On May 6 and May 7, 2026, threat actors successfully compromised the platform’s public infrastructure. This unauthorized...
Cyber Attack
The official JDownloader website was compromised between May 6–7, 2026, with attackers hijacking installer download links to...
A critical security flaw, tracked as CVE-2026-42569, has been disclosed in phpVMS, a popular open-source virtual airline management system,...
A high-severity authorization bypass vulnerability (CVE-2026-42297) has been discovered in Argo Workflows, a widely deployed Kubernetes-native workflow...
A critical authenticated remote command execution vulnerability (CVE-2026-3828) affecting several discontinued PoE switch models, urging users still...
A high-severity SQL injection vulnerability (CVE-2026-41496) has been disclosed in PraisonAI, a popular Python-based multi-agent AI framework,...
The PgBouncer team released version 1.25.2 on May 8, 2026, addressing four distinct security vulnerabilities, CVE-2026-6664, CVE-2026-6665,...
A critical authentication bypass vulnerability (CVE-2026-41070) has been discovered in the openvpn-auth-oauth2 plugin, allowing unauthenticated VPN clients to gain...
A critical pre-authentication SQL injection vulnerability in BerriAI’s LiteLLM AI gateway, tracked as CVE-2026-42208, has been actively...
A high-severity filter-expression injection vulnerability in Spring AI’s MilvusVectorStore allows unauthenticated attackers to execute arbitrary delete operations,...
