-
Fortinet has disclosed a critical vulnerability in its FortiSandbox product that could allow attackers to execute unauthorized commands without authentication, raising significant concerns for enterprises that rely on sandboxing for malware analysis. T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released an urgent security update for its Chrome browser, addressing multiple vulnerabilities, including a zero-day flaw actively exploited in the wild. The update upgrades Chrome to version 149.0.7827.102/.103 on Windows and Mac, and to 14…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability chain affecting LiteLLM has been identified, enabling unauthenticated remote code execution (RCE) on exposed servers. Tracked as CVE-2026-42271 and chained to CVE-2026-48710, the issue allows attackers to bypass authentication …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed Linux kernel vulnerability tracked as CVE-2026-23111 allows local attackers to escalate privileges to root by exploiting a use-after-free flaw in the nftables subsystem. The vulnerability, patched upstream on February 5, 2026, affects…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Check Point has disclosed active in-the-wild exploitation of a critical authentication bypass vulnerability, tracked as CVE-2026-50751, impacting Remote Access VPN and Mobile Access deployments configured with the deprecated IKEv1 key exchange protocol…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apache has released HTTP Server version 2.4.68, addressing multiple security vulnerabilities across core modules and widely deployed components, reinforcing the importance of timely patching in internet-facing infrastructure. The update resolves a mix …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VMware has disclosed multiple high-severity stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation (VCF) Operations, potentially allowing attackers to inject malicious scripts and compromise administrative environments. The…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released Chrome 149 to the stable channel, addressing a significant batch of 429 security vulnerabilities across Windows, macOS, and Linux, including 22 critical flaws that could enable remote code execution, memory corruption, and sandbox e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Meta says an Instagram recovery tool bug allowed attackers to abuse password resets, affecting 20,225 accounts and exposing users without 2FA to account takeover risk.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Internet Explorer’s legacy WebBrowser control can be abused to turn seemingly harmless user clicks into full remote code execution (RCE), even on systems that no longer use Internet Explorer as a standalone browser. Although Microsoft officially ended …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
