Advertisement
CVE-2026-45247: Mirasvit Full Page Cache Warmer Exploited — Patch Now
CISA adds CVE-2026-45247, a deserialization vulnerability in Mirasvit Full Page Cache Warmer for Magento, to the KEV catalog after reports of active exploitation.
CVE-2026-45659: SharePoint RCE via Deserialization - Patch Now
Microsoft addresses CVE-2026-45659, a high-severity RCE flaw in SharePoint Server caused by untrusted data deserialization. Learn how to mitigate this risk.
Hugging Face LeRobot RCE via CVE-2026-25874 — Mitigation Guide
Technical analysis of CVE-2026-25874, a critical unpatched RCE vulnerability in Hugging Face LeRobot robotics platform with a CVSS score of 9.3.
CISA KEV Update: Exchange Server, Adobe, MS Windows Exploits
CISA adds seven vulnerabilities, including critical Microsoft Exchange Server deserialization, to its Known Exploited Vulnerabilities Catalog, urging immediate
CVE-2026-4681: Critical RCE in PTC Windchill & FlexPLM
Critical RCE vulnerability CVE-2026-4681 affects PTC Windchill and FlexPLM via deserialization. Patch now to prevent code injection in critical manufacturing.
CVE-2026-20131: Cisco FMC/SCC Deserialization Vulnerability Under Active Attack
CISA adds CVE-2026-20131, a critical deserialization vulnerability in Cisco Secure Firewall Management Center (FMC) and Security Cloud Control (SCC), to KEV Catalog due
CISA Catalogs Critical Roundcube Deserialization Vulnerability Under Active Exploitation
CISA has added CVE-2025-49113 to the Known Exploited Vulnerabilities catalog, addressing a critical RCE flaw in Roundcube webmail software resulting from untrusted data deserialization.