More results...
The vulnerability is tracked as CVE-2025-32975 and it may have been exploited in attacks against the education sector.
The post Critical Quest KACE Vulnerability Potentially Exploited in Attacks appeared first on SecurityWeek.
Oracle recently issued an urgent security alert regarding a critical Remote Code Execution (RCE) flaw that impacts both Oracle Identity Manager and Oracle Web Services Manager. Tracked as CVE-2026-21992, this vulnerability allows attackers to compromis…
A severe security vulnerability has been uncovered in UNISOC modem firmware, allowing attackers to execute arbitrary code remotely over cellular networks. UNISOC is a major semiconductor manufacturer providing chipsets for prominent mobile brands such …
ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted authentication. About CVE-2026-3564 The ScreenConnect remote access platform …
Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution.
The post Critical Langflow Vulnerability Exploited Hours After Public Disclosure appeared first on SecurityWeek.
The Cybersecurity and Infrastructure Security Agency has issued an urgent warning regarding a critical zero-day vulnerability affecting heavily relied-upon Cisco security products. Tracked officially as CVE-2026-20131, this severe flaw is actively bein…
Atlassian has officially resolved a high-severity Remote Code Execution (RCE) vulnerability within its Bamboo Data Centre application. Officially tracked as CVE-2026-21570, this critical security flaw introduces severe risks to enterprise continuous in…
The Jenkins project released a critical security advisory addressing multiple vulnerabilities in its core automation server and the LoadNinja plugin. These flaws expose continuous integration and continuous deployment (CI/CD) environments to severe ris…
The Jenkins project released a critical security advisory addressing multiple vulnerabilities in its core automation server and the LoadNinja plugin. These flaws expose continuous integration and continuous deployment (CI/CD) environments to severe ris…
Navia Benefit Solutions has confirmed a significant data breach impacting nearly 2.7 million individuals. The incident resulted from unauthorised access to the company’s systems, exposing sensitive personal and health plan information. As a promi…