20 articles
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical code-injection vulnerability in Langflow. Tracked a...
View CSAF Summary An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full comp...
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. The following versions of PTC Windc...
View CSAF Summary Successful exploitation of this vulnerability could allow an authenticated low-privileged user to gain access to SMS messages outside of th...
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-33634 Aqua Secu...
A critical security flaw has been identified in the IDrive Cloud Backup Client for Windows, exposing users to local privilege escalation attacks. Tracked as ...
Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-38606 is an...
Aqua Security’s vulnerability scanner, Trivy, suffered a sophisticated CI/CD supply chain compromise. The threat actor, identified as TeamPCP, leveraged prio...
Cisco has released critical security updates to address a maximum-severity vulnerability affecting its Secure Firewall Management Center (FMC) Software. Trac...
A new critical vulnerability that is similar to the widely-exploited CitrixBleed and CitrixBleed2 holes should be patched in NetScaler devices immediately, s...
Cisco’s widely deployed Catalyst 9300 Series enterprise switches have four security vulnerabilities, two of which could be chained to cause a denial-of-servi...
TP-Link patched a high severity flaw (CVE-2025-15517) in Archer NX routers that could let attackers bypass authentication and install malicious firmware. TP-...
A critical security flaw in GoHarbor’s Harbor container registry exposes organizations to severe supply chain attacks. Tracked as CVE-2026-4404, this vulnera...
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-33017 Langflow ...
F5 has disclosed a high-severity vulnerability (CVE-2026-32647) in the NGINX ngx_http_mp4_module that allows attackers execute arbitrary code or cause a deni...
Citrix warns of a critical NetScaler flaw (CVE-2026-3055) that could leak sensitive data; users are urged to apply security updates immediately. Citrix issue...
View CSAF Summary Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary commands with root privileges. T...
View CSAF Summary Successful exploitation of these vulnerabilities could risk privilege escalation, which could result in remote code execution. The followin...
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to send a specially crafted file, and when parsed, could result in a ...
Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited...