Skip to content
July 18, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Data
    • CVE Watchtower
    • Top Exploited CVEs
    • CVE Stats by Vendor
    • Q2 2026 Report
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Weekly Recap
Light/Dark Button

Weekly Recap

weekly CVE report actively exploited vulnerabilities
  • Weekly Recap

Weekly CVE Report: 1,571 New Flaws and 6 Actively Exploited Bugs (July 6–12, 2026)

Do Son July 13, 2026 0
Weekly Threat Intelligence Active Vulnerability Report
  • Weekly Recap

Weekly Threat Intelligence: The July 2026 Breaches

Do Son July 6, 2026 0
Weekly CVE report June 2026 1909 new vulnerabilities CISA KEV CVE-2026-20230 exploited
  • Weekly Recap

Weekly CVE Report Logs 1,909 New Vulnerabilities and 6 Exploited Flaws

Do Son June 29, 2026 0
Weekly CVE report dashboard showing 2,060 new vulnerabilities and 4 actively exploited CVEs in CISA KEV
  • Weekly Recap

2,060 New CVEs and 4 Actively Exploited Flaws (June 15-21, 2026)

Do Son June 22, 2026 0
Vulnerability Management Report Weekly Threat Intelligence
  • Weekly Recap

Weekly Threat Intelligence: June 8 to June 14, 2026

Do Son June 15, 2026 0

Tech News

DOJ lifts TikTok ban for federal workers and allows government downloads
  • Technology

US Justice Department Approves TikTok for Government Devices

Do Son July 18, 2026 0
Meta AI computing power lease and Anthropic data center negotiations
  • Technology

Meta and Anthropic Negotiate Computing Power Lease

Do Son July 18, 2026 0
Claude Fable 5 subscription updates and AI computational limitations
  • Technology

Claude Fable 5 Subscription Changes Announced

Do Son July 18, 2026 0
Microsoft ending OneDrive updates and support for Windows 10 lifecycle
  • Technology

Microsoft Ends OneDrive Support for Windows 10

Do Son July 18, 2026 0

Vulnerability

Diagram of CVE-2026-6875 ServiceNow sandbox escape RCE and pre-auth code execution
  • Vulnerability Report

Active Exploitation and Public PoC Disclosed for CVE-2026-6875 ServiceNow Sandbox Escape Remote Code Execution

Do Son July 18, 2026 0
Cloudflare firewall blocking the critical WordPress wp2shell vulnerability and RCE attacks
  • Vulnerability Report

Cloudflare Blocks Critical WordPress wp2shell Vulnerability

Do Son July 18, 2026 0
Ubuntu Pro Client vulnerability CVE-2026-11386 APT source injection arbitrary code execution root privileges
  • Vulnerability Report

Ubuntu Pro Client Flaw CVE-2026-11386 Allows Arbitrary Code Execution With Root Privileges

Do Son July 18, 2026 0
WordPress pre-auth RCE CVE-2026-63030 REST batch route confusion SQL injection public PoC
  • Vulnerability Report

WordPress Pre-Auth RCE CVE-2026-63030: Vulnerability Details and PoC Exploit Code Now Public

Do Son July 18, 2026 0

Cyber Security

APT-C-60 Attacks Target Japan With SpyGlace Malware APT-C-60 attacks on Japan using LNK files and legitimate services to deploy SpyGlace malware
  • Cybercriminals

APT-C-60 Attacks Target Japan With SpyGlace Malware

July 18, 2026 0
Misconfigured Server Exposes Three AiTM Phishing Operators Open directory exposing three AiTM phishing operators using Evilginx MFA bypass tooling
  • Cybercriminals

Misconfigured Server Exposes Three AiTM Phishing Operators

July 17, 2026 0
China and India Cyberespionage Converge on Pakistani Law Enforcement Chinese cyberespionage against Pakistani law enforcement targeting Balochistan Police records
  • Cybercriminals

China and India Cyberespionage Converge on Pakistani Law Enforcement

July 16, 2026 0
Helix Data Extortion Group Emerges from BlackFile, ReliaQuest Reports Helix data extortion group using device code phishing to exfiltrate data from SharePoint
  • Cybercriminals

Helix Data Extortion Group Emerges from BlackFile, ReliaQuest Reports

July 16, 2026 0

Malware Alert

GoldPickaxe Banking Trojan Returns to Steal Faces and Bank Logins GoldPickaxe banking Trojan stealing biometric data and lock screen credentials from an Android phone
  • Malware

GoldPickaxe Banking Trojan Returns to Steal Faces and Bank Logins

July 17, 2026 0
RokRAT Malware Hides in Fake PDF Files to Spy on Academics APT37 RokRAT malware delivered via fake PDF in Operation Capsule Vault spear-phishing
  • Malware

RokRAT Malware Hides in Fake PDF Files to Spy on Academics

July 17, 2026 0
292 Fake GitHub Repositories Deliver BoryptGrab Infostealer to Windows Users Fake GitHub repositories BoryptGrab infostealer attack chain diagram
  • Malware

292 Fake GitHub Repositories Deliver BoryptGrab Infostealer to Windows Users

July 17, 2026 0
Supply Chain Trojan Targets Software Developers Through Project Files Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware
  • Malware

Supply Chain Trojan Targets Software Developers Through Project Files

July 17, 2026 0

Data Leak

Hugging Face Discloses Production Breach Driven by an Autonomous AI Agent Hugging Face breach driven by an autonomous AI agent attack exposing internal datasets and credentials
  • Data Leak

Hugging Face Discloses Production Breach Driven by an Autonomous AI Agent

July 18, 2026 0
Grok Build Repository Upload Scandal: Researcher Confirms Privacy Mode Cannot Stop It Grok Build repository upload controversy, SpaceXAI privacy mode response
  • Data Leak

Grok Build Repository Upload Scandal: Researcher Confirms Privacy Mode Cannot Stop It

July 14, 2026 0
The Grok Build Privacy Controversy: Unauthorized Repository Uploads Grok Build privacy settings interface showing how to disable automated repository data uploads
  • Data Leak

The Grok Build Privacy Controversy: Unauthorized Repository Uploads

July 14, 2026 0
KDDI Data Breach: Millions of Emails and Passwords Stolen KDDI data breach illustration, KDDI email leak security concept
  • Data Leak

KDDI Data Breach: Millions of Emails and Passwords Stolen

July 9, 2026 0
CVE-2026-54523 (CVSS 9.6): Public PoC Exploit Enables Kyverno Privilege Escalation to Admin in Any Namespace Kyverno vulnerability CVE-2026-54523 privilege escalation to admin in any namespace including kube-system
  • Vulnerability Report

CVE-2026-54523 (CVSS 9.6): Public PoC Exploit Enables Kyverno Privilege Escalation to Admin in Any Namespace

Do Son July 17, 2026 0
Read More Read more about CVE-2026-54523 (CVSS 9.6): Public PoC Exploit Enables Kyverno Privilege Escalation to Admin in Any Namespace
Citrix Secure Access Vulnerability Lets Local Users Gain SYSTEM Privileges Citrix Secure Access vulnerability CVE-2026-53565 privilege escalation illustration
  • Vulnerability Report

Citrix Secure Access Vulnerability Lets Local Users Gain SYSTEM Privileges

Do Son July 17, 2026 0
Read More Read more about Citrix Secure Access Vulnerability Lets Local Users Gain SYSTEM Privileges
EU Orders Google to Open Android to Rival AI Assistants and Share Search Data Under the DMA Google DMA ruling opening Android to third-party AI assistants and search data sharing
  • Technology

EU Orders Google to Open Android to Rival AI Assistants and Share Search Data Under the DMA

Do Son July 17, 2026 0
Read More Read more about EU Orders Google to Open Android to Rival AI Assistants and Share Search Data Under the DMA
Farewell NotebookLM: Google Rebrands Its AI Research Tool as Gemini Notebook, Adds Native Code Execution Gemini Notebook rebrand of NotebookLM with native code execution
  • Technology

Farewell NotebookLM: Google Rebrands Its AI Research Tool as Gemini Notebook, Adds Native Code Execution

Do Son July 17, 2026 0
Read More Read more about Farewell NotebookLM: Google Rebrands Its AI Research Tool as Gemini Notebook, Adds Native Code Execution
Chrome Security Update Patches Three Critical Use-After-Free Flaws in CameraCapture, GPU, and Network Chrome security update 150.0.7871.128 critical use-after-free vulnerabilities CameraCapture GPU Network
  • Vulnerability Report

Chrome Security Update Patches Three Critical Use-After-Free Flaws in CameraCapture, GPU, and Network

Do Son July 17, 2026 0
Read More Read more about Chrome Security Update Patches Three Critical Use-After-Free Flaws in CameraCapture, GPU, and Network
CVE-2026-9770: Information Disclosure Vulnerability Exposes Admin Credentials on TP-Link Kasa Cameras TP-Link Kasa vulnerability CVE-2026-9770 information disclosure flaw on EC70 and EC71 cameras
  • Vulnerability Report

CVE-2026-9770: Information Disclosure Vulnerability Exposes Admin Credentials on TP-Link Kasa Cameras

Do Son July 17, 2026 0
Read More Read more about CVE-2026-9770: Information Disclosure Vulnerability Exposes Admin Credentials on TP-Link Kasa Cameras
CISA Adds FortiSandbox and SharePoint Flaws to KEV Catalog After Confirming Active Exploitation CISA KEV catalog adds three actively exploited FortiSandbox and SharePoint vulnerabilities
  • Vulnerability Report

CISA Adds FortiSandbox and SharePoint Flaws to KEV Catalog After Confirming Active Exploitation

Do Son July 17, 2026 0
Read More Read more about CISA Adds FortiSandbox and SharePoint Flaws to KEV Catalog After Confirming Active Exploitation
7-Zip Vulnerability CVE-2026-14266 Allows Remote Code Execution Through Crafted XZ Data 7-Zip vulnerability CVE-2026-14266 XZ decompression heap buffer overflow remote code execution
  • Vulnerability Report

7-Zip Vulnerability CVE-2026-14266 Allows Remote Code Execution Through Crafted XZ Data

Do Son July 16, 2026 0
Read More Read more about 7-Zip Vulnerability CVE-2026-14266 Allows Remote Code Execution Through Crafted XZ Data
Grok Build Goes Open Source for Community Audits but GitHub Issues and PRs Stay Closed Grok Build open source release on GitHub with data sharing disabled
  • Technology

Grok Build Goes Open Source for Community Audits but GitHub Issues and PRs Stay Closed

Do Son July 16, 2026 0
Read More Read more about Grok Build Goes Open Source for Community Audits but GitHub Issues and PRs Stay Closed
CVE-2026-15378: Blind SSRF Flaw in Red Hat OpenShift AI Red Hat OpenShift AI blind SSRF flaw CVE-2026-15378 in guardrails-detectors component
  • Vulnerability Report

CVE-2026-15378: Blind SSRF Flaw in Red Hat OpenShift AI

Do Son July 16, 2026 0
Read More Read more about CVE-2026-15378: Blind SSRF Flaw in Red Hat OpenShift AI
Microsoft Untangles Its Messy Windows Update Terminology: B Releases, Quality Updates, and More Windows monthly updates terminology explained including B release and quality updates
  • Windows

Microsoft Untangles Its Messy Windows Update Terminology: B Releases, Quality Updates, and More

Do Son July 16, 2026 0
Read More Read more about Microsoft Untangles Its Messy Windows Update Terminology: B Releases, Quality Updates, and More
Metabase Fixes CVE-2026-59827 and CVE-2026-59826 Remote Code Execution Flaws Metabase remote code execution via CVE-2026-59827 unsafe H2 deserialization flaw
  • Vulnerability Report

Metabase Fixes CVE-2026-59827 and CVE-2026-59826 Remote Code Execution Flaws

Do Son July 16, 2026 0
Read More Read more about Metabase Fixes CVE-2026-59827 and CVE-2026-59826 Remote Code Execution Flaws
Apache IoTDB Patches Five Security Flaws, Upgrade to 2.0.10 Apache IoTDB time-series database server affected by five patched security vulnerabilities
  • Vulnerability Report

Apache IoTDB Patches Five Security Flaws, Upgrade to 2.0.10

Do Son July 16, 2026 0
Read More Read more about Apache IoTDB Patches Five Security Flaws, Upgrade to 2.0.10
SonicWall SMA1000 CVE-2026-15409 (CVSS 10.0) RCE Exploited in the Wild as Public PoC Drops SonicWall SMA1000 vulnerability CVE-2026-15409 remote code execution exploited in the wild
  • Vulnerability Report

SonicWall SMA1000 CVE-2026-15409 (CVSS 10.0) RCE Exploited in the Wild as Public PoC Drops

Do Son July 16, 2026 0
Read More Read more about SonicWall SMA1000 CVE-2026-15409 (CVSS 10.0) RCE Exploited in the Wild as Public PoC Drops
Dell PowerFlex Manager Flaw CVE-2026-56688 Allows Root Command Execution Dell PowerFlex command execution via CVE-2026-56688 OS command injection flaw
  • Vulnerability Report

Dell PowerFlex Manager Flaw CVE-2026-56688 Allows Root Command Execution

Do Son July 16, 2026 0
Read More Read more about Dell PowerFlex Manager Flaw CVE-2026-56688 Allows Root Command Execution
Microsoft Blocks the July 2026 Security Update on Dell Devices Over an Intel Driver Conflict Windows 11 update blocked on Dell devices due to Intel driver compatibility issue
  • Windows

Microsoft Blocks the July 2026 Security Update on Dell Devices Over an Intel Driver Conflict

Do Son July 16, 2026 0
Read More Read more about Microsoft Blocks the July 2026 Security Update on Dell Devices Over an Intel Driver Conflict
Elon Musk: X/Twitter Will Fully Open-Source Its Codebase for Public Review X Twitter open source codebase announcement by Elon Musk
  • Technology

Elon Musk: X/Twitter Will Fully Open-Source Its Codebase for Public Review

Do Son July 16, 2026 0
Read More Read more about Elon Musk: X/Twitter Will Fully Open-Source Its Codebase for Public Review
Age of Empires CVE-2026-50663: High-Risk Lobby Bug Fixed Age of Empires CVE security warning and bug details.
  • Vulnerability Report

Age of Empires CVE-2026-50663: High-Risk Lobby Bug Fixed

Do Son July 16, 2026 0
Read More Read more about Age of Empires CVE-2026-50663: High-Risk Lobby Bug Fixed
Albiriox Android Banking Trojan Spreads Through Fake UniCredit Rewards on Telegram Albiriox malware Android banking trojan spread via fake UniCredit banking rewards and Telegram bot
  • Malware

Albiriox Android Banking Trojan Spreads Through Fake UniCredit Rewards on Telegram

Do Son July 16, 2026 0
Read More Read more about Albiriox Android Banking Trojan Spreads Through Fake UniCredit Rewards on Telegram
GigaWiper Backdoor Bundles Disk Wiping Malware and Fake Ransomware illegal streaming networks complex criminal enterprises UAT-7290 China-nexus Espionage Adversarial Misuse of Generative AI
  • Malware

GigaWiper Backdoor Bundles Disk Wiping Malware and Fake Ransomware

Do Son July 16, 2026 0
Read More Read more about GigaWiper Backdoor Bundles Disk Wiping Malware and Fake Ransomware
CISA Adds Oracle E-Business Suite and KNX Flaws to KEV Catalog CISA KEV catalog additions CVE-2026-46817 and CVE-2023-4346 illustration
  • Vulnerability Report

CISA Adds Oracle E-Business Suite and KNX Flaws to KEV Catalog

Do Son July 16, 2026 0
Read More Read more about CISA Adds Oracle E-Business Suite and KNX Flaws to KEV Catalog
Splunk Fixes Three Splunk Enterprise Vulnerabilities Led by CVE-2026-20296 CSRF Flaw Splunk Enterprise vulnerabilities CVE-2026-20296 security advisory illustration
  • Vulnerability Report

Splunk Fixes Three Splunk Enterprise Vulnerabilities Led by CVE-2026-20296 CSRF Flaw

Do Son July 16, 2026 0
Read More Read more about Splunk Fixes Three Splunk Enterprise Vulnerabilities Led by CVE-2026-20296 CSRF Flaw
Next Page ❯

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-6875CVSS 9.5
    ServiceNow has addressed a remote code execution vulnerability that was identified in the ServiceNow AI platform. This vulnerability...
    Admin intel📅 Updated: Jul 18, 2026
  • CVE-2026-39808CVSS 9.8
    A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox...
    CISA KEV📅 Added to KEV: Jul 16, 2026
  • CVE-2026-25089CVSS 9.8
    A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox...
    CISA KEV📅 Added to KEV: Jul 16, 2026
  • CVE-2026-58644CVSS 9.8
    Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.
    CISA KEV📅 Added to KEV: Jul 16, 2026
  • CVE-2023-4346CVSS 7.5
    KNX devices that use KNX Connection Authorization and support Option 1 are, depending on the implementation, vulnerable to...
    CISA KEV📅 Added to KEV: Jul 15, 2026
  • CVE-2026-53362
    In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation...
    Admin intel📅 Updated: Jul 14, 2026
  • CVE-2026-46242CVSS 7.8
    In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix ep_remove struct eventpoll / struct file...
    Admin intel📅 Updated: Jul 14, 2026
  • CVE-2026-56155CVSS 7.8
    Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate...
    CISA KEV📅 Added to KEV: Jul 14, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-16117CVSS 10.0
    Impact: @fastify/http-proxy versions up to and including 11.5.0 fail to rewrite the...
  • CVE-2026-47865CVSS 9.8
    VMware Avi Load Balancer contains an authentication bypass vulnerability. A malicious user...
  • CVE-2026-55518CVSS 9.6
    Avo is a framework to create admin panels for Ruby on Rails...
  • CVE-2026-54159CVSS 10.0
    PrestaShop ps_facetedsearch is a module that adds layered navigation filters. From 3.0.0...
  • CVE-2026-48062CVSS 9.8
    CodeIgniter is a PHP full-stack web framework. Prior to 4.7.3, the ext_in...
  • CVE-2026-13446CVSS 9.8
    IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password...
  • CVE-2026-8859CVSS 9.9
    IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to...
  • CVE-2026-8635CVSS 9.9
    IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges...
  • CVE-2026-8505CVSS 9.8
    IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook...
  • CVE-2026-8476CVSS 9.9
    IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Top Exploited CVEs
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • Disclaimer
    • DCMA
    • Privacy Policy
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • CVE Watchtower
    • CVE Statistics by Vendor 2026
    • Q2 2026 Report
    • Top Exploited CVEs
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.