A vulnerability in Apache HTTP Server’s HTTP/2 protocol handling now has working exploit code circulating among security ...

A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by ...

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for ...

Admins with Dynamics 365 on-prem should also take note of a “severe” vulnerability that allows remote code execution.

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

Spread the loveOn May 7, 2026, Google rolled out an urgent security update for its widely-used web browser, Chrome. This update, which addresses 30 vulnerabilities, has raised significant alarms ...

Microsoft’s May Patch Tuesday fixes 120 flaws, including 31 remote code execution bugs, with no zero-days reported at release ...

A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.