Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server EMS deployments to deliver a credential-stealing malware family dubbed EKZ Infostealer. "The campaign abused trusted endpoint management infrastructure to deliver malware...

Exploit for CVE-2026-41940

cpanel-cve-2026-41940-fix One-shot detection and remediatio...

Exploit for Missing Authentication for Critical Function in Coreweave Marimo

CVE-2026-39987 Lab Guide Pre-Auth Remote Code Execution v...

Traefik: Pre-authentication decision bypass due to forwarded alias spoofing

Summary There is a high severity authentication bypass vulnerability in Traefik's ForwardAuth and snippet-based authentication middleware. Traefik's forwarded-header sanitization logic targets only canonical header names e.g., X-Forwarded-Proto and does not strip or normalize alias variants that...

GHSA-5M6W-WVH7-57VM Traefik: Pre-authentication decision bypass due to forwarded alias spoofing

Summary There is a high severity authentication bypass vulnerability in Traefik's ForwardAuth and snippet-based authentication middleware. Traefik's forwarded-header sanitization logic targets only canonical header names e.g., X-Forwarded-Proto and does not strip or normalize alias variants that...

Exploit for Improper Access Control in Fortinet Forticlientems

CVE-2026-35616 - FortiClient EMS Pre-Authentication API Bypass...

FortiClient EMS 7.4.6 Vulnerability Assessment Tool

CVE-2026-35616 is a pre-authentication API bypass in FortiClient EMS 7.4.5 and 7.4.6 that allows remote, unauthenticated attackers to bypass certificate-based authentication through HTTP header spoofing. The Django application trusts user-controllable HTTP headers X-SSL-CLIENT-VERIFY,...

Exploit for Improper Authentication in Cisco Catalyst_Sd-Wan_Manager

CVE-2026-20127-Cisco SD-WAN Pre-Authentication Remote Code Exe...

Exploit for CVE-2025-40552

CVE-2025-40552 and CVE-2025-40553 SolarWinds Web Help Desk Pre...

CVE-2024-20510

A vulnerability in the Central Web Authentication CWA feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication access control list ACL, which could allow access to network resources before user authentication. Thi...

Moderate: Red Hat Security Advisory: krb5 security, bug fix, and enhancement update

Updated krb5 packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

MIT Kerberos kdcpreauth module pre-authentication security bypass vulnerability

MIT Kerberos 5 is a network authentication protocol that uses a client/server architecture and allows both the client and server side to authenticate each other. kdcpreauth is one of the interface modules. A security vulnerability exists in the plugins/preauth/otp/main.c and...