Coverage
Vulnerabilities
748 articles on vulnerability disclosures and exploits
Advertisement
CISA KEV Expansion: Exploit Guidance for Cisco, Kentico, and Zimbra
CISA adds 8 vulnerabilities to the KEV catalog, including critical flaws in Cisco ASA and Zimbra. Analyze technical impact and remediation requirements.
Progress MOVEit and LoadMaster Patched Against Critical RCE and Bypass
Progress Software releases critical patches for MOVEit Transfer and LoadMaster addressing RCE and authentication bypass vulnerabilities like CVE-2024-5806.
CVE-2023-46604: Apache ActiveMQ RCE Exploited by HelloKitty - Patch Now
Over 6,400 Apache ActiveMQ servers are exposed to RCE via CVE-2023-46604. Threat actors like HelloKitty are actively exploiting this high-severity flaw.
Frontier AI Collapses Exploit Windows: Impact on N-Day Exploitation
Frontier AI models are drastically reducing the time between vulnerability disclosure and exploit availability, forcing a shift in defensive strategies.
CISA KEV Update: Eight New Vulnerabilities in Cisco, TeamCity, and Zimbra
CISA adds eight vulnerabilities to the KEV Catalog, including flaws in Cisco SD-WAN and JetBrains TeamCity, requiring immediate federal agency remediation.
CISA Adds 8 Flaws to KEV: Cisco and PaperCut Exploited in the Wild
CISA adds 8 vulnerabilities to its KEV catalog, including PaperCut and Cisco SD-WAN Manager flaws, with federal patching deadlines set for May 2026.
Securing Serial-to-IP Devices: Mitigating Thousands of OT Bugs
Industrial serial-to-IP converters are riddled with thousands of vulnerabilities, posing a significant risk to legacy infrastructure and OT environments.
CVE-2026-5760: SGLang RCE via Malicious GGUF Models - Patch Now
Critical CVE-2026-5760 command injection in SGLang allows remote code execution via GGUF files. High-performance LLM serving environments are at risk.
Serial-to-IP Converter Flaws Expose OT & Healthcare Systems
Forescout found 20 vulnerabilities in Lantronix and Silex serial-to-IP converters, posing theoretical hacking risks to critical OT and healthcare infrastructure.
Prioritizing Vulnerabilities with EPSS: Managing the CVE Flood
Learn how the Exploit Prediction Scoring System (EPSS) provides a data-driven approach to prioritize vulnerability remediation amid rising CVE volumes.
TP-Link Archer AX21 RCE via CVE-2023-1389 — Mitigation Guide
Hackers continue targeting discontinued TP-Link Archer AX21 routers with CVE-2023-1389, though many exploitation attempts currently fail to execute payloads.
Microsoft Releases OOB Updates to Fix Windows Server Boot Issues
Microsoft issues emergency out-of-band updates to resolve critical authentication failures and boot loops caused by the April 2026 security patches.