Coverage
Vulnerabilities
748 articles on vulnerability disclosures and exploits
Advertisement
CVE-2024-22257: Critical SAP AS ABAP Code Injection — Patch Now
SAP releases patches for 19 vulnerabilities, including a CVSS 9.8 code injection flaw in SAP AS ABAP and high-severity RCE in SAP Business Client.
Analyzing 216M Security Findings: Critical Risks Surge by 400%
OX Security research reveals a 400% spike in critical risks driven by AI-assisted development, outpacing a 52% increase in total security alert volume.
CISA KEV Update: Fortinet FortiClient EMS CVE-2026-21643 Under Attack
CISA adds six flaws to the KEV catalog, including a critical unauthenticated SQL injection in Fortinet FortiClient EMS (CVE-2026-21643). Patch immediately.
CVE-2025-0520: ShowDoc RCE via File Upload Flaw Under Active Attack
Critical CVE-2025-0520 in ShowDoc allows RCE via unrestricted file upload. Attackers are actively targeting unpatched servers to deploy web shells.
Cisco FMC Zero-Day Exploited by Interlock Ransomware: March 2026 CVEs
Runtime Rebel analyzes March 2026's significant rise in high-impact CVEs, including a Cisco FMC zero-day actively exploited by Interlock Ransomware. Learn critical
CISA KEV Update: Exchange Server, Adobe, MS Windows Exploits
CISA adds seven vulnerabilities, including critical Microsoft Exchange Server deserialization, to its Known Exploited Vulnerabilities Catalog, urging immediate
Adobe Acrobat & Reader Zero-Day Exploitation: Immediate Patch Required
Adobe has patched an actively exploited Zero-Day in Acrobat and Reader. Attackers used crafted PDF files for at least four months. Update immediately.
AI Vulnerability Storm: Preparing for Post-Mythos Exploits
CISOs must prepare for an 'AI vulnerability storm' triggered by Anthropic's Claude Mythos. Proactive security frameworks are essential to mitigate new risks.
Anthropic's Mythos Preview AI: Proactive Vulnerability Hunting with Project Glasswing
Anthropic's Claude Mythos Preview AI possesses significant cyberattack capabilities. Project Glasswing is proactively hunting vulnerabilities in public and proprietary
CVE-2024-38472: wolfSSL ECDSA Signature Verification Bypass Patch Guide
Critical vulnerability CVE-2024-38472 in wolfSSL allows certificate forgery and MitM attacks via improper ECDSA hash validation. Patch to 5.7.4 immediately.
CVE-2026-34621: Adobe Acrobat and Reader Zero-Day Emergency Patch
Adobe issues an emergency fix for CVE-2026-34621, a critical Acrobat and Reader zero-day exploited in the wild. Learn technical details and mitigation steps.
Critical PDF Zero-Day and Windows Rootkit Technical Analysis
Analysis of critical threats including fiber optic surveillance, a stealthy PDF zero-day, and advanced Windows rootkit persistence mechanisms.