More results...
Microsoft has disclosed a zero-day vulnerability in Microsoft Office Word that allows attackers to bypass security protections. Identified as CVE-2026-21514, this security flaw was officially documented on February 10, 2026, and poses significant risks…
Ivanti has issued a high-security update for its Endpoint Manager (EPM) solution to address two significant vulnerabilities that could put organisational data at risk. The advisory, released on February 9, 2026, highlights a high-severity flaw that all…
Microsoft has issued an urgent security warning following the discovery of a zero-day vulnerability in the Windows Shell, now tracked as CVE-2026-21510. This critical flaw, which carries a high severity score of 8.8, is currently being exploited in the…
Fortinet has issued a high-severity security advisory regarding a vulnerability in specific versions of its FortiOS operating system. The flaw, identified as CVE-2026-22153, could allow unauthorized attackers to bypass authentication mechanisms, potent…
GitLab has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE) to address multiple high-severity vulnerabilities. These patches, detailed in the release notes for versions 18.8.4, 18.7.4, and 18.6.6, resolve fl…
Microsoft’s February 2026 Patch Tuesday update has arrived with critical urgency, addressing 54 security vulnerabilities across its ecosystem. This month’s release is particularly severe due to the inclusion of six zero-day vulnerabilities that are cur…
SAP said the February 10, 2026 Patch Day delivered fixes across multiple SAP products and urged customers to apply patches with priority via the Support Portal to protect their SAP landscape. The highest-risk item highlighted this month is CVE-2026-048…
A newly documented Windows vulnerability, CVE-2026-20817, impacts the Windows Error Reporting Service (WER) and enables local privilege escalation. The issue matters because WER runs as NT AUTHORITY\SYSTEM, so any mistake in its permission checks can b…
A serious security flaw has been discovered in Axios, one of the most popular HTTP client libraries for Node.js, allowing attackers to crash servers and trigger denial-of-service (DoS) attacks. The vulnerability, tracked as CVE-2026-25639, affects all …
A critical security oversight has left thousands of AI agents wide open to the public internet. 15,200 instances of the OpenClaw AI framework (formerly Clawdbot and Moltbot) are vulnerable to remote takeover. The STRIKE team used internet-wide reconnai…