A critical authorization bypass vulnerability discovered in Open WebUI has exposed thousands of multi-user deployments to silent,...
Year: 2026
A critical-rated path traversal vulnerability in Joplin’s OneNote importer allows attackers to overwrite arbitrary files on disk,...
A critical command injection vulnerability tracked as CVE-2026-25244 has been discovered in the widely used @wdio/browserstack-service npm package. Allowing attackers to...
A newly disclosed vulnerability in Microsoft Edge is raising alarms across the cybersecurity community, and if you...
A newly disclosed spoofing vulnerability in Microsoft Edge’s tab-splitting feature, tracked as CVE-2026-45494, could allow attackers to...
A critical authentication flaw buried deep inside Microsoft’s Azure Local Disconnected Operations (ALDO) has just earned a...
A high-severity remote code execution vulnerability in Microsoft Edge is actively rated “Exploitation More Likely,” putting hundreds...
A medium-severity vulnerability has been disclosed in CPython’s widely used XML parsing libraries, allowing attackers to weaponize...
A high-severity, unauthenticated denial-of-service vulnerability in Gotenberg, one of the most widely deployed Docker-based PDF conversion APIs,...
A critical cross-site scripting vulnerability in Microsoft Exchange Server’s Outlook Web Access is being actively exploited in...