NGINX Rift: an 18-year-old flaw in the world’s most deployed web server just came to light
CVEs:
CVE-2026-42945
Indicators of Compromise
686 articles containing extracted IOCs (CVEs, IPs, hashes, domains, URLs, emails)
Critical WordPress Plugin Flaw Allows Unauthorized Access to Websites
CVEs:
CVE-2026-8181
Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution
CVEs:
CVE-2026-41096
Siemens Teamcenter
CVEs:
CVE-2026-33862
CVE-2026-33893
CVE-2024-4367
CISA Adds One Known Exploited Vulnerability to Catalog
CVEs:
CVE-2026-20182
Critical Exim Mailer Flaw Enables Remote Code Execution Attacks
CVEs:
CVE-2026-45185
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
CVEs:
CVE-2026-44338
Langflow CVE-2026-33017 Exploited to Steal AWS Keys, Deploy NATS Worker
CVEs:
CVE-2026-33017
New Fragnesia Linux flaw lets attackers gain root privileges
CVEs:
CVE-2026-46300
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
CVEs:
CVE-2026-46300
MongoDB Security Flaw Enables Arbitrary Code Execution on Vulnerable Systems
CVEs:
CVE-2026-8053
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
CVEs:
CVE-2026-42945
ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932, (Thu, May 14th)
Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations
CVEs:
CVE-2025-32975
Fortinet addresses critical vulnerabilities in FortiSandbox and FortiAuthenticator
CVEs:
CVE-2026-44277
Microsoft’s agentic AI system found four critical Windows RCE flaws
CVEs:
CVE-2026-40361
CVE-2026-40364
Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises
CVEs:
CVE-2026-40361
A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens
CVEs:
CVE-2025-54957
Critical Fortinet vulnerabilities fixed in FortiSandbox and FortiAuthenticator
CVEs:
CVE-2026-44277
Der Kaufratgeber für Breach & Attack Simulation Tools
Domains:
shutterstock.com