Vulnerability Archives • Page 2 of 45 • Daily CyberSecurity

Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile Progress ShareFile RCE Storage Zones Controller

Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile

Do Son April 3, 2026

A duo of severe security vulnerabilities has been uncovered in Progress ShareFile, a widely used managed file...

200,000+ Sites at Risk: Perfmatters Flaw Enables Full WordPress Site Takeover Perfmatters Vulnerability WordPress Site Takeover

200,000+ Sites at Risk: Perfmatters Flaw Enables Full WordPress Site Takeover

Do Son April 3, 2026

Researchers expose a critical vulnerability in Perfmatters, a popular performance-optimization WordPress plugin with over 200,000 active installations....

Joomla! Issues Security Patch: Critical File Deletion and Webservice Flaws Exposed Joomla Vulnerability CVE-2026-23898

Joomla! Issues Security Patch: Critical File Deletion and Webservice Flaws Exposed

Do Son April 2, 2026

Joomla! CMS has released a series of critical security updates to address two high-severity vulnerabilities—CVE-2026-23898 and CVE-2026-23899—both...

Lodash Patches High-Severity Code Injection Vulnerability Lodash Code Injection CVE-2026-4800

Lodash Patches High-Severity Code Injection Vulnerability

Do Son April 2, 2026

In the world of modern JavaScript, Lodash is the undisputed heavyweight champion of utility libraries, providing the...

Critical 9.2 Severity Flaw in Gigabyte Control Center Exposed Gigabyte Control Center CVE-2026-4415

Critical 9.2 Severity Flaw in Gigabyte Control Center Exposed

Do Son April 2, 2026

According to a security advisory promulgated by Gigabyte, the Gigabyte Control Center (GCC) is affected by an...

Critical 9.8 CVSS Flaw in Cisco SSM On-Prem Grants Unauthenticated Root Access Cisco SSM On-Prem Vulnerability CVE-2026-20160

Critical 9.8 CVSS Flaw in Cisco SSM On-Prem Grants Unauthenticated Root Access

Do Son April 2, 2026

Cisco has recently dropped a high-stakes security advisory regarding a critical vulnerability in its Smart Software Manager...

NocoBase Critical Alert: Sandbox Escape Grants Attackers Root Access NocoBase RCE Sandbox Escape

NocoBase Critical Alert: Sandbox Escape Grants Attackers Root Access

Do Son April 1, 2026

A critical vulnerability has been unearthed in NocoBase, the AI-powered platform designed for infinite extensibility. The flaw,...

Exploited in the Wild: Google Issues Emergency Patch for Chrome Zero-Day (CVE-2026-5281) in Dawn Component Chrome Zero-Day CVE-2026-5281

Exploited in the Wild: Google Issues Emergency Patch for Chrome Zero-Day (CVE-2026-5281) in Dawn Component

Do Son April 1, 2026

Google has released a critical security update for the Chrome Stable channel to address 21 security vulnerabilities....

Critical Vulnerability in Perl Core Modules Leaves Systems Exposed

Do Son March 31, 2026

A high-severity security flaw has been identified within the core of the Perl programming language. Designated as...

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw Backup Tampering Exploit

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw

Do Son March 31, 2026

The “one-click” simplicity of Nginx UI has hit a major security roadblock. Researchers have unveiled a critical...

CISA Issues Emergency Mandate as Critical 9.3 NetScaler Flaw “Bleeds” Admin Sessions Citrix NetScaler Vulnerability CVE-2026-3055

CISA Issues Emergency Mandate as Critical 9.3 NetScaler Flaw “Bleeds” Admin Sessions

Do Son March 31, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability impacting Citrix NetScaler ADC...

The Weakest Link: Popular Node.js Config Library “Convict” Hit by Prototype Pollution Prototype Pollution node-convict Vulnerability

The Weakest Link: Popular Node.js Config Library “Convict” Hit by Prototype Pollution

Do Son March 30, 2026

A critical vulnerability has been uncovered in node-convict, the widely used configuration management library designed to make...

Vim Under Fire: High-Severity “Tabpanel” Bug Allows RCE via Simple File Open Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

Vim Under Fire: High-Severity “Tabpanel” Bug Allows RCE via Simple File Open

Do Son March 30, 2026

A critical bug chain has been discovered in Vim, the ubiquitous text editor used by millions of...

Scriban’s “Leaky” Cache: A 9.1 CVSS Sandbox Escape Hits 40 Million .NET Installs Scriban Vulnerability .NET Sandbox Escape

Scriban’s “Leaky” Cache: A 9.1 CVSS Sandbox Escape Hits 40 Million .NET Installs

Do Son March 30, 2026

A critical security flaw has been identified in Scriban, the popular high-performance scripting language and engine for...

Telegram Denies “Zero-Click” Sticker Exploit as 9.8 CVSS Security Alert Ignites a Global Standoff Telegram Zero-Click ZDI-CAN-30207

Telegram Denies “Zero-Click” Sticker Exploit as 9.8 CVSS Security Alert Ignites a Global Standoff

Do Son March 27, 2026

A critical security flaw has been unearthed in Telegram, the world’s leading encrypted messaging platform, drawing significant...

High-Severity Spring Cloud Config Flaw Triggers File Leaks and SSRF Spring Data vulnerabilities Spring Cloud Config CVE-2026-22739 Spring Gateway SpEL, STOMP WebSocket CSRF Spring Security, vulnerability CVE-2024-38819 CVE-2025-41243 Spring Cloud Gateway, vulnerability

Spring Data vulnerabilities Spring Cloud Config CVE-2026-22739 Spring Gateway SpEL, STOMP WebSocket CSRF Spring Security, vulnerability CVE-2024-38819 CVE-2025-41243 Spring Cloud Gateway, vulnerability

High-Severity Spring Cloud Config Flaw Triggers File Leaks and SSRF

Do Son March 24, 2026

A significant security flaw has been identified in Spring Cloud Config, a popular framework used to provide...

Memory Leaks and Mixed Sessions: NetScaler’s Critical 9.3 CVSS Flaw Demands Immediate Action NetScaler Vulnerability CVE-2026-3055 Citrix VDA, Privilege Escalation NetScaler Vulnerabilities, Access Bypass CVE-2024-8534 and CVE-2024-8535

NetScaler Vulnerability CVE-2026-3055 Citrix VDA, Privilege Escalation NetScaler Vulnerabilities, Access Bypass CVE-2024-8534 and CVE-2024-8535

Memory Leaks and Mixed Sessions: NetScaler’s Critical 9.3 CVSS Flaw Demands Immediate Action

Do Son March 24, 2026

On March 23, 2026, Cloud Software Group released a high-priority security bulletin addressing two vulnerabilities in NetScaler...

The Undocumented Backdoor: Critical 10.0 CVSS Flaw Hits WAGO Managed Switches

Do Son March 23, 2026

A severe vulnerability has been uncovered in several models of WAGO Managed Switches, potentially leaving industrial networks...

Below the EDR: How Unsecured IP-KVM Switches Grant Total System Takeover IP-KVM Vulnerabilities Hardware Security

Below the EDR: How Unsecured IP-KVM Switches Grant Total System Takeover

Do Son March 22, 2026

Security researchers Reynaldo Vasquez Garcia and Paul Asadoorian from Eclypsium have issued a warning regarding a category...

Critical 9.3 CVSS Flaw in QNAP QVR Pro Exposes Surveillance Systems QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

Critical 9.3 CVSS Flaw in QNAP QVR Pro Exposes Surveillance Systems

Do Son March 21, 2026

QNAP Systems, Inc. has issued a critical security advisory for users of its QVR Pro surveillance solution....