All CosmicBytez Labs articles tagged #CVE, across news, security advisories, how-to guides, and projects.
A vulnerability in NGINX Plus and NGINX Open Source allows map directives using regex matching with capture variables to trigger memory corruption when the capture variable is referenced before the map output variable.
CVSS 10.0 flaw in Wazuh Manager 5.0 beta lets enrolled agents inject NDJSON ops into OpenSearch under admin credentials, deleting logs and corrupting alerts.
LightRAG's default server configuration combines CORS_ORIGINS=* with allow_credentials=True, allowing any origin to make credentialed cross-origin requests and exposing knowledge graphs to unauthorized access.
A critical flaw in Perl through 5.43.9 causes regex alternations with more than 65,535 branches to silently produce incorrect matches, potentially bypassing security filters that rely on regex validation.
A critical Server-Side Template Injection vulnerability in Centreon's centreon-open-tickets module allows unauthenticated attackers to achieve Remote Code Execution via the unsanitized message_confirm field.
A CVSS 9.8 signed integer overflow in Perl's Storable module (before 3.41) allows a crafted SX_HOOK record to wrap an I32_MAX item count to -1, corrupting heap memory and potentially enabling remote code execution.
The Apache Airflow Git provider runs git-over-SSH with StrictHostKeyChecking=no by default, allowing a network-position attacker to silently impersonate the Git server and steal SSH credentials or inject malicious code.
Rejetto HFS 3.0.0–3.2.0 derives its session-cookie signing key from JavaScript's non-cryptographic Math.random(), and leaks generator outputs to unauthenticated clients — enabling full session forgery with CVSS 9.8.
Cisco IOS 12.4 contains multiple CSRF vulnerabilities that allow remote attackers to execute arbitrary commands. The flaw has been added to the CISA Known Exploited Vulnerabilities catalog, signaling active exploitation.
The User Registration & Membership WordPress plugin before 5.2.2 fails to verify PayPal webhook signatures, allowing unauthenticated attackers to forge payment events and gain free premium memberships.
A high-severity unrestricted file upload vulnerability in shiroiAdmin versions 1.1 and 1.3 allows unauthenticated remote attackers to upload PHP webshells and achieve remote code execution.
A high-severity SQL injection vulnerability in the TOKO-ONLINE-ROTI bakery management system allows remote attackers to manipulate the login.php Username parameter and compromise the backend database without authentication.
A high-severity SQL injection vulnerability in the TOKO-ONLINE-ROTI PHP bakery system allows remote attackers to manipulate the kode_produk and kd_cs parameters in proses/add.php, enabling database compromise.
A CVSS 9.8 critical SQL injection vulnerability in PraisonAI before 4.6.78 allows attackers to exploit the unvalidated dimension argument in PGVector and...
A CVSS 9.9 critical vulnerability in PraisonAI before 4.6.78 allows attackers to write files to arbitrary filesystem locations and execute arbitrary OS...
A CVSS 10.0 critical vulnerability in PraisonAI before 1.6.78 allows attackers to achieve remote code execution by injecting malicious prompts that...
A critical CVSS 8.8 remote code execution vulnerability in WP Ultimate CSV Importer allows unauthenticated attackers to execute arbitrary PHP code on...
A critical unrestricted file upload vulnerability in the iCagenda Joomla event calendar plugin allows unauthenticated attackers to upload arbitrary PHP...
A critical authorization flaw in Vikunja task manager (CVSS 9.8) exposes share hashes via LinkSharing.ReadAll and allows task attachment access through...
A critical RCE vulnerability (CVSS 9.6) in JetBrains IntelliJ IDEA before 2026.1.4 allows code execution through path traversal in project workspace ID...
A critical arbitrary file upload vulnerability in the Blocksy Companion WordPress plugin (versions up to 2.1.46) allows unauthenticated attackers to...
A critical stored XSS vulnerability in OceanicSoft's ValeApp allows attackers to inject persistent JavaScript payloads that execute in every victim's...
A critical unauthenticated file upload vulnerability in Balbooa Forms for Joomla allows attackers to upload executable files and achieve full remote code...
A critical SQL injection vulnerability in Inrove Software's BiEticaret e-commerce platform (versions before v3.3.57) allows unauthenticated attackers to...
A critical-severity SQL injection vulnerability (CVSS 9.6) in the Snowflake Snowpark Python SDK allows authenticated low-privilege users to execute SQL...
An authentication bypass vulnerability in OpenCTI prior to 7.260326.0 allows any authenticated user with KNOWLEDGE_KNUPDATE permission to bypass...
A cryptographically weak random number generator in the GenerateRandomPassword function of bosh-windows-stemcell-builder allows remote attackers to...
A critical CVSS 9.8 authorization bypass in the WP Learn Manager WordPress plugin allows unauthenticated attackers to install and activate arbitrary...
A critical missing authentication vulnerability in Esri Portal for ArcGIS 12.1 and earlier allows remote unauthenticated attackers to access protected API...
A critical CVSS 9.1 vulnerability in the Simple Coherent Form WordPress plugin allows unauthenticated attackers to delete arbitrary files on the server,...
A critical unrestricted file upload vulnerability in JoomShaper's SP Page Builder allows unauthenticated attackers to upload arbitrary PHP files and...
A critical CVSS 9.8 improper authentication vulnerability in Dassault Systèmes DELMIA Apriso (releases 2020–2026) allows unauthenticated attackers to gain...
A critical CVSS 9.8 vulnerability in the Eventer WordPress plugin exposes plaintext password reset keys in user meta, allowing unauthenticated attackers...
A critical vulnerability in ownCloud Core's Updater component exposes a dangerous method to administrators, enabling potential remote code execution on...
A local file inclusion vulnerability in the WANotifier WordPress plugin (before v2.6) allows any authenticated subscriber-level user to include and...
An unauthenticated remote SQL injection vulnerability in SourceCodester's Class and Exam Timetabling System 1.0 allows attackers to manipulate the id...
A high-severity unrestricted file upload vulnerability in the kirilkirkov Ecommerce-CodeIgniter-Bootstrap allows authenticated vendor users to upload...
A high-severity PHP deserialization vulnerability in the kirilkirkov Ecommerce-CodeIgniter-Bootstrap allows attackers to inject malicious serialized...
A high-severity SQL injection vulnerability in SourceCodester's Class and Exam Timetabling System 1.0 allows unauthenticated remote attackers to dump the...
A high-severity SQL injection vulnerability in SourceCodester's Class and Exam Timetabling System 1.0 allows unauthenticated remote attackers to fully...
A use-after-free bug in the Linux kernel's epoll subsystem — CVE-2026-46242 — lets any local user escalate to root on Linux 6.4+ with ~99% reliability. A...
A CVSS 9.8 critical SQL injection in the Destekz plugin by Raera - Ankara Web Design allows unauthenticated remote attackers full database access. The...
A high-severity OS command injection vulnerability in Dell PowerProtect Data Domain allows authenticated remote attackers to execute arbitrary commands...
Anubis ransomware affiliates are exploiting CVE-2025-5777 (Citrix Bleed 2) for initial access while pairing BYOVD techniques and stolen supply chain...
CISA has added a high-severity Microsoft SharePoint Server remote code execution vulnerability to its Known Exploited Vulnerabilities catalog following...
Critical path bypass vulnerability in @fastify/middie versions 9.1.0 through 9.3.2 allows attackers to evade middleware protection by exploiting a %2F...
A critical SQL injection vulnerability (CVSS 9.8) in the UTT nv518G router allows unauthenticated remote attackers to execute arbitrary code via the...
A critical pre-authentication remote code execution flaw in Progress Kemp LoadMaster (CVE-2026-8037, CVSS 9.6) is under active exploitation attempts,...
IBM DevOps Automation and IBM DevOps Loop fail to invalidate session IDs after expiration, allowing authenticated attackers to impersonate other users via...
A high-severity arbitrary function call vulnerability in the YouTube Showcase plugin allows authenticated attackers to invoke arbitrary PHP functions via...
A critical unauthenticated SQL injection vulnerability in the EventON WordPress Virtual Event Calendar Plugin affects versions up to 5.0.11, exposing...
The Microsoft Defender vulnerability CVE-2026-33825 was actively exploited as a zero-day by ransomware groups before Microsoft had the chance to release a...
Threat actors are actively weaponizing CVE-2026-33017, a critical unauthenticated RCE flaw in Langflow, to deploy a Monero miner via the lambsys...
A critical CVSS 9.8 authentication bypass vulnerability in Oracle E-Business Suite's Payments module is being actively exploited in the wild, according to...
A critical CVSS 9.8 vulnerability in the ProfileGrid WordPress plugin allows unauthenticated attackers to take over any user account and escalate...
A high-severity SQL injection vulnerability has been identified in itsourcecode Baptism Information Management System 1.0, allowing remote attackers to...
A second high-severity SQL injection vulnerability has been disclosed in itsourcecode Baptism Information Management System 1.0, this time affecting the...
A critical vulnerability in Apache Tomcat's FFM/Panama TLS connector silently ignores invalid or malformed CRL configurations, causing the server to...
A Microsoft Defender zero-day fuels ransomware before any patch exists; researchers dissect how syndicate groups run HR departments and tiered pricing;...
Hackers are actively exploiting CVE-2026-48558 in SimpleHelp remote support software to deploy Djinn Stealer, a previously undocumented cross-platform...
A heap overflow in libssh2's transport layer allows a malicious SSH server to achieve pre-authentication RCE against any connecting client. All versions...
A remotely exploitable SQL injection vulnerability affects SourceCodester Class and Exam Timetabling System 1.0 via the course_year_section parameter in...
A remotely exploitable SQL injection flaw in SourceCodester's Class and Exam Timetabling System 1.0 allows unauthenticated attackers to manipulate...
A critical unauthenticated SQL injection vulnerability (CVSS 9.8) in the JoomCCK Joomla extension allows attackers to read, modify, or delete database...
Six weeks of undetected access through a compromised VPN appliance exposes a hard truth: patching is necessary but not sufficient. Organisations already...
A high-severity SQL injection vulnerability in SourceCodester's Class and Exam Timetabling System 1.0 allows unauthenticated remote attackers to...
A second high-severity SQL injection vulnerability in SourceCodester Class and Exam Timetabling System 1.0 targets /preview6.php via the...
A high-severity SQL injection vulnerability in SourceCodester Class and Exam Timetabling System 1.0 allows unauthenticated attackers to manipulate the...
A high-severity SQL injection vulnerability in SourceCodester Class and Exam Timetabling System 1.0 allows unauthenticated attackers to manipulate the...
A high-severity SQL injection vulnerability in yashpokharna2555's restaurant management system allows unauthenticated attackers to exploit the...
CVE-2026-58053 was disclosed on June 28, 2026 with an informational severity rating. NVD analysis is pending; no exploitation or vendor advisory has been...
A high-severity authenticated file deletion vulnerability in the nmedia Frontend File Manager Plugin for WordPress allows subscribers to delete any file...
Critical path traversal vulnerability (CVSS 9.1) in Apache IoTDB affects versions 1.0.0 through 1.3.5 and 2.0.0 through 2.0.5. Users must upgrade...
A second critical path traversal vulnerability (CVSS 9.1) in Apache IoTDB affects versions 1.0.0 through 1.3.5 and 2.0.0 through 2.0.6. Patch to 1.3.6 or...
A path traversal flaw in Notepad++ v8.9.6.1 allows attackers to bypass the trusted directory plugin verification check using path sequences, potentially...
A critical CVSS 10.0 flaw in Budibase allows unauthenticated visitors of any published app to read every document in backing database collections and...
A critical path traversal vulnerability in Budibase's zip upload endpoint allows attackers to write arbitrary files outside the intended temp directory,...
CISA has added CVE-2026-12569, a remote code execution flaw in PTC Windchill, to its Known Exploited Vulnerabilities catalog after confirming active...
A high-severity OS command injection flaw in Dell Display and Peripheral Manager for macOS (versions prior to 2.3) allows low-privileged local attackers...
Mandiant's post-incident analysis exposes a sophisticated multi-stage attack chain that exploited CVE-2026-20245 to plant a hidden root account on Cisco...
A critical unauthenticated RCE vulnerability in PTC Windchill and FlexPLM (CVSS 9.3) has been added to CISA's Known Exploited Vulnerabilities catalog,...
Critical unauthenticated account takeover vulnerability in Rocket.Chat's CAS login handler passes unsanitized client input directly into a MongoDB findOne...
Critical pre-authentication vulnerability in Rocket.Chat allows any unauthenticated network attacker to obtain a valid OAuth access token for an arbitrary...
A critical CVSS 10.0 stack-based buffer overflow in the GeoVision GV-I/O Box 4E DVRSearch service allows unauthenticated remote attackers to achieve...
Multiple OS command injection vulnerabilities in GeoVision GV-I/O Box 4E firmware 2.09 allow attackers with network access to execute arbitrary system...
A second critical CVSS 10.0 stack-based buffer overflow in GeoVision GV-I/O Box 4E firmware 2.09 — this time in the Net Mask field handling of the...
A heap over-read vulnerability introduced in a 1997 FTP parser change allows a malicious co-user of a shared Squid proxy to read other users' cleartext...
A critical OS command injection flaw in the Lantronix EDS5000 serial device server allows unauthenticated attackers to inject arbitrary commands via the...
FFmpeg has patched a critical vulnerability dubbed PixelSmash that could enable remote code execution on Jellyfin servers and denial-of-service conditions...
Microsoft's June 2026 Patch Tuesday addressed nearly 200 security vulnerabilities — the highest single-month patch count in the company's history —...
Active exploitation of CVE-2026-4020 in the Gravity SMTP WordPress plugin has generated over 17 million malicious requests, allowing unauthenticated...
CVE-2026-20253, a critical unauthenticated remote code execution flaw in Splunk Enterprise, is being actively exploited in the wild just days after public...
A critical path traversal vulnerability in FileRise before 3.16.0 allows unauthenticated attackers to write arbitrary files and completely compromise...
A critical Local File Inclusion vulnerability in the BetterDocs Pro WordPress plugin (up to v3.8.0) allows unauthenticated attackers to include and...
F5 has released emergency security updates for two critical vulnerabilities in NGINX Open Source, including a CVSS 9.2 use-after-free flaw in the HTTP/3...
Multiple threat intelligence firms have confirmed active exploitation of two critical vulnerabilities in Fortinet's FortiSandbox product — security flaws...
CISA has added a maximum-severity vulnerability in the Joomla Content Editor (JCE) plugin to its Known Exploited Vulnerabilities catalog, warning that the...
A critical unauthenticated SQL injection vulnerability (CVSS 9.3) in the InPost Gallery WordPress plugin allows attackers to extract sensitive database...
A high-severity unauthenticated remote code execution vulnerability (CVSS 8.8) in Premmerce Dev Tools for WordPress allows attackers to execute arbitrary...
Critical OS command injection in Fortra Core Privileged Access Manager allows unauthenticated remote code execution via the boks_autoregisterd service at...
Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, an authentication bypass vulnerability in PAN-OS GlobalProtect portals carrying a...
A CVSS 7.3 authorization bypass vulnerability in ShopXO up to 6.7.1 allows unauthenticated access to scheduled task endpoints in the Crontab controller,...
A critical unauthenticated vulnerability in the WP Maps Pro WordPress plugin before 6.1.1 allows any visitor to create an administrator account and...
Google's Threat Intelligence Group confirmed in-the-wild exploitation of Oracle PeopleSoft zero-day CVE-2026-35273 by ShinyHunters, even as Oracle...
A high-severity symlink vulnerability in the LiteSpeed cPanel plugin (CVSS 8.5) allows users with FTP or web shell access to escape CloudLinux/CageFS...
The Bookly scheduling plugin for WordPress contains a stored cross-site scripting vulnerability in versions up to 27.2, allowing unauthenticated attackers...
Splunk patches CVE-2026-20253, a CVSS 9.8 critical vulnerability enabling unauthenticated file operations and remote code execution in Splunk Enterprise.
sanitize-html versions prior to 2.17.4 allow attacker-controlled content inside a disallowed xmp element to render as live HTML, enabling stored XSS.
A high-severity vulnerability (CVSS 9.0) in Cloud Foundry UAA allows attackers to bypass authentication by exploiting the incorrect treatment of XML...
A critical CVSS 9.9 argument injection vulnerability in WordPress Toolkit before 6.11.0 allows remote authenticated users to bypass cross-tenant...
A critical CVSS 9.9 command injection vulnerability in UID Enterprise Agent allows a low-privileged network attacker to execute arbitrary commands on the...
A critical CVSS 9.9 privilege escalation vulnerability in Ubiquiti UniFi OS allows a low-privileged network attacker to escalate privileges within UniFi...
A critical CVSS 9.9 command injection vulnerability in Ubiquiti UniFi OS allows a low-privileged network attacker to execute arbitrary commands within...
Microsoft has released a patch for CVE-2026-42897, an Exchange Server zero-day that has been under active exploitation since at least May 14, 2026. The...
Oracle has issued an emergency mitigation for CVE-2026-35273, a critical unauthenticated RCE flaw in PeopleSoft Suite being actively exploited by the...
The ShinyHunters group, tracked by Mandiant as UNC6240, has been exploiting CVE-2026-35273 in Oracle PeopleSoft to breach universities and higher...
A critical unauthenticated privilege escalation vulnerability in the Doctreat Core WordPress plugin allows attackers to register with elevated roles,...
Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in Langflow, to write arbitrary files on exposed servers....
A high-severity path traversal flaw (CVE-2026-5027, CVSS 8.8) in the AI application builder Langflow is being actively exploited with no patch available....
Adobe ColdFusion 2023.19 and 2025.8 are affected by a critical improper input validation flaw enabling unauthenticated remote code execution with scope change.
A critical CVE-2026-44963 flaw in Veeam Backup and Replication lets low-privilege domain users achieve remote code execution on backup servers. CVSS 9.4 —...
Cisco has disclosed active exploitation of CVE-2026-20245, a high-severity vulnerability in Catalyst SD-WAN Manager with a CVSS score of 7.8. No patch is…
A high-severity vulnerability in Samsung's Galaxy Editing Service allows local attackers to execute privileged operations due to improper export of Android…
A high-severity arbitrary file upload vulnerability in the MDJM Event Management plugin for WordPress allows authenticated attackers to upload malicious files…
A high-severity privilege escalation vulnerability in the Booking Package WordPress plugin allows unauthenticated or low-privileged attackers to take over…
Cisco has issued an emergency warning about an actively exploited, unpatched zero-day in Cisco Catalyst SD-WAN Manager (CVE-2026-20245) that enables root…
CISA has added a critical remote code execution vulnerability in the Mirasvit Cache Warmer Magento extension to its Known Exploited Vulnerabilities catalog…
A CVSS 9.8 OS command injection vulnerability in openlabs docker-wkhtmltopdf-aas allows unauthenticated remote code execution via a crafted POST request to…
RockRMS versions up to v16.13 are vulnerable to a CVSS 9.0 stored cross-site scripting flaw that allows attackers to inject malicious scripts through social…
A critical unauthenticated remote code execution flaw in OpenStack Mistral through 22.0.0 allows attackers to execute arbitrary commands via exposed API…
Hackers are actively exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the widely-used Kirki Customizer Framework plugin for…
A Linux kernel vulnerability in the cgroups v1 release_agent feature allows local attackers to escalate privileges and escape containers. Added to CISA KEV…
Google's June 2026 Android security update patches 124 vulnerabilities including one zero-day flaw that has been actively exploited in targeted attacks…
Palo Alto Networks warns that CVE-2026-0257, a CVSS 7.8 authentication bypass in PAN-OS GlobalProtect, is under active exploitation by hackers attempting...
A Server-Side Template Injection flaw in Mautic's Twig-based theme engine allows authenticated users with theme upload permissions to execute arbitrary...
phpMyFAQ before 4.1.3 contains a CVSS 8.2 flaw allowing unauthenticated attackers to reset any account password without token validation, enabling full...
Rapid7 discloses a critical CVSS 9.4 RCE in Gogs, the popular self-hosted Git service, letting any authenticated user run arbitrary code on the server.
Buffer overflow in Synology BeeStation OS AdminCenter lets unauthenticated attackers execute code remotely (CVSS 9.8) — patch to 1.3.2-65648 now.
Critical Lumiverse <0.9.7 flaw lets malicious extensions execute arbitrary code via package.json lifecycle scripts run by the Spindle build pipeline.
Critical sandbox escape in Lumiverse <0.9.7 lets attackers bypass JS global shadowing via crafted TSX component overrides, enabling code execution.
CISA adds CVE-2026-48027 to KEV after a malicious Nx Console VS Code extension was found harvesting credentials from disk and memory via obfuscation.
Microsoft has released updates fixing CVE-2026-45659, a CVSS 8.8 remote code execution vulnerability in SharePoint Server that requires no specialized.
Twitter-Clone 1 contains a high-severity SQL injection vulnerability in follow.php that allows attackers to extract sensitive database information through.
A remotely exploitable SQL injection vulnerability in the admin panel of itsourcecode Electronic Judging System 1.0 allows attackers to manipulate database.
CISA has added CVE-2026-9082, a SQL injection vulnerability in Drupal Core, to its Known Exploited Vulnerabilities catalog following confirmed in-the-wild...
Drupal is warning that hackers are actively attempting to exploit a 'highly critical' SQL injection vulnerability, CVE-2026-9082, announced earlier this...
A maximum-severity vulnerability in the LiteSpeed User-End cPanel Plugin, tracked as CVE-2026-48172 with a CVSS score of 10.0, is under active...
CISA adds CVE-2025-34291 to the Known Exploited Vulnerabilities catalog — an overly permissive CORS configuration combined with a SameSite=None refresh...
Drupal has released an urgent security update for CVE-2026-9082, a highly critical flaw that can be exploited without authentication to achieve...
Microsoft has issued emergency patches for two Windows Defender vulnerabilities that were actively exploited as zero-days before fixes were available....
A coordinated wave of critical security patches landed this week from Ivanti, Fortinet, SAP, VMware, and n8n. Topping the list is CVE-2026-8043 in Ivanti...
A zero-day XSS vulnerability in Microsoft Exchange Server (CVE-2026-42897) is being actively exploited in the wild, allowing attackers to compromise...
Cisco has patched a maximum-severity authentication bypass flaw in its Catalyst SD-WAN Controller that has already been exploited in limited attacks....
A heap buffer overflow in NGINX's rewrite module is under active exploitation, days after disclosure. The CVSS 9.2 flaw impacts both NGINX Plus and Open...
A missing WordPress capability check in the AI Engine plugin's MCP OAuth bearer-token path allows any authenticated user to escalate privileges to...
Cisco has patched CVE-2026-20182, a zero-day in Catalyst SD-WAN Manager that has been actively exploited in targeted attacks by sophisticated threat actor...
A security researcher claims Microsoft silently patched an Azure Backup for AKS vulnerability after rejecting his disclosure report — issuing no CVE and...
Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions actively being targeted...
A critical CVSS 9.8 vulnerability in iDS6 DSSPro Digital Signage System 6.2 allows attackers to retrieve valid CAPTCHA codes from the login endpoint and...
A critical CVSS 9.8 memory safety flaw in libbabl 0.1.62 allows attackers to call babl_free() twice on the same pointer without triggering the library's...
A critical unsandboxed Apache Velocity template injection vulnerability in OpenMRS Core allows authenticated attackers to execute arbitrary code on the...
A high-severity authorization bypass in Open WebUI prior to 0.9.5 allows authenticated users to attach arbitrary files to resources they do not own via...
A stored cross-site scripting vulnerability in vCluster Platform allows attackers to inject and execute arbitrary JavaScript via the name field of a...
Researchers have disclosed multiple critical vulnerabilities in NGINX Plus and NGINX Open Source, including a heap buffer overflow in...
Critical authentication bypass vulnerability in ELECOM wireless LAN access point devices allows unauthenticated attackers to access protected URLs and...
Microsoft's May 2026 Patch Tuesday delivers security updates for 120 vulnerabilities across Windows, Edge, Office, Azure, and more — with no zero-days...
Microsoft's May 2026 Patch Tuesday addresses 138 security vulnerabilities across its product portfolio, including 30 rated Critical — with notable DNS...
An authenticated user with database write privileges can trigger an out-of-bounds memory write in the mongod process via a flaw in MongoDB Server's...
A CVSS 7.5 denial-of-service vulnerability in Apple iOS and iPadOS allows a remote attacker to exhaust device resources and crash the operating system...
The Apache Software Foundation has released urgent security updates for the Apache HTTP Server addressing a severe vulnerability in the HTTP/2 protocol...
Ivanti has disclosed a high-severity improper input validation vulnerability in Endpoint Manager Mobile (EPMM) that is being actively exploited in the...
Researchers have disclosed a critical out-of-bounds read vulnerability in Ollama that enables remote unauthenticated attackers to leak the entire process...
Palo Alto Networks has disclosed that CVE-2026-0300, a critical CVSS 9.3 buffer overflow in the PAN-OS User-ID Authentication service, is being actively...
A critical unauthenticated SQL injection vulnerability in Beauty Parlour Management System v1.1 allows attackers to dump the entire backend database via a...
A missing sighash validation in ZEBRA, the Rust-based Zcash node, allowed invalid V5 transactions to pass consensus checks — patched in zebrad 4.3.1 and...
A timing attack vulnerability in RELATE's check_sign_in_key() function could allow attackers to infer valid sign-in keys through response time differences...
A critical unauthenticated vulnerability in Plunk, the open-source AWS SES email platform, allows attackers to forge Amazon SNS webhook payloads without...
A high-severity security bypass in Argo Workflows (CVSS 8.1) allows users with Workflow creation permissions to escape templateReferencing: Strict mode,...
A critical improper access control flaw in Azure Managed Instance for Apache Cassandra allows an authorized network attacker to execute arbitrary code,...
A critical command injection vulnerability in the electerm terminal client allows remote attackers to achieve unauthenticated code execution on macOS...
A critical command injection flaw in electerm's Linux installer allows remote attackers to execute arbitrary shell commands by injecting into unsanitized...
A critical SQL injection vulnerability in LiteLLM's proxy server allows unauthenticated attackers to manipulate database queries during API key...
The U.S. Cybersecurity and Infrastructure Security Agency has added CVE-2026-31431, a Linux kernel privilege escalation flaw enabling root access, to its...
The Brizy Page Builder plugin for WordPress contains a critical unauthenticated Stored Cross-Site Scripting flaw in versions up to 2.8.11, enabling...
A newly disclosed critical vulnerability in cPanel and WHM tracked as CVE-2026-41940 is being mass-exploited by ransomware actors to breach web hosting...
An incomplete fix for CVE-2026-41635 leaves Apache MINA 2.1.x and 2.2.x branches exposed to a critical deserialization bypass via...
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been...
CISA has added two actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog — CVE-2024-1708 affecting ConnectWise ScreenConnect...
GitHub has patched CVE-2026-3854, a critical remote code execution vulnerability exploitable via a single HTTP request that could have granted attackers...
Dell iDRAC10 versions 1.20.70.50 and 1.30.05.10 contain a race condition vulnerability allowing authenticated low-privileged attackers to gain elevated...
Cybersecurity researchers have disclosed CVE-2026-25874, a critical unauthenticated remote code execution vulnerability (CVSS 9.3) in Hugging Face's...
Threat actors are actively exploiting CVE-2026-42208, a critical pre-authentication SQL injection vulnerability in the LiteLLM open-source LLM gateway,...
A high-severity Firefox vulnerability (CVE-2026-6770) exploits the internal ordering of IndexedDB database names to generate a stable 44-bit fingerprint...
A CVSS 8.1 high-severity collection of memory safety bugs affects Firefox 149, Firefox ESR 140.9, Firefox ESR 115.34, Thunderbird 149, and Thunderbird ESR...
A critical CVSS 9.8 OS command injection vulnerability in the Totolink A8000RU router allows unauthenticated remote attackers to execute arbitrary...
A command injection flaw in end-of-life D-Link DIR-823X routers allows authenticated remote attackers to execute arbitrary OS commands. CISA has added...
A critical CVSS 9.9 elevation of privilege vulnerability in Azure IoT Central allows an authenticated attacker to escalate privileges over a network by...
A critical code injection vulnerability in the FunnelFormsPro WordPress plugin through version 3.8.1 allows remote code inclusion, enabling attackers to...
A critical arbitrary file upload vulnerability in the end-of-life Borg SPM 2007 application allows unauthenticated attackers to upload web shell backdoors...
A critical authentication bypass vulnerability in the end-of-life Borg SPM 2007 application permits unauthenticated remote attackers to log into the...
A critical SQL injection vulnerability in the end-of-life Borg SPM 2007 application allows unauthenticated remote attackers to inject arbitrary SQL...
A critical improper access control vulnerability in EspoCRM's built-in formula scripting engine allows authenticated administrators to overwrite the...
A critical pre-authorization remote code execution vulnerability in Marimo, the open-source reactive Python notebook, allows unauthenticated attackers to...
A critical SQL injection vulnerability in Jellystat, the open-source statistics app for Jellyfin, allows authenticated users to execute arbitrary SQL...
A critical CVSS 9.1 authorization bypass in the WordPress Create DB Tables plugin (all versions up to 1.2.1) allows unauthenticated users to create or...
A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability in end-of-life D-Link DIR-823X...
A high-severity vulnerability in Oracle Life Sciences Empirica Signal versions 9.2.1-9.2.3 allows a low-privileged attacker with network access via HTTP...
A high-severity flaw in Spring Security allows security filter chains to silently fail to match requests when PathPatternRequestMatcher.Builder is used to...
A critical RCE flaw in BeyondTrust Bomgar remote monitoring and management software is being actively exploited to spread ransomware and compromise...
Kentico Xperience contains a path traversal vulnerability allowing an authenticated user's Staging Sync Server to upload arbitrary data to relative path...
OpenAEV's password reset implementation contains multiple chained weaknesses enabling reliable account takeover in versions 1.0.0 through 2.0.12 of the...
A critical privilege escalation flaw in OpenXiangShan NEMU's RISC-V hypervisor extension allows a VS-mode guest write to the supervisor interrupt-enable...
A critical unauthenticated RCE vulnerability in Spinnaker's clouddriver service allows attackers to execute arbitrary commands on clouddriver pods,...
A critical code injection flaw in Spinnaker's Echo service allows unrestricted Spring Expression Language (SPeL) execution via artifact processing,...
Vvveb CMS versions prior to 1.0.8.1 allow unauthenticated attackers to inject arbitrary PHP code through the installation endpoint's unsanitized subdir...
A critical CVSS 9.8 command injection vulnerability in the SGLang AI inference framework allows attackers to achieve remote code execution by supplying a...
A critical authentication bypass vulnerability in nginx-ui, a popular open-source web-based Nginx management interface, is being actively exploited to...
The National Institute of Standards and Technology will stop assigning CVSS severity scores to lower-priority vulnerabilities in the NVD as CVE submission...
This week's cybersecurity roundup covers the proposed Satellite Cybersecurity Act, a $90,000 Chrome heap overflow bug, a 16-year-old hacker arrest,...
A critical SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows unauthenticated remote attackers to bypass login...
A critical heap buffer overflow in the SAIL image library's XWD codec arises from a mismatch between pixel depth and bits-per-pixel, enabling arbitrary...
A critical out-of-bounds write in SAIL's PSD codec occurs when the pixel buffer is allocated using a raw header formula that doesn't account for actual...
A critical heap write-past-end vulnerability in SAIL's TGA codec RLE decoder stems from an asymmetric bounds check that correctly validates run-packets...
A critical vulnerability in a programmable logic controller allows unauthenticated network attackers to brute force weak passwords and gain full...
The CMP Coming Soon & Maintenance Plugin for WordPress contains a critical arbitrary file upload flaw that allows subscriber-level authenticated users to...
SiYuan knowledge management versions 3.6.3 and below render Mermaid diagrams with loose security, allowing attacker-controlled javascript: URLs to execute...
A critical OS command injection vulnerability (CVSS 9.8) in Totolink A7100RU firmware allows unauthenticated remote attackers to execute arbitrary...
A critical OS command injection flaw (CVSS 9.8) in Totolink A7100RU enables remote unauthenticated attackers to execute arbitrary commands by manipulating...
CVE-2026-6114 is a critical OS command injection vulnerability (CVSS 9.8) in the Totolink A7100RU router's setNetworkCfg function, exploitable remotely...
CVE-2026-6115 describes a critical OS command injection vulnerability (CVSS 9.8) in the Totolink A7100RU router, exploitable remotely and without...
A critical CVSS 9.1 vulnerability in Apache Airflow fails to invalidate JWT tokens upon user logout, allowing intercepted tokens to be reused for...
A critical CVSS 9.1 flaw in Canonical LXD versions 4.12 through 6.7 omits raw.apparmor and raw.qemu.conf from the VM low-level option denylist, allowing...
A critical CVSS 9.1 vulnerability in Canonical LXD before 6.8 allows authenticated attackers to bypass project restrictions during backup import. The...
A high-severity LDAP injection vulnerability in OPNsense's authentication connector allows unauthenticated attackers to bypass login controls by injecting...
A critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary system...
A second critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary...
A high-severity privilege escalation flaw in Kibana's Fleet plugin debug route handlers allows authenticated users with limited Fleet sub-feature...
A critical CVSS 9.8 path traversal vulnerability in goshs, a SimpleHTTPServer written in Go, allows unauthenticated attackers to write arbitrary files via...
A remotely exploitable SQL injection vulnerability (CVE-2026-5637) has been disclosed in projectworlds Car Rental System 1.0. The flaw exists in...
A critical zero-day in FortiClient EMS with a CVSS score of 9.8 is being actively exploited in the wild while Fortinet has released only an emergency...
A high-severity denial-of-service vulnerability in DokuWiki v.2025-05-14b 'Librarian' allows remote attackers to crash the application by exploiting the...
A high-severity authorization flaw in the ProfilePress WordPress plugin (up to v4.16.11) lets unauthenticated or low-privilege users bypass membership...
A high-severity Insecure Direct Object Reference vulnerability in the WCFM Frontend Manager for WooCommerce plugin (up to v6.7.25) lets authenticated...
A crafted short X-Wing HPKE encapsulated key can trigger an out-of-bounds read in the C decapsulation path of Apple's swift-crypto library, potentially...
A large-scale credential harvesting campaign has been observed exploiting the React2Shell vulnerability (CVE-2025-55182) as an initial infection vector,...
Google has released a Chrome security update patching 21 vulnerabilities including a high-severity use-after-free zero-day in the Dawn graphics engine...
A critical CVSS 9.8 vulnerability in the MAVLink drone communication protocol allows unauthenticated attackers to send arbitrary SERIAL_CONTROL commands —...
A high-severity heap buffer overflow in Chrome's GPU component allows remote attackers to execute arbitrary code via a crafted HTML page. Affects all...
F5 has reclassified a BIG-IP APM vulnerability from denial-of-service to critical remote code execution, warning that attackers are actively exploiting...
A critical CVSS 9.8 vulnerability in OpenClaw allows attackers to bypass the exec allowlist by exploiting improper glob pattern normalization where the ?...
A critical CVSS 9.8 authorization bypass in OpenClaw's Zalouser allowlist mode matches mutable group display names instead of stable identifiers, letting...
A critical CVSS 9.8 vulnerability in OpenClaw allows attackers to replay a valid bootstrap setup code multiple times before approval, escalating device...
Perl versions 5.9.4 through 5.43.8 ship a vulnerable Compress::Raw::Zlib core module that inherits CVE-2026-3381 from a vendored zlib dependency. CVSS 9.8...
A CVSS 10.0 critical vulnerability in steam-trader 2.1.1 exposes Steam account credentials, identity secrets, and shared secrets to unauthenticated remote...
A server-side request forgery vulnerability in elecV2P up to version 3.8.3 allows remote attackers to manipulate the eAxios function via the /mock...
A critical vulnerability in Gematik Authenticator prior to version 4.16.0 allows attackers to hijack authentication sessions via malicious deep links,...
A critical unauthenticated RCE vulnerability in F5 BIG-IP APM is being actively exploited in the wild. Malicious traffic targeting access policy virtual...
A critical unauthenticated information disclosure vulnerability in SiYuan, the personal knowledge management system, allows remote attackers to retrieve...
A critical path traversal vulnerability in SiYuan's /api/file/readDir interface allows unauthenticated remote attackers to traverse notebook directories...
A critical chain of vulnerabilities in WWBN AVideo's CloneSite plugin allows fully unauthenticated attackers to achieve remote code execution via key...
CVE-2026-20131, a maximum-severity CVSS 10.0 insecure deserialization flaw in Cisco Firepower Management Center, was exploited by Interlock ransomware as...
CVE-2026-33017, a CVSS 9.3 unauthenticated remote code execution vulnerability in the Langflow AI platform, was weaponized by threat actors within 20...
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability allowing a malicious app to cause unexpected changes in...
A critical CVSS 9.9 authorization bypass in OpenClaw allows authenticated users to self-declare elevated scopes over WebSocket connections without...
Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Oracle Identity Manager and...
Researchers have disclosed a critical unauthenticated remote code execution vulnerability in the GNU InetUtils telnet daemon (telnetd). CVE-2026-32746...
The Interlock ransomware gang has been actively exploiting a CVSS 10.0 insecure deserialization flaw in Cisco Secure Firewall Management Center since late...
A critical unauthenticated remote code execution vulnerability (CVSS 9.8) in Oracle's Edge Cloud Infrastructure Designer and Visualisation Toolkit allows...
A critical (CVSS 9.6) authorization bypass vulnerability in the moodle-mod_customcert plugin allows any teacher with manage capability in a single course...
A high-severity OS command injection vulnerability (CVSS 9.1) in the Angeet ES3 KVM switch allows authenticated attackers to execute arbitrary OS-level...
A critical command injection vulnerability in kubectl-mcp-server allows unauthenticated attackers to execute arbitrary OS commands through unsanitized...
A critical heap buffer overflow in YAML::Syck for Perl allows remote code execution through crafted YAML input that exceeds the 512-byte class name...
A critical missing authentication flaw (CVSS 9.8) in DrangSoft's GCB/FCB Audit Software allows unauthenticated remote attackers to directly access...
CVE-2015-20115 is a stored cross-site scripting vulnerability in RealtyScript 4.0.2 that allows authenticated attackers to upload malicious script files...
CISA has added CVE-2025-47813, a medium-severity information disclosure flaw in Wing FTP Server, to its KEV catalog after confirming active exploitation...
Veeam Software has released a critical security update for Backup & Replication, patching five remote code execution vulnerabilities with CVSS scores...
CISA added CVE-2025-68613 — a CVSS 9.9 remote code execution flaw in n8n's workflow expression evaluator — to its Known Exploited Vulnerabilities catalog...
Security researchers have published details of two newly patched critical vulnerabilities in n8n — CVE-2026-27577 (CVSS 9.4), an expression sandbox escape...
CISA adds CVE-2025-68613 to the Known Exploited Vulnerabilities catalog — a CVSS 9.9 flaw in n8n's workflow expression evaluation system that enables...
Structured checklist for building and maintaining a vulnerability management program — scan cadence, patching SLAs, risk acceptance workflows, remediation...
A high-severity host header injection vulnerability in ZITADEL's login V2 password reset flow allows attackers to redirect reset links to...
A critical cross-site scripting vulnerability in ZITADEL's login V2 /saml-post endpoint allows unauthenticated attackers to execute arbitrary JavaScript...
A stored cross-site scripting vulnerability in ZITADEL's login V2 interface allows organization administrators to inject malicious JavaScript via a...
A critical unauthenticated RCE vulnerability in International Datacasting Corporation's SFX Series satellite receivers allows attackers to execute...
CISA has added two Roundcube Webmail vulnerabilities to the Known Exploited Vulnerabilities catalog — CVE-2025-49113 (CVSS 9.9, deserialization RCE) and...
Microsoft's February 2026 Patch Tuesday addresses roughly 60 vulnerabilities including six actively exploited zero-days across Windows, Office, and Azure...
FIRST predicts a median of 59,427 new CVEs in 2026 with realistic scenarios reaching 70,000-100,000 vulnerabilities, as software complexity and...
Microsoft's February 2026 Patch Tuesday addresses 60 vulnerabilities including 6 actively exploited zero-days and 3 publicly disclosed issues, with...
Critical path traversal vulnerability in WinRAR enables ransomware and credential theft as Russian and Chinese threat actors weaponize phishing campaigns...
CVE-2026-1642 affects NGINX OSS and Plus when proxying to upstream TLS servers, allowing attackers to inject plaintext data into responses.
Security researchers have identified a severe authentication bypass vulnerability affecting multiple enterprise VPN products. Immediate patching recommended.
Maximum severity flaw in Modular DS WordPress plugin allows unauthenticated privilege escalation. All versions through 2.5.1 affected with active...
Google has released an emergency Chrome update to fix a zero-day vulnerability being actively exploited in targeted attacks against journalists and activists.
Security researchers warn of mass exploitation campaigns targeting Fortinet FortiGate firewalls. Over 50,000 devices believed to be compromised globally.
CVE-2026-0625 allows unauthenticated remote code execution on legacy D-Link DSL routers. Devices are end-of-life with no patches forthcoming. Immediate...
Microsoft's first security update of 2026 addresses 114 vulnerabilities including three zero-days. One flaw is actively exploited in the wild with CISA...