-
A critical security flaw has been identified in the RustFS Console, exposing administrators to a high risk of account takeover. Tracked as CVE-2026-27822, this Stored Cross-Site Scripting (XSS) vulnerability carries a critical CVSS v3 score of 10.0 and…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The 2026 State of DevSecOps report reveals a critical tension between development velocity and security. While organizations rapidly adopt AI-assisted coding, many fail to manage dependencies properly, leaving their software supply chains highly vulner…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Trend Micro has disclosed eight security vulnerabilities in its Apex One endpoint protection platform, including two critical-severity flaws that allow unauthenticated remote attackers to upload malicious code and execute commands on affected systems. …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The FreeBSD Project has disclosed a critical security vulnerability, tracked as CVE-2025-15576, which allows attackers to escape jail environments and gain unauthorized access to the full host filesystem. This flaw impacts FreeBSD versions 14.3 and 13….
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Juniper Networks has issued an out-of-cycle critical security bulletin addressing a severe vulnerability affecting its PTX Series routers running Junos OS Evolved. The flaw allows an unauthenticated, network-based attacker to execute malicious code wit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Zyxel has rolled out critical security patches for multiple vulnerabilities affecting its 4G LTE/5G NR CPE, DSL/Ethernet CPE, Fiber ONTs, Security Routers, and Wireless Extenders. The flaws range from null pointer dereferences causing Denial-of-Service…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ServiceNow has disclosed a critical security vulnerability in its AI Platform that could allow unauthenticated attackers to remotely execute code within the ServiceNow Sandbox environment. Tracked as CVE-2026-0542, the flaw was formally published on Fe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has released urgent updates to patch a critical zero-day vulnerability in its Catalyst SD-WAN products. A highly sophisticated threat actor, known as UAT-8616, is actively exploiting this flaw in the wild to gain deep access to enterprise network…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation in the wild. The vulnerability affects FileZen, a file-sharing and da…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SolarWinds has released a critical security update for its Serv-U file transfer software, patching four vulnerabilities that could allow attackers to execute arbitrary code with root-level privileges on affected servers. All four flaws carry a CVSS sco…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
