Patch Alert

Veeam Urgently Patches Critical 9.9 CVSS RCE Flaws in Backup Servers

• Vulnerability Report

Veeam Urgently Patches Critical 9.9 CVSS RCE Flaws in Backup Servers

Ddos March 13, 2026 0

Veeam has released a major security update for Veeam Backup & Replication to address a cluster of...

Read More Read more about Veeam Urgently Patches Critical 9.9 CVSS RCE Flaws in Backup Servers

Critical 9.8 CVSS telnetd Buffer Overflow Grants Pre-Auth Root

• Vulnerability

Critical 9.8 CVSS telnetd Buffer Overflow Grants Pre-Auth Root

Ddos March 13, 2026 0

While modern encrypted protocols like SSH have largely superseded Telnet, the “ghosts” of networking past continue to...

Read More Read more about Critical 9.8 CVSS telnetd Buffer Overflow Grants Pre-Auth Root

Double Zero-Day Threat: Emergency Chrome Update Patches Actively Exploited Skia and V8 Flaws

• Vulnerability Report

Double Zero-Day Threat: Emergency Chrome Update Patches Actively Exploited Skia and V8 Flaws

Ddos March 12, 2026 0

In a significant update to the Chrome Stable channel, Google has patched two high-severity vulnerabilities that threat...

Read More Read more about Double Zero-Day Threat: Emergency Chrome Update Patches Actively Exploited Skia and V8 Flaws

CISA Mandates Urgent Patch for Maximum 10.0 CVSS n8n RCE Flaw

• Vulnerability Report

CISA Mandates Urgent Patch for Maximum 10.0 CVSS n8n RCE Flaw

Ddos March 12, 2026 0

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a new, high-stakes entry to its Known...

Read More Read more about CISA Mandates Urgent Patch for Maximum 10.0 CVSS n8n RCE Flaw

High-Privilege Havoc: Splunk Patches RCE Flaw Lurking in File Previews

• Vulnerability Report

High-Privilege Havoc: Splunk Patches RCE Flaw Lurking in File Previews

Ddos March 12, 2026 0

Splunk has released a critical security advisory regarding a high-severity Remote Command Execution (RCE) vulnerability, tracked as...

Read More Read more about High-Privilege Havoc: Splunk Patches RCE Flaw Lurking in File Previews

Root Access via CLI: Cisco Patches Critical IOS XR Privilege Escalation Flaws

• Vulnerability Report

Root Access via CLI: Cisco Patches Critical IOS XR Privilege Escalation Flaws

Ddos March 12, 2026 0

Cisco has issued a high-priority security advisory regarding multiple vulnerabilities in its IOS XR Software that could...

Read More Read more about Root Access via CLI: Cisco Patches Critical IOS XR Privilege Escalation Flaws

Chrome 146 Arrives with 29 Security Fixes: Critical WebML Flaw Discovered

• Vulnerability Report

Chrome 146 Arrives with 29 Security Fixes: Critical WebML Flaw Discovered

Ddos March 12, 2026 0

Google has officially promoted Chrome 146 to the stable channel for Windows, Mac, and Linux, kicking off...

Read More Read more about Chrome 146 Arrives with 29 Security Fixes: Critical WebML Flaw Discovered

Code Red: GitLab’s Latest Security Update Patches High-Severity XSS and API DoS Vulnerabilities

• Vulnerability Report

Code Red: GitLab’s Latest Security Update Patches High-Severity XSS and API DoS Vulnerabilities

Ddos March 12, 2026 0

GitLab has released critical security updates—versions 18.9.2, 18.8.6, and 18.7.6—for both Community Edition (CE) and Enterprise Edition...

Read More Read more about Code Red: GitLab’s Latest Security Update Patches High-Severity XSS and API DoS Vulnerabilities

The ‘Must-Patch’ Release: WordPress 6.9.2 Scrambles to Fix 10 Critical Flaws from XSS to SSRF

• Vulnerability Report

The ‘Must-Patch’ Release: WordPress 6.9.2 Scrambles to Fix 10 Critical Flaws from XSS to SSRF

Ddos March 11, 2026 0

The WordPress security team has issued an urgent call to action following the release of WordPress 6.9.2...

Read More Read more about The ‘Must-Patch’ Release: WordPress 6.9.2 Scrambles to Fix 10 Critical Flaws from XSS to SSRF

High-Severity SQL Injection in Ally WordPress Plugin Threatens 400K Sites

• Vulnerability Report

High-Severity SQL Injection in Ally WordPress Plugin Threatens 400K Sites

Ddos March 11, 2026 0

A high-severity SQL Injection vulnerability was found in Ally, a popular web accessibility and usability WordPress plugin....

Read More Read more about High-Severity SQL Injection in Ally WordPress Plugin Threatens 400K Sites

Industrial Alert: Critical Stored XSS Vulnerability Discovered in Siemens SIMATIC S7-1500

• Vulnerability Report

Industrial Alert: Critical Stored XSS Vulnerability Discovered in Siemens SIMATIC S7-1500

Ddos March 11, 2026 0

A high-severity security flaw has been uncovered in the Siemens SIMATIC S7-1500 CPU family, a cornerstone of...

Read More Read more about Industrial Alert: Critical Stored XSS Vulnerability Discovered in Siemens SIMATIC S7-1500

Microsoft Patch Tuesday March 2026: 93 Vulnerabilities Addressed, Including Two Zero-Days

• Vulnerability Report

Microsoft Patch Tuesday March 2026: 93 Vulnerabilities Addressed, Including Two Zero-Days

Ddos March 11, 2026 0

The March 2026 edition of Microsoft Patch Tuesday has arrived, bringing a massive wave of security updates...

Read More Read more about Microsoft Patch Tuesday March 2026: 93 Vulnerabilities Addressed, Including Two Zero-Days

Unauthenticated Takeover: Critical 9.6 CVSS Zoom Flaw Exposes Windows Users to Remote Privilege Escalation

• Vulnerability Report

Unauthenticated Takeover: Critical 9.6 CVSS Zoom Flaw Exposes Windows Users to Remote Privilege Escalation

Ddos March 10, 2026 0

Zoom has released a series of security advisories detailing four significant vulnerabilities affecting its Windows clients, including...

Read More Read more about Unauthenticated Takeover: Critical 9.6 CVSS Zoom Flaw Exposes Windows Users to Remote Privilege Escalation

The ‘Must-Patch’ List: CISA Adds Actively Exploited SolarWinds, Ivanti, and Omnissa Flaws to KEV

• Vulnerability Report

The ‘Must-Patch’ List: CISA Adds Actively Exploited SolarWinds, Ivanti, and Omnissa Flaws to KEV

Ddos March 10, 2026 0

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding three...

Read More Read more about The ‘Must-Patch’ List: CISA Adds Actively Exploited SolarWinds, Ivanti, and Omnissa Flaws to KEV

Total Platform Compromise: Critical 9.6 CVSS Flaws in Budibase Expose Production Secrets

• Vulnerability Report

Total Platform Compromise: Critical 9.6 CVSS Flaws in Budibase Expose Production Secrets

Ddos March 10, 2026 0

Budibase, the popular open-source low-code platform designed for building internal business applications, has released critical security patches...

Read More Read more about Total Platform Compromise: Critical 9.6 CVSS Flaws in Budibase Expose Production Secrets

Under Active Attack: Critical 9.8 CVSS Tutor LMS Pro Flaw Exploited in the Wild for Full Site Takeover

• Vulnerability Report

Under Active Attack: Critical 9.8 CVSS Tutor LMS Pro Flaw Exploited in the Wild for Full Site Takeover

Ddos March 10, 2026 0

A high-severity vulnerability has been uncovered in Tutor LMS Pro, a popular WordPress plugin used by over...

Read More Read more about Under Active Attack: Critical 9.8 CVSS Tutor LMS Pro Flaw Exploited in the Wild for Full Site Takeover

Home Network Alert: TP-Link Patches RCE Vulnerability in Archer AXE75 Routers

• Vulnerability Report

Home Network Alert: TP-Link Patches RCE Vulnerability in Archer AXE75 Routers

Ddos March 10, 2026 0

TP-Link has issued an urgent security advisory for users of its high-performance Archer AXE75 routers. A newly...

Read More Read more about Home Network Alert: TP-Link Patches RCE Vulnerability in Archer AXE75 Routers

Kubernetes Security Alert: “Ingress-Nginx” Injection Flaw Risks Cluster-Wide Secret Exposure

• Vulnerability Report

Kubernetes Security Alert: “Ingress-Nginx” Injection Flaw Risks Cluster-Wide Secret Exposure

Ddos March 10, 2026 0

A critical security vulnerability has been identified in ingress-nginx, the widely used Ingress controller for Kubernetes. Tracked...

Read More Read more about Kubernetes Security Alert: “Ingress-Nginx” Injection Flaw Risks Cluster-Wide Secret Exposure

Critical 9.8 CVSS Flaws Expose SICK Lector Scanners to Hijacking

• Vulnerability Report

Critical 9.8 CVSS Flaws Expose SICK Lector Scanners to Hijacking

Ddos March 10, 2026 0

In a significant update for the industrial automation sector, SICK PSIRT has issued a high-priority security advisory...

Read More Read more about Critical 9.8 CVSS Flaws Expose SICK Lector Scanners to Hijacking

Critical Request Smuggling & Cache Flaws Discovered in Cloudflare’s Pingora

• Vulnerability Report

Critical Request Smuggling & Cache Flaws Discovered in Cloudflare’s Pingora

Ddos March 10, 2026 0

Security researchers have disclosed three significant vulnerabilities in Pingora, the high-performance Rust framework developed by Cloudflare to...

Read More Read more about Critical Request Smuggling & Cache Flaws Discovered in Cloudflare’s Pingora