Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Ravie LakshmananApr 28, 2026Vulnerability / Threat Intelligence Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting...
highseverity
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation...
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
Ravie LakshmananApr 17, 2026Vulnerability / Enterprise Security A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active...
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
Ravie LakshmananApr 14, 2026Vulnerability / DevSecOps Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully...
CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw
CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw Pierluigi Paganini April 06, 2026 Fortinet issued emergency patches for a critical FortiClient...
Cisco fixed critical and high-severity flaws
Cisco fixed critical and high-severity flaws Pierluigi Paganini April 02, 2026 Cisco fixed critical flaws that could allow attackers to...
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
Ravie LakshmananMar 31, 2026Zero-Day / Vulnerability A high-severity security flaw in the TrueConf client video conferencing software has been exploited...
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Ravie LakshmananMar 03, 2026Vulnerability / Mobile Security Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm...
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket
OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to...
OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link
Ravie LakshmananFeb 02, 2026Vulnerability / Artificial Intelligence A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as...
Microsoft Office vulnerability (CVE-2026-21509) in active exploitation
On January 26, 2026, Microsoft released an out-of-band update to address a high-severity (CVSS score of 7.8) vulnerability affecting multiple...
Microsoft Office Zero-Day (CVE-2026-21509) – Emergency Patch Issued for Active Exploitation
Ravie LakshmananJan 27, 2026Zero-Day / Vulnerability Microsoft on Monday issued out-of-band security patches for a high-severity Microsoft Office zero-day vulnerability...
