Advertisement
CVE-2026-31431: Linux Kernel Resource Transfer Vulnerability Actively Exploited
CISA adds CVE-2026-31431, a Linux Kernel incorrect resource transfer vulnerability, to its KEV catalog due to active exploitation. Prioritize remediation.
CVE-2026-32202: Active Exploitation of Windows Shell Spoofing Bug
Microsoft confirms CVE-2026-32202, a Windows Shell spoofing flaw, is under active exploitation. Read our analysis and mitigation guide for enterprise security.
LMDeploy SSRF: CVE-2026-33626 Exploit and Mitigation Guide
Attackers are actively exploiting CVE-2026-33626, a high-severity SSRF in LMDeploy, to access sensitive LLM data. Learn how to detect and patch this flaw.
CVE-2024-57353: Nginx UI Auth Bypass Actively Exploited — Patch Now
Attackers are exploiting CVE-2024-57353, a critical authentication bypass in Nginx UI, to achieve full server takeover. Update to v2.0.0.beta.39 immediately.
Adobe Acrobat & Reader Zero-Day Exploitation: Immediate Patch Required
Adobe has patched an actively exploited Zero-Day in Acrobat and Reader. Attackers used crafted PDF files for at least four months. Update immediately.
Adobe Acrobat Reader RCE via CVE-2026-34621 - Patch Now
Adobe issues emergency patches for CVE-2026-34621 in Acrobat Reader. This critical vulnerability is under active exploitation, allowing remote code execution.
CVE-2026-1340: Ivanti EPMM Code Injection — Patch Now
CISA adds CVE-2026-1340, a critical code injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM), to its KEV Catalog due to active exploitation. Immediate
FortiClient EMS RCE via CVE-2026-35616 — Mitigation Guide
Fortinet releases emergency patches for CVE-2026-35616, a critical SQL injection flaw in FortiClient EMS exploited to achieve unauthenticated RCE.
CVE-2026-3055: Citrix NetScaler Out-of-Bounds Read Under Active Exploitation
CISA adds CVE-2026-3055, an actively exploited Citrix NetScaler Out-of-Bounds Read vulnerability, to its KEV Catalog, urging immediate remediation.
CVE-2025-53521: F5 BIG-IP RCE — Patch Now for Active Exploitation
CISA adds CVE-2025-53521, an actively exploited F5 BIG-IP Remote Code Execution (RCE) vulnerability, to its KEV Catalog. Immediate patching is critical.
Langflow AI Platform: Critical Code Injection Under Active Attack
Threat actors are actively exploiting a critical code injection vulnerability in the Langflow AI platform, demanding immediate patching to prevent compromise.
Langflow CVE-2026-33017: AI Workflow Hijacking Under Active Exploitation
CISA warns of active exploitation of CVE-2026-33017 in Langflow, enabling attackers to hijack AI workflows and potentially compromise AI agents.