Lucene search
K

6827 matches found

CISA
CISA
added 2026/05/20 12:0 p.m.23 views

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2008-4250link is external Microsoft Windows Buffer Overflow Vulnerability CVE-2009-1537link is external Microsoft DirectX NULL Byte Overwrite Vulnerability...

10CVSS7.3AI score0.98751EPSS
In wildExploits64References12
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in Safari 16.4.1, iOS 15.7.5, and iPadOS 15.7.5; iOS 16.4.1, and iPadOS 16.4.1; as well as macOS Ventura 13.3.1. Processing maliciously crafted web...

8.8CVSS8.4AI score0.27076EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox

An unexpected message in the WebGPU IPC framework could lead to a use-after-free error and an exploitable sandbox escape. There have been reports of attacks exploiting this flaw in real-world scenarios. This vulnerability affects Firefox versions earlier than 97.0.2, Firefox ESR versions earlier...

9.6CVSS8.4AI score0.02349EPSS
Exploits1References2
Circl
Circl
added 2026/05/19 9:0 p.m.10 views

CVE-2026-41091

creationtimestamp| type| source ---|---|--- 2026-05-19 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1878 2026-05-20 10:16:09+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-av26-489 2026-05-20 14:10:08+00:00| seen|...

7.8CVSS6.1AI score0.08371EPSS
Exploits2References67
Qualys Blog
Qualys Blog
added 2026/05/19 4:27 p.m.17 views

Inside the 2026 Verizon DBIR: What One Billion Records Revealed About Vulnerability Remediation

The Verizon 2026 Data Breach Investigations Report has been published. Qualys is proud to have served as a research partner and contributor, contributing analysis of more than one billion anonymized vulnerability remediation records across four consecutive DBIR reporting cycles of CISA Known...

5.8AI score
Exploits0
CISA
CISA
added 2026/05/15 12:0 p.m.15 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-42897link is external Microsoft Exchange Server Cross-Site Scripting Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

8.1CVSS5.8AI score0.0564EPSS
In wildExploits1References6
The Hacker News
The Hacker News
added 2026/05/15 6:19 a.m.18 views

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-42897 CVSS score: 8.1, has been described as a spoofing bug stemming from a cross-site scriptin...

8.1CVSS5.9AI score0.0564EPSS
Exploits1
The Hacker News
The Hacker News
added 2026/05/15 5:28 a.m.13 views

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

The U.S.Cybersecurity and Infrastructure Security Agency CISA on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities KEV catalog, requiring Federal Civilian Executive Branch FCEB agencies to remediate the issue by May 17...

10CVSS6.5AI score0.87693EPSS
Exploits4
CISA
CISA
added 2026/05/14 12:0 p.m.37 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20182link is external Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability This type of vulnerability is a frequent attack vector for malicio...

10CVSS6.1AI score0.87693EPSS
In wildExploits4References9
Vulnrichment
Vulnrichment
added 2026/05/10 9:15 a.m.8 views

CVE-2026-8244 Industrial Application Software IAS Canias ERP Login RMI improper authentication

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploi...

6.9CVSS5.8AI score0.00403EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.11 views

PT-2026-39534

Critical cPanel vulnerabilities CVE-2026-41940, CVE-2026-41941, CVE-2026-41942 exploited in the wild. Update your servers immediately to protect against unauthorized access. Link: https://t.co/BvY5rEh9wr cPanel Cybersecurity Vulnerabilities Exploits Patching Servers Security Infosec Malware Threa...

9.8CVSS6AI score0.981EPSS
Exploits64References1
CISA
CISA
added 2026/05/08 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-42208link is external BerriAI LiteLLM SQL Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses...

9.8CVSS6.1AI score0.86607EPSS
In wildExploits7References6
EUVD
EUVD
added 2026/05/07 9:30 p.m.15 views

EUVD-2026-28415

Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May 2026...

7.2CVSS5.8AI score0.00237EPSS
Exploits0References5
CISA
CISA
added 2026/05/07 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-6973link is external Ivanti Endpoint Manager Mobile EPMM Improper Input Validation Vulnerability This type of vulnerability is a frequent attack vector for...

7.2CVSS6AI score0.34454EPSS
In wildExploits0References6
CISA
CISA
added 2026/05/06 12:0 p.m.19 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-0300link is external Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

9.8CVSS6AI score0.36157EPSS
In wildExploits6References6
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.19 views

PT-2026-46983

Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description On platforms running Arista EOS with tunnel decapsulation configurations—such as VXLAN Virtual Extensible LAN, decap-groups, or GRE Generic Routing Encapsulation tunnel interfaces—the swit...

6.9CVSS6AI score0.00836EPSS
Exploits1References33
The Hacker News
The Hacker News
added 2026/05/03 6:26 a.m.15 views

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as...

7.8CVSS6.6AI score0.96267EPSS
Exploits228
CISA
CISA
added 2026/05/01 12:0 p.m.11 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-31431link is external Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability This type of vulnerability is a frequent attack vector for...

7.8CVSS6AI score0.96267EPSS
In wildExploits228References6
Malwarebytes
Malwarebytes
added 2026/05/01 10:48 a.m.9 views

Actively exploited cPanel bug exposes millions of websites to takeover

Security researchers are warning about a newly discovered vulnerability in the widely used web server management software cPanel and WebHost Manager WHM. This is a critical, actively exploited authentication-bypass bug in cPanel/WHM that lets attackers gain administrative access to the interface...

9.8CVSS5.8AI score0.981EPSS
Exploits64
CISA
CISA
added 2026/04/30 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-41940link is external WebPros cPanel & WHM and WP2 WordPress Squared Missing Authentication for Critical Function Vulnerability This type of vulnerability is...

9.8CVSS5.6AI score0.981EPSS
In wildExploits64References6
Rows per page
Query Builder