Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Ravie LakshmananMay 14, 2026Vulnerability / Network Security Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst...
2026Vulnerability
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Ravie LakshmananMay 14, 2026Vulnerability / API Security Threat actors have been observed attempting to exploit a recently disclosed security vulnerability...
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
Ravie LakshmananMay 14, 2026Vulnerability / Linux Details have emerged about a new variant of the recent Dirty Frag Linux local...
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Ravie LakshmananMay 14, 2026Vulnerability / Web Server Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open,...
Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Ravie LakshmananMay 13, 2026Vulnerability / Artificial Intelligence Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to...
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Ravie LakshmananMay 12, 2026Vulnerability / Email Security Exim has released security updates to address a severe security issue affecting certain...
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
Ravie LakshmananMay 12, 2026Vulnerability / Network Security American educational technology company Instructure, the parent company of Canvas, said it reached...
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
Ravie LakshmananMay 12, 2026Vulnerability / AI Security OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial...
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
Ravie LakshmananMay 11, 2026Vulnerability / Ransomware A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently...
cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now
Ravie LakshmananMay 09, 2026Vulnerability / Web Hosting cPanel has released updates to address three vulnerabilities in cPanel and Web Host...
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ravie LakshmananMay 07, 2026Vulnerability / Network Security Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM)...
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
Ravie LakshmananMay 07, 2026Vulnerability / Cyber Espionage Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully...
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
Ravie LakshmananMay 07, 2026Vulnerability / Software Security A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library...
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
Ravie LakshmananMay 06, 2026Vulnerability / Network Security Palo Alto Networks has released an advisory warning that a critical buffer overflow...
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
Ravie LakshmananMay 05, 2026Vulnerability / Server Security The Apache Software Foundation (ASF) has released security updates to address several security...
