-
Google has released Chrome 149 to the stable channel, addressing a significant batch of 429 security vulnerabilities across Windows, macOS, and Linux, including 22 critical flaws that could enable remote code execution, memory corruption, and sandbox e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in Redis, tracked as CVE-2026-23631 and dubbed “DarkReplica,” exposes authenticated deployments to remote code execution (RCE) through a complex use-after-free (UAF) condition in the replication subsystem. Discovered by securit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical logic flaw in Instagram’s web-based account recovery workflow exposed unredacted user contact information, including full email addresses and phone numbers, before Meta rapidly patched it on June 6, 2026. The vulnerability, which affected th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Trend Micro’s Deep Security Agent for Linux contains a design flaw in its behavior-monitoring stack that allows a local, unprivileged attacker to repeatedly force short “blind spots” in which endpoint protections are temporarily bypassed. The issue ste…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw in Hugging Face Transformers, tracked as CVE-2026-4372, has exposed millions of machine learning workflows to silent remote code execution (RCE) through a malicious model configuration. Discovered by Pluto Security researcher Y…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a fresh alert warning organizations about the active exploitation of a Linux kernel vulnerability tracked as CVE-2022-0492. The flaw, categorized as an improper authentication …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has disclosed a high-severity vulnerability in its Catalyst SD-WAN Manager that is actively being exploited in the wild, allowing attackers to execute arbitrary commands with root-level privileges on affected systems. The vulnerability, tracked a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has disclosed three critical vulnerabilities in its Edge browser, all discovered during the Pwn2Own competition and reported by security researcher Orange Tsai of DEVCORE Research Team. The flaws, tracked as CVE-2026-45492, CVE-2026-45494, an…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A remotely exploitable zero-day vulnerability in Comodo Internet Security’s kernel-level firewall driver allows attackers to crash Windows systems with a single IPv6 packet, and the vendor has yet to respond. Security researcher Marcus Hutchins p…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A proof-of-concept (PoC) exploit has been released for a critical server-side request forgery (SSRF) vulnerability impacting Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME), increasing the li…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
