Critical Alert 1 Active Exploit Detected Today

CVE-2026-10520 — Ivanti Sentry OS Command Injection Vulnerability →

Powered by CVE Watchtower

×

Vulnerability Report

Exploited in the Wild: Critical 9.8 CVSS RCE Hits Canon GUARDIANWALL MailSuite GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

Exploited in the Wild: Critical 9.8 CVSS RCE Hits Canon GUARDIANWALL MailSuite

Do Son May 14, 2026

In a significant security disclosure, JPCERT/CC has issued an advisory regarding a critical stack-based buffer overflow vulnerability...

200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild Burst Statistics Authentication Bypass CVE-2026-8181 Exploit

Burst Statistics Authentication Bypass CVE-2026-8181 Exploit

200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild

Do Son May 14, 2026

In a major discovery for the WordPress ecosystem, PRISM, Wordfence Threat Intelligence’s autonomous vulnerability research platform, has...

Architectural Breach: AMD Zen 2 Flaw Allows Higher-Privilege Instruction Corruption AMD Zen 2 Vulnerability CVE-2025-54518 AMD EPYC processors vulnerability - CVE-2023-31315

AMD Zen 2 Vulnerability CVE-2025-54518 AMD EPYC processors vulnerability - CVE-2023-31315

Architectural Breach: AMD Zen 2 Flaw Allows Higher-Privilege Instruction Corruption

Do Son May 14, 2026

In a significant revelation for the hardware security world, AMD has identified a vulnerability targeting its Zen...

GitLab Critical Patch: High-Severity XSS and Unauthenticated DoS Flaws Hit Self-Managed Instances GitLab security updates, GitLab patch release, CVE-2026-6552, CVE-2026-10087, CVE-2026-7250 GitLab Security Update May 2026 GitLab XSS and DoS Vulnerabilities GitLab Security Session Hijacking GitLab Security Update, CI/CD Vulnerability GitLab DoS, Security Update bypassing SAML - CVE-2024-8312 and CVE-2024-6826

GitLab security updates, GitLab patch release, CVE-2026-6552, CVE-2026-10087, CVE-2026-7250 GitLab Security Update May 2026 GitLab XSS and DoS Vulnerabilities GitLab Security Session Hijacking GitLab Security Update, CI/CD Vulnerability GitLab DoS, Security Update bypassing SAML - CVE-2024-8312 and CVE-2024-6826

GitLab Critical Patch: High-Severity XSS and Unauthenticated DoS Flaws Hit Self-Managed Instances

Do Son May 14, 2026

In a major move to secure its DevOps platform, GitLab has released important security versions for both...

Critical 9.6 Severity Ivanti Xtraction Flaw Exposes Sensitive Data Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Critical 9.6 Severity Ivanti Xtraction Flaw Exposes Sensitive Data

Do Son May 14, 2026

Ivanti has issued an urgent security update for its Xtraction platform to address a critical vulnerability. Carrying...

Critical MongoDB Flaw CVE-2026-8053 Paves the Way for Server Takeover MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

Critical MongoDB Flaw CVE-2026-8053 Paves the Way for Server Takeover

Do Son May 14, 2026

Time-series data is the backbone of countless modern applications, from financial tickers to IoT monitoring. However, a...

OPNsense Critical Root RCE (CVE-2026-44194 & CVE-2026-45158) Details and PoC Disclosed OPNsense RCE Vulnerability CVE-2026-44194 PoC

OPNsense RCE Vulnerability CVE-2026-44194 PoC

OPNsense Critical Root RCE (CVE-2026-44194 & CVE-2026-45158) Details and PoC Disclosed

Do Son May 14, 2026

The open-source firewall community is on high alert today after critical security vulnerabilities in OPNsense were dragged...

Urgent Update: Composer Vulnerability Leaks GitHub Secrets in Plaintext Logs (CVE-2026-45793) CVE-2026-40176, CVE-2026-40261 Composer GitHub Token Leak CVE-2026-45793

CVE-2026-40176, CVE-2026-40261 Composer GitHub Token Leak CVE-2026-45793

Urgent Update: Composer Vulnerability Leaks GitHub Secrets in Plaintext Logs (CVE-2026-45793)

Do Son May 14, 2026

In a critical security alert for the PHP community, Nils Adermann, Co-Creator of Composer, has issued an...

Critical 18-Year-Old NGINX RCE (CVE-2026-42945) and GitHub PoC Disclosed NGINX RCE Vulnerability CVE-2026-42945 PoC

NGINX RCE Vulnerability CVE-2026-42945 PoC

Critical 18-Year-Old NGINX RCE (CVE-2026-42945) and GitHub PoC Disclosed

Do Son May 14, 2026

Security researcher Zhenpeng (Leo) Lin of depthfirst has unveiled a critical, 18-year-old vulnerability lurking within NGINX. The...

Fragnesia Universal Linux Root LPE Details and One-Line PoC Disclosed Fragnesia Linux Exploit Universal LPE PoC

Fragnesia Linux Exploit Universal LPE PoC

Fragnesia Universal Linux Root LPE Details and One-Line PoC Disclosed

Do Son May 13, 2026

The Linux security landscape has been rocked by the public disclosure of Fragnesia, a universal local privilege...

Exploit Code Released: Public PoC Dumps for Windows BitLocker Bypass and SYSTEM Elevation Zero-Days BitLocker Bypass PoC Windows Zero-Day Exploit 2026

BitLocker Bypass PoC Windows Zero-Day Exploit 2026

Exploit Code Released: Public PoC Dumps for Windows BitLocker Bypass and SYSTEM Elevation Zero-Days

Do Son May 13, 2026

In a escalation of hostilities against Microsoft, a researcher known as Chaotic Eclipse (operating under the alias...

Critical-Severity XSS Flaws Uncovered in Siemens SIMATIC S7 Web Servers Siemens SIMATIC S7 Vulnerability Industrial PLC XSS CVE-2024-44102 - Siemens TeleControl Server Basic

Siemens SIMATIC S7 Vulnerability Industrial PLC XSS CVE-2024-44102 - Siemens TeleControl Server Basic

Critical-Severity XSS Flaws Uncovered in Siemens SIMATIC S7 Web Servers

Do Son May 13, 2026

Siemens ProductCERT issued an urgent security advisory regarding multiple Cross-Site Scripting (XSS) vulnerabilities found within the web...

9.8 Severity Alert: Malicious Git Branches Can Hijack Your WebdriverIO Build Servers WebdriverIO Command Injection CVE-2026-25244

WebdriverIO Command Injection CVE-2026-25244

9.8 Severity Alert: Malicious Git Branches Can Hijack Your WebdriverIO Build Servers

Do Son May 13, 2026

A critical security vulnerability has been found in WebdriverIO, a popular open-source test automation framework used for...

Microsoft Patch Tuesday May 2026 Fixes 137 Flaws, Including Netlogon RCE and Critical SSO Bypass

Microsoft Patch Tuesday May 2026 Netlogon RCE CVE-2026-41089 SharePoint Exploit Patch Tuesday Windows DWM Zero-Day CVE-2026-21519 CVE-2024-49039 Microsoft Patch Tuesday March 2025

Microsoft Patch Tuesday May 2026 Fixes 137 Flaws, Including Netlogon RCE and Critical SSO Bypass

Do Son May 13, 2026

Microsoft has dropped a heavy-hitting security update for May 2026, addressing a total of 137 vulnerabilities. This...

CVSS 10 Alert: SandboxJS Critical Escape Vulnerability Enables Host Takeover SandboxJS Sandbox Escape CVE-2026-43898 RCE

SandboxJS Sandbox Escape CVE-2026-43898 RCE

CVSS 10 Alert: SandboxJS Critical Escape Vulnerability Enables Host Takeover

Do Son May 13, 2026

The fundamental promise of any digital sandbox is strict isolation: providing a secure container where untrusted code...

PraisonAI CVE-2026-44338 Exploited in the Wild Hours After Patch Disclosure PraisonAI Authentication Bypass Exploited in the Wild CVE-2026-44338

PraisonAI Authentication Bypass Exploited in the Wild CVE-2026-44338

PraisonAI CVE-2026-44338 Exploited in the Wild Hours After Patch Disclosure

Do Son May 13, 2026

A new report from the Sysdig Threat Research Team (TRT) reveals that on May 11, 2026, a...

9.8 Critical Alert: One-Byte Heap Corruption in Exim Exposes Global Mail Servers to Takeover Exim RCE Vulnerability CVE-2026-45185 GnuTLS

Exim RCE Vulnerability CVE-2026-45185 GnuTLS

9.8 Critical Alert: One-Byte Heap Corruption in Exim Exposes Global Mail Servers to Takeover

Do Son May 13, 2026

A “highest-caliber” vulnerability was found in Exim, one of the internet’s most widely used Mail Transfer Agents...

Fortinet Critical Alert: 9.1 Severity Flaws in FortiSandbox and FortiAuthenticator Risk Remote Takeover CVE-2023-36553 Fortinet Critical Vulnerabilities FortiSandbox CVE-2026-26083

CVE-2023-36553 Fortinet Critical Vulnerabilities FortiSandbox CVE-2026-26083

Fortinet Critical Alert: 9.1 Severity Flaws in FortiSandbox and FortiAuthenticator Risk Remote Takeover

Do Son May 13, 2026

Fortinet has issued a high-priority warning regarding two separate critical vulnerabilities affecting core security components: FortiSandbox and...

Multiple Memory Flaws in Dnsmasq Threaten Millions of Connected Devices dnsmasq Vulnerabilities DNS Cache Poisoning

dnsmasq Vulnerabilities DNS Cache Poisoning

Multiple Memory Flaws in Dnsmasq Threaten Millions of Connected Devices

Do Son May 13, 2026

In the foundational architecture of small-to-medium networks and home routing devices, dnsmasq is the open-source networking tool...

Critical Casdoor Vulnerability CVE-2026-44213 Allows Arbitrary File Overwrites Casdoor Arbitrary File Write CVE-2026-44213 Path Traversal

Casdoor Arbitrary File Write CVE-2026-44213 Path Traversal

Critical Casdoor Vulnerability CVE-2026-44213 Allows Arbitrary File Overwrites

Do Son May 13, 2026

In the complex world of Identity and Access Management (IAM), the security of the gateway is paramount....