A critical remote code execution (RCE) vulnerability in GitHub’s internal git infrastructure, CVE-2026-3854 (CVSS: 8.7), that allowed any authenticated...
Cyber Attack
A high-severity Remote Code Execution (RCE) vulnerability, tracked as CVE-2026-33725, has been disclosed in Metabase Enterprise Edition,...
Moxa, a leading industrial networking and communications manufacturer, has disclosed two serious security vulnerabilities affecting its Secure...
A high-severity vulnerability in the Nessus Agent for Windows, tracked as CVE-2026-33694, enables authenticated attackers to exploit...
A high-severity vulnerability (CVE-2026-41277) has been disclosed in Flowise, the popular open-source drag-and-drop LLM workflow builder, allowing...
PHP Composer, the world’s most widely used dependency manager for PHP applications, has patched two high-severity command...
A newly disclosed critical-severity vulnerability in OpenAEV (CVE-2026-24467) allows unauthenticated remote attackers to fully compromise any registered user account,...
A state-sponsored campaign in which threat actor UAT-4356, the same group behind the 2024 ArcaneDoor espionage operation,...
A critical, unpatched vulnerability in Ollama’s GGUF model quantization engine, tracked as CVE-2026-5757, allows unauthenticated attackers to...
A critical out-of-bounds buffer write vulnerability (CVE-2026-3298) has been disclosed in Python’s asyncio.ProactorEventLoop on Windows, allowing attackers to write...