1915 items
Unread (2153) All Dismissed
HIGH
CVE-2026-48544 (CVSS 7.5) — Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary....
NVD CVE-2026-48544 10d ago
CRITICAL
CVE-2026-45570 (CVSS 9.6) — go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alp...
NVD CVE-2026-45570 10d ago
HIGH
CVE-2026-45022 (CVSS 7.5) — go-git is an extensible git implementation library written in pure Go. Prior to 5.19.0 and 6.0.0-alp...
NVD CVE-2026-45022 10d ago
HIGH
CVE-2026-44838 (CVSS 8.1) — RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin all...
NVD CVE-2026-44838 10d ago
HIGH
CVE-2026-42184 (CVSS 8.8) — Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a fl...
NVD CVE-2026-42184 10d ago
INFO
Vulnerability in Popular Conference Software Granted Attackers a 100% Talk Acceptance Rate
SecurityWeek breachesransomwaresupply-chain 10d ago
MEDIUM
CVE-2026-9704 (CVSS 6.8) — A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerabili...
NVD CVE-2026-9704 10d ago
MEDIUM
CVE-2026-9617 (CVSS 6.8) — PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by cr...
NVD CVE-2026-9617 10d ago
HIGH
CVE-2026-8180 (CVSS 7.5) — IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Tra...
NVD CVE-2026-8180 10d ago
HIGH
CVE-2026-8179 (CVSS 8.8) — IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Tra...
NVD CVE-2026-8179 10d ago
CRITICAL
CVE-2026-8175 (CVSS 9.8) — IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Tra...
NVD CVE-2026-8175 10d ago
CRITICAL
CVE-2026-7876 (CVSS 9.1) — IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
NVD CVE-2026-7876 10d ago
HIGH
CVE-2026-7528 (CVSS 7.1) — IBM Langflow OSS 1.0.0 through 1.9.0 could allow a denial of service due to uncontrolled resource co...
NVD CVE-2026-7528 10d ago
CRITICAL
CVE-2026-7524 (CVSS 9.8) — IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of...
NVD CVE-2026-7524 10d ago
HIGH
CVE-2026-7365 (CVSS 8.4) — IBM Operations Analytics - Log Analysis  and IBM SmartCloud Analytics - Log Analysis uses default pa...
NVD CVE-2026-7365 10d ago
MEDIUM
CVE-2026-6938 (CVSS 6.5) — IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote objec...
NVD CVE-2026-6938 10d ago
MEDIUM
CVE-2026-6052 (CVSS 6.5) — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when...
NVD CVE-2026-6052 10d ago
MEDIUM
CVE-2026-6051 (CVSS 5.5) — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when e...
NVD CVE-2026-6051 10d ago
HIGH
CVE-2026-5065 (CVSS 8.8) — IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a passwor...
NVD CVE-2026-5065 10d ago
MEDIUM
CVE-2026-4410 (CVSS 4.8) — IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application S...
NVD CVE-2026-4410 10d ago
HIGH
CVE-2026-3623 (CVSS 7.8) — IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with ...
NVD CVE-2026-3623 10d ago
HIGH
CVE-2026-3366 (CVSS 7.5) — IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4...
NVD CVE-2026-3366 10d ago
HIGH
CVE-2026-1933 (CVSS 7.1) — A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read onl...
NVD CVE-2026-1933 10d ago
HIGH
CVE-2026-1718 (CVSS 7.1) — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a...
NVD CVE-2026-1718 10d ago
MEDIUM
CVE-2025-3633 (CVSS 5.4) — IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 1...
NVD CVE-2025-3633 10d ago
HIGH
CVE-2024-56462 (CVSS 7.2) — IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malici...
NVD CVE-2024-56462 10d ago
MEDIUM
CVE-2024-40684 (CVSS 5.9) — IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7....
NVD CVE-2024-40684 10d ago
INFO
SecurityWeek to Host AI Risk Summit August 11-12 at the Ritz-Carlton, Half Moon Bay
SecurityWeek breachesransomwaresupply-chain 10d ago
INFO
Cybersecurity Evolution: How We Went From Perimeter Defense to AI-Native Security
rss:darkreading breachesmalwarethreat-actors 10d ago
INFO
CISA Adds Three Known Exploited Vulnerabilities to Catalog
rss:cisa-advisories actively-exploitedadvisories +1 10d ago
INFO
CISA Adds One Known Exploited Vulnerability to Catalog
rss:cisa-advisories 11d ago
HIGH
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
The Hacker News supply-chainbreachesmalware +19 19d ago
INFO
'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros
rss:darkreading 26d ago
INFO
It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight
rss:darkreading 24d ago
INFO
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
The Hacker News 24d ago
INFO
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
The Hacker News 24d ago
INFO
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
The Hacker News 22d ago
INFO
Can Laws Stop Deepfakes? South Korea Aims to Find Out
rss:darkreading 19d ago
INFO
Processes and Culture Top Reasons Behind Data Breaches
rss:darkreading 16d ago
INFO
When Identity is the Attack Path
The Hacker News 16d ago
INFO
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
The Hacker News 15d ago
INFO
Meta settles school district lawsuit claiming addictive design harmed students' mental health
The Record 14d ago
INFO
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
The Hacker News 14d ago
INFO
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
The Hacker News 12d ago
INFO
CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
The Hacker News 11d ago
INFO
RevEng.AI Raises $15 Million to Hunt for Flaws and Backdoors in Software Binaries
SecurityWeek 10d ago
INFO
California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
SecurityWeek 8d ago
INFO
California AG sues 23andMe over 2023 breach exposing health data
BleepingComputer 7d ago
INFO
Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs
SecurityWeek 3d ago
INFO
Chrome 149 Patches 429 Vulnerabilities
SecurityWeek 1d ago
INFO
EU unveils tech sovereignty package to cut reliance on US, Chinese suppliers
The Record 1d ago
INFO
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
The Hacker News supply-chainbreachesmalware +19 7h ago
INFO
VoidStealer Malware Darts Past Google Chrome's Encryption
rss:darkreading 30d ago
INFO
Android Adds Intrusion Logging for Sophisticated Spyware Forensics
The Hacker News 24d ago
INFO
A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens
rss:googleprojectzero 24d ago
INFO
Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI
SecurityWeek 16d ago
INFO
Google accidentally exposed details of unfixed Chromium flaw
BleepingComputer 15d ago
INFO
Google API Keys Remain Active After Deletion
rss:darkreading 15d ago
INFO
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
The Hacker News 10d ago
INFO
Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks
SecurityWeek 9d ago
INFO
US charges Google security engineer with Polymarket insider trading
BleepingComputer 8d ago
INFO
Google Chrome adds session cookie theft protection for all users
BleepingComputer 8d ago
INFO
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
The Hacker News 5d ago
INFO
Google fixes one actively exploited Android zero-day, 124 flaws
BleepingComputer 4d ago
INFO
Google adds Android protection against AI deepfake scam calls
BleepingComputer 3d ago
INFO
Malicious Notifications Could Trick Google Gemini Users
rss:darkreading 3d ago
INFO
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
The Hacker News 2d ago
INFO
WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
The Hacker News 2d ago
INFO
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
The Hacker News 2d ago
INFO
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
The Hacker News 2d ago
INFO
Gemini Voice Assistant Hijacked via Messaging Notifications
SecurityWeek 2d ago
INFO
3 SOC Steps that Shut Down Incident Risks Early
The Hacker News supply-chainbreachesmalware 10d ago
INFO
Romanian Hacker Sentenced to Prison in US for Selling Access to State Network
SecurityWeek breachesransomwaresupply-chain 10d ago
INFO
5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
The Hacker News supply-chainbreachesmalware 10d ago
HIGH
CVE-2026-48906 (CVSS 8.1) — The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affec...
NVD CVE-2026-48906 10d ago
INFO
Lastwall Raises $11.5 Million for Quantum-Resilient Identity Platform
SecurityWeek breachesransomwaresupply-chain 10d ago
INFO
The Credential Crisis: How Stolen Credentials Defeat Modern Security
SecurityWeek breachesransomwaresupply-chain 10d ago
INFO
‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems
SecurityWeek breachesransomwaresupply-chain 10d ago
INFO
GlassWorm Botnet Disrupted
SecurityWeek breachesransomwaresupply-chain 10d ago
INFO
Gitea Vulnerability Exposes Private Container Images without Authentication
The Hacker News supply-chainbreachesmalware 10d ago
INFO
LA Metro Cyberattack Linked to Iranian State-Sponsored Hackers
SecurityWeek breachesransomwaresupply-chain 10d ago
HIGH
CVE-2026-40852 (CVSS 7.2) — A highly authenticated attacker can alter the config generator injecting a payload into future creat...
NVD CVE-2026-40852 10d ago
HIGH
CVE-2026-40851 (CVSS 8.4) — A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an ...
NVD CVE-2026-40851 10d ago
HIGH
CVE-2026-40850 (CVSS 7.5) — An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the...
NVD CVE-2026-40850 10d ago
HIGH
CVE-2026-40836 (CVSS 7.1) — An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ...
NVD CVE-2026-40836 10d ago
HIGH
CVE-2026-40834 (CVSS 7.1) — An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ...
NVD CVE-2026-40834 10d ago
HIGH
CVE-2026-40833 (CVSS 7.1) — An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ...
NVD CVE-2026-40833 10d ago
HIGH
CVE-2025-30028 (CVSS 8.6) — A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary...
NVD CVE-2025-30028 10d ago
HIGH
CVE-2025-14713 (CVSS 7.5) — An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in...
NVD CVE-2025-14713 10d ago
INFO rss:cisa-advisories Wed, 27 May 2026 12:00:00 UTC
CISA Adds Three Known Exploited Vulnerabilities to Catalog
https://www.cisa.gov/news-events/alerts/2026/05/27/cisa-adds-three-known-exploited-vulnerabilities-catalog
TL;DR
<p>CISA has added three new vulnerabilities to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul type
actively-exploitedadvisories
Read full story ↗
Related coverage (1)
CISA Adds One Known Exploited Vulnerability to Catalog
rss:cisa-advisories 11d ago