Vulnerability Disclosure

Cisco Advisories Vulnerability Disclosure Cisco Feb 12

Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability

A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthent...

T1498

Cisco Advisories →

Wordfence Blog Vulnerability Disclosure Intel WordPress Feb 12

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 2, 2026 to February 8, 2026)

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnera...

Wordfence Blog →

Infosecurity Magazine Vulnerability Disclosure Amazon Feb 12

Time to Exploit Plummets as N-Day Flaws Dominate

Flashpoint warns of a dramatic drop in the average time between vulnerability disclosure and exploitation

Infosecurity Magazine →

Infosecurity Magazine Vulnerability Disclosure Feb 11

FIRST Forecasts Record-Breaking 50,000+ CVEs in 2026

This year should break all the records in terms of vulnerability disclosed, reaching or even surpassing 50,000 new CVEs disclosed

Infosecurity Magazine →

Exploit Database Vulnerability Disclosure Feb 11

[webapps] motionEye 0.43.1b4 - RCE

motionEye 0.43.

Exploit Database →

Exploit Database Vulnerability Disclosure Microsoft Feb 11

[remote] Windows 10.0.17763.7009 - spoofing vulnerability

Windows 10.0.

Exploit Database →

Exploit Database Vulnerability Disclosure Feb 11

[local] glibc 2.38 - Buffer Overflow

glibc 2.

Exploit Database →

Wordfence Blog Vulnerability Disclosure WordPress Feb 10

800,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in WPvivid Backup WordPress Plugin

On January 12th, 2026, we received a submission for an Arbitrary File Upload vulnerability in WPvivid Backup, a WordPress plugin with more than 800,000 activ...

T1190

Wordfence Blog →

Infosecurity Magazine Vulnerability Disclosure Feb 9

New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix

Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote code execution

T1190

Infosecurity Magazine →

Infosecurity Magazine Vulnerability Disclosure Amazon GitHub Feb 5

Malicious Commands in GitHub Codespaces Enable RCE

Flaws in GitHub Codespaces allow RCE via crafted repositories or pull requests

Infosecurity Magazine →

Infosecurity Magazine Vulnerability Disclosure Microsoft Check Point Feb 5

New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability

Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation

Infosecurity Magazine →

Infosecurity Magazine Vulnerability Disclosure Feb 4

SolarWinds Web Help Desk Vulnerability Actively Exploited

CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog

Infosecurity Magazine →

Exploit Database Vulnerability Disclosure Feb 4

[remote] Redis 8.0.2 - RCE

Redis 8.0.

Exploit Database →

Exploit Database Vulnerability Disclosure F5 Feb 4

[remote] Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE

Ingress-NGINX Admission Controller v1.11.

Exploit Database →

Exploit Database Vulnerability Disclosure Feb 4

[webapps] FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution

FortiWeb Fabric Connector 7.6.

T1190

Exploit Database →

Infosecurity Magazine Vulnerability Disclosure WordPress Feb 3

SQL Injection Flaw Affects 40,000 WordPress Sites

40,000 WordPress sites are vulnerable to SQL injection in Quiz and Survey Master plugin

Infosecurity Magazine →

Infosecurity Magazine Vulnerability Disclosure Docker Feb 3

DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon

DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon

T1041

Infosecurity Magazine →

Infosecurity Magazine Vulnerability Disclosure Microsoft Feb 2

Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks

Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says

Infosecurity Magazine →

Exploit Database Vulnerability Disclosure Feb 2

[webapps] Piranha CMS 12.0 - Stored XSS in Text Block

Piranha CMS 12.

Exploit Database →

Exploit Database Vulnerability Disclosure Feb 2

[webapps] RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)

RPi-Jukebox-RFID 2.8.

Exploit Database →