Critical Gitea Flaw Under Active Exploitation, Researchers Warn
Attackers are exploiting the critical Gitea vulnerability CVE-2026-20896 to bypass authentication with a single HTTP header and access vulnerable repositorie...
20 articles
Attackers are exploiting the critical Gitea vulnerability CVE-2026-20896 to bypass authentication with a single HTTP header and access vulnerable repositorie...
Hackers are exploiting a recently patched critical vulnerability (CVE-2026-48282) in Adobe ColdFusion that carries a CVSS score of 10/10. The post Critical A...
CVE-2026-48282, one of the maximum severity vulnerabilities patched in Adobe ColdFusion on June 30, 2026, has been targeted by attackers in the wild. Exploit...
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-48282 Adobe Col...
CERT/CC warns an unpatched backdoor in several Tenda routers lets attackers bypass login and gain full admin access with a hidden password. CERT/CC published...
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of...
A newly disclosed vulnerability in the Linux kernel, tracked as CVE-2026-53359 and named “Januscape,” reveals a 16-year-old flaw in KVM/x86 virtualization. T...
A recent security audit of PHP’s PDO ecosystem uncovered a denial-of-service vector in the pdo_pgsql driver that can crash PHP processes when emulated prepar...
Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enab...
BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if su...
Microsoft has disclosed a high-severity remote code execution (RCE) vulnerability in its Chromium-based Edge browser, identified as CVE-2026-57992. This vuln...
Attackers are exploiting the critical Adobe ColdFusion flaw CVE-2026-48282, which allows remote code execution on unpatched servers. Attackers have started e...
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it...
Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerabili...
Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, the Canadian Center for Cyber Security (CCCS) warne...
A newly discovered deserialization vulnerability, tracked as CVE-2026-44963, affects Veeam Backup & Replication. This vulnerability allows authenticated doma...
A critical vulnerability in fast-mcp-telegram (CVE-2026-52830, GHSA-rxw2-pc8j-vxwm) allows attackers to access a Telegram MCP session over HTTP without a val...
IBM has disclosed several security vulnerabilities in its WebSphere Application Server that put enterprise environments at risk of cross-site scripting (XSS)...
A newly disclosed high-severity vulnerability in PHP, tracked as CVE-2026-12184, poses a significant risk to web applications by allowing a remotely triggera...