U.S. CISA adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog
The U.S.
CVE
20 articles
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-5281 Google Daw...
Vim Modeline Vulnerability Opens Door to Arbitrary OS Command Execution
Vim is a widely used, highly configurable text editor, but a recently disclosed flaw highlights the risks associated with its file-parsing features. Tracked ...
PoC Exploit Code Published for nginx-ui Backup Restore Security Flaw
A critical security flaw in the nginx-ui backup restore mechanism, tracked as CVE-2026-33026, allows attackers to manipulate encrypted backups and execute ar...
Hackers Actively Exploit Critical WebLogic RCE Vulnerabilities in Ongoing Attacks
A maximum-severity vulnerability in Oracle WebLogic Server is facing rapid exploitation in the wild. Tracked as CVE-2026-21962, this unauthenticated Remote C...
Critical Fortinet FortiClient EMS vulnerability under attack
Intrusions harnessing a critical SQL injection flaw in Fortinet FortiClient EMS, tracked as CVE-2026-21643, were reported by Defused researchers to have been...
5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild
A vulnerability misclassified five months ago as a denial-of-service issue in F5 BIG-IP Access Policy Manager (APM) turned out to be a critical pre-authentic...
F5 BIG-IP APM systems vulnerable to critical remote code execution flaw
The vulnerability, identified as CVE-2025-53521, allows attackers to gain complete control of affected servers through malicious traffic, enabling remote cod...
Anritsu Remote Spectrum Monitor
View CSAF Summary Successful exploitation of this vulnerability could allow attackers with network access to alter operational settings, obtain sensitive sig...
Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild
F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited.
U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog
The U.S.
NCSC Urges Immediate Patching of F5 BIG-IP Bug
The National Cyber Security Centre wants UK firms to patch CVE-2025-53521
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse
ZDI-26-250: Linux Kernel Analog Device Driver Improper Validation of Array Index Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to exec...
Fortinet hit by another exploited cybersecurity flaw
Yet another critical flaw in a Fortinet product has come to light as attackers continue to target the company, this time by actively exploiting a critical SQ...
Critical Citrix NetScaler memory flaw actively exploited in attacks
Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler Gateway appliances to obtain sensit...
Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)
A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoin...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3055 Citrix Net...
Critical Citrix NetScaler Vulnerability Exploited in the Wild
Researchers from watchTowr and Defused have found evidence that attackers are actively exploiting CVE-2026-3055, a critical NetScaler vulnerability
Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution
Attackers are exploiting a critical Fortinet FortiClient EMS flaw (CVE-2026-21643) that allows remote code execution via SQL injection. A critical Fortinet F...