Critical Alert

CVE-2026-50751 - Critical Check Point VPN Exploit Discovered Active in the Wild. View Threat Details →

Powered by CVE WATCHTOWER

×

Backend Security

MOVEit Automation Alert: Critical Authentication Bypass Hits CVSS 9.8 MOVEit Automation Vulnerability CVE-2026-4670 CVE-2024-6670 & CVE-2024-6671 Progress WhatsUp Gold

MOVEit Automation Vulnerability CVE-2026-4670 CVE-2024-6670 & CVE-2024-6671 Progress WhatsUp Gold

MOVEit Automation Alert: Critical Authentication Bypass Hits CVSS 9.8

Do Son May 4, 2026

Progress Software has issued an urgent security bulletin for MOVEit Automation users, disclosing two significant vulnerabilities that...

Git Push to Root: AI-Augmented Research Uncovers Critical GitHub RCE (CVE-2026-3854) GitHub RCE CVE-2026-3854

GitHub RCE CVE-2026-3854

Git Push to Root: AI-Augmented Research Uncovers Critical GitHub RCE (CVE-2026-3854)

Do Son April 28, 2026

Wiz Research has unveiled a critical security flaw (CVE-2026-3854) within GitHub’s internal git infrastructure. The vulnerability, remarkably...

Password Hijack in the Modern Stack: Payload CMS Patches Critical 9.1 CVSS Reset Flaw Payload CMS Vulnerability CVE-2026-34751

Payload CMS Vulnerability CVE-2026-34751

Password Hijack in the Modern Stack: Payload CMS Patches Critical 9.1 CVSS Reset Flaw

Do Son April 3, 2026

The rapid-growth, fullstack Next.js framework Payload—known for giving developers “instant backend superpowers” —is facing a serious security...

2 Million Monthly Users at Risk: Critical 9.3 CVSS SQL Injection Hits MikroORM in “Duck-Typed” Disaster MikroORM SQL Injection CVE-2026-34220

MikroORM SQL Injection CVE-2026-34220

2 Million Monthly Users at Risk: Critical 9.3 CVSS SQL Injection Hits MikroORM in “Duck-Typed” Disaster

Do Son April 1, 2026

A critical vulnerability has been identified in MikroORM, a widely used TypeScript Object-Relational Mapper (ORM) for Node.js....