Articles tagged "Vulnerability"

Found 928 articles

Critical
Labcenter Proteus 9

All CISA Advisories

Labcenter Electronics' Proteus 9 software has been found to have several critical vulnerabilities, including out-of-bounds write, stack-based buffer overflow, and use-after-free issues. These vulnerabilities could allow attackers to execute arbitrary code on affected installations, potentially compromising sensitive systems in various sectors like healthcare, energy, and defense. Specifically, version 9.1_SP4_Build_42914 is affected, and users are urged to upgrade to the latest version, 9.2 SPO, to protect against these risks. While there are currently no known public exploits actively targeting these vulnerabilities, the potential for abuse remains concerning. It’s crucial for organizations to apply the recommended updates and implement security measures to safeguard their systems.

Read Original
Critical
Hitachi Energy e-mesh EMS

All CISA Advisories

Hitachi Energy has identified a buffer overflow vulnerability in specific versions of its e-mesh EMS product, which could lead to application outages and potential arbitrary code execution. The affected versions include e-mesh EMS 4.1.6, 4.4.2, and 4.7.0, which utilize NGINX versions 1.30.0 and below. Attackers could exploit this vulnerability by sending specially crafted HTTP requests under certain conditions, particularly if the system's Address Space Layout Randomization (ASLR) is disabled. Users are advised to apply a hotfix to update NGINX to version 1.30.2 or later and ensure ASLR is active. This vulnerability poses a significant risk to critical infrastructure sectors like energy, as it could lead to denial of service and operational disruptions.

Read Original

Digi International has identified serious vulnerabilities in several of its products, including the PortServer TS, Digi One SP, and Digi One SP IA. These flaws could allow attackers to bypass authentication, access restricted resources, and even inject malicious scripts into the system. Specifically, CVE-2026-12352 enables unauthenticated users to gain unauthorized access, while CVE-2026-12948 allows authenticated administrators to execute scripts via the web management interface. Users of affected devices, particularly in critical sectors like manufacturing and transportation, are urged to upgrade to newer products or implement immediate security measures to mitigate risks. Failure to address these vulnerabilities could lead to significant security breaches.

Read Original

A group of hackers believed to be aligned with China is targeting universities in the U.S. and Canada, specifically their physics and engineering departments, using vulnerabilities in Roundcube webmail software. These attackers are exploiting critical security flaws, including CVE-2024-42009, which has a CVSS score of 9.3. This vulnerability allows them to steal user credentials from the affected systems, raising serious concerns about the security of sensitive academic information. The fact that these exploits are targeting educational institutions highlights the ongoing risk that cyber threats pose to the academic sector, which often holds valuable research and personal data. Universities need to ensure their software is up-to-date to protect against such attacks.

Read Original
Actively Exploited

Hackers are taking advantage of a serious vulnerability in Adobe ColdFusion, which has a maximum severity score of 10.0 on the CVSS scale, indicating it poses a significant risk. This flaw allows attackers to execute arbitrary code, potentially compromising systems and accessing sensitive data. Organizations using affected versions of ColdFusion should take immediate action to protect their environments. Adobe has not specified the exact versions impacted, but users of ColdFusion should assume they are at risk if they haven't updated. The fact that this vulnerability is actively being exploited makes it crucial for companies to apply any available patches and review their security measures.

Read Original

BeyondTrust has alerted its customers to two serious security vulnerabilities in its Remote Support (RS) and Privileged Remote Access (PRA) software. These flaws could potentially allow attackers to bypass authentication, putting user systems at risk. Companies using this software need to act quickly to protect their networks from unauthorized access. The vulnerabilities affect a wide range of users who rely on BeyondTrust’s remote access solutions, making timely patching essential to maintaining security. BeyondTrust has advised all affected users to apply the necessary updates as soon as possible to mitigate any potential risks.

Read Original

A serious vulnerability in the Linux Kernel-based Virtual Machine (KVM) has been discovered, allowing attackers to potentially escape from a virtual machine (VM) to the host system. This flaw, which is 16 years old, affects both Intel and AMD systems. Security researcher Hyunwoo Kim reported that the issue is a use-after-free vulnerability, enabling malicious code running in a guest VM to corrupt the memory of the host kernel. The implications are significant, as it could allow unauthorized access to sensitive data or control over the host. Organizations using affected systems should take immediate action to assess their vulnerability and apply necessary patches to safeguard their environments.

Read Original

The CERT Coordination Center (CERT/CC) has issued a warning about a serious vulnerability in several firmware versions from Tenda, a Chinese manufacturer of network devices. Researchers discovered an undocumented backdoor that allows attackers to gain administrative access to the web management interfaces of affected routers, bypassing the usual password protections. This vulnerability is identified as CVE-2026-11405 and poses a significant risk to users, as it could enable unauthorized control of the devices. Owners of Tenda routers are urged to take immediate action to secure their devices, as this flaw could lead to further exploitation. The discovery raises concerns about the security practices of IoT device manufacturers and the implications for consumer privacy and network safety.

Read Original

BeyondTrust has issued urgent updates to fix two serious vulnerabilities in its Remote Support and Privileged Remote Access products. These flaws, identified as CVE-2026-40138 and another unnamed vulnerability, could allow attackers to gain control over affected devices without needing authentication. The vulnerabilities score a high 9.2 on the CVSS scale, indicating their severity. Users of BeyondTrust's Remote Support and PRA should prioritize applying these updates to mitigate the risk of unauthorized access. With the potential for exploitation, this situation underscores the importance of timely patch management in maintaining security.

Read Original

CrowdStrike has identified new techniques related to prompt injection, a method that allows attackers to manipulate AI systems. These techniques can lead to unauthorized access to sensitive information or the execution of harmful commands by tricking AI models into providing misleading outputs. The research emphasizes the need for organizations using AI tools to be vigilant, as these vulnerabilities can affect a wide range of applications and systems that rely on natural language processing. As AI technology becomes increasingly integrated into various sectors, understanding and addressing these injection techniques is crucial for maintaining security. Companies should implement stricter validation and monitoring protocols to mitigate these risks.

Read Original

A security vulnerability has been discovered in the Opera GX browser that could allow attackers to steal user data and launch denial-of-service (DoS) attacks. Identified by researcher zhero_web_security, this issue arises from a zero-click cross-site leak (XS-Leak), which takes advantage of the automatic installation feature for GX Mods. This means users could be at risk without needing to interact with any malicious content. Given that the Opera GX browser is popular among gamers and tech-savvy users, the potential for data theft and service disruption is significant. Users and organizations relying on this browser should stay alert for updates and consider disabling the automatic mod installation feature until a fix is available.

Read Original

Researchers have identified a serious memory disclosure vulnerability in Citrix's NetScaler products, which has already attracted the attention of attackers. Following the release of a proof-of-concept exploit, malicious actors are actively trying to exploit this flaw. This vulnerability could potentially expose sensitive information from affected systems, putting organizations at risk. Companies using Citrix NetScaler should urgently assess their systems and apply any necessary patches or mitigations to protect against potential breaches. As the situation develops, it's crucial for users to stay informed and take proactive measures to secure their environments.

Read Original

A vulnerability in the Linux KVM hypervisor has been discovered, allowing guest virtual machines (VMs) to escape and potentially compromise the host system. This flaw, identified as CVE-2026-53359 and nicknamed 'Januscape,' arises from a use-after-free bug within the shadow MMU code that is utilized by both Intel and AMD x86 architectures. Researchers have demonstrated a proof-of-concept that can crash the host machine, raising concerns about the security of virtualized environments. The existence of an unreleased exploit that could further exploit this vulnerability has also been claimed, suggesting that the risk is significant. Organizations using Linux KVM on affected systems should take immediate precautions to secure their environments.

Read Original

A new form of ransomware attack, dubbed JadePuffer, has been identified as the first to fully utilize a large language model (LLM) in its execution. Attackers exploited a vulnerability in Langflow to gain unauthorized access to a production database server, successfully stealing sensitive data while also encrypting other connected systems. This incident raises concerns about the evolving tactics of cybercriminals, particularly as they adopt sophisticated AI technologies to enhance their methods. Organizations using Langflow or similar systems should be particularly vigilant and take necessary precautions to protect their data and infrastructure. The implications of this attack could be far-reaching, as it demonstrates a new level of threat that combines advanced AI capabilities with traditional ransomware techniques.

Read Original
Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

The Hacker News

Actively Exploited

Researchers at Sysdig have reported that threat actors are actively trying to exploit a serious security vulnerability in Gitea Docker images, identified as CVE-2026-20896. This flaw, which carries a CVSS score of 9.8, allows unauthorized internet clients to gain elevated access by manipulating the 'X-WEBAUTH-USER' header. The vulnerability arises because Gitea's DevOps platform trusts this header from any source IP address, making it easier for attackers to gain control. The attempts to exploit this vulnerability began just 13 days after it was disclosed, indicating that attackers are quick to act on newly revealed weaknesses. Companies using Gitea should prioritize applying the latest patches to protect their systems from potential breaches.

Read Original
PreviousPage 6 of 62Next