Coverage
Vulnerabilities
903 articles on vulnerability disclosures and exploits
Advertisement

Unpatched Argo CD repo-server RCE via Internal Port Exposure
An unpatched vulnerability in the Argo CD repo-server allows unauthenticated attackers to achieve RCE and potentially take over Kubernetes clusters.

Adobe ColdFusion, Campaign Classic RCE via 7 Critical Flaws – Patch Now
Adobe addresses 7 critical CVSS 10.0 flaws in ColdFusion and Campaign Classic, enabling RCE and privilege escalation. Immediate patching is essential.
NetScaler Vulnerabilities: HTTP/2 Bomb & High-Severity Info Disclosure
Citrix addresses six NetScaler vulnerabilities, including a new HTTP/2 Bomb and a high-severity information disclosure bug similar to CitrixBleed. Patching is critical
Adobe ColdFusion & Campaign Classic: Critical RCE Patches
Adobe has released critical patches for ColdFusion and Campaign Classic, addressing seven vulnerabilities with 10/10 CVSS scores that allow remote code execution.
Securing Chromium Browsers Beyond Zero-Day Exploit Mitigation
Discover how attackers bypass browser sandboxes using session theft and malicious extensions, and learn technical strategies to defend Chromium environments.
Adobe ColdFusion and Campaign Classic RCE Vulnerabilities - Patch Now
Adobe addresses seven critical security flaws, including RCE in ColdFusion and Campaign Classic. Learn how to apply the APSB24-14 and APSB24-15 patches.
CVE-2026-33825: BlueHammer Zero-Day in Microsoft Defender Exploited by Ransomware
Analysis of the BlueHammer zero-day, CVE-2026-33825, in Microsoft Defender, actively exploited by ransomware groups. Learn detection and mitigation strategies.

NetScaler ADC CVE-2026-8451: Mitigating Arbitrary File Read Risks
Citrix patches six NetScaler ADC and Gateway vulnerabilities, including CVE-2026-8451. Secure your infrastructure against file reads and denial-of-service.

GuardFall: Shell Injection Risks in Open-Source AI Coding Agents
GuardFall bypass exposes 10 of 11 popular open-source AI coding agents to decades-old shell injection vulnerabilities. Understand the threat and mitigation.
June Apple Security Updates for iOS, macOS, Safari: Patch Now
Apple released essential security updates for iOS/iPadOS, macOS, and Safari in June. Learn why timely patching is critical for protecting your devices and data.

NIST NVD Enrichment Changes: Impact on CVE Coverage and Accuracy
NIST's reduction in NVD enrichment impacts CVE coverage and data accuracy, challenging security professionals to adapt vulnerability management strategies.

AirDrop and Quick Share: Proximity Flaws Cause Crashes and Bypass Checks
Researchers found six security flaws in AirDrop and Quick Share, enabling nearby attackers to crash devices and bypass security checks without user interaction.