Tag: cve
-
CISA Issues Warning on Critical Ivanti EPMM Flaw Exploited in Ongoing Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, endpoint, exploit, flaw, infrastructure, ivanti, kev, mobile, threat, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The agency recently added the vulnerability, identified as CVE-2026-1340, to its Known Exploited Vulnerabilities (KEV) catalog after confirming that threat actors are actively exploiting it in real-world attacks. Critical Ivanti EPMM Flaw…
-
Palo Alto Cortex XSOAR Flaw in Microsoft Teams Integration Lets Attackers Access Data
Palo Alto Networks has released a high-priority security update to address a serious vulnerability in its Cortex XSOAR and Cortex XSIAM platforms. Tracked as CVE-2026-0234, this security flaw exists within the Microsoft Teams integration. If successfully exploited, it allows an unauthenticated attacker to access and modify protected resources, prompting the vendor to assign the patch…
-
CVE-2026-25769: Critical Remote Code Execution in Wazuh via Unsafe Deserialization
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cve-2026-25769-critical-remote-code-execution-in-wazuh-via-unsafe-deserialization
-
CVE-2026-25769: Critical Remote Code Execution in Wazuh via Unsafe Deserialization
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cve-2026-25769-critical-remote-code-execution-in-wazuh-via-unsafe-deserialization
-
Hackers exploit a critical Flowise flaw affecting thousands of AI workflows
Tags: access, ai, authentication, container, cve, data, data-breach, docker, exploit, flaw, hacker, injection, intelligence, linkedin, network, update, vulnerabilityHackers exploit unpatched instances: While a patch has been available for months, a recent VulnCheck finding places the first in-the-wild exploitation on April 6. Caitlin Condon, VP of Security Research at the vulnerability intelligence company, warned of the abuse through a LinkedIn post.”Early this morning, VulnCheck’s Canary network began detecting first-time exploitation of CVE-2025-59528, an…
-
Multiple OpenSSL Flaws Expose Sensitive Data in RSA KEM Handling
A newly disclosed flaw in OpenSSL could allow attackers to access sensitive data stored in application memory. Tracked as CVE-2026-31790, this moderate-severity vulnerability affects the handling of RSA Key Encapsulation Mechanism (KEM) RSASVE encapsulation. OpenSSL issued the security advisory on April 7, 2026, urging users to apply patches immediately. The core issue revolves around improper…
-
Docker Authorization Bypass Flaw Exposed Hosts to Potential Attackers
A high-severity security vulnerability has been discovered in Docker Engine, exposing hosts to potential authorization bypass attacks. Tracked as CVE-2026-34040, the flaw allows attackers to evade authorization plugins (AuthZ) by manipulating API request bodies. While the base likelihood of exploitation remains low, the vulnerability carries a >>High<< severity rating. It specifically impacts environments relying on…
-
Claude Identifies Critical 13-Year-Old RCE Vulnerability in Apache ActiveMQ
An AI assistant recently uncovered a critical remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that went unnoticed for 13 years. Tracked as CVE-2026-34197, this flaw allows attackers to force the message broker to download a remote configuration file and execute arbitrary operating system commands. While exploiting this typically requires administrator credentials, a separate…
-
Claude Identifies Critical 13-Year-Old RCE Vulnerability in Apache ActiveMQ
An AI assistant recently uncovered a critical remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that went unnoticed for 13 years. Tracked as CVE-2026-34197, this flaw allows attackers to force the message broker to download a remote configuration file and execute arbitrary operating system commands. While exploiting this typically requires administrator credentials, a separate…
-
OpenSSL 3.6.2 lands with eight CVE fixes
Tags: cveOpenSSL 3.6.2 patches eight CVEs across a range of components. The project rates the most severe issue in the release as Moderate. What got fixed The release fixes incorrect … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/08/openssl-3-6-2-security-patch/
-
Claude Identifies Critical 13-Year-Old RCE Vulnerability in Apache ActiveMQ
An AI assistant recently uncovered a critical remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that went unnoticed for 13 years. Tracked as CVE-2026-34197, this flaw allows attackers to force the message broker to download a remote configuration file and execute arbitrary operating system commands. While exploiting this typically requires administrator credentials, a separate…
-
Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution
Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to poor validation of user-supplied JavaScript. Attackers are actively exploiting a critical vulnerability in Flowise, tracked as CVE-2025-59528, that allows remote code execution and file system access. The flaw stems from improper validation…
-
Max severity Flowise RCE vulnerability now exploited in attacks
Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/max-severity-flowise-rce-vulnerability-now-exploited-in-attacks/
-
Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins (AuthZ) under specific circumstances.The vulnerability, tracked as CVE-2026-34040 (CVSS score: 8.8), stems from an incomplete fix for CVE-2024-41110, a maximum-severity vulnerability in the same component that came to light in July 2024.” First seen on thehackernews.com…
-
U.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Fortinet FortiClient EMS, tracked as CVE-2026-35616 (CVSS score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Fortinet released out-of-band patches for a…
-
Attackers Exploit Flowise Injection Vulnerability as 15,000+ Instances Remain Exposed
Tags: ai, control, cve, cvss, cyber, data-breach, exploit, flaw, injection, malicious, open-source, vulnerabilityA critical security flaw in Flowise, a popular open-source AI development platform, is currently being exploited in the wild. Tracked as CVE-2025-59528, this code injection vulnerability carries a maximum CVSS score of 10.0. It allows remote attackers to execute malicious code and take complete control of affected servers. Security researchers warn that up to 15,000…
-
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Tags: ai, cve, cvss, data-breach, exploit, flaw, injection, intelligence, open-source, rce, remote-code-execution, threat, vulnerabilityThreat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck.The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution.”The CustomMCP node allows users to input configuration settings for connecting First seen on thehackernews.com…
-
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Tags: ai, cve, cvss, data-breach, exploit, flaw, injection, intelligence, open-source, rce, remote-code-execution, threat, vulnerabilityThreat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck.The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution.”The CustomMCP node allows users to input configuration settings for connecting First seen on thehackernews.com…
-
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Tags: ai, cve, cvss, data-breach, exploit, flaw, injection, intelligence, open-source, rce, remote-code-execution, threat, vulnerabilityThreat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck.The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution.”The CustomMCP node allows users to input configuration settings for connecting First seen on thehackernews.com…
-
50,000 WordPress Sites Running Ninja Forms Vulnerable to Critical File Upload RCE
A severe security flaw has been discovered in the Ninja Forms File Upload plugin, a widely utilized WordPress add-on that allows website administrators to accept documents, images, and other media from their visitors. Tracked officially as CVE-2026-0740, this unauthenticated arbitrary file upload vulnerability carries a maximum critical CVSS score of 9.8. With an estimated 50,000…
-
EUVD-2025-19028 / CVE-2025-32975 Systemen durch fehlerhafte Authentifizierung
First seen on security-insider.de Jump to article: www.security-insider.de/quest-kace-sma-sso-bypass-cve-2025-32975-a-3e134eb9c0be68627d4f21d056129e9f/
-
Fortinet Issues Emergency Patch for FortiClient Zero-Day
The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/fortinet-emergency-patch-forticlient-zero-day
-
Fortinet Issues Emergency Patch for FortiClient Zero-Day
The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/fortinet-emergency-patch-forticlient-zero-day
-
CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild
Exploitation has been observed for CVE-2026-35616, a critical improper access control zero-day vulnerability affecting Fortinet FortiClientEMS devices. Key takeaways: CVE-2026-35616, an improper access control vulnerability, has been exploited in the wild as a zero-day. Public exploit code has been identified and Fortinet products have a long history of targeting by malicious actors. Hotfixes have been…
-
CVE-2026-35616: FortiClient EMS Flaw Under Active Exploitation
A critical FortiClient EMS vulnerability (CVE-2026-35616) is under active exploitation, allowing unauthenticated attackers to bypass API protections. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cve-2026-35616-forticlient-ems-flaw-under-active-exploitation/
-
Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed
Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000 F5 BIG-IP APM instances remain exposed online, with attackers actively exploiting the critical remote code execution vulnerability CVE-2025-53521 (CVSS ver. 3.1 score of 9.8), the nonprofit security organization Shadowserver warns. The vulnerability in BIG-IP…
-
6 ways attackers abuse AI services to hack your business
Tags: ai, api, attack, backdoor, breach, business, ceo, china, control, cve, cyber, cybercrime, cybersecurity, data, email, espionage, exploit, framework, group, hacking, injection, leak, LLM, malicious, malware, marketplace, microsoft, monitoring, open-source, openai, service, skills, software, startup, supply-chain, threat, tool, vulnerabilityAbusing AI platforms as covert C2 channels: Cybercriminals are also abusing AI platforms as covert command-and-control (C2) channels by turning AI services into proxies that hide malicious traffic inside the flow of legitimate content.Instead of running a dedicated C2 server, malware is programmed to fetch commands and exfiltrate data through AI services, circumventing traditional security…
-
Critical Dgraph Database Flaw Allowed Attackers to Bypass Authentication
A newly discovered critical vulnerability in the open-source Dgraph database system leaves servers exposed to complete system takeovers. Tracked as CVE-2026-34976 and carrying a maximum CVSS score of 10.0, this missing authorization flaw allows remote, unauthenticated attackers to overwrite databases, read sensitive server files, and launch Server-Side Request Forgery (SSRF) attacks. Currently, all Dgraph versions…
-
CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw
Fortinet issued emergency patches for a critical FortiClient EMS flaw (CVE-2026-35616) actively exploited in the wild. Fortinet released out-of-band patches for a critical FortiClient EMS vulnerability, tracked as CVE-2026-35616 (CVSS 9.1), which is already being exploited in attacks in the wild. The flaw is an improper access control issue that allows attackers to bypass authentication…
-
2,000+ FortiClient EMS Instances Exposed Online as Attackers Exploit Active RCE Flaw
Tags: control, cve, cyber, cybersecurity, data-breach, exploit, flaw, fortinet, rce, remote-code-execution, threat, tool, vulnerabilityCybersecurity researchers have issued an urgent warning for organizations using Fortinet’s FortiClient Enterprise Management Server (EMS). Over 2,000 instances of this critical administrative tool are currently exposed to the public internet. Threat actors are actively exploiting severe vulnerabilities to take full control of these systems. These security gaps are tracked as CVE-2026-35616, which is a…