Vulnerabilities

Skip to content

Tips

Support

Sign In Subscribe

Squidbleed: A 29-Year-Old Heap Over-Read Leaks Cleartext HTTP in Squid (CVE-2026-47729)

Vulnerabilities

Squidbleed: A 29-Year-Old Heap Over-Read Leaks Cleartext HTTP in Squid (CVE-2026-47729)

, and Dark Web Informer

June 24, 2026

Paid Members Public

Vulnerabilities

Pre-Auth RCE in Joomla Content Editor: Profile Import to PHP Execution (CVE-2026-48907)

, and Dark Web Informer

June 17, 2026

Paid Members Public

Critical Oracle PeopleSoft PeopleTools RCE Exposes Enterprise Systems (CVE-2026-35273)

Vulnerabilities

Critical Oracle PeopleSoft PeopleTools RCE Exposes Enterprise Systems (CVE-2026-35273)

, and Dark Web Informer

June 11, 2026

Paid Members Public

SSRF to Root: Unauthenticated File-Write Flaw in Cisco Unified CM (CVE-2026-20230)

Vulnerabilities

SSRF to Root: Unauthenticated File-Write Flaw in Cisco Unified CM (CVE-2026-20230)

, and Dark Web Informer

June 4, 2026

Paid Members Public

Root in One Request: Pre-Auth RCE in Marimo (CVE-2026-39987)

Vulnerabilities

Root in One Request: Pre-Auth RCE in Marimo (CVE-2026-39987)

, and Dark Web Informer

May 29, 2026

Paid Members Public

One Forged Header: Unauthenticated Authentication Bypass in Fortinet FortiClient EMS (CVE-2026-35616)

Vulnerabilities

One Forged Header: Unauthenticated Authentication Bypass in Fortinet FortiClient EMS (CVE-2026-35616)

, and Dark Web Informer

May 28, 2026

Paid Members Public

CVE-2026-48172: Critical LiteSpeed cPanel Plugin Flaw Exploited for Privilege Escalation

Vulnerabilities

CVE-2026-48172: Critical LiteSpeed cPanel Plugin Flaw Exploited for Privilege Escalation

, and Dark Web Informer

May 22, 2026

Paid Members Public

CVE-2026-20182: Critical Cisco SD-WAN Auth Bypass Under Active Exploitation

Vulnerabilities

CVE-2026-20182: Critical Cisco SD-WAN Auth Bypass Under Active Exploitation

, and Dark Web Informer

May 14, 2026

Paid Members Public

Google Threat Intelligence Group Reports First Known AI-Developed Zero-Day Exploit

News

Google Threat Intelligence Group Reports First Known AI-Developed Zero-Day Exploit

, and Dark Web Informer

May 11, 2026

Paid Members Public

Ivanti Warns of New EPMM Zero-Day Exploited Using Credentials Stolen in January Attacks

Vulnerabilities

Ivanti Warns of New EPMM Zero-Day Exploited Using Credentials Stolen in January Attacks

, and Dark Web Informer

May 7, 2026

Paid Members Public

Critical Apache HTTP/2 Double-Free Flaw Enables Denial-of-Service and Potential Remote Code Execution

Vulnerabilities

Critical Apache HTTP/2 Double-Free Flaw Enables Denial-of-Service and Potential Remote Code Execution

, and Dark Web Informer

May 6, 2026

Paid Members Public

Palo Alto Networks Warns of Actively Exploited PAN-OS Zero-Day Granting Root Access

Vulnerabilities

Palo Alto Networks Warns of Actively Exploited PAN-OS Zero-Day Granting Root Access

, and Dark Web Informer

May 6, 2026

Paid Members Public

Weaver E-cology RCE Flaw Actively Exploited via Exposed Debug API

Vulnerabilities

Weaver E-cology RCE Flaw Actively Exploited via Exposed Debug API

, and Dark Web Informer

May 5, 2026

Paid Members Public

CVE-2026-0073: Zero-Click RCE Flaw in Android's Wireless ADB Bypasses Authentication

Vulnerabilities

CVE-2026-0073: Zero-Click RCE Flaw in Android's Wireless ADB Bypasses Authentication

, and Dark Web Informer

May 5, 2026

Paid Members Public

CVE-2026-34197: 13-Year-Old Apache ActiveMQ RCE via Jolokia API Surfaces for In-the-Wild Attacks

Vulnerabilities

CVE-2026-34197: 13-Year-Old Apache ActiveMQ RCE via Jolokia API Surfaces for In-the-Wild Attacks

, and Dark Web Informer

April 17, 2026

Paid Members Public

Vulnerabilities

CVE-2026-34621: Adobe Acrobat Reader Prototype Pollution Zero-Day Enables Code Execution via Malicious PDFs

, and Dark Web Informer

April 13, 2026

Paid Members Public