Vulnerability Report Archives • Page 29 of 87 • Daily CyberSecurity

Broken Keys: Critical Authlib Flaws Expose Millions to JWT Forgery and Padding Oracles Authlib Vulnerabilities CVE-2026-27962

Broken Keys: Critical Authlib Flaws Expose Millions to JWT Forgery and Padding Oracles

Do Son March 17, 2026

Security researchers exposed three critical vulnerabilities in Authlib, the widely used library for building OAuth and OpenID...

High-Severity Angular XSS Flaw Bypasses Built-In Sanitization Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

High-Severity Angular XSS Flaw Bypasses Built-In Sanitization

Do Son March 17, 2026

A significant security vulnerability has been unearthed in the Angular runtime and compiler, potentially exposing thousands of...

CISA Flags Actively Exploited Wing FTP Server Flaw Wing FTP Server CVE-2025-47813

CISA Flags Actively Exploited Wing FTP Server Flaw

Do Son March 16, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive after adding a new vulnerability...

The Poisoned Pickle: Critical Unpatched RCE Flaws Expose SGLang AI Infrastructure

Do Son March 16, 2026

Security researchers have issued a warning to the AI development community following the discovery of critical vulnerabilities...

Critical 9.7 CVSS TinaCMS Flaw Exposes Local Developer Machines TinaCMS Vulnerability CVE-2026-28792

Critical 9.7 CVSS TinaCMS Flaw Exposes Local Developer Machines

Do Son March 16, 2026

Security researchers have exposed a devastating vulnerability in TinaCMS, a popular headless content management system used by...

High-Severity Flaw Exposes LiteSpeed Web Servers to OS Command Injection LiteSpeed Vulnerability CVE-2026-31386

High-Severity Flaw Exposes LiteSpeed Web Servers to OS Command Injection

Do Son March 16, 2026

A significant security warning has been issued for administrators utilizing LiteSpeed Web Server, a popular high-performance replacement...

Critical 10.0 CVSS SandboxJS Flaw Grants Complete Remote Code Execution SandboxJS Escape Host Object Poisoning SandboxJS Vulnerability CVE-2026-26954

SandboxJS Escape Host Object Poisoning SandboxJS Vulnerability CVE-2026-26954

Critical 10.0 CVSS SandboxJS Flaw Grants Complete Remote Code Execution

Do Son March 16, 2026

A severe security flaw has been identified in SandboxJS, a popular JavaScript sandboxing library used to safely...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

SentinelOne Unmasks Exploitation of FortiGate Appliances as Gateways to Network Takeover

Do Son March 15, 2026

The SentinelOne Digital Forensics & Incident Response (DFIR) team issued a warning: the very appliances designed to...

Tenable Uncovers ‘LeakyLooker’ Flaws Turning Google Looker Studio into a Cloud Backdoor LeakyLooker Looker Studio Vulnerability

Tenable Uncovers ‘LeakyLooker’ Flaws Turning Google Looker Studio into a Cloud Backdoor

Do Son March 15, 2026

Business Intelligence (BI) tools are often viewed as “polished mirrors reflecting an organization’s data in beautiful, actionable...

PoC Exploit Disclosed: Researcher Unveils Windows MS-EVEN RPC Vulnerability

Do Son March 15, 2026

The SafeBreach Labs research team has pulled back the curtain on a significant security weakness in the...

45 Seconds to Empty: Ledger Unmasks Critical MediaTek Flaw That Turns Phones Into Glass Vaults MediaTek eavesdropping vulnerabilities MediaTek TEE vulnerability

MediaTek eavesdropping vulnerabilities MediaTek TEE vulnerability

45 Seconds to Empty: Ledger Unmasks Critical MediaTek Flaw That Turns Phones Into Glass Vaults

Do Son March 13, 2026

The security research vanguard affiliated with Ledger, the distinguished French cryptocurrency hardware wallet enterprise, recently unveiled a...

Network Hijack: Critical 9.8 CVSS Flaw in AdGuard Home Grants Hackers Full DNS Control AdGuard Home Vulnerability CVE-2026-32136

Network Hijack: Critical 9.8 CVSS Flaw in AdGuard Home Grants Hackers Full DNS Control

Do Son March 13, 2026

AdGuard Home, the popular network-wide software used to silence ads and block trackers across entire households, is...

Winter CMS Urgently Patches Critical 10.0 CVSS Privilege Escalation Flaw Winter CMS Vulnerability CVE-2026-27591

Winter CMS Urgently Patches Critical 10.0 CVSS Privilege Escalation Flaw

Do Son March 13, 2026

Winter CMS, the popular open-source content management system favored by developers for its Laravel-based simplicity and rapid...

Total Takeover: Veeam Patches Critical 9.9 CVSS RCE Flaws in Backup & Replication 12.3.2 Veeam RCE Vulnerability CVE-2026-21666 CVE-2024-40711 Veeam Backup & Replication

Total Takeover: Veeam Patches Critical 9.9 CVSS RCE Flaws in Backup & Replication 12.3.2

Do Son March 13, 2026

Veeam has released a major update to address a cluster of high-stakes vulnerabilities in Veeam Backup &...

Legacy Under Siege: Apple Pushes Emergency iOS 15.8.7 Update to Thwart ‘Coruna’ Exploit Kit Coruna Exploit Kit iOS Security Update Apple Zero-Day CVE-2026-20700 Apple Data Privacy Day 2026, iPhone privacy features guide iOS Privilege Escalation, CVE-2025-24085 PoC Apple Manufacturing Academy, US Investment CVE-2024-44258 - symlink vulnerability

Coruna Exploit Kit iOS Security Update Apple Zero-Day CVE-2026-20700 Apple Data Privacy Day 2026, iPhone privacy features guide iOS Privilege Escalation, CVE-2025-24085 PoC Apple Manufacturing Academy, US Investment CVE-2024-44258 - symlink vulnerability

Legacy Under Siege: Apple Pushes Emergency iOS 15.8.7 Update to Thwart ‘Coruna’ Exploit Kit

Do Son March 13, 2026

In a major move to protect users of older hardware, Apple has released critical security updates for...

Breaking the Shield: ‘CrackArmor’ Flaws Expose 12.6 Million Linux Servers to Full Root Takeover CrackArmor AppArmor Vulnerabilities Linux Kernel UAF, Privilege Escalation PoC CVE-2024-27397 PoC

CrackArmor AppArmor Vulnerabilities Linux Kernel UAF, Privilege Escalation PoC CVE-2024-27397 PoC

Breaking the Shield: ‘CrackArmor’ Flaws Expose 12.6 Million Linux Servers to Full Root Takeover

Do Son March 13, 2026

The foundational security of millions of Linux servers has been called into question following the discovery of...

Apache Livy Patches Path Traversal and File Access Flaws Exposing Spark Clusters Apache Livy Security Path Traversal

Apache Livy Patches Path Traversal and File Access Flaws Exposing Spark Clusters

Do Son March 13, 2026

Apache Livy, the essential bridge that allows web and mobile applications to interact seamlessly with Apache Spark...

Veeam Urgently Patches Critical 9.9 CVSS RCE Flaws in Backup Servers Veeam RCE Vulnerability CVE-2026-21669 Veeam RCE, CVE-2025-48983 CVE-2025-48984

Veeam RCE Vulnerability CVE-2026-21669 Veeam RCE, CVE-2025-48983 CVE-2025-48984

Veeam Urgently Patches Critical 9.9 CVSS RCE Flaws in Backup Servers

Do Son March 13, 2026

Veeam has released a major security update for Veeam Backup & Replication to address a cluster of...

A Single Line of Code: Pre-Auth OpenSSH Flaw Exposes Ubuntu and Debian Servers OpenSSH 10.3 Patch SSH Command Injection CVE-2023-38408 OpenSSH Vulnerability CVE-2026-3497

OpenSSH 10.3 Patch SSH Command Injection CVE-2023-38408 OpenSSH Vulnerability CVE-2026-3497

A Single Line of Code: Pre-Auth OpenSSH Flaw Exposes Ubuntu and Debian Servers

Do Son March 13, 2026

A flaw has been found in the machinery of OpenSSH. Security researcher Jeremy Brown recently uncovered a...

Double Zero-Day Threat: Emergency Chrome Update Patches Actively Exploited Skia and V8 Flaws Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Double Zero-Day Threat: Emergency Chrome Update Patches Actively Exploited Skia and V8 Flaws

Do Son March 12, 2026

In a significant update to the Chrome Stable channel, Google has patched two high-severity vulnerabilities that threat...