TL;DR A Debian maintainer flagged a widespread OpenSSL error handling problem across the open-source ecosystem. It surfaced...
Vulnerability Report
TL;DR The PHP team fixed two flaws, including a PHP remote DoS that can crash a whole...
IBM discovered three security flaws affecting WebSphere Application Server versions 9.0 and 8.5. These IBM WebSphere vulnerabilities...
The FreeBSD Project published multiple FreeBSD security advisories today. These warnings expose critical flaws in OpenZFS, libalias,...
TL;DR Synacktiv publicly disclosed a Kerberos reflection bypass tracked as CVE-2026-26128. The flaw lets a domain user...
TL;DR The OWASP ModSecurity team patched two ModSecurity vulnerabilities in version 3.0.16. Both let attackers slip payloads...
IBM security researchers discovered six severe Langflow OSS vulnerabilities. These flaws allow attackers to execute arbitrary code,...
TL;DR CISA published an advisory for five DCMTK vulnerabilities on 30 June 2026. The DICOM toolkit powers...
TL;DR CVE-2026-48282, a critical CVSS 10 ColdFusion arbitrary code execution vulnerability, is under active attack. Hackers are...
Security researchers publicly disclosed a critical vulnerability in Control Web Panel alongside proof-of-concept exploit code. This flaw,...
TL;DR Researchers disclosed two UltraVNC repeater vulnerabilities in the tool’s HTTP admin server. One allows arbitrary code...
TL;DR WatchGuard has patched seven WatchGuard Firebox vulnerabilities in its Fireware OS. The worst, CVE-2026-13368 (CVSS 9.2),...
TL;DR Icinga patched three Icinga 2 vulnerabilities on 29 June 2026. Two let an unauthenticated attacker take...
TL;DR CISA published an advisory for five StoneFly Storage Concentrator vulnerabilities on 30 June 2026. Two rate...
TL;DR Researchers at HawkTrace published full technical details and proof-of-concept code for a Microsoft Exchange vulnerability tracked...
TL;DR Attackers are exploiting a Citrix NetScaler vulnerability in the wild, tracked as CVE-2026-8451 (CVSS 8.8). The...
TL;DR The Apache Software Foundation has disclosed two Apache HttpComponents Core vulnerabilities, CVE-2026-54399 and CVE-2026-54428. Both carry...
TL;DR CERT Polska disclosed two flaws in GNU gzip on 29 June 2026. One GNU gzip vulnerability,...
TL;DR IBM patched three flaws in Db2 for Linux, UNIX, and Windows. The worst is an IBM...
TL;DR CISA added a Microsoft SharePoint vulnerability to its Known Exploited Vulnerabilities catalog on 1 July 2026....
TL;DR Cisco has patched a Cisco Catalyst Center vulnerability tracked as CVE-2026-20191 (CVSS 7.5). The flaw lets...