vulnerability

Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808)

Fortinet, Hot stuff, News, sandbox, security update, vulnerability /

Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808) 2026-04-16 at 18:37 By Zeljka Zorz Two vulnerabilities (CVE-2026-39813, CVE-2026-39808) in FortiSandbox could be leveraged by unauthenticated attackers to bypass authentication and execute unauthorized code or commands on vulnerable systems. Both vulnerabilities can be triggered with a specially crafted HTTP request, putting unpatched FortiSandbox deployments at risk. About […]

Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808) Read More »

The Week in Vulnerabilities: Azure AI, Spring AI, Fortinet, and Critical ICS Exposure

cyber news, Threat Intelligence, vulnerability, vulnerability management, Weekly Vulnerability Report /

The Week in Vulnerabilities: Azure AI, Spring AI, Fortinet, and Critical ICS Exposure 2026-04-16 at 15:04 By Mihir Bagwe Cyble Research & Intelligence Labs (CRIL) in its weekly vulnerability report tracked 1,431 bugs last week. Of these, over 270 vulnerabilities have publicly available Proof-of-Concept (PoC) exploits, significantly accelerating exploitation timelines and increasing real-world attack likelihood.

The Week in Vulnerabilities: Azure AI, Spring AI, Fortinet, and Critical ICS Exposure Read More »

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

AI, bug bounty program, Cloud, hacking competition, Microsoft, Vulnerabilities, vulnerability, Zero Day Quest /

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest 2026-04-16 at 15:03 By Eduard Kovacs Researchers found more than 80 high-impact cloud and AI vulnerabilities during the event, which had a $5 million prize pool. The post Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest appeared first on

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest Read More »

Splunk Enterprise Update Patches Code Execution Vulnerability

Splunk, Vulnerabilities, vulnerability /

Splunk Enterprise Update Patches Code Execution Vulnerability 2026-04-16 at 15:03 By Ionut Arghire The flaw allows low-privileged users to upload files to a temporary directory to achieve remote code execution. The post Splunk Enterprise Update Patches Code Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Splunk Enterprise Update Patches Code Execution Vulnerability Read More »

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

CISA KEV, enrichment, NIST, NVD, Vulnerabilities, vulnerability /

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software 2026-04-16 at 15:03 By Ionut Arghire To optimize management of CVE volume, entries that do not meet specific criteria will not be automatically enriched. The post NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software appeared first on SecurityWeek. This article is

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software Read More »

Tails 7.6.2 patches vulnerability that could expose saved files

anonymity, Hot stuff, News, Privacy, security update, Tails, vulnerability /

Tails 7.6.2 patches vulnerability that could expose saved files 2026-04-16 at 13:34 By Anamarija Pogorelec The Tails Project released Tails v7.6.2, an emergency release of the popular open source secure portable operating system. What is Tails? Tails, which is based on Debian GNU/Linux, is aimed at users who want to preserve their online privacy and

Tails 7.6.2 patches vulnerability that could expose saved files Read More »

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco, patches, Vulnerabilities, vulnerability /

Cisco Patches Critical Vulnerabilities in Webex, ISE 2026-04-16 at 13:07 By Ionut Arghire The flaws can be exploited remotely to impersonate users or execute arbitrary commands on the underlying OS. The post Cisco Patches Critical Vulnerabilities in Webex, ISE appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches Critical Vulnerabilities in Webex, ISE Read More »

Exploited Vulnerability Exposes Nginx Servers to Hacking

exploited, Nginx, Nginx UI, Vulnerabilities, vulnerability /

Exploited Vulnerability Exposes Nginx Servers to Hacking 2026-04-15 at 17:48 By Eduard Kovacs Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool.  The post Exploited Vulnerability Exposes Nginx Servers to Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploited Vulnerability Exposes Nginx Servers to Hacking Read More »

‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

AI, Artificial Intelligence, Featured, MCP, Vulnerabilities, vulnerability /

‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks 2026-04-15 at 16:34 By Kevin Townsend Researchers warn that a flaw in Anthropic’s Model Context Protocol allows unsanitized commands to execute silently, enabling full system compromise across widely used AI environments. The post ‘By Design’ Flaw in MCP Could Enable Widespread AI Supply

‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks Read More »

Two Vulnerabilities Patched in Ivanti Neurons for ITSM 

Ivanti, Vulnerabilities, vulnerability /

Two Vulnerabilities Patched in Ivanti Neurons for ITSM  2026-04-15 at 16:07 By Ionut Arghire The flaws could allow a remote attacker to maintain access after their account has been disabled and to access information from other user sessions. The post Two Vulnerabilities Patched in Ivanti Neurons for ITSM  appeared first on SecurityWeek. This article is

Two Vulnerabilities Patched in Ivanti Neurons for ITSM  Read More »

Fortinet Patches Critical FortiSandbox Vulnerabilities

Fortinet, patches, Vulnerabilities, vulnerability /

Fortinet Patches Critical FortiSandbox Vulnerabilities 2026-04-15 at 14:29 By Ionut Arghire The flaws could allow attackers to bypass authentication or execute arbitrary code or commands via HTTP requests. The post Fortinet Patches Critical FortiSandbox Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Patches Critical FortiSandbox Vulnerabilities Read More »

Juniper Networks Patches Dozens of Junos OS Vulnerabilities

Juniper Networks, patches, Vulnerabilities, vulnerability /

Juniper Networks Patches Dozens of Junos OS Vulnerabilities 2026-04-10 at 17:22 By Ionut Arghire A critical-severity flaw could be exploited remotely, without authentication, to take over a vulnerable device. The post Juniper Networks Patches Dozens of Junos OS Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Juniper Networks Patches Dozens of Junos OS Vulnerabilities Read More »

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

DICOM, medical, Orthanc, Vulnerabilities, vulnerability /

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE 2026-04-10 at 15:05 By Ionut Arghire Attackers could exploit these vulnerabilities in denial-of-service, information disclosure, and arbitrary code execution attacks. The post Orthanc DICOM Vulnerabilities Lead to Crashes, RCE appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE Read More »

Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000

Chrome, patches, Vulnerabilities, vulnerability /

Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000 2026-04-10 at 14:45 By Eduard Kovacs The critical vulnerabilities affect Chrome’s WebML component and they have been reported by anonymous researchers. The post Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000 appeared first on SecurityWeek. This article is an excerpt from

Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000 Read More »

Critical Marimo Flaw Exploited Hours After Public Disclosure

exploited, Marimo, Vulnerabilities, vulnerability /

Critical Marimo Flaw Exploited Hours After Public Disclosure 2026-04-10 at 14:45 By Ionut Arghire Within nine hours, a hacker built an exploit from the unauthenticated bug’s advisory and started using it in the wild. The post Critical Marimo Flaw Exploited Hours After Public Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Critical Marimo Flaw Exploited Hours After Public Disclosure Read More »

Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users

Android, Cryptocurrency, EngageLab, Mobile & Wireless, SDK, Vulnerabilities, vulnerability /

Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users 2026-04-10 at 10:37 By Eduard Kovacs The security hole affected an EngageLab SDK and it was reported by Microsoft to the vendor one year ago. The post Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users appeared first on SecurityWeek. This article is an

Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users Read More »

Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)

AI, Apache ActiveMQ, bug hunting, Don't miss, Horizon3.ai, Hot stuff, News, security update, vulnerability /

Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197) 2026-04-09 at 16:17 By Zeljka Zorz In the latest demonstration of how AI assistants can help with bug hunting, Horizon3.ai researcher Naveen Sunkavally used Claude to unearth CVE-2026-34197, a remote code execution vulnerability in Apache ActiveMQ that’s been introduced in the codebase 13 years

Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197) Read More »

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Palo Alto Networks, patches, SonicWall, Vulnerabilities, vulnerability /

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities 2026-04-09 at 15:44 By Ionut Arghire The bugs could allow attackers to modify protected resources and escalate their privileges to administrator. The post Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities Read More »

The Week in Vulnerabilities: OpenClaw, FreeBSD, F5 BIG-IP, and Critical ICS Bugs

cyber news, cybersecurity, vulnerability, vulnerability management /

The Week in Vulnerabilities: OpenClaw, FreeBSD, F5 BIG-IP, and Critical ICS Bugs 2026-04-09 at 14:24 By Mihir Bagwe Cyble Research & Intelligence Labs (CRIL) weekly vulnerability report tracked 1,960 vulnerabilities last week, reflecting a continued surge in vulnerability disclosures across enterprise and cloud ecosystems. Of these, 248 vulnerabilities have publicly available Proof-of-Concept (PoC) exploits, significantly

The Week in Vulnerabilities: OpenClaw, FreeBSD, F5 BIG-IP, and Critical ICS Bugs Read More »

Scroll to Top