Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...
Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and access any repositories (including private ones). This argument injection ...
Nightmare Eclipse Zero-Days: Three zero-day vulnerabilities disclosed by Nightmare Eclipse, complete with exploit code, were ...
The popular product lifecycle management platform is under active exploitation for an RCE vulnerability that could put ...
The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified ...
Actively exploited CVE-2026-5027 lets attackers write files to arbitrary locations on vulnerable Langflow servers, creating a path to remote code execution and full system compromise.
A critical vulnerability in the Everest Forms Pro plugin for WordPress has been actively exploited to hijack vulnerable websites. According to new analysis from WordPress security firm Wordfence, the ...
Read how Microsoft Security has advanced its agentic vulnerability detection system, codename MDASH, integrating into ...
What happened Threat actors are actively exploiting an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, which is installed on more than 100,000 WordPress ...
PixelSmash is a vulnerability in the FFmpeg framework that can be exploited via crafted media files for remote code execution ...
Microsoft has acknowledged the RoguePlanet zero-day exploit and is working on a high-quality patch to resolve the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results