Vulnerability Report Archives • Page 23 of 87 • Daily CyberSecurity

Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack Ninja Forms RCE WordPress Vulnerability

Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack

Do Son April 6, 2026

In a major alert for the WordPress community, a critical security flaw has been disclosed in the...

Keycloak Under Siege: Patch Now to Stop Token Theft and Account Takeovers Keycloak vulnerabilities Keycloak Security MFA Bypass

Keycloak Under Siege: Patch Now to Stop Token Theft and Account Takeovers

Do Son April 6, 2026

The popular open-source identity and access management solution Keycloak has released a critical security update, version 26.5.7,...

CVE-2026-34838 (CVSS 10): Critical RCE Flaw Uncovered in GroupOffice CRM GroupOffice RCE, Insecure Deserialization

CVE-2026-34838 (CVSS 10): Critical RCE Flaw Uncovered in GroupOffice CRM

Do Son April 6, 2026

In a significant discovery for enterprises and public sector organizations, a critical security vulnerability has been unmasked...

Critical RCE and SQLi Flaws Shatter mbCONNECT24 Industrial Security mbCONNECT24 Vulnerabilities Industrial RCE

Critical RCE and SQLi Flaws Shatter mbCONNECT24 Industrial Security

Do Son April 6, 2026

In a significant alert for the industrial automation sector, CERT@VDE has disclosed a series of high-severity vulnerabilities...

Whitespace Flaw Re-Opens Critical JWT “Algorithm Confusion” Bypass fast-jwt JWT Algorithm Confusion

Whitespace Flaw Re-Opens Critical JWT “Algorithm Confusion” Bypass

Do Son April 6, 2026

Security researchers have disclosed two major vulnerabilities within fast-jwt, a high-performance library used to implement JSON Web...

Double Agents in the Cloud: Unit 42 Unmasks Critical AI Vulnerabilities in Google Vertex AI Vertex AI Security AI Double Agents

Double Agents in the Cloud: Unit 42 Unmasks Critical AI Vulnerabilities in Google Vertex AI

Do Son April 6, 2026

As organizations race to integrate autonomous systems into their workflows, a new and subtle threat is emerging...

The $17 Million Bounty: Google Smashes Records and Launches AI Frontier for 15th VRP Anniversary Google VRP 2025 Bug Bounty Records

The $17 Million Bounty: Google Smashes Records and Launches AI Frontier for 15th VRP Anniversary

Do Son April 5, 2026

In an era of increasingly complex digital threats, Google’s strategy of “inviting the world to find its...

Zero Authentication, Total Control: Critical CVSS 10 Flaw Uncovered in Dgraph Database Dgraph Vulnerability CVSS 10.0 Dgraph Admin Leak CVE-2026-40173

Dgraph Vulnerability CVSS 10.0 Dgraph Admin Leak CVE-2026-40173

Zero Authentication, Total Control: Critical CVSS 10 Flaw Uncovered in Dgraph Database

Do Son April 5, 2026

A security vulnerability was found in Dgraph, the high-performance, horizontally scalable GraphQL database. The flaw, designated as...

Under Active Attack: Critical 9.1 CVSS FortiClient EMS Flaw Exploited in the Wild Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Under Active Attack: Critical 9.1 CVSS FortiClient EMS Flaw Exploited in the Wild

Do Son April 4, 2026

Security teams are on high alert as Fortinet confirms that a critical vulnerability in its FortiClient EMS...

Apache Traffic Server Patches “Double-Header” DoS and Request Smuggling Flaws Apache Traffic Server Vulnerabilities CVE-2024-56195 and CVE-2024-56196

Apache Traffic Server Patches “Double-Header” DoS and Request Smuggling Flaws

Do Son April 3, 2026

Apache Traffic Server, the high-performance web proxy cache responsible for keeping the modern web fast, is facing...

Password Hijack in the Modern Stack: Payload CMS Patches Critical 9.1 CVSS Reset Flaw Payload CMS Vulnerability CVE-2026-34751

Password Hijack in the Modern Stack: Payload CMS Patches Critical 9.1 CVSS Reset Flaw

Do Son April 3, 2026

The rapid-growth, fullstack Next.js framework Payload—known for giving developers “instant backend superpowers” —is facing a serious security...

CVE-2026-4370 (CVSS 10): Critical Juju Flaw Grants Attackers Total Infrastructure Control

Do Son April 3, 2026

The cybersecurity community is on high alert following the discovery of a critical security flaw in Juju,...

Breaking the Input: Sandbox Escape Hits libinput, Exposing Leading Linux Desktops libinput Sandbox Escape CVE-2026-35093

Breaking the Input: Sandbox Escape Hits libinput, Exposing Leading Linux Desktops

Do Son April 3, 2026

The core of modern Linux input handling is facing a significant security challenge. libinput, the essential library...

The MuPDF Vulnerability Turning “Safe” PDFs into System Hijackers MuPDF RCE Integer Overflow

The MuPDF Vulnerability Turning “Safe” PDFs into System Hijackers

Do Son April 3, 2026

A significant security flaw has been unearthed in Artifex MuPDF, a popular framework prized for its speed...

OpenSSH 10.3 Patches Command Execution and “scp” Privilege Escalation OpenSSH 10.3 Patch SSH Command Injection CVE-2023-38408 OpenSSH Vulnerability CVE-2026-3497

OpenSSH 10.3 Patch SSH Command Injection CVE-2023-38408 OpenSSH Vulnerability CVE-2026-3497

OpenSSH 10.3 Patches Command Execution and “scp” Privilege Escalation

Do Son April 3, 2026

In the critical infrastructure of the internet, OpenSSH stands as one of the most vital gatekeepers for...

Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile Progress ShareFile RCE Storage Zones Controller

Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile

Do Son April 3, 2026

A duo of severe security vulnerabilities has been uncovered in Progress ShareFile, a widely used managed file...

Smart Home Alert: Critical Flaws Exposed in TP-Link Tapo Security Cameras

Do Son April 3, 2026

A security advisory from TP-Link have exposured a series of high-severity vulnerabilities—ranging from CVE-2026-34118 to CVE-2026-34124—affecting the...

200,000+ Sites at Risk: Perfmatters Flaw Enables Full WordPress Site Takeover Perfmatters Vulnerability WordPress Site Takeover

200,000+ Sites at Risk: Perfmatters Flaw Enables Full WordPress Site Takeover

Do Son April 3, 2026

Researchers expose a critical vulnerability in Perfmatters, a popular performance-optimization WordPress plugin with over 200,000 active installations....

Joomla! Issues Security Patch: Critical File Deletion and Webservice Flaws Exposed Joomla Vulnerability CVE-2026-23898

Joomla! Issues Security Patch: Critical File Deletion and Webservice Flaws Exposed

Do Son April 2, 2026

Joomla! CMS has released a series of critical security updates to address two high-severity vulnerabilities—CVE-2026-23898 and CVE-2026-23899—both...

Lodash Patches High-Severity Code Injection Vulnerability Lodash Code Injection CVE-2026-4800

Lodash Patches High-Severity Code Injection Vulnerability

Do Son April 2, 2026

In the world of modern JavaScript, Lodash is the undisputed heavyweight champion of utility libraries, providing the...