Vulnerability Disclosure

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 11

Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability

A vulnerability in the handling of an Egress Packet Network Interface (EPNI) Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System ...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Intel Mar 11

Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Finesse, Cisco Packaged Contact Center Enterprise (Packaged CCE), Cisco Unified Conta...

T1598

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 11

Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco IOS XR Software could allow an authenticated, local attacker to execute commands as root on an underlying operating system ...

T1548

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 11

Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) multi-instance routing feature of Cisco IOS XR Software could allow an unauthentica...

T1498

Cisco Advisories →

Trail of Bits Vulnerability Disclosure Mar 11

Six mistakes in ERC-4337 smart accounts

Account abstraction transforms fixed “private key can do anything” models into programmable systems that enable batching, recovery and spending limits, and f...

Trail of Bits →

Wordfence Blog Vulnerability Disclosure WordPress Mar 10

400,000 WordPress Sites Affected by Unauthenticated SQL Injection Vulnerability in Ally WordPress Plugin

On February 4th, 2026, we received a submission for an SQL Injection vulnerability in Ally, a WordPress plugin estimated to have more than 400,000 active ins...

Wordfence Blog →

Infosecurity Magazine Vulnerability Disclosure Google Mar 10

Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds

Google Cloud report details a sharp rise in attackers exploiting software vulnerabilities, including React2Shell

Infosecurity Magazine →

Wordfence Blog Vulnerability Disclosure WordPress Mar 9

30,000 WordPress Sites Affected by Authentication Bypass Vulnerability in Tutor LMS Pro WordPress Plugin

On December 30th, 2025, we received a submission for an Authentication Bypass vulnerability in Tutor LMS Pro, a WordPress plugin estimated to have more than ...

T1556

Wordfence Blog →

Cloudflare Blog Vulnerability Disclosure Amazon Cloudflare Mar 9

Active defense: introducing a stateful vulnerability scanner for APIs

Cloudflare’s new Web and API Vulnerability Scanner helps teams proactively find logic flaws. By using AI to build API call graphs, we identify vulnerabilitie...

Cloudflare Blog →

Elastic Security Labs Vulnerability Disclosure Microsoft Mar 6

Patch diff to SYSTEM

Leveraging LLMs and patch diffing, this research details a Use-After-Free vulnerability in Windows DWM, demonstrating a reliable exploit that achieves escala...

Elastic Security Labs →

Wordfence Blog Vulnerability Disclosure Intel WordPress Mar 5

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 23, 2026 to March 1, 2026)

Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPres...

Wordfence Blog →

Infosecurity Magazine Vulnerability Disclosure Apple Mar 5

Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns

Exploit kit "Coruna" targets iPhones running iOS 13.0 to 17.

T1041 T1588

Infosecurity Magazine →

Infosecurity Magazine Vulnerability Disclosure Mar 5

Zero-Click FreeScout Bug Enables Remote Code Execution

Ox Security warns that Mail2Shell could enable threat actors to hijack FreeScout systems without user interaction

T1190

Infosecurity Magazine →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Management Center Software SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Softwar...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability

A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defen...

T1059 T1598

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IPsec Denial of Service Vulnerability

A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv2) IPsec traffic of Cisco Secure Firewall Adapt...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance Software Multiple Context Mode SCP Unauthorized File Access Vulnerability

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software in multiple context mode could allow an authenticated, local a...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance Software TCP Flood Denial of Service Vulnerability

A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow an unauthe...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial of Service Vulnerability

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Soft...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Path Traversal Vulnerability

A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Softwa...

Cisco Advisories →