Articles tagged "CVE"

Found 342 articles

Google has addressed 21 vulnerabilities in its Chrome browser, including a serious zero-day flaw identified as CVE-2026-5281. This vulnerability is categorized as a use-after-free (UAF) issue in Dawn, which is part of the WebGPU standard utilized by Chromium and its derivatives. While specific details about the exploitation of this flaw are scarce, the fact that it has been flagged as 'in-the-wild' suggests that attackers are actively using it. Users of Chrome and other Chromium-based browsers should ensure they are running the latest versions to protect themselves from potential attacks. Keeping browsers updated is crucial because such vulnerabilities can lead to unauthorized access or other malicious activities.

Read Original
Actively Exploited

Researchers from Defused have reported ongoing attacks exploiting a serious SQL injection vulnerability in Fortinet's FortiClient EMS, identified as CVE-2026-21643. These intrusions have been active since March 24, raising concerns for organizations using this software. SQL injection vulnerabilities allow attackers to manipulate database queries, potentially leading to unauthorized access and data breaches. Companies utilizing FortiClient EMS are urged to take immediate action to protect their systems and data from these exploits. The situation emphasizes the need for regular security updates and vigilance against emerging threats.

Read Original

A significant security vulnerability in TrueConf, a video conferencing software, has been actively exploited in attacks on government networks in Southeast Asia. This vulnerability, identified as CVE-2026-3502, has a CVSS score of 7.8, indicating its severity. The flaw stems from a lack of integrity checks when updating the application, which allows attackers to deliver malicious updates to users. The campaign, named TrueChaos, is specifically targeting government entities, making it a serious concern given the sensitive nature of the information handled by these organizations. Immediate action is necessary to protect affected systems from further exploitation.

Read Original
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse

Blog

A recently discovered vulnerability, identified as CVE-2026-20929, involves a Kerberos authentication relay attack that exploits CNAME records. This vulnerability can allow attackers to impersonate legitimate users and gain unauthorized access to sensitive systems. Organizations using Kerberos for authentication, particularly those with complex DNS configurations, are at risk. The implications are serious, as successful exploitation could lead to data breaches or unauthorized actions within an organization's network. Cybersecurity teams need to assess their systems for this vulnerability and take appropriate measures to secure their environments against potential attacks.

Read Original

A previously reported vulnerability in Fortinet's BIG-IP product, identified as CVE-2025-53521, has been reclassified from a denial-of-service (DoS) flaw to a remote code execution (RCE) vulnerability. This change indicates that the bug poses a much greater risk, allowing attackers to potentially execute arbitrary code on affected systems. Initially disclosed in October, this vulnerability is now known to be actively exploited, increasing the urgency for users to take action. Organizations using Fortinet BIG-IP devices should be especially vigilant, as this issue may compromise the security of their networks. Users are advised to implement necessary patches and monitor for unusual activity to safeguard their systems.

Read Original

A vulnerability in F5's BIG-IP software, initially categorized as a denial-of-service (DoS) issue, has been reclassified as a remote code execution (RCE) threat. This change comes after new findings revealed that attackers could exploit the flaw to execute arbitrary code on affected systems. Organizations using BIG-IP are at risk, as the vulnerability could allow unauthorized access and control over their systems. The reclassification raises concerns about the potential for severe exploitation, especially since the flaw is reportedly being actively targeted by attackers. Companies using F5 BIG-IP should take immediate action to protect their systems.

Read Original

A serious SQL injection vulnerability, tracked as CVE-2026-21643, has been discovered in Fortinet's FortiClient Endpoint Management Server (EMS), which manages FortiClient endpoint agents across multiple platforms. This vulnerability is currently being actively exploited, as reported by Defused Cyber, a firm that specializes in threat intelligence. Although it has not yet been listed on CISA’s Known Exploited Vulnerabilities (KEV) list, the ongoing attacks pose significant risks to organizations using FortiClient EMS. Companies should take immediate action to assess their systems and implement necessary security measures to safeguard against potential breaches. The situation emphasizes the need for vigilance in monitoring and securing endpoint management solutions.

Read Original
Actively Exploited

Researchers from watchTowr and Defused have discovered that attackers are exploiting CVE-2026-3055, a serious vulnerability affecting Citrix NetScaler. This flaw allows unauthorized access to systems that utilize the NetScaler product, which is commonly used for application delivery and load balancing. Organizations using NetScaler are at risk, as the vulnerability is currently being actively targeted in the wild. Companies should be aware of this threat and take immediate action to protect their systems, as the consequences of exploitation could lead to significant data breaches and operational disruptions. It's crucial for affected users to stay informed and apply any available patches as soon as possible.

Read Original

A serious vulnerability in Fortinet's FortiClient EMS platform, identified as CVE-2026-21643, is currently being exploited by attackers. This flaw, which has a CVSS score of 9.1, allows for remote code execution through SQL injection. Researchers from Defused have reported active exploitation of this vulnerability, posing significant risks to organizations using FortiClient EMS. Companies are urged to take immediate action to protect their systems, as the potential for unauthorized access and control could lead to severe consequences. It is essential for affected users to stay informed and apply any available patches promptly to mitigate the risks associated with this flaw.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a serious vulnerability in the Langflow framework, designated as CVE-2026-33017. This flaw allows attackers to hijack AI workflows, potentially leading to unauthorized access and manipulation of AI systems. Organizations using Langflow should be particularly vigilant as the vulnerability is currently being exploited in the wild. This situation poses significant risks not only to the integrity of AI applications but also to the security of the data they handle. Immediate action is recommended to mitigate risks associated with this vulnerability.

Read Original

Researchers at Georgia Tech have reported a notable increase in vulnerabilities linked to AI-generated code, specifically through newly documented Common Vulnerabilities and Exposures (CVEs). The study indicates that flaws introduced by AI tools are becoming more common, raising concerns about the safety and reliability of software created with these technologies. This trend suggests that as companies increasingly rely on AI for coding, they may inadvertently be introducing security risks. The findings highlight the need for developers and organizations to be cautious when using AI-generated code and to implement thorough testing and validation processes to mitigate potential vulnerabilities. As this issue evolves, it could have significant implications for software security across various sectors.

Read Original
Actively Exploited

Kaspersky's GReAT team has identified a new exploit kit called Coruna, which specifically targets iPhones. This kit utilizes kernel exploits associated with two vulnerabilities, CVE-2023-32434 and CVE-2023-38606, and is an updated version of techniques used in Operation Triangulation. The existence of these exploits poses significant risks to iPhone users, as they could potentially allow attackers to gain unauthorized access to sensitive data or control over the devices. Users should be aware of these vulnerabilities and take steps to secure their devices against exploitation. The findings emphasize the need for continuous vigilance in mobile security as attackers evolve their methods.

Read Original

TP-Link has addressed a significant security vulnerability in its Archer NX router series, identified as CVE-2025-15517, which has a CVSS score of 8.6. This flaw allows attackers to bypass authentication measures, potentially enabling them to install malicious firmware on affected devices. The vulnerability affects several models, including the Archer NX200, NX210, and NX500, among others. Users of these routers are urged to update their firmware promptly to protect against potential exploits. This incident is particularly concerning as it highlights the risks associated with consumer-grade networking equipment, which often lacks robust security measures.

Read Original

Oracle has issued an emergency patch for a serious vulnerability, identified as CVE-2026-21992, affecting Oracle Identity Manager and Oracle Web Services Manager. This flaw allows attackers to exploit a missing authentication feature, potentially leading to remote code execution without prior authentication. While Oracle hasn't confirmed if this vulnerability has been actively exploited in the wild, they are urging all customers to apply the updates or implement alternative mitigations immediately. The lack of authentication for such a critical function poses significant risks for organizations using these services, emphasizing the need for prompt action to safeguard their systems.

+1 more
Read Original
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

The Hacker News

Actively Exploited

Researchers have identified a serious security vulnerability, CVE-2025-32975, affecting the Quest KACE Systems Management Appliance (SMA). This flaw has a maximum severity rating of 10.0 and is being actively exploited by attackers who are targeting unpatched systems exposed to the internet. Malicious activity linked to this vulnerability was first observed during the week of March 9, 2026, according to Arctic Wolf. Organizations using KACE SMA need to take immediate action to protect their systems, as this could lead to unauthorized access and potential data breaches. It’s crucial for users to ensure their systems are updated to mitigate this risk.

Read Original
PreviousPage 14 of 23Next