All CosmicBytez Labs articles tagged #Vulnerability, across news, security advisories, how-to guides, and projects.
A stack-based buffer overflow flaw in HP OfficeConnect VoIP phones can be exploited remotely to achieve code execution, potentially allowing attackers to pivot into enterprise networks from compromised desk phones.
A single development-mode setting left in production code bypassed Android protections designed to prevent unauthorized apps from accessing Microsoft account authentication tokens, exposing billions of app installations to potential account takeover.
A critical stack-based buffer overflow vulnerability in Arm Whois 3.11 (CVSS 9.8) allows remote attackers to execute arbitrary code by supplying oversized input, overwriting the structured exception handler with shellcode.
Belgium's national cybersecurity authority (CCB) has issued an urgent warning that threat actors are actively exploiting a recently patched critical Windows Netlogon Remote Protocol vulnerability that allows unauthenticated remote code execution on domain controllers.
A SQL injection vulnerability in SourceCodester Hospitals Patient Records Management System 1.0 allows remote attackers to extract database contents by manipulating the ID parameter in the user delete endpoint.
A SQL injection vulnerability in SourceCodester Hospitals Patient Records Management System 1.0 enables remote attackers to extract database contents by manipulating the ID parameter in the user save endpoint.
A critical-severity stack buffer overflow in the Totolink N300RH wireless router allows remote attackers to execute arbitrary code via a crafted KeyStr argument in the setWiFiBasicConfig function.
A critical SQL injection vulnerability (CVSS 9.1) in OTRS and ((OTRS)) Community Edition allows unauthenticated attackers to bypass authentication entirely when MySQL or MariaDB is configured with the NO_BACKSLASH_ESCAPES SQL mode.
A SQL injection vulnerability in OpenCATS through 0.9.7.4 allows authenticated attackers to extract database contents by injecting malicious SQL via the sortDirection parameter in the DataGrid component.
Hackers are actively exploiting a critical vulnerability in the WP Maps Pro WordPress plugin that allows unauthenticated attackers to create rogue administrator accounts, granting full site control without any login.
Multiple unauthenticated SQL injection vulnerabilities in eNdonesia Portal 8.7 allow attackers to extract sensitive database contents via the artid, cid,...
Multiple unauthenticated SQL injection vulnerabilities in eNdonesia Portal 8.7 expose the publisher, artikel, and info modules to database extraction...
An unauthenticated SQL injection vulnerability in MGB OpenSource Guestbook 0.7.0.2 allows attackers to extract sensitive database contents via the 'id'...
A critical unauthenticated arbitrary file upload vulnerability in Delta Sql 1.8.2 allows attackers to upload malicious PHP files and achieve remote code...
A remotely exploitable SQL injection vulnerability has been disclosed in code-projects Online Music Site 1.0, affecting the Administrator PHP AdminEditAlbum endpoint. A public exploit is available and no patch exists.
HaPe PKH 1.1, a PHP-based web application, fails to enforce authorization on its record deletion endpoints, allowing unauthenticated attackers to...
A critical CVSS 9.8 remote code execution vulnerability in manga-image-translator allows unauthenticated attackers to execute arbitrary commands by...
A remotely exploitable SQL injection vulnerability in code-projects Student Details Management System 1.0 allows attackers to manipulate database queries...
A critical CVSS 9.1 access control flaw in the WP Travel Pro WordPress plugin allows unauthenticated attackers to delete any user account — including...
A broken authentication check in the Simple History WordPress plugin (versions up to 5.26.0) allows Subscriber-level users to take over any WordPress...
A high-severity remote code execution vulnerability in the Spectra Gutenberg Blocks plugin for WordPress allows authenticated Contributor-level attackers...
Fortinet's April hotfix for the actively exploited CVE-2026-35616 FortiClient EMS flaw is now seeing renewed exploitation, as attackers continue targeting...
phpMyFAQ before 4.1.3 contains a CVSS 8.2 flaw allowing unauthenticated attackers to reset any account password without token validation, enabling full...
A CVSS 9.0 OS command injection flaw in Samba allows remote attackers to execute arbitrary commands on file servers and domain controllers using the %u...
Rapid7 discloses a critical CVSS 9.4 RCE in Gogs, the popular self-hosted Git service, letting any authenticated user run arbitrary code on the server.
Microsoft condemns uncoordinated public zero-day disclosure, urging the security community to adopt CVD after removing a researcher's GitHub account.
An unpatched Gogs zero-day lets attackers gain RCE on internet-facing instances of the self-hosted Git service — no patch is currently available.
A CVSS 9.0 code execution flaw in Comet Backup's backup agent signing module allows an authenticated tenant administrator to execute arbitrary code on...
CISA adds CVE-2026-8398 to KEV — a high-severity embedded malicious-code flaw in Daemon Tools Lite impacting confidentiality, integrity, and availability.
CISA's emergency directive gives federal agencies four days to patch the actively exploited LiteSpeed cPanel plugin flaw being weaponized in the wild.
CISA has added a LiteSpeed cPanel plugin zero-day to its Known Exploited Vulnerabilities catalog after active exploitation allowed attackers to execute scripts.
A Gitea flaw lets unauthenticated remote attackers pull private container images from self-hosted deployments with no account or credentials required.
DockSec, an OWASP incubator project, combines multiple container security scanners with AI-generated plain-English remediation guidance and exact Dockerfile.
A critical symlink validation flaw in KubeVirt's virt-handler lets authenticated OpenShift users with edit access in a single namespace escalate to arbitrary.
A hardcoded machineKey value in KnowledgeDeliver's configuration enabled ViewState deserialization attacks leading to remote code execution and web shell.
Attackers exploited a critical zero-day vulnerability in KnowledgeDeliver LMS servers to deploy the Godzilla web shell, giving persistent backdoor access to.
A now-patched high-severity zero-day vulnerability in Digital Knowledge's KnowledgeDeliver LMS, a popular learning management system in Japan, was actively.
Microsoft has released updates fixing CVE-2026-45659, a CVSS 8.8 remote code execution vulnerability in SharePoint Server that requires no specialized.
A remotely exploitable SQL injection vulnerability in the admin panel of itsourcecode Electronic Judging System 1.0 allows attackers to manipulate database.
A new technical analysis reveals that many Windows kernel-mode drivers can be exploited from user mode without the physical hardware they were designed...
CISA has added CVE-2026-9082, a SQL injection vulnerability in Drupal Core, to its Known Exploited Vulnerabilities catalog following confirmed in-the-wild...
Drupal is warning that hackers are actively attempting to exploit a 'highly critical' SQL injection vulnerability, CVE-2026-9082, announced earlier this...
A maximum-severity vulnerability in the LiteSpeed User-End cPanel Plugin, tracked as CVE-2026-48172 with a CVSS score of 10.0, is under active...
Ubiquiti has released security updates fixing three CVSS 10.0 vulnerabilities in UniFi OS that allow unauthenticated remote attackers to fully compromise...
A newly disclosed vulnerability dubbed 'Underminr' affects approximately 88 million domains and enables attackers to bypass DNS filtering tools while...
Microsoft has disclosed two Windows Defender vulnerabilities under active exploitation in the wild, including CVE-2026-41091 — a privilege escalation flaw...
Trend Micro has patched an Apex One zero-day vulnerability actively exploited in attacks targeting Windows systems. The flaw, discovered in the company's...
A critical blind SQL injection vulnerability in the WP Directory Kit WordPress plugin allows unauthenticated attackers to exfiltrate the entire WordPress...
A critical deserialization vulnerability in Apache Fury's Python library PyFury allows attackers to bypass DeserializationPolicy validation hooks via the...
Drupal has released an urgent security update for CVE-2026-9082, a highly critical flaw that can be exploited without authentication to achieve...
Google accidentally leaked information about an unpatched Chromium vulnerability that allows JavaScript to continue running in the background even after...
Critical security vulnerabilities in SEPPMail Secure E-Mail Gateway — an enterprise email security appliance — could allow attackers to achieve remote...
Verizon's 2026 Data Breach Investigations Report reveals a landmark shift: vulnerability exploitation has surpassed credential abuse as the leading breach...
A critical CVSS 9.8 vulnerability in SGLang's multimodal AI runtime scheduler binds its ROUTER socket to 0.0.0.0 by default and passes incoming messages...
A critical CVSS 9.1 path traversal vulnerability in SGLang's multimodal AI runtime allows unauthenticated attackers to write arbitrary files anywhere the...
A zero-day XSS vulnerability in Microsoft Exchange Server (CVE-2026-42897) is being actively exploited in the wild, allowing attackers to compromise...
A high-severity SQL injection vulnerability (CVE-2026-8785, CVSS 7.3) has been disclosed in projectworlds Hospital Management System in PHP 1.0, allowing...
Cisco has patched a maximum-severity authentication bypass flaw in its Catalyst SD-WAN Controller that has already been exploited in limited attacks....
A heap buffer overflow in NGINX's rewrite module is under active exploitation, days after disclosure. The CVSS 9.2 flaw impacts both NGINX Plus and Open...
Attackers are actively exploiting a critical vulnerability in the Funnel Builder WordPress plugin to inject malicious JavaScript into WooCommerce checkout...
A proof-of-concept exploit has been released for a critical-severity NGINX vulnerability that has existed in the rewrite module for nearly two decades....
A critical CVSS 9.8 vulnerability in iDS6 DSSPro Digital Signage System 6.2 allows attackers to retrieve valid CAPTCHA codes from the login endpoint and...
A critical CVSS 9.8 memory safety flaw in libbabl 0.1.62 allows attackers to call babl_free() twice on the same pointer without triggering the library's...
A high-severity authorization bypass in Open WebUI prior to 0.9.5 allows authenticated users to attach arbitrary files to resources they do not own via...
A supply chain attack compromised official DAEMON Tools Lite installation packages distributed from daemon-tools.cc between April 8 and May 5, 2026,...
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files...
A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript into WooCommerce checkout...
Microsoft shared mitigations for a high-severity Exchange Server vulnerability being actively exploited that allows threat actors to execute arbitrary...
A stored cross-site scripting vulnerability in vCluster Platform allows attackers to inject and execute arbitrary JavaScript via the name field of a...
A stored Cross-Site Scripting vulnerability (CVSS 9.3) in PrestaShop's back-office Customer Service view allows unauthenticated attackers to inject...
Researchers have disclosed multiple critical vulnerabilities in NGINX Plus and NGINX Open Source, including a heap buffer overflow in...
An autonomous scanning system has uncovered an 18-year-old flaw in the NGINX open-source web server that can be exploited for denial of service and, under...
Threat actors began exploiting CVE-2026-44338, a missing authentication flaw in the PraisonAI multi-agent orchestration framework, within just four hours...
This week's threat roundup covers an actively exploited PAN-OS RCE granting root access, Anthropic's Mythos AI finding a cURL memory safety bug, AI...
A critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager allows an unauthenticated remote attacker to bypass...
Microsoft's May 2026 Patch Tuesday addresses 137 vulnerabilities including nine critical flaws — but for the first time in two years, not a single...
A critical vulnerability in certain configurations of the Exim open-source mail transfer agent allows unauthenticated remote attackers to execute...
A critical vulnerability in Ivanti Xtraction before version 2026.2 allows remote authenticated attackers to read sensitive files and write arbitrary HTML...
An authenticated user with database write privileges can trigger an out-of-bounds memory write in the mongod process via a flaw in MongoDB Server's...
Google has disclosed a landmark discovery: an unknown threat actor used an AI system to develop a zero-day exploit in the wild — the first confirmed...
Hackers exploited a vulnerability in Skoda's online shop portal to access customer personal data including names, addresses, email addresses, and phone...
ShinyHunters has struck education technology giant Instructure again, exploiting a fresh vulnerability to deface Canvas login portals across hundreds of...
The Apache Software Foundation has released urgent security updates for the Apache HTTP Server addressing a severe vulnerability in the HTTP/2 protocol...
A critical authentication bypass flaw in cPanel/WHM has triggered a wave of exploit activity, with multiple proof-of-concept exploits now public and...
Ivanti has disclosed a high-severity improper input validation vulnerability in Endpoint Manager Mobile (EPMM) that is being actively exploited in the...
Researchers have disclosed a critical out-of-bounds read vulnerability in Ollama that enables remote unauthenticated attackers to leak the entire process...
Palo Alto Networks has disclosed that CVE-2026-0300, a critical CVSS 9.3 buffer overflow in the PAN-OS User-ID Authentication service, is being actively...
Attackers are actively exploiting a new zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM), the latest in a long series of critical flaws...
The U.S. Cybersecurity and Infrastructure Security Agency has added CVE-2026-31431, a Linux kernel privilege escalation flaw enabling root access, to its...
The Brizy Page Builder plugin for WordPress contains a critical unauthenticated Stored Cross-Site Scripting flaw in versions up to 2.8.11, enabling...
A critical heap buffer overflow in FreeBSD's libnv library allows an unprivileged program to write outside heap allocation bounds during message header...
Security researchers using AI-assisted analysis discovered 38 vulnerabilities in OpenEMR, an open-source electronic health record platform used by more...
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been...
Google has patched a maximum severity vulnerability in its Gemini CLI npm package and GitHub Actions workflow that allowed unprivileged attackers to...
cPanel and WebHost Manager have released an emergency patch for a critical authentication bypass vulnerability that allows attackers to gain control panel...
A critical remote code execution vulnerability, CVE-2026-3854, was found to impact GitHub.com and GitHub Enterprise Server, potentially exposing millions...
GitHub has patched CVE-2026-3854, a critical remote code execution vulnerability exploitable via a single HTTP request that could have granted attackers...
ConnectWise ScreenConnect contains a path traversal vulnerability (CVE-2024-1708) that allows attackers to execute remote code or directly access...
Cybersecurity researchers have disclosed CVE-2026-25874, a critical unauthenticated remote code execution vulnerability (CVSS 9.3) in Hugging Face's...
Threat actors are actively exploiting CVE-2026-42208, a critical pre-authentication SQL injection vulnerability in the LiteLLM open-source LLM gateway,...
Cybersecurity researchers have disclosed a critical remote code execution vulnerability in GitHub.com and GitHub Enterprise Server that allows an...
A high-severity SQL injection vulnerability has been discovered in SourceCodester Pizzafy Ecommerce System 1.0, allowing remote attackers to manipulate...
A high-severity Firefox vulnerability (CVE-2026-6770) exploits the internal ordering of IndexedDB database names to generate a stable 44-bit fingerprint...
A Microsoft Windows vulnerability originally patched in a prior Patch Tuesday was incompletely remediated, leaving a residual attack surface that...
A CVSS 8.1 high-severity collection of memory safety bugs affects Firefox 149, Firefox ESR 140.9, Firefox ESR 115.34, Thunderbird 149, and Thunderbird ESR...
A critical CVSS 9.8 OS command injection vulnerability in the Totolink A8000RU router allows unauthenticated remote attackers to execute arbitrary...
A remotely exploitable SQL injection vulnerability has been disclosed in itsourcecode Courier Management System 1.0, affecting the edit_parcel.php file...
A high-severity SSRF vulnerability in LMDeploy, a widely used open-source LLM deployment toolkit, was actively exploited in the wild less than 13 hours...
Microsoft patched 77 security vulnerabilities in March 2026 with no actively exploited zero-days, a welcome reprieve following February's five-zero-day...
A newly disclosed vulnerability in the PackageKit daemon, dubbed Pack2TheRoot, allows local Linux users to escalate privileges to root by abusing the...
CISA has confirmed that a cross-site scripting vulnerability in Zimbra Collaboration Suite is being actively exploited in the wild, with over 10,000...
Microsoft released patches for 167 security vulnerabilities in April 2026, including an actively exploited SharePoint Server zero-day and the publicly...
CISA has added four actively exploited vulnerabilities affecting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X routers to its Known...
A command injection flaw in end-of-life D-Link DIR-823X routers allows authenticated remote attackers to execute arbitrary OS commands. CISA has added...
Threat actors are mass-exploiting a critical unauthenticated file upload vulnerability in the Breeze Cache WordPress plugin, uploading PHP webshells to...
ThinkPHP 5.0.23 contains a critical unauthenticated remote code execution vulnerability allowing attackers to invoke arbitrary PHP functions via a crafted...
ELBA5 5.8.0 contains a critical remote code execution vulnerability where default database connector credentials allow attackers to connect to the...
A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability in end-of-life D-Link DIR-823X...
More than 1,300 internet-facing Microsoft SharePoint servers remain unpatched against a spoofing vulnerability exploited as a zero-day, with active...
A high-severity vulnerability in Oracle Life Sciences Empirica Signal versions 9.2.1-9.2.3 allows a low-privileged attacker with network access via HTTP...
A high-severity flaw in Spring Security allows security filter chains to silently fail to match requests when PathPatternRequestMatcher.Builder is used to...
Shadowserver found over 6,400 Apache ActiveMQ servers exposed online and vulnerable to ongoing attacks exploiting a high-severity code injection...
Kentico Xperience contains a path traversal vulnerability allowing an authenticated user's Staging Sync Server to upload arbitrary data to relative path...
A critical privilege escalation flaw in OpenXiangShan NEMU's RISC-V hypervisor extension allows a VS-mode guest write to the supervisor interrupt-enable...
A critical OS command injection vulnerability in NewSoftOA by NewSoft allows unauthenticated local attackers to inject and execute arbitrary OS commands...
Vercel confirms breach through a compromised third-party AI coding tool; North Korean hackers attributed to a $290 million crypto theft; 6,400 Apache...
Cybersecurity researchers have discovered a critical by-design weakness in the Model Context Protocol architecture that enables arbitrary command...
A critical CVSS 9.8 command injection vulnerability in the SGLang AI inference framework allows attackers to achieve remote code execution by supplying a...
Cisco Catalyst SD-WAN Manager contains a privileged API misuse vulnerability that allows an attacker to upload a malicious file to the local file system...
A medium-severity SQL injection vulnerability has been disclosed in ProjectsAndPrograms School Management System, allowing remote attackers to manipulate...
A critical authentication bypass vulnerability in nginx-ui, a popular open-source web-based Nginx management interface, is being actively exploited to...
Microsoft's April 2026 Patch Tuesday addressed 169 CVEs — the second-largest monthly update in company history — including one actively exploited...
Microsoft's April 2026 Patch Tuesday addresses a record 169 security vulnerabilities including a SharePoint zero-day actively exploited in the wild, 8...
This week's threat roundup covers an unpatched Microsoft Defender zero-day, active SonicWall brute-force campaigns, a 17-year-old Excel RCE vulnerability...
This week's cybersecurity roundup covers the proposed Satellite Cybersecurity Act, a $90,000 Chrome heap overflow bug, a 16-year-old hacker arrest,...
A critical heap buffer overflow in the SAIL image library's XWD codec arises from a mismatch between pixel depth and bits-per-pixel, enabling arbitrary...
A critical out-of-bounds write in SAIL's PSD codec occurs when the pixel buffer is allocated using a raw header formula that doesn't account for actual...
A critical heap write-past-end vulnerability in SAIL's TGA codec RLE decoder stems from an asymmetric bounds check that correctly validates run-packets...
The CMP Coming Soon & Maintenance Plugin for WordPress contains a critical arbitrary file upload flaw that allows subscriber-level authenticated users to...
CISA has added a high-severity Apache ActiveMQ vulnerability to its Known Exploited Vulnerabilities catalog after confirming active exploitation in the...
SiYuan knowledge management versions 3.6.3 and below render Mermaid diagrams with loose security, allowing attacker-controlled javascript: URLs to execute...
Multiple vulnerabilities in the widely-used Orthanc open-source DICOM server expose medical imaging systems to denial-of-service, information disclosure,...
A critical CVSS 9.1 vulnerability in Apache Airflow fails to invalidate JWT tokens upon user logout, allowing intercepted tokens to be reused for...
A critical CVSS 9.1 flaw in Canonical LXD versions 4.12 through 6.7 omits raw.apparmor and raw.qemu.conf from the VM low-level option denylist, allowing...
A critical CVSS 9.1 vulnerability in Canonical LXD before 6.8 allows authenticated attackers to bypass project restrictions during backup import. The...
A high-severity LDAP injection vulnerability in OPNsense's authentication connector allows unauthenticated attackers to bypass login controls by injecting...
A critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary system...
A second critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary...
A remotely exploitable SQL injection vulnerability has been disclosed in code-projects Simple IT Discussion Forum 1.0, affecting the /delete-category.php...
Threat actors have been exploiting an unpatched zero-day in Adobe Reader since at least November 2025, using specially crafted PDFs to fingerprint victims...
A now-patched security vulnerability in the widely used EngageLab Android SDK allowed apps on the same device to bypass the Android security sandbox and...
Attackers have been silently exploiting an unpatched zero-day vulnerability in Adobe Acrobat Reader since at least November 2025, using malicious PDFs to...
A critical sandbox escape vulnerability in PraisonAI's multi-agent framework allows attackers to bypass the Python code execution sandbox, defeating the...
A critical code injection vulnerability in PraisonAI's AgentService allows attackers to craft malicious YAML files using dangerous js-yaml tags such as...
Security researchers discovered a remote code execution vulnerability in Apache ActiveMQ Classic that went undetected for 13 years, allowing attackers to...
A critical unauthenticated command injection vulnerability in the Tianxin Internet Behavior Management System's Reporter component allows attackers to...
A critical unauthenticated RCE vulnerability in Weaver (Fanwei) E-cology 10.0 allows attackers to execute arbitrary commands by abusing an exposed Dubbo...
A critical access control bypass (CVSS 9.4) in the @delmaredigital/payload-puck PayloadCMS plugin exposes all /api/puck/* CRUD endpoints without...
Mozilla has patched critical memory safety bugs in Firefox, Firefox ESR, and Thunderbird that showed evidence of memory corruption. Exploiting these flaws...
Attackers are actively exploiting a critical unauthenticated arbitrary file upload vulnerability in the Ninja Forms File Uploads premium add-on for...
SecurityWeek reports that the Medusa ransomware group has developed a dangerous capability: rapidly weaponizing newly disclosed vulnerabilities —...
A critical CVSS 9.8 path traversal vulnerability in goshs, a SimpleHTTPServer written in Go, allows unauthenticated attackers to write arbitrary files via...
A remotely exploitable SQL injection vulnerability (CVE-2026-5637) has been disclosed in projectworlds Car Rental System 1.0. The flaw exists in...
An unauthenticated SQL injection vulnerability in ResourceSpace 8.6 allows attackers to execute arbitrary database queries via the 'ref' parameter in...
A remotely exploitable SQL injection vulnerability has been disclosed in code-projects Concert Ticket Reservation System 1.0, affecting the...
An unauthenticated SQL injection vulnerability has been disclosed in code-projects Concert Ticket Reservation System 1.0, affecting the login.php file via...
A remotely exploitable SQL injection vulnerability has been disclosed in SourceCodester/jkev Record Management System 1.0, affecting the Login page's...
Fortinet has released emergency out-of-band patches for CVE-2026-35616, a critical pre-authentication API access bypass in FortiClient EMS that enables...
Threat actors are running a large-scale, automated campaign exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js applications to steal...
Fortinet has released an emergency weekend security update for CVE-2026-35616, a critical pre-authentication API access bypass in FortiClient EMS that is...
Snews CMS 1.7 contains a critical unrestricted file upload vulnerability allowing unauthenticated attackers to upload PHP webshells to the snews_files...
A high-severity SQL injection vulnerability in itsourcecode Online Enrollment System 1.0 allows remote unauthenticated attackers to manipulate the USERID...
A high-severity SQL injection vulnerability in code-projects Simple Laundry System 1.0 allows remote unauthenticated attackers to manipulate the firstName...
A remotely exploitable SQL injection vulnerability has been disclosed in itsourcecode Free Hotel Reservation System 1.0, affecting the login page's email...
A critical authentication bypass in Hirschmann Industrial HiVision versions prior to 06.0.07 and 07.0.03 allows unauthenticated remote attackers to...
A critical insecure direct object reference vulnerability allows authenticated users to pivot to any other user's profile by modifying an id parameter in...
A high-severity denial-of-service vulnerability in DokuWiki v.2025-05-14b 'Librarian' allows remote attackers to crash the application by exploiting the...
A critical unauthenticated information disclosure vulnerability in the Gardyn smart garden platform exposes all registered user account information via a...
A high-severity authorization flaw in the ProfilePress WordPress plugin (up to v4.16.11) lets unauthenticated or low-privilege users bypass membership...
Improper certificate validation in Amazon Athena ODBC driver versions prior to 2.1.0.0 allows man-in-the-middle attackers to intercept authentication...
A high-severity Insecure Direct Object Reference vulnerability in the WCFM Frontend Manager for WooCommerce plugin (up to v6.7.25) lets authenticated...
This week's security stories you may have missed: a ChatGPT conversation data leak, a new Android rootkit on Google Play, a municipal water facility taken...
A critical unauthenticated SQL injection vulnerability (CVSS 9.1) in the setinfo endpoint allows remote attackers to corrupt data and cause denial of...
Adversa AI has discovered a critical vulnerability in Anthropic's Claude Code AI coding assistant, disclosed just days after Anthropic accidentally leaked...
A large-scale credential harvesting campaign has been observed exploiting the React2Shell vulnerability (CVE-2025-55182) as an initial infection vector,...
Two newly disclosed vulnerabilities in Progress ShareFile can be chained together to enable unauthenticated remote code execution and file exfiltration,...
Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks exploiting a critical-severity...
Google has patched the fourth Chrome zero-day vulnerability actively exploited in attacks this year, a use-after-free flaw in the Dawn graphics engine...
Threat actors have weaponized an unpatched zero-day in TrueConf conference server software to execute arbitrary files on all connected endpoints,...
Google has released a Chrome security update patching 21 vulnerabilities including a high-severity use-after-free zero-day in the Dawn graphics engine...
A high-severity heap buffer overflow in Chrome's GPU component allows remote attackers to execute arbitrary code via a crafted HTML page. Affects all...
CISA has issued a mandatory patching directive ordering all U.S. federal agencies to apply Citrix NetScaler security updates by Thursday, March 5, 2026,...
Anthropic's Claude AI assistant discovered remote code execution vulnerabilities in both Vim and GNU Emacs text editors using simple security research...
CVE-2025-53521, initially disclosed as a high-severity denial-of-service flaw in F5 BIG-IP APM, has been reclassified as a remote code execution...
Hackers are actively exploiting a critical memory overread vulnerability tracked as CVE-2026-3055 in Citrix NetScaler ADC and NetScaler Gateway appliances...
Threat intelligence firm Defused confirms active in-the-wild exploitation of a critical vulnerability in Fortinet's FortiClient EMS platform....
F5 has reclassified a BIG-IP APM vulnerability from denial-of-service to critical remote code execution, warning that attackers are actively exploiting...
A critical CVSS 9.8 vulnerability in OpenClaw allows attackers to bypass the exec allowlist by exploiting improper glob pattern normalization where the ?...
A critical CVSS 9.8 authorization bypass in OpenClaw's Zalouser allowlist mode matches mutable group display names instead of stable identifiers, letting...
A critical CVSS 9.8 vulnerability in OpenClaw allows attackers to replay a valid bootstrap setup code multiple times before approval, escalating device...
A CVSS 10.0 critical vulnerability in steam-trader 2.1.1 exposes Steam account credentials, identity secrets, and shared secrets to unauthenticated remote...
CISA has added CVE-2026-33017, a critical unauthenticated remote code execution vulnerability in the Langflow AI framework, to its Known Exploited...
A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, allows subscriber-level users to read arbitrary files on the...
JAD 1.5.8e-1kali1 and prior contains a critical stack-based buffer overflow vulnerability allowing attackers to execute arbitrary code by supplying input...
TiEmu 2.08 and prior contains a critical stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by passing oversized...
A critical CVSS 9.9 privilege escalation vulnerability in OpenClaw allows operators with limited pairing scope to mint tokens with unrestricted admin...
A critical CVSS 9.8 authorization bypass in OpenClaw allows attackers to circumvent groupAllowFrom and requireMention protections in group chats by...
A remotely exploitable SQL injection vulnerability has been disclosed in code-projects Simple Food Order System 1.0, affecting the /all-tickets.php file...
A remotely exploitable SQL injection vulnerability exists in code-projects Simple Food Order System 1.0, where the Name parameter in register-router.php...
A SQL injection vulnerability has been disclosed in code-projects Simple Food Order System 1.0, where the Status parameter in all-orders.php enables...
A remotely exploitable SQL injection vulnerability has been disclosed in code-projects Accounting System 1.0, where the cos_id parameter in...
A remotely exploitable SQL injection vulnerability has been disclosed in code-projects Accounting System 1.0, allowing unauthenticated attackers to...
CISA has added CVE-2025-53521, a critical vulnerability in F5 BIG-IP Access Policy Manager, to its Known Exploited Vulnerabilities catalog after...
Security researchers at Defused Cyber and watchTowr have detected active reconnaissance targeting CVE-2026-3055, a critical CVSS 9.3 memory overread flaw...
A Server-Side Request Forgery vulnerability in the Oxygen Theme plugin for WordPress (all versions up to 6.0.8) enables unauthenticated attackers to make...
A timing oracle vulnerability in Dovecot's doveadm HTTP service allows unauthenticated remote attackers to recover configured credentials through...
Mass exploitation is underway against Magento 2 and Adobe Commerce installations using the 'PolyShell' polyglot file upload vulnerability, with attackers...
PTC is warning customers of an imminent exploit threat against a critical deserialization vulnerability in Windchill and FlexPLM — CVE-2026-4681, CVSS...
CISA orders federal agencies to patch five actively exploited vulnerabilities by April 3, including three Apple flaws linked to the DarkSword iOS exploit...
The Trivy open-source vulnerability scanner was compromised in a supply chain attack by the threat group TeamPCP, which hijacked 75 release tags and...
CVE-2026-20131, a maximum-severity CVSS 10.0 insecure deserialization flaw in Cisco Firepower Management Center, was exploited by Interlock ransomware as...
CVE-2026-33017, a CVSS 9.3 unauthenticated remote code execution vulnerability in the Langflow AI platform, was weaponized by threat actors within 20...
Plano-based fintech vendor Marquis disclosed that a ransomware attack exploiting a SonicWall firewall vulnerability compromised Social Security numbers,...
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability allowing a malicious app to cause unexpected changes in...
A critical code injection vulnerability in Laravel Livewire v3 allows unauthenticated remote attackers to execute arbitrary commands. Over 130,000...
A critical CVSS 9.9 authorization bypass in OpenClaw allows authenticated users to self-declare elevated scopes over WebSocket connections without...
Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Oracle Identity Manager and...
A critical code injection vulnerability in Craft CMS allows unauthenticated remote attackers to execute arbitrary code on affected servers. Added to...
CISA added actively exploited Zimbra Collaboration Suite and Microsoft SharePoint vulnerabilities to its Known Exploited Vulnerabilities catalog on March...
Researchers have disclosed a critical unauthenticated remote code execution vulnerability in the GNU InetUtils telnet daemon (telnetd). CVE-2026-32746...
The Interlock ransomware gang has been actively exploiting a CVSS 10.0 insecure deserialization flaw in Cisco Secure Firewall Management Center since late...
A critical SSRF vulnerability (CVSS 9.1) in Spinnaker's clouddriver and orca components bypasses the previous CVE-2025-61916 URL validation patch through...
A critical remote code execution vulnerability (CVSS 9.1) in Wazuh versions 4.0.0–4.14.2 allows an attacker with access to a worker node to achieve root...
A critical privilege escalation vulnerability (CVSS 9.1) in Wazuh versions 3.9.0–4.14.2 allows authenticated cluster nodes to overwrite the manager...
A critical authentication bypass vulnerability (CVSS 9.0) in ConnectWise ScreenConnect versions prior to 26.1 allows an actor with access to server-level...
A stored cross-site scripting vulnerability in RealtyScript 4.0.2 allows attackers to inject malicious JavaScript via the location_name parameter in the...
A critical unauthenticated Boolean-based SQL injection vulnerability (CVSS 9.8) has been disclosed in HCL Unica versions 25.1.1 and below, allowing remote...
CISA added CVE-2025-47813 to its Known Exploited Vulnerabilities catalog on March 16, warning that the medium-severity path disclosure flaw is being...
CVE-2015-20115 is a stored cross-site scripting vulnerability in RealtyScript 4.0.2 that allows authenticated attackers to upload malicious script files...
ZKTeco ZKTime.Net 3.0.1.6 ships with world-writable directory permissions on its installation folder, allowing any local unprivileged user to replace...
ZKTeco ZKBioSecurity 3.0 ships a bundled Apache Tomcat server with hardcoded credentials stored in tomcat-users.xml, granting unauthenticated attackers...
ZKTeco ZKBioSecurity 3.0 allows unauthenticated attackers to enumerate valid usernames by submitting partial character strings to the...
CISA has added CVE-2025-47813, a medium-severity information disclosure flaw in Wing FTP Server, to its KEV catalog after confirming active exploitation...
CISA added CVE-2025-68613 — a CVSS 9.9 remote code execution flaw in n8n's workflow expression evaluator — to its Known Exploited Vulnerabilities catalog...
CISA mandated all federal civilian agencies patch CVE-2025-68613, a CVSS 9.9 remote code execution flaw in the n8n workflow automation platform, after...
A high-severity stack buffer overflow vulnerability in FreeBSD's routing socket subsystem allows an unprivileged local attacker to trigger a kernel panic,...
A remotely exploitable SQL injection vulnerability has been disclosed in itsourcecode Free Hotel Reservation System 1.0, affecting the amenities admin...
A remotely exploitable improper authorization vulnerability has been disclosed in SourceCodester Client Database Management System 1.0, allowing...
A high-severity SQL injection vulnerability has been disclosed in itsourcecode University Management System 1.0, allowing remote attackers to execute...
A remotely exploitable SQL injection vulnerability has been disclosed in SourceCodester Simple Responsive Tourism Website 1.0, allowing attackers to...
A high-severity host header injection vulnerability in ZITADEL's login V2 password reset flow allows attackers to redirect reset links to...
A stored cross-site scripting vulnerability in ZITADEL's login V2 interface allows organization administrators to inject malicious JavaScript via a...
A SQL injection vulnerability in Galaxy Forces MMORPG version 0.5.8 has been formally catalogued by NVD, enabling authenticated attackers to extract...
A denial of service vulnerability in AMPPS 2.7, a local web server stack for developers, has been formally assigned CVE-2018-25169 with a CVSS score of...
A cross-site request forgery vulnerability in WooCommerce versions 5.4.0 through 10.5.2 allows attackers to abuse the Store API's batch endpoint to...
A maximum-severity authentication bypass in Cisco Catalyst SD-WAN (CVE-2026-20127, CVSS 10.0) has been actively exploited by threat actor UAT-8616 since...
A critical unauthenticated RCE vulnerability in International Datacasting Corporation's SFX Series satellite receivers allows attackers to execute...
A maximum-severity zero-click vulnerability dubbed Mail2Shell allows unauthenticated attackers to compromise FreeScout mail servers by simply sending a...
CISA has added CVE-2026-22719, a high-severity command injection vulnerability in VMware Aria Operations allowing unauthenticated remote code execution,...
Google's March 2026 Android security bulletin addresses 129 vulnerabilities, including CVE-2026-21385 — an actively exploited zero-day in a Qualcomm...
Microsoft's February 2026 Patch Tuesday addresses roughly 60 vulnerabilities including six actively exploited zero-days across Windows, Office, and Azure...
A new cross-platform tool called Tirith hooks into terminal shells to detect and block Unicode homoglyph attacks, pipe-to-shell exploits, and supply chain...
Cisco Talos uncovers a seven-component Linux framework called DKnife that compromises routers to intercept credentials, replace downloads with trojans,...