Vulnerability Disclosure

Cisco Advisories Vulnerability Disclosure Cisco May 14

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN C...

T1556

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco May 14

Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory

Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network ...

T1498

Cisco Advisories →

BleepingComputer Vulnerability Disclosure F5 May 14

18-year-old NGINX vulnerability allows DoS, potential RCE

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under ce...

T1190 T1498

BleepingComputer →

SC Media Vulnerability Disclosure Microsoft May 14

Microsoft details new AI system for vulnerability discovery

The MDASH system, developed by Microsoft's Autonomous Code Security team, utilizes over 100 specialized AI agents to find and validate exploitable bugs.

SC Media →

SC Media Vulnerability Disclosure May 14

Critical Exim vulnerability allows remote code execution

The vulnerability, a user-after-free flaw, occurs during the TLS shutdown process when handling chunked SMTP traffic.

T1190

SC Media →

SC Media Vulnerability Disclosure Microsoft May 14

Researcher publishes proof-of-concept exploits for unpatched Windows vulnerabilities

A cybersecurity researcher has released proof-of-concept exploits for two unpatched Microsoft Windows vulnerabilities, YellowKey and GreenPlasma, which allow...

T1548

SC Media →

Microsoft Security Blog Vulnerability Disclosure Microsoft Kubernetes May 14

When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps

Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by threat actors. Learn how exploit...

T1598

Microsoft Security Blog →

SC Media Vulnerability Disclosure May 14

OpenAI Daybreak joins growing movement of AI-driven vulnerability discovery

The program aims to leverage GPT models and Codex Security to improve software resilience.

SC Media →

SecurityWeek Vulnerability Disclosure May 14

Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere

Independent benchmarking finds Mythos highly effective for source code audits, reverse engineering, and native-code analysis, though its exploit validation a...

SecurityWeek →

HackRead Vulnerability Disclosure Microsoft May 14

FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit

Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,…

HackRead →

CISA Advisories Vulnerability Disclosure May 14

Siemens Siemens ROS#

View CSAF Summary ROS# contains a ROS service file_server, that before version 2.2.

CISA Advisories →

CISA Advisories Vulnerability Disclosure May 14

Siemens Ruggedcom Rox

View CSAF Summary Ruggedcom Rox contains an input validation vulnerability in the Scheduler functionality that could allow an authenticated remote attacker t...

CISA Advisories →

CISA Advisories Vulnerability Disclosure May 14

Siemens Simcenter Femap

View CSAF Summary Simcenter Femap is affected by heap based buffer overflow vulnerability in Datakit library that could be triggered when the application rea...

T1190

CISA Advisories →

CISA Advisories Vulnerability Disclosure May 14

Siemens Ruggedcom Rox

View CSAF Summary Ruggedcom Rox contains an input validation vulnerability in the feature key installation process that could allow an authenticated remote a...

CISA Advisories →

CISA Advisories Vulnerability Disclosure May 14

Siemens SENTRON 7KT PAC1261 Data Manager

View CSAF Summary The web server in SENTRON 7KT PAC1261 Data Manager Before V2.1.

CISA Advisories →

CISA Advisories Vulnerability Disclosure May 14

Siemens Ruggedcom Rox

View CSAF Summary Ruggedcom Rox contains an improper access control vulnerability that could allow an authenticated remote attacker to read arbitrary files w...

CISA Advisories →

CISA Advisories Vulnerability Disclosure May 14

Siemens Industrial Devices

View CSAF Summary Multiple industrial devices contain a vulnerability that could allow an attacker to cause a denial of service condition. Siemens has releas...

T1498

CISA Advisories →

CISA Advisories Vulnerability Disclosure May 14

Siemens SIMATIC

View CSAF Summary SIMATIC HMI Unified Comfort Panels before V21.0 are affected by a vulnerability that allows an unauthenticated attacker to access the web b...

CISA Advisories →

CSO Online Vulnerability Disclosure GitHub May 14

PraisonAI vulnerability gets scanned within 4 hours of disclosure

A newly disclosed authentication bypass flaw in the open-source AI orchestration framework PraisonAI was probed by internet scanners less than four hours aft...

T1556

CSO Online →

GBHackers Vulnerability Disclosure May 14

Canon MailSuite Security Flaw Allows Attackers to Execute Code Remotely

Canon has disclosed a critical security vulnerability in its GUARDIANWALL MailSuite product that could allow attackers to execute arbitrary code remotely, ra...

GBHackers →