Coverage
Vulnerabilities
748 articles on vulnerability disclosures and exploits
Advertisement
NGINX-UI Critical Flaw: Attackers Can Alter NGINX Configs
A critical flaw in nginx-ui allows attackers to remotely restart, create, modify, and delete NGINX configuration files, posing significant risk to web servers.
CVE-2024-57353: Nginx UI Auth Bypass Actively Exploited — Patch Now
Attackers are exploiting CVE-2024-57353, a critical authentication bypass in Nginx UI, to achieve full server takeover. Update to v2.0.0.beta.39 immediately.
Nginx UI CVE-2026-33032: Critical RCE Exploited in the Wild
Exploitation of CVE-2026-33032 in the Nginx UI management tool allows for remote takeover. Learn how to detect and mitigate this critical security threat.
CVE-2022-21882: CISA Warns of Windows Task Host Exploit in the Wild
CISA adds CVE-2022-21882 to the KEV catalog. Learn how to mitigate this Windows Task Host privilege escalation vulnerability affecting Win32k.sys.
Microsoft Awards $2.3M for Cloud and AI Vulnerabilities at Zero Day Quest
Microsoft pays $2.3 million for nearly 700 vulnerability submissions targeting Azure, Microsoft 365, and AI services during the Zero Day Quest event.
SAP CVE-2026-27681: Critical SQL Injection Vulnerability Patch Guidance
April Patch Tuesday addresses a critical 9.9 CVSS SQL injection vulnerability in SAP Business Warehouse and updates for Microsoft, Adobe, and Fortinet.
CVE-2026-33032: Critical nginx-ui Authentication Bypass Under Attack
Threat actors are exploiting CVE-2026-33032, a critical authentication bypass in nginx-ui (MCPwn), allowing full server takeover and Nginx configuration control.
Ivanti Neurons for ITSM Patches CVE-2024-45504 and CVE-2024-45505
Ivanti addresses two high-severity flaws in Neurons for ITSM, CVE-2024-45504 and CVE-2024-45505, preventing session persistence and cross-user data exposure.
Windows Update Triggers BitLocker Recovery: Mitigation and Analysis
Microsoft confirms April security updates cause unexpected BitLocker recovery prompts on Windows Servers. Learn how to resolve the boot issues and recover keys.
SharePoint Zero-Day Fixed in Microsoft April 2026 Security Updates
Microsoft addresses 169 vulnerabilities, including an actively exploited SharePoint zero-day. Learn how to secure your environment against these flaws.
CVE-2024-21762 and Ivanti Flaws: Edge Gateway Scanning Escalates
Technical analysis of ongoing scanning activity targeting Ivanti and Fortinet SSL-VPN gateways. Learn to detect exploits and apply critical mitigations.
Microsoft April 2026 Patch Tuesday: 164 CVEs and Two Zero-Days
Microsoft's April 2026 Patch Tuesday addresses 164 vulnerabilities, including two exploited zero-days and eight critical RCE flaws. Read our technical analysis.