Your Cloud Detection Strategy in 2026: What to Expect at the Global Cybersecurity Summit

Cloud environments have changed how security teams detect and respond to threats. Signals come from more places, identities are harder to track, and attacks rarely stay within a single system. For many teams, the challenge is no longer visibility. It is having the risk context to understand what...

CLSA-2026-1776159098 Fix CVE(s): CVE-2025-30258

SECURITY UPDATE: signature verification DoS via malicious subkey - debian/patches/CVE-2025-30258.patch: require signing usage when looking up public key for signature verification, filtering out subkeys without valid backsig. Include upstream regression fixes to preserve verification of signature...

minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and...

undici: undici: Denial of Service via crafted WebSocket frame with large length

A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primar...

CVE-2026-5986

A weakness has been identified in Zod jsVideoUrlParser up to 0.5.1. The impacted element is the function getTime in the library lib/util.js. This manipulation of the argument timestamp causes inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit ha...

jwt-attack-suite

JWT Attack Suite Offensive JWT testing toolkit for penetrat...

EUVD-2026-22214

PraisonAI is a multi-agent teams system. In versions 4.5.139 and below, the GitHub Actions workflows are vulnerable to ArtiPACKED attack, a known credential leakage vector caused by using actions/checkout without setting persist-credentials: false. By default, actions/checkout writes the...

CVE-2026-40168

Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Although the application validates the initially supplied URL and blocks direct private/internal hosts, it does not re-validate the final destination after HTTP redirects. As a...

LDAP Injection

Overview mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. Affected versions of this package are vulnerable to LDAP Injection through the Ldap authentication handler in mitmproxy/addons/proxyauth.py. An attacker can...

CVE-2026-39424

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administrator exports the application chat history to an Excel file .xlsx via the...

CVE-2026-39421 MaxKB: Sandbox escape via ctypes and unhooked SYS_pkey_mprotect

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LDPRELOAD-based...

CVE-2026-33948

jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows validation bypass via embedded NUL bytes. When reading JSON from files or stdin, jq uses strlen to determine buffer length instead of the actual byte...

CVE-2026-0512 Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog)

Due to a Cross-Site Scripting XSS vulnerability in the SAP Supplier Relationship Management SICF Handler in SRM Catalog, an unauthenticated attacker could craft a malicious URL, that if accessed by a victim, results in execution of malicious content within the victim's browser. This could allow t...

PT-2026-32731

Name of the Vulnerable Software and Affected Versions Microsoft Windows 10 versions 10.0.14393.0 through 10.0.14393.9059 Description Insufficient UI warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network by misleading users int...

CVE-2026-33116

Loop with unreachable exit condition 'infinite loop' in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network...

PT-2026-32595

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.5.140 Description GitHub Actions workflows are susceptible to an ArtiPACKED attack, which is a credential leakage vector. This occurs when actions/checkout is used without setting persist-credentials: false. By...

PT-2026-32666

An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5 all versions, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR...

PT-2026-32871

Name of the Vulnerable Software and Affected Versions Windows HTTP.sys affected versions not specified Description An out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to cause a denial of service over a network. Recommendations At the moment, there is no information about a...

PT-2026-32847

Name of the Vulnerable Software and Affected Versions Windows Kernel affected versions not specified Description A stack-based buffer overflow in the Windows Kernel allows an authorized attacker to elevate privileges locally. A stack-based buffer overflow occurs when a program writes more data to...

PT-2026-32866

Name of the Vulnerable Software and Affected Versions Windows USB Print Driver versions prior to April 2026 Description A heap-based buffer overflow in the Windows USB Printing Stack usbprint.sys allows an unauthorized attacker to elevate privileges. This issue can be exploited through a physical...