Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Ravie LakshmananMay 22, 2026Vulnerability / Network Security Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload...
flaw
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could...
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
Ravie LakshmananMay 17, 2026Server Security / Vulnerability A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come...
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ravie LakshmananMay 07, 2026Vulnerability / Network Security Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM)...
CISA Warning: High-Severity Linux Flaw Puts Unpatched Systems at Risk
CISA warns that the nine-year-old Linux Copy Fail flaw is being actively exploited, allowing local attackers to gain root access...
Google Update: Android Flaw Could Put Billions of Devices at Risk
A newly patched Android flaw could allow nearby attackers to execute code without a tap, click, or user warning. Google...
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" GitHub...
Microsoft Confirms Windows Flaw Is Being Exploited After Incomplete Patch
Microsoft confirmed a Windows zero-click flaw tied to an incomplete patch is being exploited, putting credentials at risk for unpatched...
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation...
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
Ravie LakshmananApr 17, 2026Vulnerability / Enterprise Security A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active...
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
Ravie LakshmananApr 15, 2026Web Security / Vulnerability A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management...
Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed
Image: ChatGPT A critical Android software development kit (SDK) flaw has turned a utility tool into a malware bridge, gaining...
Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution
Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution Pierluigi Paganini April 07, 2026 Attackers are exploiting a critical...
U.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog Pierluigi Paganini April 07, 2026...
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings...