Coverage
Vulnerabilities
738 articles on vulnerability disclosures and exploits
Advertisement
CVE-2026-0300: Palo Alto Networks PAN-OS Out-of-bounds Write Exploit
CISA adds CVE-2026-0300, a Palo Alto Networks PAN-OS out-of-bounds write vulnerability, to its KEV Catalog due to active exploitation. Immediate remediation advised for
Cisco Crosswork & NSO DoS: Manual Reboot Needed Post-Exploit
Cisco Crosswork Network Controller and Network Services Orchestrator are vulnerable to a denial-of-service flaw, necessitating manual reboots for recovery.
CVE-2023-29017: Critical vm2 Sandbox Escape Leads to Host RCE
Technical analysis of CVE-2023-29017 in the vm2 Node.js library. Learn how attackers escape the sandbox for remote code execution and how to patch.
Autonomous Offensive Security Platforms: XBOW Secures $35M for AI
XBOW secures $35 million in Series C funding to accelerate the development of autonomous offensive security agents and automated vulnerability discovery tools.
NVIDIA Ampere GPU Rowhammer Attacks Enable Full Host Compromise
Researchers demonstrate Rowhammer attacks on NVIDIA Ampere GPUs using GDDR bitflips to gain full CPU memory control when IOMMU is disabled by default.
Evolution of Modern Threats: From Stuxnet to AI-Driven Vulnerabilities
An analysis of the 20-year evolution of the cybersecurity landscape, detailing the shift from industrial sabotage to automated, AI-driven exploitation.
PAN-OS RCE via CVE-2024-0012: Palo Alto Networks Exploitation Guide
Palo Alto Networks warns of active exploitation of CVE-2024-0012 and CVE-2024-0013 affecting PAN-OS management interfaces. Secure your firewall now.
CVE-2026-0300: Critical Zero-Day in PAN-OS Captive Portal Service
Palo Alto Networks warns of CVE-2026-0300, a critical zero-day vulnerability in the PAN-OS Captive Portal service currently being exploited in the wild.
ABB B&R Automation Runtime DoS via CVE-2025-11044 — Patch Now
An unauthenticated network DoS vulnerability (CVE-2025-11044) affects ABB B&R Automation Runtime, allowing permanent system halts. Immediate patching is critical.
CVE-2025-11043: ABB Automation Studio <6.5 Improper Certificate Validation
Critical manufacturing systems running ABB B&R Automation Studio <6.5 are vulnerable to CVE-2025-11043, allowing data interception and spoofing via improper certificate
Microsoft Edge Password Storage: Risk of Credential Dumping
Microsoft Edge stores sensitive user passwords in process memory. A PoC exploit demonstrates how attackers with admin privileges can dump credentials, posing significant
Apache HTTP Server CVE-2026-23918: Critical HTTP/2 RCE Mitigation
Apache Software Foundation addresses CVE-2026-23918, a critical double-free flaw in HTTP/2 handling. Learn how to patch and defend against potential RCE.