Vulnerability Report Archives • Page 21 of 87 • Daily CyberSecurity

LiteLLM Under Fire: Triple Threat Vulnerabilities Expose AI Gateways to Total Takeover LiteLLM SQL Injection CVE-2026-42208 LiteLLM Vulnerability AI Infrastructure Security

LiteLLM SQL Injection CVE-2026-42208 LiteLLM Vulnerability AI Infrastructure Security

LiteLLM Under Fire: Triple Threat Vulnerabilities Expose AI Gateways to Total Takeover

Do Son April 13, 2026

LiteLLM, the popular open-source library used to provide a unified interface for over 100 Large Language Models...

Laravel Passport Patches Machine-to-Human Authentication Bypass Laravel Passport Vulnerability Authentication Bypass

Laravel Passport Patches Machine-to-Human Authentication Bypass

Do Son April 13, 2026

Laravel Passport is widely recognized as an OAuth2 server and API authentication package that is both simple...

The Encryption Ghost: How the FBI Recovers “Deleted” Signal Messages from iPhone Caches Signal cloud backup iOS Notification Database

The Encryption Ghost: How the FBI Recovers “Deleted” Signal Messages from iPhone Caches

Do Son April 13, 2026

During a federal court proceeding in Texas on April 9, 2026, the FBI presented retrieved messages from...

Under 10 Hours: The marimo Terminal RCE Exploited in a Record-Breaking AI Sprint marimo Terminal RCE AI-Assisted Exploitation

Under 10 Hours: The marimo Terminal RCE Exploited in a Record-Breaking AI Sprint

Do Son April 13, 2026

A critical flaw in marimo, a popular reactive Python notebook platform, has become the latest case study...

Total CMS Takeover: Movable Type Patches Critical 9.8 CVSS Perl RCE Movable Type Vulnerability Perl RCE

Total CMS Takeover: Movable Type Patches Critical 9.8 CVSS Perl RCE

Do Son April 13, 2026

Six Apart Ltd. has issued an urgent security advisory for Movable Type, a long-standing content management system...

Encryption Bypasses and Kubernetes Token Leaks Hit Apache Tomcat CVE-2023-45648 Apache Tomcat Security Encryption Bypass

Encryption Bypasses and Kubernetes Token Leaks Hit Apache Tomcat

Do Son April 13, 2026

Apache Tomcat, the open-source backbone for millions of Java-based web applications, has been hit by a wave...

CVE-2026-40175 (CVSS 10): Critical Axios Vulnerability and Exploit Code Disclosed Publicly Axios proxy vulnerabilities prototype pollution gadget Axios Vulnerability Cloud Hijacking Axios npm supply chain attack Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

Axios proxy vulnerabilities prototype pollution gadget Axios Vulnerability Cloud Hijacking Axios npm supply chain attack Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

CVE-2026-40175 (CVSS 10): Critical Axios Vulnerability and Exploit Code Disclosed Publicly

Do Son April 12, 2026

A critical security vulnerability in Axios, the ubiquitous promise-based HTTP client for Node.js and the browser, has...

Root Access at Risk: Critical Nix Sandbox Escape Overwrites Sensitive System Files Nix Sandbox Escape Root Escalation CVE-2024-45593

Root Access at Risk: Critical Nix Sandbox Escape Overwrites Sensitive System Files

Do Son April 10, 2026

A severe security vulnerability has been identified in the Nix package manager, a tool celebrated by the...

Critical Privilege Escalation in Checkmk: Root Access at Risk Checkmk Privilege Escalation

Critical Privilege Escalation in Checkmk: Root Access at Risk

Do Son April 10, 2026

A critical-severity security vulnerability has been identified in the Checkmk monitoring platform, potentially allowing local users to...

HPE Aruba Patches High-Severity Credential Theft Flaw CVE-2024-26305 _ CVE-2025-23058 Aruba 5G Core Open Redirect

HPE Aruba Patches High-Severity Credential Theft Flaw

Do Son April 10, 2026

HPE Aruba Networking has issued an important software update to address a high-severity security flaw in its...

TP-Link Archer AX53 Hit by Multiple High-Severity Vulnerabilities

Do Son April 10, 2026

TP-Link has issued an urgent security advisory regarding its Archer AX53 v1.0 router, detailing five distinct vulnerabilities...

Cloud Engineering at Risk: AWS Patches Critical Privilege Escalation and RCE Flaws in RES AWS RES Security Cloud Privilege Escalation

Cloud Engineering at Risk: AWS Patches Critical Privilege Escalation and RCE Flaws in RES

Do Son April 9, 2026

Amazon Web Services (AWS) has released urgent security updates for its Research and Engineering Studio (RES), an...

Critical 9.8 CVSS Flaws in goshs Exposed goshs Exploit Path Traversal

Critical 9.8 CVSS Flaws in goshs Exposed

Do Son April 9, 2026

Security researchers have unmasked three critical vulnerabilities in goshs, a popular high-performance replacement for Python’s SimpleHTTPServer. The...

The “Open Door” Vulnerability: Unchanged Default Passwords Put Juniper vLWC at Risk Juniper vLWC Vulnerability Default Password Exploit HPE, Juniper Networks CVE-2024-21611 & CVE-2024-21591 - CVE-2025-21589

Juniper vLWC Vulnerability Default Password Exploit HPE, Juniper Networks CVE-2024-21611 & CVE-2024-21591 - CVE-2025-21589

The “Open Door” Vulnerability: Unchanged Default Passwords Put Juniper vLWC at Risk

Do Son April 9, 2026

In a critical security alert, Juniper Networks has warned of a severe vulnerability in its Support Insights...

100,000+ Sites Exposed: Critical 9.8 CVSS Flaw Hits Everest Forms WordPress Plugin Everest Forms Vulnerability PHP Object Injection

100,000+ Sites Exposed: Critical 9.8 CVSS Flaw Hits Everest Forms WordPress Plugin

Do Son April 9, 2026

Everest Forms, a popular WordPress plugin trusted by over 100,000 websites for building everything from simple contact...

Frontend Secrets Exposed: Vite Patches Critical Security Bypass in Dev Server Vite Vulnerability Arbitrary File Read

Frontend Secrets Exposed: Vite Patches Critical Security Bypass in Dev Server

Do Son April 9, 2026

Vite has become the “speed demon” of modern frontend development, prized for its lightning-fast Hot Module Replacement...

React Server Components Vulnerability CVE-2026-23870 React Server Components Server-Side DoS React DoS Vulnerability CVE-2026-23864 React Server Components DoS, Source Code Disclosure React RCE, Server Components Deserialization CVE-2025-55182

Denial of Service Alert: React Server Components Vulnerability Causes CPU Spikes

Do Son April 9, 2026

React, the popular JavaScript library used by millions of developers for building user interfaces, has issued an...

Sandbox Escape: Critical Flatpak Flaw Grants Full Host Access Flatpak Sandbox Escape CVE-2026-34078

Sandbox Escape: Critical Flatpak Flaw Grants Full Host Access

Do Son April 9, 2026

Flatpak, the widely-used system for building, distributing, and running sandboxed desktop applications on Linux, has been hit...

Palo Alto Networks Patches Trio of Security Flaws: From Agent Disabling to System Privileges PAN-OS IKEv2 Buffer Overflow CVE-2026-0263 Palo Alto Cortex XDR Privilege Escalation Palo Alto Networks Vulnerability CVE-2026-0229 PAN-OS Vulnerability CVE-2026-0227 CVE-2024-5914 - Palo Alto Networks - CVE-2025-0108 & CVE-2025-0110