Frappe Framework has disclosed a Stored Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2026-28436, affecting all versions before...
Year: 2026
An emergency security update for Firefox ESR 140.10.1, patching four vulnerabilities, including two rated critical, that could allow...
An urgent security update for its NVIDIA FLARE SDK, addressing three vulnerabilities, including a critical 9.8 CVSS-rated...
A high-severity access control vulnerability (CVSS 8.2) in Cursor AI that allows any installed extension to silently...
Two high-severity vulnerabilities, a zero-click Windows Shell credential theft flaw and a legacy ConnectWise ScreenConnect path traversal...
A critical remote code execution (RCE) vulnerability in GitHub’s internal git infrastructure, CVE-2026-3854 (CVSS: 8.7), that allowed any authenticated...
A high-severity Remote Code Execution (RCE) vulnerability, tracked as CVE-2026-33725, has been disclosed in Metabase Enterprise Edition,...
Moxa, a leading industrial networking and communications manufacturer, has disclosed two serious security vulnerabilities affecting its Secure...
A high-severity vulnerability in the Nessus Agent for Windows, tracked as CVE-2026-33694, enables authenticated attackers to exploit...
The GlassWorm supply chain campaign has escalated again. Researchers have confirmed 73 new impersonation extensions on the...