Back to Blog

#CVE

61 posts
Gitea Docker flaw turns a trusted proxy header into account takeover

Gitea Docker flaw turns a trusted proxy header into account takeover

Gitea Docker flaw turns a trusted proxy header into account takeover Gitea has fixed a critical authentication bypass in its official Docker images that could l...

July 12, 2026
7 min read
Microsoft Defender RoguePlanet fix closes a SYSTEM-level escalation path

Microsoft Defender RoguePlanet fix closes a SYSTEM-level escalation path

Microsoft Defender RoguePlanet fix closes a SYSTEM-level escalation path Microsoft has released a fix for CVE-2026-50656, the Microsoft Defender vulnerability p...

July 10, 2026
7 min read
Unpatched Tenda router backdoor turns home gateways into a trust problem

Unpatched Tenda router backdoor turns home gateways into a trust problem

Unpatched Tenda router backdoor turns home gateways into a trust problem CERT/CC has disclosed an undocumented authentication backdoor in several Tenda router f...

July 9, 2026
8 min read
CISA's July KEV batch puts Joomla page builders and Langflow on emergency patch lists

CISA's July KEV batch puts Joomla page builders and Langflow on emergency patch lists

CISA's July KEV batch puts Joomla page builders and Langflow on emergency patch lists CISA added three vulnerabilities to its Known Exploited Vulnerabilities ca...

July 8, 2026
7 min read
Adobe ColdFusion CVE-2026-48282 moves from patch advisory to active exploitation

Adobe ColdFusion CVE-2026-48282 moves from patch advisory to active exploitation

Adobe ColdFusion CVE-2026-48282 moves from patch advisory to active exploitation Adobe ColdFusion administrators have a narrow patch window for CVE-2026-48282,...

July 7, 2026
6 min read
JADEPUFFER shows how agentic AI can turn exposed Langflow into ransomware

JADEPUFFER shows how agentic AI can turn exposed Langflow into ransomware

JADEPUFFER shows how agentic AI can turn exposed Langflow into ransomware Sysdig has documented what it assesses as one of the first clear examples of agentic r...

July 4, 2026
6 min read
CitrixBleed-style NetScaler flaw CVE-2026-8451 is already being tested in the wild

CitrixBleed-style NetScaler flaw CVE-2026-8451 is already being tested in the wild

CitrixBleed-style NetScaler flaw CVE-2026-8451 is already being tested in the wild Citrix NetScaler administrators have another edge-appliance exposure to triag...

July 4, 2026
5 min read
SharePoint CVE-2026-45659 active exploitation puts on-prem servers on urgent patch path

SharePoint CVE-2026-45659 active exploitation puts on-prem servers on urgent patch path

SharePoint CVE-2026-45659 active exploitation puts on-prem servers on urgent patch path Microsoft SharePoint Server is back in the active-exploitation lane. CIS...

July 3, 2026
8 min read
Progress Kemp LoadMaster CVE-2026-8037 exploitation moves fast after public PoC

Progress Kemp LoadMaster CVE-2026-8037 exploitation moves fast after public PoC

Progress Kemp LoadMaster CVE-2026-8037 exploitation moves fast after public PoC Progress Kemp LoadMaster appliances are now in the familiar danger zone for edge...

July 2, 2026
7 min read
SimpleHelp CVE-2026-48558 exploitation turns RMM into a credential-theft path

SimpleHelp CVE-2026-48558 exploitation turns RMM into a credential-theft path

SimpleHelp CVE-2026-48558 exploitation turns RMM into a credential-theft path SimpleHelp has moved from patched vulnerability to active intrusion path. Attacker...

July 1, 2026
9 min read
Oracle E-Business Suite CVE-2026-46817 is now an active exploitation risk

Oracle E-Business Suite CVE-2026-46817 is now an active exploitation risk

Oracle E-Business Suite CVE-2026-46817 is now an active exploitation risk Oracle E-Business Suite has another critical exposure that defenders should move out o...

June 30, 2026
8 min read
Lantronix EDS5000 exploitation shows why edge device patch windows are shrinking

Lantronix EDS5000 exploitation shows why edge device patch windows are shrinking

Lantronix EDS5000 exploitation shows why edge device patch windows are shrinking CISA has added CVE-2025-67038 to its Known Exploited Vulnerabilities catalog af...

June 26, 2026
6 min read