A perfect-10 CVSS code-injection flaw in the widely used Node.js sandboxing library vm2 allows unauthenticated remote attackers...
Vulnerability
A high-severity vulnerability in Anthropic’s Claude Desktop has been disclosed, exposing millions of remote development sessions to...
A high-severity authentication bypass vulnerability has slipped through the cracks of a previously issued security fix in...
A newly disclosed Linux kernel vulnerability dubbed Fragnesia (CVE-2026-46300) gives any unprivileged local user a direct path to root,...
A high-severity vulnerability in Composer, the PHP dependency manager, has been actively exposing GitHub Actions tokens in...
On May 12, 2026, A critical security vulnerability affecting Fortinet released an urgent advisory detailing a severe...
A critical zero-authentication vulnerability was discovered in the kanban npm package a core component of the Cline AI coding...
A critical path traversal vulnerability in Wazuh’s cluster synchronization mechanism, tracked as CVE-2026-30893 with a CVSS score of 9.0, allows...
A severe sandbox escape vulnerability in the angular-expressions package now gives attackers a direct path to execute arbitrary code...
A critical zero-day authentication bypass vulnerability in cPanel and WHM, tracked as CVE-2026-41940 with a CVSS score of 9.8 (Critical),...
