026

    CVE-2026-32613: Spinnaker Echo Spring Expression Language

    A critical code injection flaw in Spinnaker's Echo service allows unrestricted Spring Expression Language (SPeL) execution via artifact processing,...

  • SecurityApr 21, 2026

    CVE-2026-39918: Vvveb CMS Unauthenticated PHP Code

    Vvveb CMS versions prior to 1.0.8.1 allow unauthenticated attackers to inject arbitrary PHP code through the installation endpoint's unsanitized subdir...

  • SecurityApr 21, 2026

    CVE-2026-5965: NewSoftOA Critical OS Command Injection

    A critical OS command injection vulnerability in NewSoftOA by NewSoft allows unauthenticated local attackers to inject and execute arbitrary OS commands...

  • SecurityApr 12, 2026

    CVE-2026-6112: Totolink A7100RU OS Command Injection via setRadvdCfg

    A critical OS command injection vulnerability (CVSS 9.8) in Totolink A7100RU firmware allows unauthenticated remote attackers to execute arbitrary...

  • SecurityApr 12, 2026

    CVE-2026-6113: Totolink A7100RU OS Command Injection via setTtyServiceCfg

    A critical OS command injection flaw (CVSS 9.8) in Totolink A7100RU enables remote unauthenticated attackers to execute arbitrary commands by manipulating...

  • SecurityApr 12, 2026

    CVE-2026-6114: Totolink A7100RU OS Command Injection via setNetworkCfg

    CVE-2026-6114 is a critical OS command injection vulnerability (CVSS 9.8) in the Totolink A7100RU router's setNetworkCfg function, exploitable remotely...

  • SecurityApr 12, 2026

    CVE-2026-6115: Totolink A7100RU OS Command Injection via setAppCfg

    CVE-2026-6115 describes a critical OS command injection vulnerability (CVSS 9.8) in the Totolink A7100RU router, exploitable remotely and without...

  • SecurityApr 10, 2026

    CVE-2026-5977: TOTOLINK A7100RU Critical OS Command

    A critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary system...

  • SecurityApr 10, 2026

    CVE-2026-5978: TOTOLINK A7100RU Critical OS Command

    A second critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary...

  • NewsApr 5, 2026

    Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

    Fortinet has released emergency out-of-band patches for CVE-2026-35616, a critical pre-authentication API access bypass in FortiClient EMS that enables...

  • NewsApr 5, 2026

    New FortiClient EMS Flaw Exploited in Attacks, Emergency

    Fortinet has released an emergency weekend security update for CVE-2026-35616, a critical pre-authentication API access bypass in FortiClient EMS that is...

  • SecurityApr 5, 2026

    CVE-2016-20052: Snews CMS 1.7 Unrestricted File Upload

    Snews CMS 1.7 contains a critical unrestricted file upload vulnerability allowing unauthenticated attackers to upload PHP webshells to the snews_files...

  • SecurityMar 31, 2026

    CVE-2026-32714: Critical SQL Injection in SciTokens

    A critical SQL injection vulnerability in the SciTokens Python library allows attackers to manipulate authentication token validation via unsanitized...

  • SecurityMar 30, 2026

    CVE-2026-4176: Perl Compress::Raw::Zlib Critical

    Perl versions 5.9.4 through 5.43.8 ship a vulnerable Compress::Raw::Zlib core module that inherits CVE-2026-3381 from a vendored zlib dependency. CVSS 9.8...

  • SecurityMar 29, 2026

    CVE-2016-20049: JAD Java Decompiler Stack-Based Buffer

    JAD 1.5.8e-1kali1 and prior contains a critical stack-based buffer overflow vulnerability allowing attackers to execute arbitrary code by supplying input...

  • SecurityMar 29, 2026

    CVE-2017-20225: TiEmu TI Calculator Emulator Stack Buffer

    TiEmu 2.08 and prior contains a critical stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by passing oversized...

  • SecurityMar 29, 2026

    CVE-2026-32922: OpenClaw Privilege Escalation via Token

    A critical CVSS 9.9 privilege escalation vulnerability in OpenClaw allows operators with limited pairing scope to mint tokens with unrestricted admin...

  • SecurityMar 29, 2026

    CVE-2026-32924: OpenClaw Authorization Bypass via Feishu

    A critical CVSS 9.8 authorization bypass in OpenClaw allows attackers to circumvent groupAllowFrom and requireMention protections in group chats by...

  • SecurityMar 28, 2026

    CVE-2026-27876 — Grafana Critical RCE via SQL Expression

    A chained attack exploiting SQL Expressions combined with a Grafana Enterprise plugin can lead to remote arbitrary code execution. All Grafana users...

  • SecurityMar 23, 2026

    CVE-2026-4599: jsrsasign Private Key Recovery via DSA Nonce

    A critical flaw in jsrsasign versions 7.0.0 through 11.1.0 allows attackers to recover DSA private keys by exploiting biased nonce generation in the...

  • SecurityMar 21, 2026

    CVE-2026-22172: OpenClaw Critical Authorization Bypass via WebSocket Scope Elevation

    A critical CVSS 9.9 authorization bypass in OpenClaw allows authenticated users to self-declare elevated scopes over WebSocket connections without...

  • SecurityMar 18, 2026

    CVE-2026-25534: Spinnaker SSRF via URL Validation Bypass

    A critical SSRF vulnerability (CVSS 9.1) in Spinnaker's clouddriver and orca components bypasses the previous CVE-2025-61916 URL validation patch through...

  • SecurityMar 18, 2026

    CVE-2026-25769: Wazuh Critical RCE via Insecure

    A critical remote code execution vulnerability (CVSS 9.1) in Wazuh versions 4.0.0–4.14.2 allows an attacker with access to a worker node to achieve root...

  • SecurityMar 18, 2026

    CVE-2026-25770: Wazuh Privilege Escalation to Root via Cluster Protocol File Write

    A critical privilege escalation vulnerability (CVSS 9.1) in Wazuh versions 3.9.0–4.14.2 allows authenticated cluster nodes to overwrite the manager...

  • SecurityMar 18, 2026

    CVE-2026-3564: ConnectWise ScreenConnect Auth Bypass via Server Cryptographic Material

    A critical authentication bypass vulnerability (CVSS 9.0) in ConnectWise ScreenConnect versions prior to 26.1 allows an actor with access to server-level...

  • SecurityMar 17, 2026

    CVE-2025-69902: Critical Command Injection in kubectl-mcp-server

    A critical command injection vulnerability in kubectl-mcp-server allows unauthenticated attackers to execute arbitrary OS commands through unsanitized...

  • SecurityMar 17, 2026

    CVE-2026-4177: YAML::Syck Heap Buffer Overflow Enables

    A critical heap buffer overflow in YAML::Syck for Perl allows remote code execution through crafted YAML input that exceeds the 512-byte class name...

  • SecurityMar 17, 2026

    CVE-2026-4312: DrangSoft GCB/FCB Audit Software Missing

    A critical missing authentication flaw (CVSS 9.8) in DrangSoft's GCB/FCB Audit Software allows unauthenticated remote attackers to directly access...

  • SecurityMar 16, 2026

    CVE-2016-20024: ZKTeco ZKTime.Net Insecure File Permissions

    ZKTeco ZKTime.Net 3.0.1.6 ships with world-writable directory permissions on its installation folder, allowing any local unprivileged user to replace...

  • SecurityMar 16, 2026

    CVE-2016-20026: ZKTeco ZKBioSecurity 3.0 Hardcoded Tomcat

    ZKTeco ZKBioSecurity 3.0 ships a bundled Apache Tomcat server with hardcoded credentials stored in tomcat-users.xml, granting unauthenticated attackers...

  • SecurityMar 16, 2026

    CVE-2016-20030: ZKTeco ZKBioSecurity 3.0 Username

    ZKTeco ZKBioSecurity 3.0 allows unauthenticated attackers to enumerate valid usernames by submitting partial character strings to the...

  • SecurityMar 12, 2026

    CVE-2025-68613: n8n Remote Code Execution via Improper

    CISA adds CVE-2025-68613 to the Known Exploited Vulnerabilities catalog — a CVSS 9.9 flaw in n8n's workflow expression evaluation system that enables...

  • SecurityMar 8, 2026

    ZITADEL Critical XSS in SAML Endpoint Enables 1-Click

    A critical cross-site scripting vulnerability in ZITADEL's login V2 /saml-post endpoint allows unauthenticated attackers to execute arbitrary JavaScript...

  • SecurityMar 4, 2026

    Mail2Shell: Zero-Click RCE in FreeScout Helpdesk

    A maximum-severity zero-click vulnerability dubbed Mail2Shell allows unauthenticated attackers to compromise FreeScout mail servers by simply sending a...

  • SecurityFeb 17, 2026

    BeyondTrust Remote Support Pre-Authentication RCE Under

    A critical pre-authentication OS command injection vulnerability in BeyondTrust Remote Support and Privileged Remote Access with CVSS 9.9 is being...

  • SecurityFeb 11, 2026

    Microsoft Patch Tuesday February 2026: 6 Actively Exploited

    Microsoft's February 2026 Patch Tuesday addresses 60 vulnerabilities including 6 actively exploited zero-days and 3 publicly disclosed issues, with...

  • SecurityFeb 7, 2026

    Eight Critical n8n Vulnerabilities: Sandbox Escape to Unauthenticated RCE

    Popular workflow automation platform n8n hit with eight high-to-critical CVEs including a CVSS 10.0 unauthenticated RCE and sandbox escape bypassing...

  • SecurityFeb 6, 2026

    Apache Struts Critical RCE via OGNL Injection Returns

    A new critical OGNL injection vulnerability in Apache Struts allows unauthenticated remote code execution, reminiscent of the 2017 Equifax breach vector....

  • SecurityFeb 6, 2026

    Critical Fortinet FortiClientEMS SQL Injection

    Fortinet patches a CVSS 9.8 SQL injection in FortiClientEMS 7.4.4 allowing unauthenticated remote code execution. Endpoint management servers across...

  • SecurityFeb 5, 2026

    SolarWinds Web Help Desk RCE Vulnerability Added to CISA KEV

    Critical deserialization vulnerability in SolarWinds Web Help Desk enables unauthenticated remote code execution. CISA confirms active exploitation.

  • SecurityFeb 4, 2026

    Critical Google Looker Vulnerabilities Allow Full System

    Two severe vulnerabilities in Google Looker, dubbed 'LookOut', could allow attackers to gain complete control of self-hosted deployments affecting 60,000+...

  • SecurityFeb 4, 2026

    Critical n8n Vulnerability (CVSS 10.0) Enables Complete

    A maximum-severity flaw dubbed 'Ni8mare' in the popular workflow automation platform n8n allows unauthenticated attackers to gain full control of...

  • SecurityFeb 2, 2026

    Critical Vulnerability Discovered in Popular Enterprise VPN

    Security researchers have identified a severe authentication bypass vulnerability affecting multiple enterprise VPN products. Immediate patching recommended.