PT-2026-33009

Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts. The make salt and make salt bcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simpl...

PT-2026-33089

A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements. This vulnerability is due to improper validation of user-supplied authentication input in HT...

Cisco Secure Web Appliance 安全漏洞

Cisco Secure Web Appliance is an application developed by the American company Cisco. It is used to protect websites. There is a security vulnerability in Cisco Secure Web Appliance, which stems from improper validation of authentication inputs provided by users in HTTP requests. This vulnerabili...

Microsoft Windows Secure Kernel Double Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Secur...

Shopping Cart 安全漏洞

Shopping Cart is a SSH host connection management tool developed by Thijmen’s individual developer. Version 0.0.2 of Shopping Cart contains a security vulnerability, which stems from command injection in the connect function. This vulnerability could potentially allow for the execution of arbitra...

GHSA-C29W-QQ4M-2GCV goshs has an empty-username SFTP password authentication bypass

Summary goshs contains an SFTP authentication bypass when the documented empty-username basic-auth syntax is used. If the server is started with -b ':pass' together with -sftp, goshs accepts that configuration but does not install any SFTP password handler. As a result, an unauthenticated network...

How Digital Annotations Are Replacing Paper Markups in Business

Digital Annotations replace paper markups in business, enabling real time collaboration, version control, and secure document workflows across teams...

EUVD-2026-22315

A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1,...

Hack the AI agent: Build agentic AI security skills with the GitHub Secure Code Game

I was scrolling through my feed one evening when I came across OpenClaw, an open source personal AI assistant that people were calling everything from "Jarvis" to "a portal to a new reality." The idea is beautiful: an AI that lives on your machine or in the cloud, talks to you over WhatsApp or...

CVE-2026-32220 UEFI Secure Boot Security Feature Bypass Vulnerability

...

CVE-2026-32220

CVE-2026-32220 : Improper access control in the Windows Virtualization-Based Security (VBS) Enclave allows an authorized local attacker to bypass a security feature. Affected component: Windows VBS Enclave within the Hyper-V/OS security stack. Documented impact includes local bypass of protection...

CVE-2026-32220 UEFI Secure Boot Security Feature Bypass Vulnerability

...

CVE-2026-0390

Technical details about CVE-2026-0390 are not publicly provided in the available documents. No information on affected product versions, root cause, exploitability, or remediation is included. Monitor for updates from official sources.

CVE-2026-0390 UEFI Secure Boot Security Feature Bypass Vulnerability

...

CVE-2026-0390 UEFI Secure Boot Security Feature Bypass Vulnerability

...

CVE-2026-21742

A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1,...

CVE-2026-21742

A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1,...

CVE-2026-21742

A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1,...

CVE-2026-21742

Fortinet FortiSOAR products are affected by CVE-2026-21742, a cleartext transmission vulnerability that could allow an authenticated attacker to view cleartext passwords in responses for Secure Message Exchange and Radius queries when configured. Affected: FortiSOAR PaaS versions 7.6.0–7.6.3, 7.5...

KB5082806: Cumulative security update for Internet Explorer: April 14, 2026

KB5082806: Cumulative security update for Internet Explorer: April 14, 2026 Important Certain versions of Microsoft Internet Explorer have reached the end of support. Note that some versions of Internet Explorer may be supported past the latest OS end date when Extended Security Updates ESUs are...