Server Management

Exploited in the Wild: PoC Released for cPanel CVE-2026-41940 Authentication Bypass Zero-Day

• Vulnerability Report

Exploited in the Wild: PoC Released for cPanel CVE-2026-41940 Authentication Bypass Zero-Day

Do Son April 29, 2026 0

cPanel, the industry-standard control panel that powers the graphical interfaces of millions of websites, has issued an...

Read More Read more about Exploited in the Wild: PoC Released for cPanel CVE-2026-41940 Authentication Bypass Zero-Day

Froxlor’s CVSS 10 Flaw Turns Config Files into Persistent Backdoors

• Vulnerability Report

Froxlor’s CVSS 10 Flaw Turns Config Files into Persistent Backdoors

Do Son April 17, 2026 0

Security researchers have sounded the alarm on two critical vulnerabilities within Froxlor, the popular open-source server management...

Read More Read more about Froxlor’s CVSS 10 Flaw Turns Config Files into Persistent Backdoors

CVE-2026-4631: Critical 9.8 RCE Flaw in Cockpit Allows Unauthenticated Server Takeover

• Vulnerability Report

CVE-2026-4631: Critical 9.8 RCE Flaw in Cockpit Allows Unauthenticated Server Takeover

Do Son April 14, 2026 0

In the world of Linux server management, ease of use and security are intended to go hand-in-hand....

Read More Read more about CVE-2026-4631: Critical 9.8 RCE Flaw in Cockpit Allows Unauthenticated Server Takeover

Critical JWT Bypass in Convoy Panel Allows Full Account Takeover

• Vulnerability Report

Critical JWT Bypass in Convoy Panel Allows Full Account Takeover

Do Son April 7, 2026 0

A critical security vulnerability has been unmasked in Convoy, the modern KVM server management panel used by...

Read More Read more about Critical JWT Bypass in Convoy Panel Allows Full Account Takeover

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw

• Vulnerability Report

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw

Do Son March 31, 2026 0

The “one-click” simplicity of Nginx UI has hit a major security roadblock. Researchers have unveiled a critical...

Read More Read more about Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw

Cutting the Cord: QEMU 11.0 to Expunge 32-Bit Host Support in Cloud Variant

• Linux

Cutting the Cord: QEMU 11.0 to Expunge 32-Bit Host Support in Cloud Variant

Do Son January 13, 2026 0

The venerable open-source virtualization architecture, QEMU, is currently orchestrating the deprecation of 32-bit processor support for its...

Read More Read more about Cutting the Cord: QEMU 11.0 to Expunge 32-Bit Host Support in Cloud Variant

Pre-Auth Command Execution in CentOS Web Panel Exposes Over 200,000 Servers, PoC Publishes

• Vulnerability

Pre-Auth Command Execution in CentOS Web Panel Exposes Over 200,000 Servers, PoC Publishes

Do Son June 25, 2025 0

A critical vulnerability discovered in CentOS Web Panel (CWP), a widely-used open-source server management platform. Tracked as...

Read More Read more about Pre-Auth Command Execution in CentOS Web Panel Exposes Over 200,000 Servers, PoC Publishes

Critical Convoy Flaw (CVE-2025-52562, CVSS 10.0): Unauthenticated Remote Code Execution on KVM Servers!

• Vulnerability Report

Critical Convoy Flaw (CVE-2025-52562, CVSS 10.0): Unauthenticated Remote Code Execution on KVM Servers!

Do Son June 24, 2025 0

A newly disclosed vulnerability in Convoy, a modern KVM server management panel built for hosting providers, has...

Read More Read more about Critical Convoy Flaw (CVE-2025-52562, CVSS 10.0): Unauthenticated Remote Code Execution on KVM Servers!