Vulnerabilities

Critical Unpatched Telnetd Vulnerability CVE 2026 32746 Allows Unauthenticated Root RCE

Cybersecurity experts have revealed a serious security weakness affecting the Telnet service implementation in GNU InetUtils. The vulnerability could allow a remote attacker to execute malicious code on vulnerable systems without authentication. The issue has been assigned the identifier CVE-2026-32746 and has received a CVSS severity score of 9.8, indicating a critical level of risk. […]

Critical Unpatched Telnetd Vulnerability CVE 2026 32746 Allows Unauthenticated Root RCE Read More »

Security Flaws in Amazon Bedrock, LangSmith, and SGLang Could Allow Data Exfiltration and Remote Code Execution

Cybersecurity researchers have uncovered multiple security weaknesses in several artificial intelligence platforms that could allow attackers to steal sensitive data or execute malicious commands. The issues affect services associated with Amazon, LangSmith, and SGLang. According to recent research, attackers can exploit these weaknesses to extract confidential information, hijack accounts, and potentially gain remote code execution

Security Flaws in Amazon Bedrock, LangSmith, and SGLang Could Allow Data Exfiltration and Remote Code Execution Read More »

CISA Warns of Actively Exploited Wing FTP Vulnerability Exposing Server Paths

The U.S. Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency, has added a newly identified vulnerability in Wing FTP Server to its Known Exploited Vulnerabilities (KEV) catalog after confirming that the flaw is being actively abused by attackers. The issue, tracked as CVE-2025-47813 with a CVSS score of 4.3, allows attackers to obtain

CISA Warns of Actively Exploited Wing FTP Vulnerability Exposing Server Paths Read More »

Linux-AppArmor

Nine CrackArmor Vulnerabilities in Linux AppArmor Allow Root Privilege Escalation and Container Isolation Bypass

Cybersecurity researchers have uncovered a group of critical security weaknesses in the Linux kernel’s AppArmor Linux security module that could allow attackers with limited privileges to bypass system protections, gain root access, and weaken container isolation mechanisms. The collection of nine vulnerabilities has been collectively named CrackArmor vulnerabilities by the Qualys Threat Research Unit (TRU).

Nine CrackArmor Vulnerabilities in Linux AppArmor Allow Root Privilege Escalation and Container Isolation Bypass Read More »

CISA Warns of Actively Exploited n8n RCE Vulnerability as 24,700 Instances Remain Exposed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the n8n workflow automation platform to its Known Exploited Vulnerabilities (KEV) catalog, confirming that the flaw is currently being exploited in real world attacks. The vulnerability, tracked as CVE-2025-68613 with a CVSS score of 9.9, allows attackers to execute remote code

CISA Warns of Actively Exploited n8n RCE Vulnerability as 24,700 Instances Remain Exposed Read More »

Critical n8n Vulnerabilities Enable Remote Code Execution and Exposure of Stored Credentials

Cybersecurity researchers have revealed details about multiple serious vulnerabilities in the n8n workflow automation platform, including two critical flaws that could allow attackers to execute arbitrary commands on affected systems. The vulnerabilities have already been patched, but security experts warn that systems running older versions may remain vulnerable. Key Vulnerabilities Identified Researchers identified two major security

Critical n8n Vulnerabilities Enable Remote Code Execution and Exposure of Stored Credentials Read More »

Microsoft Patches 84

Microsoft Fixes 84 Security Flaws in March Patch Tuesday, Including Two Public Zero Days

Microsoft has rolled out security updates addressing 84 new vulnerabilities across multiple software components, with two of them publicly disclosed. Of these vulnerabilities, eight are classified as Critical and 76 as Important. Most patches (46) relate to privilege escalation, followed by 18 remote code execution flaws, 10 information disclosure issues, four spoofing weaknesses, four denial-of-service

Microsoft Fixes 84 Security Flaws in March Patch Tuesday, Including Two Public Zero Days Read More »

Looker Studio

New “LeakyLooker” Vulnerabilities in Google Looker Studio May Allow Cross Tenant SQL Queries

Cybersecurity researchers have uncovered a group of security vulnerabilities in Google Looker Studio that could have enabled attackers to run unauthorized SQL queries against victims’ databases and extract sensitive information across different organizations. The flaws, collectively named LeakyLooker, were identified by researchers from Tenable. The vulnerabilities could have exposed data across multiple environments within Google Cloud infrastructures. Google has confirmed that

New “LeakyLooker” Vulnerabilities in Google Looker Studio May Allow Cross Tenant SQL Queries Read More »

CISA Known Exploited Vulnerabilities Catalog logo

CISA Warns of Actively Exploited Vulnerabilities in SolarWinds, Ivanti, and Workspace One

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added three newly identified security vulnerabilities affecting SolarWinds, Ivanti, and Omnissa products to its Known Exploited Vulnerabilities (KEV) catalog after confirming that attackers are actively exploiting them. The KEV catalog is maintained by CISA to highlight vulnerabilities that are currently being used in real world cyber attacks, allowing organizations to prioritize patching

CISA Warns of Actively Exploited Vulnerabilities in SolarWinds, Ivanti, and Workspace One Read More »

Hikvision

CISA Adds Critical Hikvision and Rockwell Automation CVSS 9.8 Vulnerabilities to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency has added two high severity vulnerabilities affecting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog after confirming evidence that the flaws are being actively exploited. Both vulnerabilities carry a CVSS score of 9.8, indicating a critical level of risk for affected systems. Vulnerability Affecting Hikvision Devices The first vulnerability, tracked as CVE-2017-7921,

CISA Adds Critical Hikvision and Rockwell Automation CVSS 9.8 Vulnerabilities to KEV Catalog Read More »