Alerts

Alerts

Critical vLLM Vulnerability Allows Remote Code Execution via Malicious Video Files

A critical vulnerability chain has been disclosed in vLLM, a widely-used high-performance library for Large Language Model inference. Tracked as CVE-2026-22778 with a CVSS score of 9.8, the flaw allows remote attackers to execute arbitrary commands on vLLM servers by submitting a malicious video URL to the API. Default

Alerts

CISA Silently Updated Ransomware Intelligence on 59 Vulnerabilities in 2025 Without Notifying Defenders

CISA has been silently updating its Known Exploited Vulnerabilities (KEV) catalog when it confirms that vulnerabilities are being exploited by ransomware groups — without notifying defenders when those changes occur. Glenn Thorpe, senior director of security research and detection engineering at GreyNoise, documented the gap by downloading daily KEV snapshots for

Alerts

Django Patches Three High-Severity SQL Injection Flaws Across All Supported Versions

The Django project has issued security releases across all supported versions — Django 6.0.2, 5.2.11, and 4.2.28 — addressing six vulnerabilities, three of which are high-severity SQL injection flaws that could allow attackers to execute arbitrary SQL commands against backend databases. All three SQL injection CVEs

Alerts

Critical 1-Click RCE in OpenClaw Gives Attackers Full Control of Developer Machines (CVE-2026-25253)

A critical vulnerability in OpenClaw — the viral open-source AI assistant trusted by over 100,000 developers — allows attackers to achieve full remote code execution on a victim's machine through a single webpage visit. No user interaction beyond loading the page is required. CVE-2026-25253 (CVSS 8.8) affects all

Alerts

APT28 Weaponizes Microsoft Office Zero-Day Within 24 Hours, Targets Ukraine and EU with Covenant Backdoor

Russian state-sponsored hacking group APT28 weaponized a critical Microsoft Office zero-day vulnerability within 24 hours of public disclosure, launching targeted attacks against Ukrainian government agencies and European Union institutions. Ukraine's Computer Emergency Response Team (CERT-UA) detected exploitation attempts beginning January 27 — just one day after Microsoft published details

Alerts

Critical Kyverno Vulnerability Allows Cluster Admin Takeover via Policy Abuse (CVE-2026-22039)

The maintainers of Kyverno, a widely deployed Kubernetes-native policy engine, have released an emergency patch for a critical vulnerability that completely breaks namespace isolation boundaries. Tracked as CVE-2026-22039 and carrying a maximum CVSS score of 10, the flaw allows any authenticated user with permission to create namespaced policies to effectively

Alerts

CISA Adds Actively Exploited Ivanti EPMM Vulnerability to KEV Catalog (CVE-2026-1281)

CISA has added a critical Ivanti Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. Tracked as CVE-2026-1281, the code injection vulnerability allows attackers to achieve unauthenticated remote code execution on affected systems. Urgent Deadline Federal agencies are required to apply

Alerts

SolarWinds Web Help Desk Hit with Six Critical Vulnerabilities Including Multiple RCE Flaws

SolarWinds has released an emergency patch for Web Help Desk (WHD), addressing six security vulnerabilities—four rated critical—that could allow unauthenticated attackers to fully compromise host systems. The flaws, discovered by researchers Jimi Sebree of Horizon3.ai and Piotr Bazydło of watchTowr, include multiple remote code execution vectors, authentication

Alerts

Critical SandboxJS Vulnerability Allows Complete Sandbox Escape and Remote Code Execution (CVE-2026-23830)

A critical vulnerability in SandboxJS, a widely used library for safely executing untrusted JavaScript code, allows attackers to completely escape the sandbox environment and achieve remote code execution on the host system. Tracked as CVE-2026-23830 and carrying a maximum CVSS score of 10.0, the flaw stems from an incomplete

Alerts

OpenSSL Patches High-Severity Stack Buffer Overflow and Eleven Additional Vulnerabilities

The OpenSSL project has released a sweeping security update addressing twelve vulnerabilities across the widely-used cryptographic library, including a high-severity stack buffer overflow that could potentially enable remote code execution on vulnerable systems. The headline flaw, tracked as CVE-2025-15467, affects CMS AuthEnvelopedData parsing and carries high severity. Organizations running OpenSSL

Alerts

Critical n8n Workflow Automation Vulnerability Allows Remote Code Execution (CVE-2026-1470)

A critical remote code execution vulnerability in n8n, the popular open-source workflow automation platform, allows authenticated users to bypass sandbox protections and execute arbitrary code on the main node with a CVSS severity score of 9.9, according to research published by JFrog Security. The vulnerability, tracked as CVE-2026-1470, was

Alerts

Critical Fortinet Authentication Bypass Allows Access to Other Customers' Devices (CVE-2026-24858)

Fortinet has disclosed a critical authentication bypass vulnerability affecting FortiOS, FortiManager, and FortiAnalyzer that allows attackers with a FortiCloud account to access devices registered to other customers' accounts. The vulnerability has been added to CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild. The flaw,