Vulnerability Archives • Page 2 of 190 • Daily CyberSecurity

Mitel Patches Critical SQL Injection and Privilege Escalation in MiCollab Mitel MiCollab SQL Injection MiCollab software - CVE-2024-47223 & CVE-2024-41713

Mitel MiCollab SQL Injection MiCollab software - CVE-2024-47223 & CVE-2024-41713

Mitel Patches Critical SQL Injection and Privilege Escalation in MiCollab

Do Son April 9, 2026

Mitel has issued an urgent security advisory for its MiCollab platform, warning of two distinct vulnerabilities that,...

OpenStack Keystone Flaw Grants Full S3 Access via Restricted Credentials, PoC Available Mistral policy bypass flaw arbitrary code execution CVE-2024-40767 Keystone Vulnerability S3 Bypass

OpenStack Keystone Flaw Grants Full S3 Access via Restricted Credentials, PoC Available

Do Son April 9, 2026

A significant security vulnerability has been uncovered in OpenStack Keystone, the identity service that serves as the...

Exploit Code Live: Full Technical Details and PoC Disclosed for Critical CWP RCE Vulnerability CWP RCE PoC Disclosed

Exploit Code Live: Full Technical Details and PoC Disclosed for Critical CWP RCE Vulnerability

Do Son April 6, 2026

A severe security failure has been unearthed in Control Web Panel (CWP)—formerly known as CentOS Web Panel—that...

PolyShell Exposed: Public PoC and Active Exploitation Disclosed for Critical Magento RCE as Automated Attacks Surge PolyShell Magento RCE Magento PolyShell REST API RCE CosmicSting (CVE-2024-34102) Magento Security Updates

PolyShell Exposed: Public PoC and Active Exploitation Disclosed for Critical Magento RCE as Automated Attacks Surge

Do Son April 1, 2026

Magento remains a titan in the e-commerce space, currently “estimated to be running on more than 130,000...

Code in the Wild: Full Technical Deep-Dive and Public GitHub PoC Released for Critical Linux TLS Root Exploit CIFSwitch local root exploit cifs-utils privilege escalation Linux Kernel Root Exploit CVE-2025-39946 PoC CVE-2023-2598 PoC Ubuntu LPE Vulnerability CVE-2026-3888

CIFSwitch local root exploit cifs-utils privilege escalation Linux Kernel Root Exploit CVE-2025-39946 PoC CVE-2023-2598 PoC Ubuntu LPE Vulnerability CVE-2026-3888

Code in the Wild: Full Technical Deep-Dive and Public GitHub PoC Released for Critical Linux TLS Root Exploit

Do Son March 25, 2026

Security researcher Ramdhan at StarLabs has published a deep-dive technical analysis of a critical vulnerability in the...

PoC Exploit Code Now Public: Windows .lnk Shortcut Flaw Leaks Sensitive Network Data Windows .lnk Vulnerability CVE-2026-25185

PoC Exploit Code Now Public: Windows .lnk Shortcut Flaw Leaks Sensitive Network Data

Do Son March 23, 2026

Security researcher Christopher Paschen of TrustedSec has unveiled a vulnerability within a ubiquitous part of the Windows...

Critical Craft CMS Flaw Grants Instant Admin Access Craft CMS Vulnerability CVE-2026-32267 CVE-2023-41892 Craft CMS CVE-2025-32432

Critical Craft CMS Flaw Grants Instant Admin Access

Do Son March 18, 2026

In the world of web development, the “Live Preview” button is a staple for content editors—a harmless...

Root of the Problem: Sudo Flaw Exposes Linux Systems to Local Privilege Escalation Sudo Vulnerability Local Privilege Escalation

Root of the Problem: Sudo Flaw Exposes Linux Systems to Local Privilege Escalation

Do Son March 16, 2026

A significant security vulnerability has been identified in Sudo, the ubiquitous utility that allows system administrators to...

Critical 9.8 CVSS telnetd Buffer Overflow Grants Pre-Auth Root

Do Son March 13, 2026

While modern encrypted protocols like SSH have largely superseded Telnet, the “ghosts” of networking past continue to...

Industrial Alert: Urgent Apache IoTDB Patches Fix RCE and “Open Door” Default Flaws Apache IoTDB JEXL injection Apache IoTDB, Security Vulnerabilities

Apache IoTDB JEXL injection Apache IoTDB, Security Vulnerabilities

Industrial Alert: Urgent Apache IoTDB Patches Fix RCE and “Open Door” Default Flaws

Do Son March 9, 2026

The Apache Software Foundation has issued an urgent security advisory for Apache IoTDB, the high-performance time-series database...

Critical Auth Bypass in Apache Artemis: Attackers Can Hijack Message Queues ActiveMQ security flaws Jolokia web console exploit ActiveMQ RCE Jolokia Spring Vulnerability ActiveMQ MQTT Vulnerability CVE-2025-66168 Apache Artemis Vulnerability CVE-2026-27446

ActiveMQ security flaws Jolokia web console exploit ActiveMQ RCE Jolokia Spring Vulnerability ActiveMQ MQTT Vulnerability CVE-2025-66168 Apache Artemis Vulnerability CVE-2026-27446

Critical Auth Bypass in Apache Artemis: Attackers Can Hijack Message Queues

Do Son March 4, 2026

A critical security vulnerability has been uncovered in Apache Artemis, the high-performance, multi-protocol message broker used by...

Critical 9.9 Severity Flaws Expose Centreon Servers to Remote Takeover Centreon RCE CVE-2026-2749 CVE-2024-33852 & CVE-2024-33853 Centreon Web

Critical 9.9 Severity Flaws Expose Centreon Servers to Remote Takeover

Do Son February 26, 2026

IT monitoring environments relying on Centreon face a severe threat this week as two critical vulnerabilities have...

Public Exploit for Windows Kernel Flaw Grants Instant SYSTEM Access CVE-2026-21241 Windows Kernel Privilege Escalation

Public Exploit for Windows Kernel Flaw Grants Instant SYSTEM Access

Do Son February 25, 2026

A high-severity security flaw in the Windows kernel is putting system administrators on high alert following the...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Total Takeover Threat: Critical IceWarp Flaws Trigger Emergency Server Patches

Do Son February 23, 2026

Enterprise email and collaboration platform IceWarp has issued a high-alert security update, urging its on-premises customers to...

C Windows SecureBoot folder KB5089549 Windows 11 BSOD Microsoft Windows, Rust programming WINS Service Deprecation Windows Server DNS Migration Windows Driver Standard OEM Kernel Privileges Windows Agentic OS Task Manager Bug, Windows 11 Performance Windows 11, Microsoft, WinRE, Update Bug, Tech Support Windows 11 OOBE, Microsoft Account Mandatory Windows 11, SSD failures Windows 11 Recovery, Black Screen of Death Windows 11 Update Issue, KB5062324 Windows 11, Indicator Bar

Weaponizing Windows Errors: PoC Dropped for Critical Privilege Escalation Flaw in WER Service

Do Son February 23, 2026

System administrators are racing against the clock following the public disclosure of a high-severity elevation of privilege...

HAProxy Patches High-Severity QUIC Flaws That Can Kill the Load Balancer

Do Son February 16, 2026

Maintainers of the widely-used load balancer HAProxy have issued urgent security updates to address two high-severity vulnerabilities...

MongoDB Flaw Allows Unauthenticated Attackers to Crash Database Servers MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

MongoDB Flaw Allows Unauthenticated Attackers to Crash Database Servers

Do Son February 12, 2026

MongoDB has issued a warning regarding a high-severity vulnerability that could allow attackers to remotely crash database...

Exploit Code Released: Windows Storage Elevation of Privilege Flaw Details Now Public Windows Storage EoP CVE-2026-21508

Exploit Code Released: Windows Storage Elevation of Privilege Flaw Details Now Public

Do Son February 12, 2026

A critical Elevation of Privilege (EoP) vulnerability in Windows Storage, tracked as CVE-2026-21508, has moved from a...

Backup Breach: Critical Acronis Flaws (CVSS 10.0) Allow Data Manipulation

Do Son February 11, 2026

Acronis has issued a critical security advisory for its flagship Cyber Protect platform, urging administrators to update...

Critical RCE Flaws (CVSS 9.3) Exposed in Lexmark Printers

Do Son February 9, 2026

Lexmark has issued urgent security updates for its printer fleet after researchers uncovered two dangerous vulnerabilities in...

Critical Alert 4 Active Exploits Detected Today