-
A new 0-day vulnerability in Gogs, a popular self-hosted Git service, allows authenticated users to run arbitrary commands on the server and potentially take full control of the system. The flaw was discovered by Rapid7 Labs and is rated Critical with …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability, tracked as CVE-2026-27771, has been discovered in Gitea’s built-in container registry, allowing unauthenticated remote attackers to access private container images without credentials. This flaw poses a serious risk as it can …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Notepad++ has released version 8.9.6.1 to address multiple security vulnerabilities, including critical flaws that could allow arbitrary code execution under specific conditions. The update, published on May 26, 2026, patches three vulnerabilities trac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Roundcube Webmail users are being urged to update their systems immediately after the disclosure of multiple security vulnerabilities, including a critical pre-authentication SQL injection flaw that allows attackers to execute malicious database querie…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fortinet customers are facing a new wave of attacks after a critical flaw in FortiClient Endpoint Management Server (EMS) was exploited to push a fake Fortinet patch that secretly installs credential‑stealing malware. The vulnerability, tracked as CVE‑…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability, “BadHost” (CVE-2026-48710), has been identified in the Starlette web framework, exposing thousands of AI-powered applications and API services to potential attacks. The flaw, discovered by X41 D-Sec during an OSTIF-sponsored s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued an urgent warning after adding a critical vulnerability in the LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. The flaw, tracked as CVE-2026-48172, introduces a s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitHub has released Enterprise Server (GHES) version 3.20.3, addressing multiple critical and high-severity vulnerabilities that could allow attackers to access internal services, escalate privileges, and extract sensitive data. The update, published o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has disclosed a critical security vulnerability in SharePoint Server that could allow attackers to execute arbitrary code remotely, raising significant concerns for enterprise environments that depend on on-premises collaboration platforms. T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Anthropic says its Claude Mythos AI identified more than 10,000 software vulnerabilities in one month, including critical flaws in open-source code.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
