-
Microsoft has disclosed a new zero-day vulnerability in the Windows Collaborative Translation Framework (CTFMON) that could allow attackers to gain elevated privileges on affected systems. The flaw, tracked as CVE-2026-45586, was officially published o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued a new warning about an actively exploited zero-day vulnerability in Google Chromium that could allow attackers to execute arbitrary code through malicious web content. The vulnerability, tracked as CVE-2026-11645, affects the Chromium V…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical remote code execution vulnerability in Veeam Backup & Replication could allow attackers to compromise backup infrastructure, posing significant risks to enterprise environments that depend on the platform for data protection and recovery…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fortinet has disclosed a critical vulnerability in its FortiSandbox product that could allow attackers to execute unauthorized commands without authentication, raising significant concerns for enterprises that rely on sandboxing for malware analysis. T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released an urgent security update for its Chrome browser, addressing multiple vulnerabilities, including a zero-day flaw actively exploited in the wild. The update upgrades Chrome to version 149.0.7827.102/.103 on Windows and Mac, and to 14…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability chain affecting LiteLLM has been identified, enabling unauthenticated remote code execution (RCE) on exposed servers. Tracked as CVE-2026-42271 and chained to CVE-2026-48710, the issue allows attackers to bypass authentication …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed Linux kernel vulnerability tracked as CVE-2026-23111 allows local attackers to escalate privileges to root by exploiting a use-after-free flaw in the nftables subsystem. The vulnerability, patched upstream on February 5, 2026, affects…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Check Point has disclosed active in-the-wild exploitation of a critical authentication bypass vulnerability, tracked as CVE-2026-50751, impacting Remote Access VPN and Mobile Access deployments configured with the deprecated IKEv1 key exchange protocol…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apache has released HTTP Server version 2.4.68, addressing multiple security vulnerabilities across core modules and widely deployed components, reinforcing the importance of timely patching in internet-facing infrastructure. The update resolves a mix …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VMware has disclosed multiple high-severity stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation (VCF) Operations, potentially allowing attackers to inject malicious scripts and compromise administrative environments. The…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
