Tag: cve
-
WordPress Plugin Flaw Opens Door to Privilege Escalation Attacks Across 500,000+ Sites
A critical security flaw in the Kirki Freeform Page Builder, Website Builder & Customizer WordPress plugin is exposing sites to account takeover and privilege escalation attacks, with roughly 150,000 estimated to be running vulnerable versions introduced in the 6.0 release. Tracked as CVE-2026-8206 and rated 9.8 (Critical), the bug affects Kirki versions 6.0.0 through […]…
-
Critical Apache ActiveMQ Vulnerability Exposes Systems to Security Header Injection Attacks
Apache ActiveMQ users are being urged to apply immediate patches following the disclosure of a critical vulnerability, CVE-2026-42253, that enables HTTP response header injection via improperly handled JMS message properties. The flaw affects both Apache ActiveMQ and ActiveMQ Web components. It has been rated with “important” severity by the Apache Software Foundation. CVE-2026-42253: HTTP Response…
-
Ivanti ITSM Flaw Could Allow Attackers to Escalate to Admin Access
Ivanti has patched a high-severity vulnerability in its Ivanti Neurons for ITSM platform that could allow authenticated attackers to escalate privileges and gain full administrative access to affected systems. Tracked as CVE-2026-9614, the flaw is classified as an improper access control issue (CWE-284) and carries a CVSS score of 8.8. The vulnerability affects both cloud…
-
Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user’s NTLMv2 hash to the attacker.Like in the case of CVE-2026-33829, which impacted the Windows Snipping Tool’s ms-screensketch: URI handler, the newly flagged issue resides in the search: URI handler, per Huntress.CVE-2026-33829 refers to a spoofing vulnerability that could…
-
Google Patches Actively Exploited Android Flaw Affecting Millions of Devices
Google fixed 124 Android flaws, including CVE-2025-48595, an actively exploited privilege escalation bug linked to targeted attacks. Google has released its June 2026 Android security updates, fixing 124 vulnerabilities across the mobile operating system. One flaw, tracked as CVE-2025-48595 (CVSS score of 8.4) stands out from the rest because it is already being exploited in…
-
Windows Search URI Handler Vulnerability Exposes NTLMv2 Hashes to Remote Attackers
Windows systems are once again exposed to NTLM credential leakage through a newly observed abuse of the search, URI handler, a vulnerability class closely mirroring the previously patched CVE-2026-33829 in the Snipping Tool. Windows Search URI Handler Vulnerability Security researchers from Huntress have identified that the Windows search URI handler improperly processes user-supplied parameters, allowing attackers to coerce…
-
Why an HP Poly VoIP Phones Bug Could Become an Enterprise Foothold
Rapid7 details a critical unauthenticated overflow in HP Poly VoIP phones that can lead to root RCE, with patches available for affected models. Rapid7’s latest disclosure on CVE-2026-0826 should get serious attention from anyone running HP Poly VoIP phones in an enterprise setting. It’s a critical unauthenticated stack-based buffer overflow that can give a remote…
-
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that has come under active exploitation.Tracked as CVE-2025-48595 (CVSS score: 8.4), the security flaw has been described as a case of privilege escalation without requiring any user…
-
Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation.Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path traversal flaw in WinRAR, to launch an HTML Application payload dubbed GammaPhish, which is then used…
-
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
Tags: access, control, cve, cybersecurity, exploit, flaw, infrastructure, kev, network, oracle, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.The vulnerability, CVE-2024-21182 (CVSS score: 7.5), allows an unauthenticated attacker with network access to take control of susceptible servers. It was First seen on…
-
U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2024-21182 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2024-21182 flaw is an easily exploitable vulnerability affecting Oracle WebLogic…
-
Google Patches Android Zero-Day Under Active Exploitation
Google has patched CVE-2025-48595, an actively exploited Android zero-day that enables privilege escalation on affected devices. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/google-patches-android-zero-day-under-active-exploitation/
-
Critical KMW CCTV Flaw Allows Unauthorised Access to Surveillance Feeds
A critical security vulnerability in KMW CCTV security cameras could allow attackers to gain full, unauthorised access to live surveillance feeds and device settings, raising serious concerns for organisations that rely on these systems in sensitive environments. The issue, tracked as CVE-2026-5386 and disclosed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) under advisory…
-
CISA Issues Alert on Oracle WebLogic Server Flaw Under Active Exploitation
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, oracle, risk, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle WebLogic Server vulnerability, tracked as CVE-2024-21182, to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is actively exploited in the wild. The alert, published on June 1, 2026, highlights the urgent risk to organizations that rely on Oracle WebLogic for…
-
Threat Actors Target Critical Windows Netlogon Flaw CVE-2026-41089
A critical Windows Netlogon vulnerability, tracked as CVE-2026-41089, has emerged as a significant security concern after authorities warned that threat actors are actively attempting to exploit the flaw to gain remote code execution capabilities on vulnerable systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-41089-windows-netlogon-vulnerability/
-
Android Zero-Day Vulnerability Actively Exploited in Device Takeover Attacks
Google has disclosed a critical Android zero-day vulnerability that is reportedly being actively exploited in targeted attacks, raising serious concerns about the risk of large-scale device compromise. The issue, tracked as CVE-2025-48595, was highlighted in the Android Security Bulletin for June 2026, released on June 1. Android Zero-Day Vulnerability According to Google, the vulnerability resides…
-
TP-Link Router Security Bug Enables Remote Command Execution Attacks
TP-Link has disclosed a high-severity security flaw in its Archer BE450 and Archer BE7200 Wi”‘Fi routers that could allow remote command execution once an attacker gains admin access. The vulnerability, tracked as CVE-2026-5509, is rated 8.5 (High) under CVSS v4.0, highlighting the serious risk it poses to both home and small-office networks that rely on…
-
AI agents help Cato slash ‘timeprotect’ from new CVEs
The application of agentic AI to vulnerability management workflows has slashed mitigation times in experimental conditions, claims Sase specialist Cato Networks. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643833/AI-agents-help-Cato-slash-time-to-protect-from-new-CVEs
-
Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089)
CVE-2026-41089, a critical Windows Netlogon RCE flaw that allows remote code execution, is now actively exploited in the wild, the Centre for Cybersecurity Belgium (CCB) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/windows-netlogon-rce-exploited-cve-2026-41089/
-
Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks
A critical security vulnerability in a widely used Magento extension is exposing thousands of online stores to remote code execution (RCE) attacks. The vulnerability, tracked as CVE-2026-45247 and rated 9.8 on the CVSS scale, allows attackers to execute arbitrary code on affected servers without authentication. The vulnerability stems from improper handling of user-controlled input within…
-
Critical Plesk Vulnerability Lets Users Execute Server Commands
A newly disclosed critical vulnerability in Plesk is raising serious security concerns after researchers confirmed that low-privileged users can execute arbitrary commands on affected servers. Tracked as CVE-2026-44962, the vulnerability affects Plesk for Linux and is linked to improper input handling in the APS Application Catalog search functionality. The issue was published in the GitHub…
-
CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password
CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create WordPress admin accounts. 2,858 attacks blocked in 24 hours. WP Maps Pro plugin allows WordPress site owners to embed Google Maps and OpenStreetMap with markers, listings, and location search. It’s a store locator tool. Unremarkable. The plugin is installed on over 15,000 websites, according to sale…
-
U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2026-0257 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May…
-
Windows Netlogon 0-Click RCE Vulnerability Under Active Exploitation
Tags: cve, cyber, exploit, microsoft, rce, remote-code-execution, risk, update, vulnerability, windowsMicrosoft’s May 2026 Patch Tuesday release has taken a critical turn after security researchers confirmed that a high-risk Windows Netlogon vulnerability is now being actively exploited in the wild. Tracked as CVE-2026-41089, the vulnerability allows unauthenticated attackers to execute remote code against domain controllers without any user interaction, making it one of the most dangerous…
-
CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers
CVE-2026-0257 lets attackers forge Palo Alto GlobalProtect auth cookies and bypass VPN login. Exploitation confirmed since May 17. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May 13. Two weeks later, cybersecurity firm Rapid7 confirmed active exploitation across multiple customer environments. The flaw impacts the GlobalProtect portal and gateway components of Palo Alto Networks PAN-OS…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io RemotePE: The Lazarus RAT that lives…
-
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/