Coverage
Vulnerabilities
754 articles on vulnerability disclosures and exploits
Advertisement
CVE-2025-0282: Ivanti Connect Secure Heap Overflow — Mitigation Guide
Technical analysis of the Ivanti Connect Secure heap overflow (CVE-2025-0282) allowing unauthenticated RCE. Includes detection steps and patch guidance.
Hitachi Energy RTU500 CMU Firmware Vulnerabilities: Patch Guidance
Hitachi Energy issues critical patches for RTU500 series CMU firmware addressing high-severity DoS and information disclosure risks (CVE-2026-1773, CVE-2024-8176).
CVE-2023-20887: VMware Aria Operations for Networks RCE Exploit Guide
CISA adds CVE-2023-20887 to its KEV catalog. Learn how to detect and patch this critical RCE flaw in VMware Aria Operations for Networks.
Mobiliti e-mobi.hu EV Chargers: Critical Auth Bypass & DoS Vulnerabilities
Critical vulnerabilities in Mobiliti e-mobi.hu EV charging stations (all versions) allow unauthenticated attackers to gain administrative control or disrupt services.
Google Chrome Two-Week Release Cycle: Reducing the Patch Gap
Google transitions Chrome to a two-week stable release cycle to accelerate security patching and minimize the window for n-day vulnerability exploitation.
CrushFTP Bruteforce Scans: Protecting Against RCE & Auth Bypass
Ongoing bruteforce scans are targeting CrushFTP servers, likely attempting to exploit past critical vulnerabilities like CVE-2024-4040 (RCE) and CVE-2025-31161 (auth
Coruna Exploit Kit: iOS 13-17.2.1 Targeted by Multiple APTs
Google Threat Intelligence Group details Coruna, a powerful iOS exploit kit targeting versions 13.0 to 17.2.1, used by commercial vendors and nation-state actors for
Honeywell IQ4 Vulnerability: Assessing Internet Exposure & Impact
A researcher claims thousands of internet-exposed Honeywell IQ4 building controllers are vulnerable. Understand the potential impact and mitigation strategies.
Critical OpenClaw Flaw in AI Agents: Risks and Remediation Guide
A critical OpenClaw vulnerability in widely adopted AI agents could lead to severe security risks. Understand the impact and crucial remediation steps.
CyberStrikeAI Exploitation: AI Tools Targeting Fortinet Firewalls
Threat actors are repurposing CyberStrikeAI to automate reconnaissance and exploit critical vulnerabilities in Fortinet FortiGate firewalls and edge devices.
CVE-2026-0628: Chrome Gemini Panel Exploit Enables Privilege Escalation
A high-severity flaw in Google Chrome's Gemini side panel allowed malicious extensions to bypass security policies and access local files on target systems.
Google Gemini Side Panel Bug Enables Session Hijacking — Update Now
Researchers discovered a security flaw in the Google Gemini side panel that allows for unauthorized session hijacking and cross-origin data exfiltration.