Articles tagged "CVE"

Found 342 articles

Oracle has issued an emergency patch for a serious vulnerability in its Identity Manager software, identified as CVE-2026-21992. This flaw allows attackers to execute remote code without needing any authentication, raising concerns that it may already be exploited in the wild. This vulnerability poses a significant risk, especially for organizations using Oracle Identity Manager, as it could allow unauthorized access to sensitive systems and data. Users and companies relying on this software are urged to apply the patch promptly to safeguard against potential exploitation. The situation emphasizes the ongoing need for vigilance in software security and timely updates.

Read Original

A recent vulnerability identified as CVE-2025-32975 may have been exploited in attacks targeting the education sector. This flaw affects Critical Quest's KACE systems, which are commonly used for IT management and endpoint security. The potential exploitation raises concerns about the security of sensitive data within educational institutions. As attackers increasingly focus on this sector, it is crucial for organizations to assess their systems and ensure they are protected against such vulnerabilities. Institutions that use KACE products should be particularly vigilant and consider implementing protective measures immediately.

Read Original
Actively Exploited

A newly discovered vulnerability, identified as CVE-2026-33017, poses a serious risk by allowing unauthenticated attackers to run arbitrary Python code on vulnerable servers. This flaw was reportedly exploited within 20 hours of its disclosure, raising concerns among cybersecurity experts. Organizations that use systems affected by this vulnerability need to act swiftly to secure their environments. The ability for attackers to execute arbitrary code can lead to severe data breaches and system compromises, making it crucial for affected users to understand their risk and take appropriate measures. As of now, details on specific systems or versions impacted have not been disclosed, leaving many organizations potentially vulnerable.

Read Original

Ubiquiti has released patches to address a critical vulnerability in its UniFi Network application, specifically affecting versions 10.1.85 and earlier. The vulnerability, tracked as CVE-2026-22557, poses significant risks to users who have not yet updated their software. This flaw could potentially allow attackers to exploit the system, compromising network security. Users of the affected versions are strongly advised to update to the latest version to safeguard their networks. The urgency of this patch highlights the ongoing need for regular software updates to protect against evolving threats.

Read Original

Oracle has issued an emergency security update to address a serious vulnerability in its Identity Manager and Web Services Manager products, identified as CVE-2026-21992. This flaw allows attackers to execute remote code without needing any authentication, which poses a significant risk to organizations using these systems. The vulnerability could potentially be exploited to gain unauthorized access and control over sensitive information. Users of Oracle's Identity Manager and Web Services Manager should prioritize applying the update to protect their systems from potential attacks. This incident underscores the ongoing need for vigilance in software security, particularly with products that manage identity and access controls.

Read Original
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

The Hacker News

Actively Exploited

A severe security vulnerability in Langflow, identified as CVE-2026-33017, has been actively exploited just 20 hours after being disclosed. This flaw, which has a CVSS score of 9.3, is due to missing authentication combined with a code injection issue that could allow attackers to execute arbitrary code remotely. Organizations using Langflow are at risk, as the fast exploitation of such vulnerabilities underscores the need for immediate action. Users and administrators should prioritize addressing this flaw to protect their systems from potential attacks. The rapid responses from malicious actors highlight the urgency for security teams to stay vigilant and proactive against new threats.

Read Original
Actively Exploited

Researchers at Sysdig have reported that hackers successfully exploited a significant vulnerability in Langflow, identified as a CVE, in under 20 hours. This rapid exploitation underscores the urgency for users and companies utilizing Langflow to act quickly. The vulnerability could allow attackers to gain unauthorized access or control, posing serious risks to data security. As the threat remains active, organizations relying on this software must prioritize patching and securing their systems to mitigate potential damage. The situation serves as a reminder of the importance of timely updates and vigilance in cybersecurity practices.

Read Original

ConnectWise has addressed a significant vulnerability (CVE-2026-3564) in its ScreenConnect remote access platform, which is widely used by managed service providers and IT departments. This flaw allows attackers to potentially hijack remote sessions by misusing ASP.NET machine keys to create forged authentication tokens. The vulnerability arises from inadequate verification of cryptographic signatures, making it possible for hackers to exploit the issue remotely. Organizations that utilize ScreenConnect, whether in cloud-hosted or on-premise configurations, need to prioritize applying the available patches to safeguard their systems. Failure to address this vulnerability could lead to unauthorized access to sensitive information and operations.

Read Original

The Interlock ransomware group has been exploiting a severe zero-day vulnerability in Cisco Secure Firewall Management Center software, identified as CVE-2026-20131, since January 26, prior to its public disclosure. This vulnerability allows for insecure deserialization, which can lead to unauthorized access and potential takeover of affected systems. Organizations using Cisco's Secure Firewall Management Center should be particularly vigilant, as the attacks have been ongoing for over a month, posing a significant risk to network security. The situation emphasizes the urgent need for timely security updates and monitoring to protect against such exploitation.

Read Original

A Russian advanced persistent threat (APT) group has been exploiting a critical cross-site scripting (XSS) vulnerability in Zimbra, identified as CVE-2025-66376, with a severity score of 7.2. The attackers are sending HTML emails that contain insufficiently sanitized scripts, which execute when opened by users. This campaign specifically targets individuals in Ukraine, highlighting the ongoing cyber conflict in the region. The exploitation of this vulnerability could allow attackers to compromise user accounts and access sensitive information. Organizations using Zimbra should be particularly vigilant and take immediate action to secure their systems.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about active exploitation of a recently patched vulnerability in SharePoint, identified as CVE-2026-20963. This remote code execution flaw allows attackers to run malicious code on affected systems, posing a significant risk to organizations using the software. Microsoft released a patch for this vulnerability back in January, but the discovery of in-the-wild exploitation suggests that some users may not have applied the update. Organizations using SharePoint should prioritize implementing the latest security updates to protect against potential breaches. Failing to address this vulnerability could lead to unauthorized access and data compromise, making it crucial for companies to stay vigilant and proactive in their cybersecurity practices.

Read Original

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has alerted government agencies about two significant security vulnerabilities affecting the Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint. Both flaws, identified as CVE-2025-66376 and another not specified in the article, have been found to be actively exploited by attackers. The CVE-2025-66376 vulnerability has a CVSS score of 7.2, indicating a moderate to high risk. Organizations using these platforms are urged to apply the necessary patches to protect against potential attacks. The exploitation of these vulnerabilities underscores the need for timely updates and vigilance in cybersecurity practices, especially for government entities.

Read Original

A significant vulnerability in Cisco's Catalyst SD-WAN, identified as CVE-2026-20133, poses a serious risk that some organizations may be overlooking. Cybersecurity experts have expressed concern that security teams are focusing their attention on another vulnerability, CVE-2026-20127, which is a zero-day exploit. This could lead to a dangerous situation where the high-severity flaw is not addressed, leaving systems vulnerable to potential attacks. Organizations using Cisco SD-WAN products should be aware of this oversight, as failing to remediate the CVE-2026-20133 vulnerability could expose critical data and systems to exploitation. The urgency of addressing this issue cannot be overstated, especially as cyber threats continue to evolve rapidly.

Read Original
Actively Exploited

Amazon Threat Intelligence has issued a warning regarding an active ransomware campaign known as Interlock, which is exploiting a significant vulnerability in Cisco's Secure Firewall Management Center (FMC) Software. This vulnerability, identified as CVE-2026-20131, has a maximum severity score of 10.0 and stems from an insecure deserialization of user-supplied Java byte streams. This flaw could allow attackers to gain root access without authentication, posing a serious risk to organizations using affected Cisco products. The exploitation of this vulnerability is concerning as it enables unauthorized access, potentially leading to data breaches and system compromises. Companies using Cisco FMC Software must take immediate action to protect their systems from this ongoing threat.

Read Original

A new vulnerability identified as CVE-2026-3888 has been discovered in Ubuntu's snap package management system, allowing local users to escalate their privileges to root access through a timing-based exploit. This flaw poses a significant risk particularly for multi-user environments, as any local user could potentially gain complete control over the affected system. Ubuntu has not specified which versions are impacted, but users running the snap package system should be aware of this vulnerability. The implications of this flaw are serious, as it could enable attackers to manipulate system settings, install malicious software, or access sensitive information. Users are advised to monitor for updates from Ubuntu and apply patches as they become available.

Read Original
PreviousPage 15 of 23Next