Tag: cve
-
Critical Redis Vulnerability Could Let Attackers Execute Code and Hijack Servers
A critical vulnerability in Redis, tracked as CVE-2026-23631 and dubbed “DarkReplica,” exposes authenticated deployments to remote code execution (RCE) through a complex use-after-free (UAF) condition in the replication subsystem. Discovered by security researcher Yoni Sherez during the ZeroDay. In the Cloud 2025 competition, the flaw demonstrates how Redis’s internal Lua execution model and replication logic…
-
IoT Botnet C0XMO Adds Competitor-Killing Capability
C0XMO is a new Gafgyt botnet variant exploiting old router flaws, spreading across IoT devices, killing rivals, and enabling large-scale DDoS attacks. In March 2026, FortiGuard Labs discovered a new variant of the Gafgyt botnet, dubbed C0XMO, which is noticeably more capable than its predecessors. The malware spreads through CVE-2021-27137, a stack buffer overflow in…
-
CVE-2026-20223 mit CVSS 10.0 in Cisco Secure Workload – Fehlende API-Authentifizierung gibt Angreifern Site-Admin-Rechte
First seen on security-insider.de Jump to article: www.security-insider.de/cve-2026-20223-cisco-secure-workload-cvss-10-api-site-admin-a-a6ef0186275a7d18e93bdd54e92ba67a/
-
U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Serv-U flaw, tracked as CVE-2026-28318 (CVSS ver 3.1 score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. SolarWinds Serv-U is a managed file transfer (MFT) and secure file…
-
Critical UniFi OS Auth Bypass Flaws Lead to Unauthenticated Root RCE
Ubiquiti has addressed three critical vulnerabilities within the UniFi OS Server that attackers can chain together to achieve unauthenticated remote code execution (RCE) with root privileges. Disclosed on May 21, 2026, via Security Advisory Bulletin 064 (SAB-064), the flaws are tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. Each vulnerability carries a maximum CVSS 3.1 severity score…
-
CISA Alerts on Actively Exploited SolarWinds Serv-U Denial-of-Service Flaw
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, risk, service, threat, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability in SolarWinds Serv-U to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-28318, this flaw allows unauthenticated threat actors to remotely crash the file transfer service. With active exploitation observed in the wild, this development signals a severe risk to enterprise…
-
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
Tags: cisa, cve, cybersecurity, dos, exploit, flaw, infrastructure, kev, service, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol file server software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2026-28318 (CVSS score: 7.5), is a denial-of-service (DoS) bug that causes the service to crash First seen on thehackernews.com…
-
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited No Patch Available
Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation.The vulnerability, tracked as CVE-2026-20245, carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the following deployment types – On-Prem Deployment Cisco SD-WAN Cloud-Pro Cisco SD-WAN Cloud (Cisco Managed) Cisco SD-WAN for Government (FedRAMP)”A…
-
Critical Redis vulnerability CVE-2026-23479 allows remote code execution
First seen on scworld.com Jump to article: www.scworld.com/brief/critical-redis-vulnerability-cve-2026-23479-allows-remote-code-execution
-
Cisco SD-WAN Has a New Root-Level Problem, and There’s No Fix Yet
Cisco warns of CVE-2026-20245 in SD-WAN Manager, a flaw that can lead to root access via file upload command injection; no patch or workaround yet. Cisco warns of a privilege escalation flaw, tracked as CVE-2026-20245 (CVSS base score of 7.8), in Cisco Catalyst SD-WAN Manager, the platform formerly known as SD-WAN vManage. An authenticated local…
-
Hugging Face Transformers Security Flaw Allows Remote Code Execution
A critical security flaw in Hugging Face Transformers, tracked as CVE-2026-4372, has exposed millions of machine learning workflows to silent remote code execution (RCE) through a malicious model configuration. Discovered by Pluto Security researcher Yotam Perkal, the issue allows attackers to execute arbitrary code on a victim’s system simply by tricking them into loading a…
-
New Gafgyt Variant Targets Linux Systems With Modular Spread Tactics
A new Gafgyt-family botnet, tracked as C0XMO, marks a notable technical shift in IoT malware design: the separation of scanning and propagation into distinct components and multi-architecture payloads that maximize reach across heterogeneous Linux devices. The operator delivered C0XMO by exploiting CVE-2021-27137 a stack buffer overflow in the UPnP SSDP parser of vulnerable DD-WRT firmware…
-
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise.The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including, 1.9.12.…
-
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise.The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including, 1.9.12.…
-
CISA Issues Alert on Actively Exploited Linux Kernel Security Flaw
Tags: authentication, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, linux, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a fresh alert warning organizations about the active exploitation of a Linux kernel vulnerability tracked as CVE-2022-0492. The flaw, categorized as an improper authentication issue, affects Linux systems using the cgroups v1 release_agent feature and can allow attackers to escalate privileges within compromised environments. Linux…
-
June 2026 Patch Tuesday forecast: Where are the CVEs?
My forecast from last month was only partly right. After the Anthropic Mythos announcements and the deluge of newly discovered vulnerabilities from vendors like Mozilla, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/05/june-2026-patch-tuesday-forecast/
-
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-cisco-sd-wan-flaw-exploited-in-zero-day-attacks-to-gain-root/
-
Cisco SD-WAN Security Flaw Actively Exploited for Root-Level Command Execution
Cisco has disclosed a high-severity vulnerability in its Catalyst SD-WAN Manager that is actively being exploited in the wild, allowing attackers to execute arbitrary commands with root-level privileges on affected systems. The vulnerability, tracked as CVE-2026-20245, carries a CVSS score of 7.8 and is caused by improper input validation (CWE-116) within the command-line interface of…
-
Microsoft Edge Vulnerability Lets Remote Attackers Execute Arbitrary Code
Microsoft has disclosed three critical vulnerabilities in its Edge browser, all discovered during the Pwn2Own competition and reported by security researcher Orange Tsai of DEVCORE Research Team. The flaws, tracked as CVE-2026-45492, CVE-2026-45494, and CVE-2026-45495, were publicly disclosed on June 4, 2026, with patches already issued by Microsoft. Overview of the Vulnerability CVE-2026-45492 Origin […]…
-
Microsoft Edge Vulnerability Lets Remote Attackers Execute Arbitrary Code
Microsoft has disclosed three critical vulnerabilities in its Edge browser, all discovered during the Pwn2Own competition and reported by security researcher Orange Tsai of DEVCORE Research Team. The flaws, tracked as CVE-2026-45492, CVE-2026-45494, and CVE-2026-45495, were publicly disclosed on June 4, 2026, with patches already issued by Microsoft. Overview of the Vulnerability CVE-2026-45492 Origin […]…
-
CVE-2026-45659 nutzt Deserialisierungsfehler in SharePoint aus – SharePoint RCE-Lücke funktioniert mit einfachem Benutzerkonto
First seen on security-insider.de Jump to article: www.security-insider.de/cve-2026-45659-sharepoint-rce-deserialisierung-benutzerkonto-a-5f30a8cda8b234615bd275711560a4cf/
-
U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Mirasvit Full Page Cache Warmer flaw, tracked as CVE-2026-45247 (CVSS ver 4.0 score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2026-45247 flaw is a…
-
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root.It is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco’s PSIRT says it has not seen the flaw used in attacks yet. The PoC shortens…
-
Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges
Cisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely. Cisco has addressed a high-severity vulnerability, tracked as CVE-2026-20230, affecting Unified CM and Unified CM SME. The flaw, caused by improper validation of certain HTTP requests, allows a remote attacker without authentication to perform server-side…
-
PoC Exploit Released for Cisco Unified Communications Manager Security Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical server-side request forgery (SSRF) vulnerability impacting Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME), increasing the likelihood of active exploitation in enterprise environments. Cisco Unified Manager Security Vulnerability Tracked as CVE-2026-20230 and detailed in Cisco advisory cisco-sa-cucm-ssrf-cXPnHcW, the…
-
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild.The vulnerability, tracked as CVE-2026-45247 (CVSS score: 9.8), is a case of deserialization of untrusted First seen…
-
CISA Alerts Users to Actively Exploited Android Framework Security Vulnerability
CISA has issued an urgent alert warning of an actively exploited Android Framework vulnerability, tracked as CVE-2025-48595, and has added it to its Known Exploited Vulnerabilities (KEV) catalog. The agency has set a strict remediation deadline of June 5, 2026, urging organizations to take immediate action to mitigate potential risks associated with this flaw. Android…
-
Cato claims 45-minute CVE protection with agentic AI
First seen on scworld.com Jump to article: www.scworld.com/news/cato-claims-45-minute-cve-protection-with-agentic-ai
-
CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited
CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed servers. The post CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisa-oracle-weblogic-vulnerability-exploited/
-
Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)
Redis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting the database. The flaw was found by an autonomous AI tool built to hunt bugs in large codebases.Tracked as CVE-2026-23479, the flaw was introduced in Redis 7.2.0 and remained in every stable branch…