-
Multiple memory safety bugs in 7‑Zip 26.00 allow remote attackers to leak sensitive data and, in at least one case, execute arbitrary code when a victim opens a crafted archive file. GitHub Security Lab has disclosed a critical heap buffer overflow in …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are actively exploiting a critical vulnerability in the KnowledgeDeliver Learning Management System (LMS) to deploy the BLUEBEAM web shell, according to findings from Mandiant’s Google Threat Intelligence Group. The flaw, tracked as CVE-2026-54…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in the wild. The flaw has been add…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NGINX users are facing a critical security issue after F5 disclosed a new vulnerability, tracked as CVE-2026-9256, affecting the widely used ngx_http_rewrite_module. The flaw, dubbed “Nginx-poolslip,” can allow attackers to trigger denial-of-service (D…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Langflow vulnerability, tracked as CVE-2025-34291, to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting active exploitation risks and urging immediate r…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued an urgent alert warning organizations about two newly disclosed zero-day vulnerabilities affecting Microsoft Defender, both added to the Known Exploited Vulnerabilities (KEV) catalog on May 20, 2026. CVE-2026-45498: Microsoft Defender D…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Splunk has released security updates to fix three newly disclosed vulnerabilities that could allow low-privileged users to access sensitive data or disrupt Splunk Enterprise deployments through denial-of-service (DoS) conditions. The patches address is…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has added a newly disclosed vulnerability in Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is actively being exploited in real-world attacks. The issue, tracked as CVE-2026-34926, affects on-premi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical authentication bypass vulnerability in Apache OFBiz allows attackers to hijack forced password-change flows and achieve remote code execution (RCE) via a single HTTP request, affecting all versions before 24.09.06. Apache OFBiz RCE Flaw Apac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released a critical security update for its Chrome browser, addressing multiple vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update, now rolling out to users globally, upgrades Chrome to versi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
