TL;DR Maintainers have disclosed four undici vulnerabilities in the widely used Node.js HTTP client. The package draws...
Vulnerability Report
At a glance CVE CVE-2026-55518 CVSS 9.6 (Critical) Product / vendor Avo admin panel framework / Avo...
Database administrators have urgent patching to do. The pgAdmin team has fixed three critical pgAdmin 4 vulnerabilities,...
TL;DR FreeBSD has patched a kernel flaw, CVE-2026-45257, that hands local root to any unprivileged user. This...
TL;DR QNAP has patched 14 vulnerabilities affecting its QTS, QuTS hero, QuTS cloud, and QVP systems. The...
Around one million WordPress sites just got an urgent reason to patch. A critical Avada Builder...
Rebora Security Research recently uncovered severe Chrome extension vulnerabilities. These critical flaws impact two widely used AI...
F5 has issued out-of-band patches for two serious flaws in its NGINX web server. The critical NGINX...
Unauthenticated RCE hits iba industrial software A critical iba deserialization vulnerability could let remote attackers run arbitrary...
A one-line bug that survived 27 years Researchers at Argus have publicly disclosed an OpenBSD authentication bypass...
Critical bug exposes LiteLLM management routes A newly disclosed LiteLLM authentication bypass could let unauthenticated attackers...
Unauthenticated upload exposes Langflow servers A newly published Langflow file upload flaw lets anyone with network...
Rockwell Automation has disclosed two security advisories that reveal several Rockwell Automation vulnerabilities across its industrial product...
The cybersecurity landscape faces a critical threat today. CISA confirmed active exploitation of Splunk CVE-2026-20253. Consequently,...
Critical Node.js Security Updates Released Developers must quickly apply the newest Node.js security updates. The Node.js project...
Industrial network gear is back in the spotlight. Moxa has disclosed two flaws in its NPort serial...
The numbers look alarming at first glance. According to the 2026 vulnerability forecast from the Forum of...
A critical prototype pollution flaw now threatens one of the npm ecosystem’s most popular translation tools. Tracked...
Zyxel has rolled out firmware patches for a serious flaw in its popular GS1900 series switches. Tracked...
[cve_product_glance product=”Splunk AI Toolkit” cves=”CVE-2026-20266, CVE-2026-20265″ impact=”OS Command Injection” action=”Update Splunk AI Toolkit to 5.7.4 now”] ...
A critical Gravity SMTP vulnerability is currently facing active exploitation in the wild. Consequently, WordPress site administrators...
Network administrators must remain vigilant as new Cisco ISE vulnerabilities have been publicly disclosed. Multiple severe flaws...