1904 items
Unread (2150) All Dismissed
HIGH
CVE-2026-44838 (CVSS 8.1) — RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin all...
NVD CVE-2026-44838 9d ago
HIGH
CVE-2026-42184 (CVSS 8.8) — Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a fl...
NVD CVE-2026-42184 9d ago
INFO
Vulnerability in Popular Conference Software Granted Attackers a 100% Talk Acceptance Rate
SecurityWeek breachesransomwaresupply-chain 9d ago
MEDIUM
CVE-2026-9704 (CVSS 6.8) — A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerabili...
NVD CVE-2026-9704 9d ago
MEDIUM
CVE-2026-9617 (CVSS 6.8) — PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by cr...
NVD CVE-2026-9617 9d ago
HIGH
CVE-2026-8180 (CVSS 7.5) — IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Tra...
NVD CVE-2026-8180 9d ago
HIGH
CVE-2026-8179 (CVSS 8.8) — IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Tra...
NVD CVE-2026-8179 9d ago
CRITICAL
CVE-2026-8175 (CVSS 9.8) — IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Tra...
NVD CVE-2026-8175 9d ago
CRITICAL
CVE-2026-7876 (CVSS 9.1) — IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
NVD CVE-2026-7876 9d ago
HIGH
CVE-2026-7528 (CVSS 7.1) — IBM Langflow OSS 1.0.0 through 1.9.0 could allow a denial of service due to uncontrolled resource co...
NVD CVE-2026-7528 9d ago
CRITICAL
CVE-2026-7524 (CVSS 9.8) — IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of...
NVD CVE-2026-7524 9d ago
HIGH
CVE-2026-7365 (CVSS 8.4) — IBM Operations Analytics - Log Analysis  and IBM SmartCloud Analytics - Log Analysis uses default pa...
NVD CVE-2026-7365 9d ago
MEDIUM
CVE-2026-6938 (CVSS 6.5) — IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote objec...
NVD CVE-2026-6938 9d ago
MEDIUM
CVE-2026-6052 (CVSS 6.5) — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when...
NVD CVE-2026-6052 9d ago
MEDIUM
CVE-2026-6051 (CVSS 5.5) — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when e...
NVD CVE-2026-6051 9d ago
HIGH
CVE-2026-5065 (CVSS 8.8) — IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a passwor...
NVD CVE-2026-5065 9d ago
MEDIUM
CVE-2026-4410 (CVSS 4.8) — IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application S...
NVD CVE-2026-4410 9d ago
HIGH
CVE-2026-3623 (CVSS 7.8) — IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with ...
NVD CVE-2026-3623 9d ago
HIGH
CVE-2026-3366 (CVSS 7.5) — IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4...
NVD CVE-2026-3366 9d ago
HIGH
CVE-2026-1933 (CVSS 7.1) — A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read onl...
NVD CVE-2026-1933 9d ago
HIGH
CVE-2026-1718 (CVSS 7.1) — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a...
NVD CVE-2026-1718 9d ago
MEDIUM
CVE-2025-3633 (CVSS 5.4) — IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 1...
NVD CVE-2025-3633 9d ago
HIGH
CVE-2024-56462 (CVSS 7.2) — IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malici...
NVD CVE-2024-56462 9d ago
MEDIUM
CVE-2024-40684 (CVSS 5.9) — IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7....
NVD CVE-2024-40684 9d ago
INFO
SecurityWeek to Host AI Risk Summit August 11-12 at the Ritz-Carlton, Half Moon Bay
SecurityWeek breachesransomwaresupply-chain 10d ago
INFO
Cybersecurity Evolution: How We Went From Perimeter Defense to AI-Native Security
rss:darkreading breachesmalwarethreat-actors 10d ago
INFO
CISA Adds Three Known Exploited Vulnerabilities to Catalog
rss:cisa-advisories actively-exploitedadvisories +1 10d ago
INFO
CISA Adds One Known Exploited Vulnerability to Catalog
rss:cisa-advisories 11d ago
HIGH
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
The Hacker News supply-chainbreachesmalware +19 19d ago
INFO
'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros
rss:darkreading 25d ago
INFO
It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight
rss:darkreading 24d ago
INFO
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
The Hacker News 24d ago
INFO
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
The Hacker News 24d ago
INFO
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
The Hacker News 22d ago
INFO
Can Laws Stop Deepfakes? South Korea Aims to Find Out
rss:darkreading 19d ago
INFO
Processes and Culture Top Reasons Behind Data Breaches
rss:darkreading 16d ago
INFO
When Identity is the Attack Path
The Hacker News 16d ago
INFO
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
The Hacker News 15d ago
INFO
Meta settles school district lawsuit claiming addictive design harmed students' mental health
The Record 14d ago
INFO
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
The Hacker News 14d ago
INFO
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
The Hacker News 11d ago
INFO
CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
The Hacker News 11d ago
INFO
RevEng.AI Raises $15 Million to Hunt for Flaws and Backdoors in Software Binaries
SecurityWeek 10d ago
INFO
California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
SecurityWeek 8d ago
INFO
California AG sues 23andMe over 2023 breach exposing health data
BleepingComputer 7d ago
INFO
Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs
SecurityWeek 3d ago
INFO
Chrome 149 Patches 429 Vulnerabilities
SecurityWeek 1d ago
INFO
EU unveils tech sovereignty package to cut reliance on US, Chinese suppliers
The Record 1d ago
INFO
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
The Hacker News supply-chainbreachesmalware +19 6h ago
INFO
VoidStealer Malware Darts Past Google Chrome's Encryption
rss:darkreading 30d ago
INFO
Android Adds Intrusion Logging for Sophisticated Spyware Forensics
The Hacker News 24d ago
INFO
A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens
rss:googleprojectzero 24d ago
INFO
Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI
SecurityWeek 16d ago
INFO
Google accidentally exposed details of unfixed Chromium flaw
BleepingComputer 15d ago
INFO
Google API Keys Remain Active After Deletion
rss:darkreading 15d ago
INFO
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
The Hacker News 10d ago
INFO
Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks
SecurityWeek 9d ago
INFO
US charges Google security engineer with Polymarket insider trading
BleepingComputer 8d ago
INFO
Google Chrome adds session cookie theft protection for all users
BleepingComputer 8d ago
INFO
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
The Hacker News 5d ago
INFO
Google fixes one actively exploited Android zero-day, 124 flaws
BleepingComputer 4d ago
INFO
Google adds Android protection against AI deepfake scam calls
BleepingComputer 3d ago
INFO
Malicious Notifications Could Trick Google Gemini Users
rss:darkreading 3d ago
INFO
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
The Hacker News 2d ago
INFO
WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
The Hacker News 2d ago
INFO
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
The Hacker News 2d ago
INFO
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
The Hacker News 2d ago
INFO
Gemini Voice Assistant Hijacked via Messaging Notifications
SecurityWeek 2d ago
INFO
3 SOC Steps that Shut Down Incident Risks Early
The Hacker News supply-chainbreachesmalware 10d ago
HIGH
CVE-2026-48906 (CVSS 8.1) — The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affec...
NVD CVE-2026-48906 10d ago
INFO
Gitea Vulnerability Exposes Private Container Images without Authentication
The Hacker News supply-chainbreachesmalware 10d ago
INFO
LA Metro Cyberattack Linked to Iranian State-Sponsored Hackers
SecurityWeek breachesransomwaresupply-chain 10d ago
HIGH
CVE-2026-40852 (CVSS 7.2) — A highly authenticated attacker can alter the config generator injecting a payload into future creat...
NVD CVE-2026-40852 10d ago
HIGH
CVE-2026-40851 (CVSS 8.4) — A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an ...
NVD CVE-2026-40851 10d ago
HIGH
CVE-2026-40850 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40850 10d ago
HIGH
CVE-2026-40836 (CVSS 7.1) — An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ...
NVD CVE-2026-40836 10d ago
HIGH
CVE-2026-40834 (CVSS 7.1) — An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ...
NVD CVE-2026-40834 10d ago
HIGH
CVE-2026-40833 (CVSS 7.1) — An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ...
NVD CVE-2026-40833 10d ago
HIGH
CVE-2025-30028 (CVSS 8.6) — A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary...
NVD CVE-2025-30028 10d ago
HIGH
CVE-2025-14713 (CVSS 7.5) — An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in...
NVD CVE-2025-14713 10d ago
HIGH
CVE-2025-13392 (CVSS 8.1) — Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Ma...
NVD CVE-2025-13392 10d ago
CRITICAL
CVE-2025-12686 (CVSS 9.8) — Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter ...
NVD CVE-2025-12686 10d ago
HIGH
CVE-2023-52945 (CVSS 7.8) — Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for des...
NVD CVE-2023-52945 10d ago
INFO
FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data
SecurityWeek breachesransomwaresupply-chain 10d ago
HIGH
CVE-2026-8832 (CVSS 8.8) — The WPCode - Insert Headers and Footers + Custom Code Snippets - WordPress Code Manager plugin for W...
NVD CVE-2026-8832 10d ago
HIGH
CVE-2026-8143 (CVSS 7.2) — The HBook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hb_country_iso'...
NVD CVE-2026-8143 10d ago
HIGH
CVE-2026-6169 (CVSS 7.2) — The affiliate-toolkit plugin for WordPress is vulnerable to remote code execution in all versions up...
NVD CVE-2026-6169 10d ago
HIGH
CVE-2026-40819 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40819 10d ago
HIGH
CVE-2026-40818 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40818 10d ago
INFO rss:cisa-advisories Wed, 27 May 2026 12:00:00 UTC
CISA Adds Three Known Exploited Vulnerabilities to Catalog
https://www.cisa.gov/news-events/alerts/2026/05/27/cisa-adds-three-known-exploited-vulnerabilities-catalog
TL;DR
<p>CISA has added three new vulnerabilities to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul type
actively-exploitedadvisories
Read full story ↗
Related coverage (1)
CISA Adds One Known Exploited Vulnerability to Catalog
rss:cisa-advisories 11d ago