Microsoft has disclosed a critical Server-Side Request Forgery (SSRF) vulnerability, CVE-2026-35431, in Microsoft Entra ID Entitlement Management,...
Cyber Attack
Microsoft has disclosed a critical Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview eDiscovery, tracked as CVE-2026-26150,...
A high-severity Cypher injection vulnerability (CVE-2026-41274, CVSS 8.1) has been disclosed in Flowise’s GraphCypherQAChain node. Allowing authenticated...
Marimo, a popular open‑source reactive Python notebook used in data science and AI workflows, is under active...
Microsoft has disclosed CVE-2026-32172, a critical remote code execution (RCE) vulnerability in Microsoft Power Apps caused by...
A high-severity vulnerability in Microsoft Defender, tracked as CVE-2026-33825, allows attackers with low-level local access to escalate...
A maximum-severity vulnerability in the paperclipai server npm package enables any remote, unauthenticated attacker to execute arbitrary...
A moderate-severity path traversal flaw in the vite-plus The npm package (CVE-2026-41211) allows programmatic callers to escape the designated...
A newly disclosed vulnerability in RustFS, the Rust-based distributed object storage system, allows any low-privileged authenticated user...
The Progress Telerik team has confirmed a critical deserialization flaw tracked as CVE-2026-6023, affecting Progress Telerik UI for...