Vulnerabilities

Chainlit Vulnerabilities May Leak Sensitive Information

Chainlit Vulnerabilities May Leak Sensitive Information 2026-01-20 at 17:01 By Ionut Arghire The two bugs, an arbitrary file read and an SSRF bug, can be exploited without user interaction to leak credentials, databases, and other data. The post Chainlit Vulnerabilities May Leak Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

Chainlit Vulnerabilities May Leak Sensitive Information Read More »

TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking

TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking 2026-01-19 at 17:21 By Eduard Kovacs The researcher who discovered the vulnerability saw more than 2,500 internet-exposed devices. The post TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking Read More »

In Other News: FortiSIEM Flaw Exploited, Sean Plankey Renominated, Russia’s Polish Grid Attack

In Other News: FortiSIEM Flaw Exploited, Sean Plankey Renominated, Russia’s Polish Grid Attack 2026-01-16 at 18:21 By SecurityWeek News Other noteworthy stories that might have slipped under the radar: BodySnatcher agentic AI hijacking, Telegram IP exposure, shipping systems hacked by researcher. The post In Other News: FortiSIEM Flaw Exploited, Sean Plankey Renominated, Russia’s Polish Grid

In Other News: FortiSIEM Flaw Exploited, Sean Plankey Renominated, Russia’s Polish Grid Attack Read More »

Cisco Patches Vulnerability Exploited by Chinese Hackers

Cisco Patches Vulnerability Exploited by Chinese Hackers 2026-01-16 at 11:54 By Ionut Arghire UAT-9686 exploited the bug to deploy the AquaShell backdoor on Cisco appliances with certain ports open to the internet. The post Cisco Patches Vulnerability Exploited by Chinese Hackers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches Vulnerability Exploited by Chinese Hackers Read More »

New StackWarp Attack Threatens Confidential VMs on AMD Processors

New StackWarp Attack Threatens Confidential VMs on AMD Processors 2026-01-15 at 20:27 By Eduard Kovacs Researchers have disclosed technical details on a new AMD processor attack that allows remote code execution inside confidential VMs. The post New StackWarp Attack Threatens Confidential VMs on AMD Processors appeared first on SecurityWeek. This article is an excerpt from

New StackWarp Attack Threatens Confidential VMs on AMD Processors Read More »

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Aveva, Phoenix Contact

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Aveva, Phoenix Contact 2026-01-15 at 11:34 By Eduard Kovacs Only a dozen new advisories have been published this Patch Tuesday by industrial giants.  The post ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Aveva, Phoenix Contact appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Aveva, Phoenix Contact Read More »

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM 2026-01-14 at 11:56 By Ionut Arghire Exploitable without authentication, the two security defects could lead to configuration leak and code execution. The post Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM Read More »

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities 2026-01-14 at 11:50 By Ionut Arghire The two browser updates resolve 26 security defects, including bugs that could be exploited for code execution. The post Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities Read More »

Adobe Patches Critical Apache Tika Bug in ColdFusion

Adobe Patches Critical Apache Tika Bug in ColdFusion 2026-01-13 at 22:09 By Ionut Arghire Adobe has released patches for 25 vulnerabilities across its products, including a critical Apache Tika flaw in ColdFusion. The post Adobe Patches Critical Apache Tika Bug in ColdFusion appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Adobe Patches Critical Apache Tika Bug in ColdFusion Read More »

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities 2026-01-13 at 21:52 By Eduard Kovacs Two vulnerabilities patched this month by Microsoft were disclosed publicly before fixes were released. The post Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities Read More »

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities 2026-01-13 at 17:45 By Ionut Arghire SAP has released 17 security notes, including four that address critical SQL injection, RCE, and code injection vulnerabilities. The post SAP’s January 2026 Security Updates Patch Critical Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities Read More »

Trend Micro Patches Critical Code Execution Flaw in Apex Central

Trend Micro Patches Critical Code Execution Flaw in Apex Central 2026-01-09 at 16:04 By Eduard Kovacs Tenable has released PoC code and technical details after the vendor announced the availability of patches for three vulnerabilities. The post Trend Micro Patches Critical Code Execution Flaw in Apex Central appeared first on SecurityWeek. This article is an

Trend Micro Patches Critical Code Execution Flaw in Apex Central Read More »

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over 2026-01-09 at 15:44 By Ionut Arghire The Emergency Directives were retired because they achieved objectives or targeted vulnerabilities included in the KEV catalog. The post CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over appeared first on SecurityWeek. This article is an excerpt from

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over Read More »

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure 2026-01-09 at 13:39 By Ionut Arghire Fresh attacks targeted three VMware ESXi vulnerabilities that were disclosed in March 2025 as zero-days. The post Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure appeared first on SecurityWeek. This article is an

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure Read More »

Critical Vulnerability Exposes n8n Instances to Takeover Attacks

Critical Vulnerability Exposes n8n Instances to Takeover Attacks 2026-01-08 at 15:34 By Ionut Arghire Tracked as CVE-2026-21858 (CVSS score 10), the bug enables remote code execution without authentication. The post Critical Vulnerability Exposes n8n Instances to Takeover Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Vulnerability Exposes n8n Instances to Takeover Attacks Read More »

Critical HPE OneView Vulnerability Exploited in Attacks

Critical HPE OneView Vulnerability Exploited in Attacks 2026-01-08 at 13:20 By Ionut Arghire The maximum-severity code injection flaw can be exploited without authentication for remote code execution. The post Critical HPE OneView Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical HPE OneView Vulnerability Exploited in Attacks Read More »

Vulnerability in Totolink Range Extender Allows Device Takeover

Vulnerability in Totolink Range Extender Allows Device Takeover 2026-01-07 at 16:05 By Ionut Arghire An error in the firmware-upload handler leads to devices starting an unauthenticated root-level Telnet service. The post Vulnerability in Totolink Range Extender Allows Device Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Vulnerability in Totolink Range Extender Allows Device Takeover Read More »

Several Code Execution Flaws Patched in Veeam Backup & Replication

Several Code Execution Flaws Patched in Veeam Backup & Replication 2026-01-07 at 15:32 By Eduard Kovacs Four vulnerabilities have been fixed in the latest release of Veeam Backup & Replication. The post Several Code Execution Flaws Patched in Veeam Backup & Replication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Several Code Execution Flaws Patched in Veeam Backup & Replication Read More »

Hackers Exploit Zero-Day in Discontinued D-Link Devices

Hackers Exploit Zero-Day in Discontinued D-Link Devices 2026-01-07 at 14:34 By Ionut Arghire The critical-severity vulnerability allows unauthenticated, remote attackers to execute arbitrary shell commands. The post Hackers Exploit Zero-Day in Discontinued D-Link Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Exploit Zero-Day in Discontinued D-Link Devices Read More »

Scroll to Top