More results...
Codex Security, formerly Aardvark, has found hundreds of critical vulnerabilities in tested software in the past month.
The post OpenAI Rolls Out Codex Security Vulnerability Scanner appeared first on SecurityWeek.
On March 10, 2026, SAP released its monthly Security Patch Day updates, addressing multiple vulnerabilities across its enterprise software products. Maintaining a structured patch management cycle aligned with this monthly schedule remains a foundation…
CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs.
The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek.
A critical security vulnerability has been identified in Gogs, a widely used open-source self-hosted Git service. / Tracked as CVE-2026-25921, this flaw allows unauthenticated attackers to silently overwrite Git Large File Storage (LFS) objects across …
In a recent security advisory, Cloudflare disclosed multiple HTTP request smuggling and cache poisoning vulnerabilities in its open-source Pingora framework. Tracked under the identifiers CVE-2026-2833, CVE-2026-2835, and CVE-2026-2836, these flaws spe…
Two high-severity vulnerabilities have been discovered in Vaultwarden, a widely used alternative Bitwarden server implementation written in Rust. These security flaws, tracked as CVE-2026-27803 and CVE-2026-27802, allow compromised Manager accounts to …
Security firm Pillar reveals the Chaos Agent in which Hackerbot-Claw, an AI agent, used natural language to compromise major GitHub projects and hijack developer tools.
Apache ZooKeeper, a centralized service used for maintaining configuration information and naming in distributed systems, has received critical security updates. The Apache Software Foundation recently addressed two “Important” severity vul…
A critical Cross-Site Scripting (XSS) vulnerability has been discovered in ZITADEL, a popular open-source identity and access management platform. Tracked as CVE-2026-29191 with a Critical severity rating, this flaw resides in the platform’s logi…
A critical security flaw has been discovered in Nginx UI that allows unauthenticated threat actors to download and decrypt complete system backups. Tracked as CVE-2026-27944, this vulnerability carries a maximum critical severity score of 9.8 out of 10…