Vulnerability Report

NVIDIA Patches High-Severity Flaws Threatening Jetson Edge AI Systems NVIDIA FLARE Vulnerability Federated Learning Security NVIDIA Jetson Linux Edge AI Security BioNeMo Vulnerability Insecure Deserialization NVIDIA RTX 50 Super delay NVIDIA Nsight Vulnerability Merlin Transformers4Rec NVIDIA AI Bubble $57 Billion Revenue H20 AI chip NVIDIA earnings Blackwell AI Nvidia DGX-1 Vulnerabilities CVE-2024-0143 NVIDIA Linux Gaming, VKD3D Performance

NVIDIA FLARE Vulnerability Federated Learning Security NVIDIA Jetson Linux Edge AI Security BioNeMo Vulnerability Insecure Deserialization NVIDIA RTX 50 Super delay NVIDIA Nsight Vulnerability Merlin Transformers4Rec NVIDIA AI Bubble $57 Billion Revenue H20 AI chip NVIDIA earnings Blackwell AI Nvidia DGX-1 Vulnerabilities CVE-2024-0143 NVIDIA Linux Gaming, VKD3D Performance

NVIDIA Patches High-Severity Flaws Threatening Jetson Edge AI Systems

Do Son April 2, 2026

NVIDIA has issued a software update for its Jetson Linux platform to address several security flaws that...

The xmldom CDATA Flaw That Puts 23 Million Weekly Users at Risk xmldom Vulnerability XML Injection

xmldom Vulnerability XML Injection

The xmldom CDATA Flaw That Puts 23 Million Weekly Users at Risk

Do Son April 2, 2026

A significant vulnerability has been discovered in xmldom, a massive JavaScript library with over 23.5 million weekly...

Security Alert: Critical Vulnerability Hits Anritsu Remote Spectrum Monitors Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Ollama Heap Leak CVE-2026-5757 Anritsu Vulnerability Authentication Bypass Gootloader Malware Malformed ZIP Evasion Blender Malware, StealC V2 Lectora, XSS CVE-2025-9125 HFS RCE, Template Injection Arch Linux Malware, CHAOS RAT CVE-2024-56404 - CVE-2024-39327 CVE-2025-2538

Security Alert: Critical Vulnerability Hits Anritsu Remote Spectrum Monitors

Do Son April 2, 2026

A recent security advisory summarized by CISA highlights a critical design flaw in Anritsu Remote Spectrum Monitors...

The DarkSword Threat: Apple Issues Emergency iOS 18.7.7 Patch for Legacy iPhones DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

The DarkSword Threat: Apple Issues Emergency iOS 18.7.7 Patch for Legacy iPhones

Do Son April 2, 2026

The “DarkSword” exploitation kit has presently achieved widespread dissemination across the digital ether, increasingly co-opted by a...

Critical 9.2 Severity Flaw in Gigabyte Control Center Exposed Gigabyte Control Center CVE-2026-4415

Gigabyte Control Center CVE-2026-4415

Critical 9.2 Severity Flaw in Gigabyte Control Center Exposed

Do Son April 2, 2026

According to a security advisory promulgated by Gigabyte, the Gigabyte Control Center (GCC) is affected by an...

Cisco Issues Urgent Patch for Critical IMC Auth Bypass: A CVSS 9.8 Wake-Up Call Cisco IMC Vulnerability CVE-2026-20093 CVE-2024-20401 Cisco IOS XE Privilege Escalation

Cisco IMC Vulnerability CVE-2026-20093 CVE-2024-20401 Cisco IOS XE Privilege Escalation

Cisco Issues Urgent Patch for Critical IMC Auth Bypass: A CVSS 9.8 Wake-Up Call

Do Son April 2, 2026

A newly discovered vulnerability has turned the Cisco Integrated Management Controller (IMC) into a potential backdoor. Tracked...

Critical 9.8 CVSS Flaw in Cisco SSM On-Prem Grants Unauthenticated Root Access Cisco SSM On-Prem Vulnerability CVE-2026-20160

Cisco SSM On-Prem Vulnerability CVE-2026-20160

Critical 9.8 CVSS Flaw in Cisco SSM On-Prem Grants Unauthenticated Root Access

Do Son April 2, 2026

Cisco has recently dropped a high-stakes security advisory regarding a critical vulnerability in its Smart Software Manager...

The Return of Operation Triangulation: Coruna Exploit Kit Targets M3 and A17 Chips in Massive iOS Offensive Coruna Exploit Kit iOS Kernel Vulnerability

Coruna Exploit Kit iOS Kernel Vulnerability

The Return of Operation Triangulation: Coruna Exploit Kit Targets M3 and A17 Chips in Massive iOS Offensive

Do Son April 2, 2026

On March 4, 2026, reports from Google and iVerify shed light on Coruna, a highly sophisticated exploit...

Ghost in the Drone: Unauthenticated Shell Access in PX4 Autopilot’s 9.8 CVSS Nightmare PX4 Autopilot Vulnerability MAVLink 2.0 Security

PX4 Autopilot Vulnerability MAVLink 2.0 Security

Ghost in the Drone: Unauthenticated Shell Access in PX4 Autopilot’s 9.8 CVSS Nightmare

Do Son April 1, 2026

A critical security advisory has been issued for the PX4 Autopilot system. The vulnerability, tracked as CVE-2026-1579,...

NocoBase Critical Alert: Sandbox Escape Grants Attackers Root Access NocoBase RCE Sandbox Escape

NocoBase RCE Sandbox Escape

NocoBase Critical Alert: Sandbox Escape Grants Attackers Root Access

Do Son April 1, 2026

A critical vulnerability has been unearthed in NocoBase, the AI-powered platform designed for infinite extensibility. The flaw,...

ASUS Issues Security Patch for Router Vulnerability CVE-2023-39238 ASUS Router Update CVE-2025-15101

CVE-2023-39238 ASUS Router Update CVE-2025-15101

ASUS Issues Security Patch for Router Vulnerability

Do Son April 1, 2026

In a move to fortify home and office networks, ASUS has released a security update for several...

2 Million Monthly Users at Risk: Critical 9.3 CVSS SQL Injection Hits MikroORM in “Duck-Typed” Disaster MikroORM SQL Injection CVE-2026-34220

MikroORM SQL Injection CVE-2026-34220

2 Million Monthly Users at Risk: Critical 9.3 CVSS SQL Injection Hits MikroORM in “Duck-Typed” Disaster

Do Son April 1, 2026

A critical vulnerability has been identified in MikroORM, a widely used TypeScript Object-Relational Mapper (ORM) for Node.js....

NVIDIA Patches High-Severity “Insecure Deserialization” Flaws in BioNeMo Framework NVIDIA FLARE Vulnerability Federated Learning Security NVIDIA Jetson Linux Edge AI Security BioNeMo Vulnerability Insecure Deserialization NVIDIA RTX 50 Super delay NVIDIA Nsight Vulnerability Merlin Transformers4Rec NVIDIA AI Bubble $57 Billion Revenue H20 AI chip NVIDIA earnings Blackwell AI Nvidia DGX-1 Vulnerabilities CVE-2024-0143 NVIDIA Linux Gaming, VKD3D Performance

NVIDIA FLARE Vulnerability Federated Learning Security NVIDIA Jetson Linux Edge AI Security BioNeMo Vulnerability Insecure Deserialization NVIDIA RTX 50 Super delay NVIDIA Nsight Vulnerability Merlin Transformers4Rec NVIDIA AI Bubble $57 Billion Revenue H20 AI chip NVIDIA earnings Blackwell AI Nvidia DGX-1 Vulnerabilities CVE-2024-0143 NVIDIA Linux Gaming, VKD3D Performance

NVIDIA Patches High-Severity “Insecure Deserialization” Flaws in BioNeMo Framework

Do Son April 1, 2026

NVIDIA has issued an important security update for its BioNeMo Framework, a critical tool used by researchers...

Exploited in the Wild: Google Issues Emergency Patch for Chrome Zero-Day (CVE-2026-5281) in Dawn Component Chrome Zero-Day CVE-2026-5281

Chrome Zero-Day CVE-2026-5281

Exploited in the Wild: Google Issues Emergency Patch for Chrome Zero-Day (CVE-2026-5281) in Dawn Component

Do Son April 1, 2026

Google has released a critical security update for the Chrome Stable channel to address 21 security vulnerabilities....

TrueChaos: The TrueConf Zero-Day That Turned Secure Updates Into a Government Espionage Backdoor

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

TrueChaos: The TrueConf Zero-Day That Turned Secure Updates Into a Government Espionage Backdoor

Do Son April 1, 2026

A trusted communication tool has been turned into a weapon of mass malware distribution. Check Point Research...

Vim Modeline Vulnerability: How a Crafted File Can Hijack Your System Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

Vim Modeline Vulnerability: How a Crafted File Can Hijack Your System

Do Son April 1, 2026

The Vim project has issued a critical security advisory regarding a high-severity vulnerability that could allow attackers...

The Unpatched Kyverno SSRF Flaw That Turns Policies Into Cluster-Wide Backdoors Kyverno SSRF Kubernetes Policy Engine Kyverno Privilege Escalation CVE-2026-22039

Kyverno SSRF Kubernetes Policy Engine Kyverno Privilege Escalation CVE-2026-22039

The Unpatched Kyverno SSRF Flaw That Turns Policies Into Cluster-Wide Backdoors

Do Son March 31, 2026

A critical security boundary in Kubernetes environments has been compromised. A new vulnerability note from CERT/CC has...

Critical Vulnerability in Perl Core Modules Leaves Systems Exposed

Critical Vulnerability in Perl Core Modules Leaves Systems Exposed

Do Son March 31, 2026

A high-severity security flaw has been identified within the core of the Perl programming language. Designated as...

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw Backup Tampering Exploit

Backup Tampering Exploit

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw

Do Son March 31, 2026

The “one-click” simplicity of Nginx UI has hit a major security roadblock. Researchers have unveiled a critical...

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection CrewAI Vulnerabilities AI Agent Security

CrewAI Vulnerabilities AI Agent Security

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection

Do Son March 31, 2026

The rapidly growing field of multi-agent AI systems has hit a significant security speed bump. A new...