Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed serv...
Vulnerability Disclosure
20 articles
[local] Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation
Linux Kernel proc_readdir_de() 6.
[local] Linux nf_tables 6.19.3 - Local Privilege Escalation
Linux nf_tables 6.19.
[hardware] Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)
Linksys E1200 2.0.
[local] Windows 11 24H2 - Local Privilege Escalation
Windows 11 24H2 - Local Privilege Escalation
Handling the Vulnerability Surge in the Post-Mythos Era
How to Operationalize Hyper-Prioritization and Autonomous Remediation with Qualys Executive Summary The Mythos era, defined by a surge of AI-driven vulnerabi...
Vulnerability remediation: Match CVEs to asset owners in seconds with Tenable Hexa AI
Detecting a vulnerability is easy. Finding the person responsible for fixing it is where remediation programs often break down.
Anthropic Rolls Out Claude Security for AI Vulnerability Scanning
Claude Security enters public beta, giving enterprises AI driven code scanning with no API integration or custom agents required
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled creden...
Tune In: The Future of AI-Powered Vulnerability Discovery
Bridging the gap: How to integrate Claude Security into the Tenable One Exposure Management Platform
Bridge the gap between AI-driven vulnerability discovery and prioritized remediation. Learn how to integrate Claude Security’s deep-logic analysis into Tenab...
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 20, 2026 to April 26, 2026)
Last week, there were 157 vulnerabilities disclosed in 122 WordPress Plugins and 27 WordPress Themes that have been added to the Wordfence Intelligence Vulne...
ABB Ability Symphony Plus Engineering
View CSAF Summary ABB became aware of vulnerability in the products versions listed as affected in the advisory. The ABB S+ Engineering product versions are ...
ABB System 800xA, Symphony Plus IEC 61850
View CSAF Summary This vulnerability was privately reported relating to ABB’s implementation of the IEC 61850 communication stack for MMS client applications...
ABB Edgenius Management Portal
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to send a specially crafted message to the system node allowing the a...
ABB Ability OPTIMAX
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to bypass user authentication on OPTIMAX installations that make use ...
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" Gi...
[webapps] FUXA 1.2.8 - Authentication Bypass + RCE Exploit
FUXA 1.2.
[webapps] HUSTOJ Zip-Slip v26.01.24 - RCE
HUSTOJ Zip-Slip v26.01.
[webapps] SumatraPDF 3.5.2 - Remote Code Execution
SumatraPDF 3.5.