Vulnerabilities & Patches
CVEs, zero-days, vendor patch advisories, exploit research and proof-of-concept disclosures.
-
VulnerabilitiesCritical Veeam Backup and Replication Bug Lets Any Domain User Run Code
Veeam issued security updates for the Backup & Replication critical security weakness…
-
VulnerabilitiesFFmpeg PixelSmash Flaw Turns Malicious Video Files Into Remote Code Execution
The FFmpeg issue, known as "PixelSmash", allows for Remote Code Execution (RCE) when…
-
VulnerabilitiesAI Cyberattacks: Two Years of Insane Vulnerabilities
SAN FRANCISCO – As always, each RSA Conference has its share of buzzwords: Cloud…
-
VulnerabilitiesMicrosoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
This Patch Tuesday includes fixes for 17 "critical" bugs; 14 are RCEs, 2 are EOPs and 1…
-
VulnerabilitiesHackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Google reported yesterday that it had identified an unknown threat actor utilising a…
-
VulnerabilitiesCybercriminals Take Advantage of Serious Langflow Vulnerability Within 20 Hours
Cybercriminals have showcased their rapid response capabilities by exploiting a…
-
VulnerabilitiesAcrobat Reader zero-day vulnerability actively targeted for several months
Security researcher Haifei Li has uncovered that unidentified attackers have been…
-
VulnerabilitiesClaude assists researcher in uncovering ten-year-old Apache ActiveMQ remote code execution flaw CVE-2026-34197
In a recent showcase of how AI tools can assist in identifying software vulnerabilities…
-
Vulnerabilities30-Year-Old Vulnerability Discovered in libpng Library
Developers have successfully addressed a longstanding vulnerability in the widely used…
-
VulnerabilitiesMicrosoft Addresses Exploited SharePoint Vulnerability and Fixes 160 Additional Security Flaws
Microsoft has released its most recent Patch Tuesday updates addressing 165…
-
Vulnerabilities10 Persistent Software Bugs That Took Ages to Fix
In 2021, a significant vulnerability was uncovered in a system fundamental to modern…
-
VulnerabilitiesVulnerability may allow hackers to seize control of Juniper Networks PTX core routers
Network administrators using Juniper PTX series routers are being urged to apply patches…
-
VulnerabilitiesActive Attacks Exploit Critical BeyondTrust RS Vulnerability
Researchers are sounding the alarm about a serious vulnerability that was patched this…
-
VulnerabilitiesGoogle reports exploit for new Chrome zero-day vulnerability
Google has issued a warning to IT administrators regarding a newly discovered zero-day…
-
VulnerabilitiesVulnerabilities in four VS Code extensions exposed 128 million installations to risk
Recent research has uncovered critical and high-severity vulnerabilities in four popular…
-
VulnerabilitiesFour Common Vulnerability Management Mistakes and How to Correct Them
Vulnerability management has evolved significantly over the past five years. If you are…
-
VulnerabilitiesChinese Hackers Exploited Dell RecoverPoint Zero-Day Flaw for 18 Months
For the past 18 months, a Chinese cyberespionage group has been taking advantage of a…
-
VulnerabilitiesHackers leverage Ivanti EPMM zero-days to hijack MDM servers
Attackers are actively exploiting two critical zero-day vulnerabilities in Ivanti’s…
-
VulnerabilitiesVMware Patches Command Injection Vulnerability in Aria Operations
VMware has issued patches addressing several high- and medium-risk vulnerabilities in its…
-
VulnerabilitiesNew Serv-U vulnerabilities continue SolarWinds' trend of critical disclosures
SolarWinds is facing significant security challenges, particularly with its Serv-U…
-
VulnerabilitiesFive Eyes release urgent warning on Cisco SD-WAN zero-day vulnerability exploitation
Cybersecurity agencies within the Five Eyes alliance have issued an urgent directive…
-
VulnerabilitiesYour OpenClaw agent might be receiving commands from harmful websites
Researchers at Oasis Security have disclosed a flaw chain that allowed a malicious…
-
VulnerabilitiesCisco SD-WAN Zero-Day Exploited for Three Years
Cisco announced today that a critical zero-day vulnerability in its Catalyst SD-WAN…
-
VulnerabilitiesFlaw in Google's Gemini AI Panel Allows Potential Hijacking
Google has addressed a significant vulnerability in its Gemini AI feature within the…
-
VulnerabilitiesOpenClaw Flaw Highlights AI Agent Vulnerabilities
A recently uncovered vulnerability in OpenClaw, an open-source AI agent that has rapidly…