Skip to main content

Coverage

Vulnerabilities

903 articles on vulnerability disclosures and exploits

Advertisement

VU
CRITICAL
Vulnerabilities

Cisco Unified Communications Manager: Urgent Patch for Active Exploitation

CISA mandates urgent patching for an actively exploited vulnerability in Cisco Unified Communications Manager, posing immediate risk to federal agencies and beyond.

Runtime Rebel Intel
4 min read·Jun 26, 2026
CL
HIGH
Cloud Security

Amazon Q Flaw: Cloud Credential Theft via Malicious Repositories

AWS patches a critical Amazon Q flaw enabling cloud credential theft via malicious repositories. Understand its impact and recommended mitigations.

Runtime Rebel Intel
4 min read·Jun 26, 2026
Amazon Q Developer RCE via CVE-2026-12957 - Cloud Credential Theft
HIGH
Vulnerabilities

Amazon Q Developer RCE via CVE-2026-12957 - Cloud Credential Theft

High-severity CVE-2026-12957 in Amazon Q Developer allowed malicious repositories to execute arbitrary code and steal cloud credentials upon workspace trust. Patch now.

Runtime Rebel Intel
4 min read·Jun 26, 2026
CVE-2026-46331: Linux pedit COW Exploit Grants Root Access
CRITICAL
Vulnerabilities

CVE-2026-46331: Linux pedit COW Exploit Grants Root Access

A critical Linux kernel flaw, 'pedit COW' (CVE-2026-46331), allows local unprivileged users to gain root access via an out-of-bounds write. Public exploits exist.

Runtime Rebel Intel
4 min read·Jun 26, 2026
SU
INFO
Supply Chain

Linux Foundation's Project Akrites: Bolstering Open Source Security

Project Akrites aims to streamline vulnerability management across open source projects, enhancing reporting, patching, and disclosure processes for critical software.

Runtime Rebel Intel
4 min read·Jun 26, 2026
CVE-2026-43503: Linux Kernel DirtyClone Flaw Grants Root Access
HIGH
Vulnerabilities

CVE-2026-43503: Linux Kernel DirtyClone Flaw Grants Root Access

DirtyClone (CVE-2026-43503) is a Linux kernel privilege escalation allowing local users to gain root access via cloned network packets. Patch now.

Runtime Rebel Intel
4 min read·Jun 26, 2026
TH
CRITICAL
Threat Intel

Turla's STOCKSTAY Backdoor: Analysis of Campaigns & WinRAR Exploit

Google Threat Intelligence details STOCKSTAY, Turla's .NET backdoor for espionage targeting Ukraine and Europe, leveraging RDP & CVE-2025-8088.

Runtime Rebel Intel
13 min read·Jun 26, 2026
VU
HIGH
Vulnerabilities

CVE-2022-25247: PTC Windchill RCE Exploited in the Wild

CISA warns of active exploitation of CVE-2022-25247, an RCE flaw in PTC Windchill PLM software. Learn how to detect and mitigate this critical threat.

Runtime Rebel Intel
3 min read·Jun 26, 2026
Cisco CUCM SSRF Flaw: Rapid Exploitation & Root Privilege Escalation
CRITICAL
Vulnerabilities

Cisco CUCM SSRF Flaw: Rapid Exploitation & Root Privilege Escalation

Attackers are rapidly weaponizing a Cisco Unified CM server-side request forgery (SSRF) flaw, escalating privileges to root. Immediate patching is critical.

Runtime Rebel Intel
5 min read·Jun 26, 2026
ThreatsDay Bulletin: Proxyware, Legacy Flaws, and AI Crime Trends
HIGH
Threat Intel

ThreatsDay Bulletin: Proxyware, Legacy Flaws, and AI Crime Trends

Analysis of recent cybersecurity threats including smart TV proxyware, a 24-year curl bug, and AI-driven cybercrime trends impacting enterprise security.

Runtime Rebel Intel
5 min read·Jun 25, 2026
VU
HIGH
Vulnerabilities

LLM Prompt Injection: Role Confusion Exposes Core Architectural Flaws

An in-depth analysis of LLM prompt injection, detailing how 'role confusion' in model representations undermines tag-based security and demands architectural solutions.

Runtime Rebel Intel
5 min read·Jun 25, 2026
TH
MEDIUM
Threat Intel

Analyzing Internet Background Radiation and Automated Scanning Trends

An analysis of automated cybercrime traffic and internet background radiation, detailing how botnets exploit vulnerabilities like CVE-2017-17215.

Runtime Rebel Intel
3 min read·Jun 25, 2026