secret management

Supply Chain Sabotage: Bitwarden CLI Compromised in Global “Checkmarx” Campaign Bitwarden CLI Compromise Dune Supply Chain Attack

Bitwarden CLI Compromise Dune Supply Chain Attack

Supply Chain Sabotage: Bitwarden CLI Compromised in Global “Checkmarx” Campaign

Do Son April 24, 2026

The password management world was rocked this week as researchers from Socket revealed a major supply chain...

CVE-2026-22822: Critical Flaw in External Secrets Operator Breaks Namespace Isolation External Secrets Operator CVE-2026-22822

External Secrets Operator CVE-2026-22822

CVE-2026-22822: Critical Flaw in External Secrets Operator Breaks Namespace Isolation

Do Son January 23, 2026

A critical security vulnerability has been discovered in the External Secrets Operator, a widely used Kubernetes tool...

CISA Warns of Credential Risks Tied to Oracle Cloud Breach Oracle breach, credential compromise

Oracle breach, credential compromise

CISA Warns of Credential Risks Tied to Oracle Cloud Breach

Do Son April 17, 2025

Early this month, Oracle has discreetly notified select clients that attackers successfully breached one of its legacy...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-21509CVSS 7.8
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a...
CVE-2026-34908CVSS 10.0
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
CVE-2026-34909CVSS 10.0
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
CVE-2026-34910CVSS 10.0
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi...
CVE-2025-67038CVSS 9.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...
CVE-2024-23692CVSS 9.8
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This...
CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-48907
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated...
CVE-2026-20253CVSS 9.8
In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or...
CVE-2026-4020CVSS 7.5
The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and...