PT-2026-42120

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.38.2 Description An authorization bypass exists in the SCIM router within packages/worker/src/api/routes/global/scim.ts. The router only utilizes the requireSCIM and doInScimContext middlewares, failing to implemen...

Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild

F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited. Patch now, check IoCs, and secure vulnerable systems immediately...

PT-2026-22144

Name of the Vulnerable Software and Affected Versions Trend Micro Apex One affected versions not specified Description A link following issue in the scan engine allows a local attacker to escalate privileges. To exploit this, the attacker must already have the ability to execute low-privileged co...

PT-2026-20923

Name of the Vulnerable Software and Affected Versions Splunk Enterprise for Windows versions prior to 10.2.0 Splunk Enterprise for Windows versions prior to 10.0.3 Splunk Enterprise for Windows versions prior to 9.4.8 Splunk Enterprise for Windows versions prior to 9.3.9 Splunk Enterprise for...

PT-2026-20924

Splunk Enterprise Windows flaws CVSS 7.7 CVE-2026-20143 & CVE-2026-20140 allow system takeover via DLL and Python search path hijacking. Patch immediately. Splunk CyberSecurity InfoSec WindowsSecurity DLLHijacking LPE PatchNow https://t.co/wudRkJ9tIM...

PT-2026-20256

Old vuln, new life: React2Shell CVE-2025-55812 is seeing a surge in active exploitation with reverse shells + cryptominers. If your patching is based on CVSS instead of real-world activity, you’re already behind. https://t.co/2hEOe08JVG CyberSecurity ThreatIntel PatchNow...

PT-2026-3860

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 12.3 through 18.6.3 GitLab CE/EE versions 18.7 through 18.7.1 GitLab CE/EE versions 18.8 through 18.8.1 Description An issue in GitLab CE/EE could allow an unauthenticated user to create a denial of service condition by...

PT-2026-3854

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.1 through 18.6.4 GitLab CE/EE versions 18.7 through 18.7.2 GitLab CE/EE versions 18.8 through 18.8.2 Description GitLab CE/EE is affected by an issue that could allow an authenticated user to create a denial of service...

CISA Warns of Active Attacks on Cisco ASA and Firepower Flaws

CISA issues an urgent directive for all organizations to patch Cisco ASA and Firepower devices against CVE-2025-20362 and CVE-2025-20333, exploited in the ArcaneDoor campaign. Verify the correct version now!...

13-Year-Old RediShell Vulnerability Puts 60,000 Redis Servers at Risk

Critical Redis flaw RediShell CVE-2025-49844 exposes 60,000 servers to remote code execution. Patch immediately to prevent full system compromise...

PT-2025-39388

⚠️ Critical Alert – CVE-2025-78901 • Zero-day in Telerik UI library actively exploited 🚨 • Affects thousands of .NET web apps 2025.3.1 • Mass scanning and ransomware attempts underway • Action: Patch immediately! CyberSecurity ZeroDay Telerik PatchNow NewTalics...

PT-2025-32327 · Undefined · Undefined

BREAKING: GRUB2 flaw CVE-2025-02725 in SUSE Linux enables pre-OS persistence. 🚨 Patch NOW: zypper patch --cve=CVE-2025-02725 Validate Secure Boot. Rebuild initramfs. Read more: 👉 https://t.co/0U2XsMxKqt https://t.co/kkKHlOi9JT...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2025-53770 - Zero-day exploitation in the wild of Microsof...

PT-2025-27026 · Undefined · Undefined

🚨 Critical flaw in Open VSX Registry CVE-2025-29182 Malicious extensions could hijack dev environments! ⚠️ 180K+ daily users at risk. Patched now—if you're using Eclipse Theia or any Open VSX-based IDE, update ASAP. CyberSecurity SupplyChain PatchNow...

Patch Now Critical Auth Bypass Flaw in GitHub Enterprise Server Fixed

...

Patch now! Fortra GoAnywhere MFT vulnerability exploit available

On January 22, 2024, software company Fortra warned customers about a new authentication bypass vulnerability impacting GoAnywhere MFT Managed File Transfer that allows an attacker to create a new admin user. Fortra GoAnywhere MFT is a file transfer solution that organizations use to exchange the...