-
Roundcube Webmail users are being urged to update their systems immediately after the disclosure of multiple security vulnerabilities, including a critical pre-authentication SQL injection flaw that allows attackers to execute malicious database querie…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fortinet customers are facing a new wave of attacks after a critical flaw in FortiClient Endpoint Management Server (EMS) was exploited to push a fake Fortinet patch that secretly installs credential‑stealing malware. The vulnerability, tracked as CVE‑…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability, “BadHost” (CVE-2026-48710), has been identified in the Starlette web framework, exposing thousands of AI-powered applications and API services to potential attacks. The flaw, discovered by X41 D-Sec during an OSTIF-sponsored s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued an urgent warning after adding a critical vulnerability in the LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. The flaw, tracked as CVE-2026-48172, introduces a s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitHub has released Enterprise Server (GHES) version 3.20.3, addressing multiple critical and high-severity vulnerabilities that could allow attackers to access internal services, escalate privileges, and extract sensitive data. The update, published o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has disclosed a critical security vulnerability in SharePoint Server that could allow attackers to execute arbitrary code remotely, raising significant concerns for enterprise environments that depend on on-premises collaboration platforms. T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Multiple high-severity vulnerabilities have been discovered in the Angular Language Service VS Code extension (Angular.ng-template), exposing developers to remote code execution (RCE) attacks through malicious project files and dependencies. The issues…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly identified vulnerability in Memcached has raised concerns among security professionals after researchers confirmed a timing side-channel flaw that allows attackers to enumerate valid usernames. Tracked as CVE-2026-47783, the issue affects Memca…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apache CXF users are facing a significant security risk following the disclosure of a new vulnerability that exposes systems to LDAP injection attacks, potentially allowing unauthorized access to sensitive certificate data. The issue, tracked as CVE-20…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ConnectWise has released a security update to address a high-severity vulnerability in its ConnectWise Automate remote monitoring and management (RMM) platform, a widely used tool for managed service providers (MSPs). The flaw, tracked as CVE-2026-9089…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
