Palo Alto Networks is shipping the final round of patches for CVE-2026-0300 today, closing a pre-authentication remote code ...

Microsoft released fixes for SharePoint remote code execution vulnerability CVE-2026-45659 with a CVSS score of 8.8.

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...

Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.

Proof-of-concept (PoC) code has been published for a one-click RCE vulnerability in open source LLM building platform Flowise.

SharePoint access often means access to the keys of the kingdom, something attackers and defenders understand all too well.

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

A code execution vulnerability in WinRAR generated over a hundred distinct exploits in the first week since its disclosure, and the number of exploits keeps on swelling. A micropatch was released to ...

An LLM-powered system found 4 security bugs, including a critical one in the web server’s URL rewrite module. Researchers have found a critical vulnerability in the widely used Nginx web server that ...