Coverage
Vulnerabilities
748 articles on vulnerability disclosures and exploits
Advertisement
CVE-2023-3519: Patching Active RCE in Citrix NetScaler ADC
CISA mandates federal agencies patch CVE-2023-3519, an unauthenticated RCE flaw in Citrix NetScaler ADC and Gateway actively exploited in the wild.
Apache Struts 2.5.33 Patch Guidance: Mitigating CVE-2023-50164 RCE
Technical analysis of CVE-2023-50164, a critical RCE vulnerability in Apache Struts. Learn how to detect exploits and secure your file upload implementations.
RoadK1ll WebSocket Implant: New Threat for Stealthy Lateral Movement
Analysis of the new RoadK1ll WebSocket implant, detailing its capabilities for lateral movement on compromised networks and offering detection and mitigation strategies.
CVE-2026-3055: Citrix NetScaler Out-of-Bounds Read Under Active Exploitation
CISA adds CVE-2026-3055, an actively exploited Citrix NetScaler Out-of-Bounds Read vulnerability, to its KEV Catalog, urging immediate remediation.
Fortinet BIG-IP RCE via CVE-2025-53521 — Patch Now
Fortinet BIG-IP vulnerability CVE-2025-53521, initially a DoS, has been reclassified as a critical Remote Code Execution flaw. This advisory details the threat and
CVE-2026-3055: Critical Citrix NetScaler Memory Flaw Exploited
A critical memory flaw, CVE-2026-3055, in Citrix NetScaler ADC and Gateway appliances is actively exploited to steal sensitive data. Patch immediately.
OpenAI Patches ChatGPT Data Exfiltration and Codex Token Flaws
OpenAI addresses high-impact vulnerabilities in ChatGPT and Codex that enabled unauthorized data exfiltration and exposure of sensitive GitHub tokens.
Star Blizzard (APT28) Adopts DarkSword iOS Exploit Kit
Russian APT Star Blizzard (APT28) now uses the DarkSword iOS exploit kit to target government, finance, and academia, increasing mobile threat exposure.
Windows 11 KB5079391 Update Pulled: Resolving 0x80073712 Errors
Microsoft withdraws the Windows 11 KB5079391 preview update following widespread reports of 0x80073712 installation failures on version 24H2 systems.
F5 BIG-IP RCE via CVE-2023-46747 — Mitigation and Exploitation Guide
Exploit analysis of the critical F5 BIG-IP authentication bypass (CVE-2023-46747). Learn how to detect webshell deployment and apply essential security patches.
CVE-2023-46747: F5 BIG-IP RCE Exploitation and Mitigation Guide
F5 BIG-IP vulnerability CVE-2023-46747 upgraded from DoS to critical RCE with active exploitation in the wild. Learn how to detect and patch immediately.
CVE-2023-48788: FortiClient EMS RCE via SQL Injection Exploit
Exploitation of a critical RCE vulnerability (CVE-2023-48788) in Fortinet FortiClient EMS has been confirmed. Learn how to detect and mitigate this threat.