-
Cisco has released critical security updates to address a maximum-severity vulnerability affecting its Secure Firewall Management Center (FMC) Software. Tracked under the identifier CVE-2026-20131, this flaw carries a perfect CVSS base score of 10.0 an…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Node.js project issued a critical security update for its Long-Term Support (LTS) branch, marking version 20.20.2 ‘Iron’ as a security release. This urgent patch addresses seven distinct vulnerabilities impacting TLS error handling, HTTP/2 flow con…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw in GoHarbor’s Harbor container registry exposes organizations to severe supply chain attacks. Tracked as CVE-2026-4404, this vulnerability stems from hardcoded default credentials that remain active unless manually altere…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
F5 has disclosed a high-severity vulnerability (CVE-2026-32647) in the NGINX ngx_http_mp4_module that allows attackers execute arbitrary code or cause a denial-of-service (DoS) using crafted MP4 files. This flaw impacts NGINX Plus and NGINX Open Source…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability dubbed “PolyShell” is actively being exploited across Magento and Adobe Commerce platforms. Discovered by the Sansec Forensics Team and published on March 17, 2026, this flaw allows unauthenticated attackers to uplo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Silverfort researchers recently uncovered a critical security flaw in ClawHub, the main public registry for the OpenClaw agent ecosystem. This vulnerability allowed attackers to artificially boost download numbers, pushing malicious code to the top of …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated supply chain attack compromised Aqua Security’s popular open-source Trivy vulnerability scanner. Threat actors successfully distributed malicious code through the project’s GitHub Actions, targeting deployment pipelines to silentl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researcher Aleksandr Zhurnakov from PT Security has discovered a critical exploit chain in Dell Wyse Management Suite. By combining seemingly minor logic flaws, an attacker can achieve unauthenticated remote code execution. This attack targets…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
TP-Link recently published a critical security advisory addressing four high-severity vulnerabilities in its Archer series routers. The flaws impact the Archer NX200, NX210, NX500, and NX600 models. If successfully exploited, these vulnerabilities enab…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Roundcube Webmail, a widely deployed open-source webmail interface, has released an urgent security update to address multiple critical vulnerabilities. The new stable release, version 1.6.14, patches eight distinct security flaws reported by independe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
