A malicious artifact has been identified in the widely used intercom/intercom-php Packagist package (version 5.0.2), confirming that the ongoing...
Year: 2026
A critical security advisory SNWLID-2026-0004 disclosing three newly identified vulnerabilities in SonicOS, the operating system powering its entire...
A critical authentication bypass vulnerability (CVE-2026-41248) has been discovered in Clerk’s official JavaScript SDKs, allowing unauthenticated attackers...
A high-severity privilege escalation vulnerability in LiteLLM’s proxy configuration endpoint has put enterprise AI infrastructure at risk,...
A sophisticated supply chain campaign dubbed “Mini Shai Hulud” has compromised four widely-used SAP Cloud Application Programming...
The Jenkins project released a sweeping security advisory on April 29, 2026, disclosing seven vulnerabilities, including three...
Two newly disclosed high-severity vulnerabilities in Ollama for Windows, CVE-2026-42248 and CVE-2026-42249, allow attackers to silently deliver and persistently execute...
A critical unauthenticated remote code execution (RCE) vulnerability has been disclosed in DocsGPT, the popular open-source AI documentation...
A roll out KB5083768 (OS Build 28000.1836) on April 14, 2026, delivering critical security hardening for Remote...
A critical pre-authentication SQL injection vulnerability, CVE-2026-42208 (tracked as GHSA-r75f-5x8p-qvmc), has been actively exploited in the wild, targeting LiteLLM, the...
