Vulnerability Archives • Page 2 of 190 • Daily CyberSecurity

PoC Exploit Code Now Public: Windows .lnk Shortcut Flaw Leaks Sensitive Network Data Windows .lnk Vulnerability CVE-2026-25185

PoC Exploit Code Now Public: Windows .lnk Shortcut Flaw Leaks Sensitive Network Data

Ddos March 23, 2026

Security researcher Christopher Paschen of TrustedSec has unveiled a vulnerability within a ubiquitous part of the Windows...

Critical Craft CMS Flaw Grants Instant Admin Access Craft CMS Vulnerability CVE-2026-32267 CVE-2023-41892 Craft CMS CVE-2025-32432

Critical Craft CMS Flaw Grants Instant Admin Access

Ddos March 18, 2026

In the world of web development, the “Live Preview” button is a staple for content editors—a harmless...

Root of the Problem: Sudo Flaw Exposes Linux Systems to Local Privilege Escalation Sudo Vulnerability Local Privilege Escalation

Root of the Problem: Sudo Flaw Exposes Linux Systems to Local Privilege Escalation

Ddos March 16, 2026

A significant security vulnerability has been identified in Sudo, the ubiquitous utility that allows system administrators to...

Critical 9.8 CVSS telnetd Buffer Overflow Grants Pre-Auth Root

Ddos March 13, 2026

While modern encrypted protocols like SSH have largely superseded Telnet, the “ghosts” of networking past continue to...

Industrial Alert: Urgent Apache IoTDB Patches Fix RCE and “Open Door” Default Flaws Apache IoTDB JEXL injection Apache IoTDB, Security Vulnerabilities

Apache IoTDB JEXL injection Apache IoTDB, Security Vulnerabilities

Industrial Alert: Urgent Apache IoTDB Patches Fix RCE and “Open Door” Default Flaws

Ddos March 9, 2026

The Apache Software Foundation has issued an urgent security advisory for Apache IoTDB, the high-performance time-series database...

Critical Auth Bypass in Apache Artemis: Attackers Can Hijack Message Queues ActiveMQ RCE Jolokia Spring Vulnerability ActiveMQ MQTT Vulnerability CVE-2025-66168 Apache Artemis Vulnerability CVE-2026-27446

ActiveMQ RCE Jolokia Spring Vulnerability ActiveMQ MQTT Vulnerability CVE-2025-66168 Apache Artemis Vulnerability CVE-2026-27446

Critical Auth Bypass in Apache Artemis: Attackers Can Hijack Message Queues

Ddos March 4, 2026

A critical security vulnerability has been uncovered in Apache Artemis, the high-performance, multi-protocol message broker used by...

Critical 9.9 Severity Flaws Expose Centreon Servers to Remote Takeover Centreon RCE CVE-2026-2749 CVE-2024-33852 & CVE-2024-33853 Centreon Web

Critical 9.9 Severity Flaws Expose Centreon Servers to Remote Takeover

Ddos February 26, 2026

IT monitoring environments relying on Centreon face a severe threat this week as two critical vulnerabilities have...

Public Exploit for Windows Kernel Flaw Grants Instant SYSTEM Access CVE-2026-21241 Windows Kernel Privilege Escalation

Public Exploit for Windows Kernel Flaw Grants Instant SYSTEM Access

Ddos February 25, 2026

A high-severity security flaw in the Windows kernel is putting system administrators on high alert following the...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Total Takeover Threat: Critical IceWarp Flaws Trigger Emergency Server Patches

Ddos February 23, 2026

Enterprise email and collaboration platform IceWarp has issued a high-alert security update, urging its on-premises customers to...

C Windows SecureBoot folder KB5089549 Windows 11 BSOD Microsoft Windows, Rust programming WINS Service Deprecation Windows Server DNS Migration Windows Driver Standard OEM Kernel Privileges Windows Agentic OS Task Manager Bug, Windows 11 Performance Windows 11, Microsoft, WinRE, Update Bug, Tech Support Windows 11 OOBE, Microsoft Account Mandatory Windows 11, SSD failures Windows 11 Recovery, Black Screen of Death Windows 11 Update Issue, KB5062324 Windows 11, Indicator Bar

Weaponizing Windows Errors: PoC Dropped for Critical Privilege Escalation Flaw in WER Service

Ddos February 23, 2026

System administrators are racing against the clock following the public disclosure of a high-severity elevation of privilege...

HAProxy Patches High-Severity QUIC Flaws That Can Kill the Load Balancer

Ddos February 16, 2026

Maintainers of the widely-used load balancer HAProxy have issued urgent security updates to address two high-severity vulnerabilities...

MongoDB Flaw Allows Unauthenticated Attackers to Crash Database Servers MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

MongoDB Vulnerability CVE-2026-25611 MongoDB zlib vulnerability, CVE-2025-14847 MongoDB Vulnerabilities, Data Access CVE-2024-6376 CVE-2025-0755

MongoDB Flaw Allows Unauthenticated Attackers to Crash Database Servers

Ddos February 12, 2026

MongoDB has issued a warning regarding a high-severity vulnerability that could allow attackers to remotely crash database...

Exploit Code Released: Windows Storage Elevation of Privilege Flaw Details Now Public Windows Storage EoP CVE-2026-21508

Exploit Code Released: Windows Storage Elevation of Privilege Flaw Details Now Public

Ddos February 12, 2026

A critical Elevation of Privilege (EoP) vulnerability in Windows Storage, tracked as CVE-2026-21508, has moved from a...

Backup Breach: Critical Acronis Flaws (CVSS 10.0) Allow Data Manipulation

Ddos February 11, 2026

Acronis has issued a critical security advisory for its flagship Cyber Protect platform, urging administrators to update...

Critical RCE Flaws (CVSS 9.3) Exposed in Lexmark Printers

Ddos February 9, 2026

Lexmark has issued urgent security updates for its printer fleet after researchers uncovered two dangerous vulnerabilities in...

High-Severity NGINX Flaw Lets Attackers Inject Malicious Data NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

NGINX JavaScript Module Vulnerability CVE-2026-8711 NGINX 1.30.1 Security Update CVE-2026-42945 RCE NGINX Vulnerability CVE-2026-1642 NGINX Github - CVE-2025-23419

High-Severity NGINX Flaw Lets Attackers Inject Malicious Data

Ddos February 5, 2026

F5 has issued a security advisory for a high-severity vulnerability affecting NGINX, the world’s most popular web...

PoC Public & Exploited: Critical SolarWinds Help Desk Flaw Exploited in the Wild State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

PoC Public & Exploited: Critical SolarWinds Help Desk Flaw Exploited in the Wild

Ddos February 4, 2026

The clock is ticking for organizations running SolarWinds Web Help Desk (WHD), as a nightmare scenario unfolds:...

Gatekeeper Breached: 4 Critical Ingress-Nginx Flaws Risk Cluster Secrets Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Gatekeeper Breached: 4 Critical Ingress-Nginx Flaws Risk Cluster Secrets

Ddos February 3, 2026

For Kubernetes administrators, the Ingress-Nginx controller is the trusted gatekeeper, routing traffic from the wild internet to...

From User to SYSTEM: PoC Released for Zabbix Privilege Escalation CVE-2024-42330 Zabbix Privilege Escalation CVE-2025-27237

From User to SYSTEM: PoC Released for Zabbix Privilege Escalation

Ddos January 30, 2026

The race to patch has begun for administrators using Zabbix on Windows, following the public release of...

Exploit Code Publicly Released: Critical Firefox WebRTC Flaw Allows RCE (CVSS 9.8) Sanitizer API Firefox 148 Security Firefox WebRTC Vulnerability CVE-2025-14321 PoC Firefox VPN Feature, Browser-Only VPN Firefox Add-ons Rollback Firefox Encryption Firefox MKV support Firefox ESR, Windows 7

Sanitizer API Firefox 148 Security Firefox WebRTC Vulnerability CVE-2025-14321 PoC Firefox VPN Feature, Browser-Only VPN Firefox Add-ons Rollback Firefox Encryption Firefox MKV support Firefox ESR, Windows 7

Exploit Code Publicly Released: Critical Firefox WebRTC Flaw Allows RCE (CVSS 9.8)

Ddos January 27, 2026

A critical vulnerability in Mozilla Firefox has been found, with security researchers publicly releasing both the technical...

Critical Alert 1 Active Exploit Detected Today