§Topic · CVE & Vulnerabilities
CVE & Vulnerabilities
Newly disclosed CVEs, actively exploited vulnerabilities, and critical patches you need to apply now.
All dispatches
Loading
§Topic · CVE & Vulnerabilities
Newly disclosed CVEs, actively exploited vulnerabilities, and critical patches you need to apply now.
All dispatchesAttackers are exploiting Adobe ColdFusion CVE-2026-48282 (CVSS 10.0) to achieve remote code execution on web servers.
CISA reports active exploitation of a patched SharePoint RCE; prioritize remediation across SharePoint servers.
Active exploitation of a Unified CM flaw confirmed with PoC activity; update and monitor for exploit attempts.
Argo CD repo-server flaw enables unauthenticated code execution if reachable on the internal network, risking cluster compromise. There is no patch or CVE yet; mitigate with network segregation.
CVE-2026-8037 in Kemp LoadMaster allows pre-auth remote code execution. Update devices and validate configurations.
CVE-led SimpleHelp vulnerability exploited to deliver malware and harvest credentials. Patch or upgrade to mitigate.
Critical flaw in Oracle E-Business Suite Payments component being exploited in the wild. Apply latest patches and monitor payment workflows.
Active exploitation of the Microsoft Defender privilege escalation flaw CVE-2026-33825 is fueling ransomware campaigns. Patches available; prioritise rapid remediation.
Threat actors redirect audit logs and telemetry to attacker storage; tighten bucket controls.
VS Code extension flaws enable arbitrary code execution and cloud credential theft via malicious repos.
Windchill remote code execution CVE-2026-12569 exploited in the wild; patching and monitoring vital.
Curl patches a 25-year-old vulnerability, fixing 18 CVEs in a record release; update all curl-enabled products.
Chrome 149 fixes 18 severe bugs, many use-after-free with potential remote code execution risks; ensure auto-update is enabled.
Zero-day CVE-2026-20245 was exploited for months before Cisco patching; rapid mitigation and monitoring recommended.
Curl patches a 25-year-old vulnerability, fixing 18 CVEs in a record release; update all curl-enabled products.
Chrome 149 fixes 18 severe bugs, many use-after-free with potential remote code execution risks; ensure auto-update is enabled.
Get these articles delivered to your inbox.
Subscribe free