Multiple vendor-signed UEFI applications have been confirmed vulnerable to Secure Boot bypass attacks leveraging a “Bring Your...
Vulnerability
A maximum-severity vulnerability in Splunk Enterprise has been disclosed and formally added to CISA’s Known Exploited Vulnerabilities...
A critical unauthenticated arbitrary file deletion vulnerability has been discovered in Avada Builder, one of WordPress’s most...
Cisco has disclosed two severe vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector...
Splunk has disclosed two significant security vulnerabilities in its AI Toolkit, including a critical-severity OS command injection flaw that...
Microsoft has officially acknowledged a critical elevation-of-privilege zero-day vulnerability in the Microsoft Malware Protection Engine, tracked as...
A sophisticated supply-chain attack targeting WordPress plugin giant Awesome Motive has injected malicious JavaScript into CDN-served files...
A high-severity sandbox escape vulnerability tracked as CVE-2026-48124 (GHSA-pc9j-3qc2-95wv) has been disclosed in Cursor Desktop, the widely adopted AI-powered...
A critical unauthenticated SQL injection vulnerability (CVE-2026-48114) has been publicly disclosed in Metacat versions 2.x through 2.19.1,...
Zoom has issued urgent security patches addressing three high-severity vulnerabilities across its Workplace mobile apps and Contact...
