Vulnerabilities

Skip to content

Support

Sign In Subscribe

SSRF to Root: Unauthenticated File-Write Flaw in Cisco Unified CM (CVE-2026-20230)

Vulnerabilities

SSRF to Root: Unauthenticated File-Write Flaw in Cisco Unified CM (CVE-2026-20230)

, and Dark Web Informer

June 4, 2026

Paid Members Public

Root in One Request: Pre-Auth RCE in Marimo (CVE-2026-39987)

Vulnerabilities

Root in One Request: Pre-Auth RCE in Marimo (CVE-2026-39987)

, and Dark Web Informer

May 29, 2026

Paid Members Public

One Forged Header: Unauthenticated Authentication Bypass in Fortinet FortiClient EMS (CVE-2026-35616)

Vulnerabilities

One Forged Header: Unauthenticated Authentication Bypass in Fortinet FortiClient EMS (CVE-2026-35616)

, and Dark Web Informer

May 28, 2026

Paid Members Public

CVE-2026-48172: Critical LiteSpeed cPanel Plugin Flaw Exploited for Privilege Escalation

Vulnerabilities

CVE-2026-48172: Critical LiteSpeed cPanel Plugin Flaw Exploited for Privilege Escalation

, and Dark Web Informer

May 22, 2026

Paid Members Public

CVE-2026-20182: Critical Cisco SD-WAN Auth Bypass Under Active Exploitation

Vulnerabilities

CVE-2026-20182: Critical Cisco SD-WAN Auth Bypass Under Active Exploitation

, and Dark Web Informer

May 14, 2026

Paid Members Public

Google Threat Intelligence Group Reports First Known AI-Developed Zero-Day Exploit

News

Google Threat Intelligence Group Reports First Known AI-Developed Zero-Day Exploit

, and Dark Web Informer

May 11, 2026

Paid Members Public

Ivanti Warns of New EPMM Zero-Day Exploited Using Credentials Stolen in January Attacks

Vulnerabilities

Ivanti Warns of New EPMM Zero-Day Exploited Using Credentials Stolen in January Attacks

, and Dark Web Informer

May 7, 2026

Paid Members Public

Critical Apache HTTP/2 Double-Free Flaw Enables Denial-of-Service and Potential Remote Code Execution

Vulnerabilities

Critical Apache HTTP/2 Double-Free Flaw Enables Denial-of-Service and Potential Remote Code Execution

, and Dark Web Informer

May 6, 2026

Paid Members Public

Palo Alto Networks Warns of Actively Exploited PAN-OS Zero-Day Granting Root Access

Vulnerabilities

Palo Alto Networks Warns of Actively Exploited PAN-OS Zero-Day Granting Root Access

, and Dark Web Informer

May 6, 2026

Paid Members Public

Weaver E-cology RCE Flaw Actively Exploited via Exposed Debug API

Vulnerabilities

Weaver E-cology RCE Flaw Actively Exploited via Exposed Debug API

, and Dark Web Informer

May 5, 2026

Paid Members Public

CVE-2026-0073: Zero-Click RCE Flaw in Android's Wireless ADB Bypasses Authentication

Vulnerabilities

CVE-2026-0073: Zero-Click RCE Flaw in Android's Wireless ADB Bypasses Authentication

, and Dark Web Informer

May 5, 2026

Paid Members Public

CVE-2026-34197: 13-Year-Old Apache ActiveMQ RCE via Jolokia API Surfaces for In-the-Wild Attacks

Vulnerabilities

CVE-2026-34197: 13-Year-Old Apache ActiveMQ RCE via Jolokia API Surfaces for In-the-Wild Attacks

, and Dark Web Informer

April 17, 2026

Paid Members Public

Vulnerabilities

CVE-2026-34621: Adobe Acrobat Reader Prototype Pollution Zero-Day Enables Code Execution via Malicious PDFs

, and Dark Web Informer

April 13, 2026

Paid Members Public

CVE-2026-35616: FortiClient EMS Pre-Auth API Bypass Under Active Exploitation

Vulnerabilities

CVE-2026-35616: FortiClient EMS Pre-Auth API Bypass Under Active Exploitation

, and Dark Web Informer

April 6, 2026

Paid Members Public

CVE-2026-3775: DLL Hijacking in Foxit PDF Editor/Reader Update Service

Vulnerabilities

CVE-2026-3775: DLL Hijacking in Foxit PDF Editor/Reader Update Service

, and Dark Web Informer

April 2, 2026

Paid Members Public

Chrome Zero-Day CVE-2026-5281: A Use-After-Free in Dawn's WebGPU Layer

Vulnerabilities

Chrome Zero-Day CVE-2026-5281: A Use-After-Free in Dawn's WebGPU Layer

, and Dark Web Informer

April 1, 2026

Paid Members Public