Vulnerability

The Safe C++ Extensions Proposal: Strengthening Security in a Complex Ecosystem

Safe C++ Extensions proposal

The Safe C++ Extensions Proposal: Strengthening Security in a Complex Ecosystem

Do Son September 18, 2024

In a decisive move to address long-standing memory safety concerns, the C++ community has unveiled the Safe...

ASUS Joins the Ranks of CVE Numbering Authorities ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

ASUS Joins the Ranks of CVE Numbering Authorities

Do Son September 18, 2024

ASUS has been authorized by the CVE Program as a CVE Numbering Authority (CNA), marking a significant...

CISA Warns of Actively Exploited Apache, Microsoft, and Oracle Vulnerabilities Oracle WebLogic

Oracle WebLogic

CISA Warns of Actively Exploited Apache, Microsoft, and Oracle Vulnerabilities

Do Son September 18, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to federal agencies and organizations...

LibreOffice Vulnerability (CVE-2024-7788): Exploit of “Repair Mode” Signatures Raises Security Concerns CVE-2024-7788 LibreOffice CVE-2025-1080

CVE-2024-7788 LibreOffice CVE-2025-1080

LibreOffice Vulnerability (CVE-2024-7788): Exploit of “Repair Mode” Signatures Raises Security Concerns

Do Son September 18, 2024

In a newly disclosed security advisory, The Document Foundation has revealed a high-severity vulnerability (CVE-2024-7788, CVSS 7.8)...

Microsoft Confirms CVE-2024-37985 as Zero-Day Bug in Windows

CVE-2024-37985

Microsoft Confirms CVE-2024-37985 as Zero-Day Bug in Windows

Do Son September 17, 2024

Today, Microsoft Security Response Center (MSRC) updated its security advisory to mark CVE-2024-37985 which was disclosed on...

CISA Warns of Actively Exploited Adobe Flash Player Vulnerabilities

CISA Warns of Actively Exploited Adobe Flash Player Vulnerabilities

Do Son September 17, 2024

In a move that underscores the persistent threat of legacy software vulnerabilities, the U.S. Cybersecurity and Infrastructure...

GitLab Releases Critical Security Patch for CVE-2024-45409 (CVSS 10) Vulnerability GitLab Security Update Account Impersonation GitLab Security Update CVE-2026-1090 GitLab vulnerability GitLab vulnerability, GitLab patches

GitLab Security Update Account Impersonation GitLab Security Update CVE-2026-1090 GitLab vulnerability GitLab vulnerability, GitLab patches

GitLab Releases Critical Security Patch for CVE-2024-45409 (CVSS 10) Vulnerability

Do Son September 17, 2024

GitLab has issued an urgent security update addressing a critical vulnerability that affects both GitLab Community Edition...

Critical Flaws in Red Hat OpenShift: CVE-2024-45496 (CVSS 9.9) & CVE-2024-7387 (CVSS 9.1) CVE-2024-45496 & CVE-2024-7387 - OpenShift

CVE-2024-45496 & CVE-2024-7387 - OpenShift

Critical Flaws in Red Hat OpenShift: CVE-2024-45496 (CVSS 9.9) & CVE-2024-7387 (CVSS 9.1)

Do Son September 17, 2024

Red Hat OpenShift, the industry-leading hybrid cloud platform, known for its robust security features and trusted by...

PoC Exploit Releases for Unauthenticated RCE CVE-2024-40711 in Veeam Backup & Replication CVE-2024-40711 exploit

CVE-2024-40711 exploit

PoC Exploit Releases for Unauthenticated RCE CVE-2024-40711 in Veeam Backup & Replication

Do Son September 17, 2024

In a major revelation for cybersecurity professionals, security researcher Sina Kheirkhah (@SinSinology) of watchTowr has published an...

CVE-2024-38812: VMware’s 9.8 Severity Security Nightmare CVE-2024-38812 Broadcom VMware, EU Antitrust Lawsuit

CVE-2024-38812 Broadcom VMware, EU Antitrust Lawsuit

CVE-2024-38812: VMware’s 9.8 Severity Security Nightmare

Do Son September 17, 2024

In a recent security advisory from Broadcom, VMware disclosed a critical vulnerability in its vCenter Server platform...

PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability CVE-2024-38080 CVE-2024-38080 PoC exploit Github

CVE-2024-38080 PoC exploit Github

PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability CVE-2024-38080

Do Son September 16, 2024

Security researcher Pwndorei published a detailed analysis alongside a proof-of-concept (PoC) exploit code for a patched zero-day...

Zero-Click Calendar Invite: Critical macOS Vulnerability Chain Uncovered zero-click macOS vulnerability

zero-click macOS vulnerability

Zero-Click Calendar Invite: Critical macOS Vulnerability Chain Uncovered

Do Son September 16, 2024

In a recent analysis, security researcher Mikko Kenttälä exposed a critical zero-click vulnerability chain in macOS, potentially...

166k+ Projects at Risk: AutoGPT’s Critical Vulnerability Explained – CVE-2024-6091 (CVSS 9.8) CVE-2024-6091 - AutoGPT

CVE-2024-6091 - AutoGPT

166k+ Projects at Risk: AutoGPT’s Critical Vulnerability Explained – CVE-2024-6091 (CVSS 9.8)

Do Son September 16, 2024

A significant security vulnerability has been discovered in AutoGPT, a powerful AI tool designed to automate tasks...

CISA Flags Two Actively Exploited Vulnerabilities: Critical Threats to Windows and WhatsUp Gold State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

CISA Flags Two Actively Exploited Vulnerabilities: Critical Threats to Windows and WhatsUp Gold

Do Son September 16, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning, adding two actively exploited security...

Tenable Exposes Critical “CloudImposer” Vulnerability in Google Cloud Platform Composer CloudImposer - dependency confusion

CloudImposer - dependency confusion

Tenable Exposes Critical “CloudImposer” Vulnerability in Google Cloud Platform Composer

Do Son September 16, 2024

A critical vulnerability in Google Cloud Platform (GCP) Composer, discovered by security researchers at Tenable, could have...

Critical Flaws Found in VICIdial Contact Center Suite: CVE-2024-8503 and CVE-2024-8504, PoC Published

CVE-2024-8503 & CVE-2024-8504 - VICIdial

Critical Flaws Found in VICIdial Contact Center Suite: CVE-2024-8503 and CVE-2024-8504, PoC Published

Do Son September 16, 2024

In a concerning development for call centers using VICIdial, a popular open-source contact center solution, two high-severity...

Multiple Critical Vulnerabilities Found in D-Link WiFi Routers: Immediate Firmware Updates Advised CVE-2024-45694 & CVE-2024-45695 & CVE-2024-45694

CVE-2024-45694 & CVE-2024-45695 & CVE-2024-45694

Multiple Critical Vulnerabilities Found in D-Link WiFi Routers: Immediate Firmware Updates Advised

Do Son September 16, 2024

Multiple critical vulnerabilities in D-Link routers have been disclosed, potentially affecting millions of users worldwide. TWCERT/CC, Taiwan’s...

New Zero-Day Emerges After Microsoft Patch Tuesday: CVE-2024-43461 Targets Windows MSHTML

CVE-2024-43461

New Zero-Day Emerges After Microsoft Patch Tuesday: CVE-2024-43461 Targets Windows MSHTML

Do Son September 15, 2024

In an unexpected turn of events, Microsoft has revised its September 2024 Patch Tuesday security advisory, revealing...

CVE-2024-38816: Spring Framework Path Traversal Vulnerability Threatens Millions

CVE-2024-38816

CVE-2024-38816: Spring Framework Path Traversal Vulnerability Threatens Millions

Do Son September 15, 2024

A serious security vulnerability, identified as CVE-2024-38816 (CVSS 7.5), has been discovered in the popular Spring Framework,...

PoC Exploit Released for Ivanti EPM Flaw CVE-2024-29847 (CVSS 10) CVE-2024-29847 PoC exploit Github

CVE-2024-29847 PoC exploit Github

PoC Exploit Released for Ivanti EPM Flaw CVE-2024-29847 (CVSS 10)

Do Son September 15, 2024

Security researcher James Horseman from Horizon3.ai has disclosed the technical details and a proof-of-concept (PoC) exploit code...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-12569
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The...
CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
CVE-2026-21509CVSS 7.8
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a...
CVE-2026-34908CVSS 10.0
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
CVE-2026-34909CVSS 10.0
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
CVE-2026-34910CVSS 10.0
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi...
CVE-2025-67038CVSS 9.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...
CVE-2024-23692CVSS 9.8
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This...
CVE-2026-48907
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated...