ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Microsoft Releases Mitigation for Windows BitLocker Security Bypass 0-Day Vulnerability
Microsoft has disclosed a critical zero-day vulnerability in Windows BitLocker, tracked as CVE-2026-45585, that allows threat actors with physical access to bypass full-disk encryption entirely, potentially exposing sens
PoC Exploit Released for 20-Year Old PostgreSQL RCE Vulnerability
A proof-of-concept (PoC) exploit has been publicly released for CVE-2026-2005, a critical remote code execution (RCE) vulnerability affecting PostgreSQL’s pgcrypto extension. The flaw, rooted in legacy code dating back n
3 Tactics Elite SOCs Use to Operationalize Threat Intelligence
A data breach makes headlines for a day. The damage it leaves behind lasts years. Critical business risk isn’t one catastrophic moment — it’s a slow-motion erosion: dwell time compounding into lateral movement, a comprom
CVE-2026-8602 - Missing authentication for critical function in ScadaBR
CVE ID :CVE-2026-8602 Published : May 19, 2026, 5 p.m. | 1 hour, 21 minutes ago Description :In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated att
Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation
Drupal says attackers may develop an exploit for the vulnerability within hours or days. The post Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation appeared first on SecurityWeek.
Critical PostgreSQL Vulnerabilities Enables Code Execution and SQL Injections
The PostgreSQL Global Development Group has released critical security updates for all supported branches, fixing 11 vulnerabilities, including arbitrary code execution and several SQL injection flaws. PostgreSQL 18.4, 1
CVE-2026-2587 - Glassfish Remote Code Execution Vulnerability
CVE ID :CVE-2026-2587 Published : May 19, 2026, 3:16 p.m. | 1 hour, 5 minutes ago Description :A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism use
Hackers Hijacking Four-Faith Industrial Routers for Botnet Activity
Hackers are actively exploiting Four-Faith industrial routers to build botnets, leveraging a critical vulnerability identified as CVE-2024-9643. Security researchers from CrowdSec report a sharp rise in exploitation atte
Critical Apache Flink Vulnerability Enables Remote code execution Attacks
A newly disclosed critical vulnerability in Apache Flink, tracked as CVE-2026-35194, exposes distributed data processing environments to remote code execution (RCE) attacks via SQL injection flaws in the platform’s code
CVE-2026-8959 - Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
CVE ID :CVE-2026-8959 Published : May 19, 2026, 2:16 p.m. | 4 hours, 5 minutes ago Description :Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Fi
CVE-2026-8950 - Same-origin policy bypass in the Networking: HTTP component
CVE ID :CVE-2026-8950 Published : May 19, 2026, 2:16 p.m. | 4 hours, 5 minutes ago Description :Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151 and Firefox E
CVE-2026-8953 - Sandbox escape due to use-after-free in the Disability Access APIs component
CVE ID :CVE-2026-8953 Published : May 19, 2026, 2:16 p.m. | 4 hours, 5 minutes ago Description :Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox
CVE-2026-8956 - Integer overflow in the Networking: JAR component
CVE ID :CVE-2026-8956 Published : May 19, 2026, 2:16 p.m. | 4 hours, 5 minutes ago Description :Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
Microsoft's total vulnerability count stayed steady in 2025, but critical flaws surged year over year. BeyondTrust breaks down why attackers are increasingly focused on privilege escalation and identity abuse. [...]
Critical Marimo Security Vulnerability Enables Remote Code Execution Attacks
A critical security vulnerability in the Marimo Python notebook framework is being actively exploited to achieve pre-authentication remote code execution (RCE), allowing attackers to gain full control of exposed systems.
Critical SEPPmail Gateway Flaws Allow Remote Code Execution and Mail Traffic Theft
Critical vulnerabilities in the SEPPmail Secure Email Gateway have exposed organizations to remote code execution (RCE) and potential interception of sensitive email traffic. Researchers uncovered several high-impact fla
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to rea
Critical Vulnerability Exposes Industrial Robot Fleets to Hacking
The vulnerability, CVE-2026-8153, affects Universal Robots PolyScope 5 and it can be exploited for OS command injection. The post Critical Vulnerability Exposes Industrial Robot Fleets to Hacking appeared first on Secur
Mythos Preview Builds PoC Exploits in Automated Vulnerability Research
Anthropic’s Mythos Preview security-focused AI model is crossing a critical threshold in automated vulnerability research, not just finding bugs, but chaining them together into working proof-of-concept exploits. That’s
CVE-2026-42822 - Azure Local Disconnected Operations (ALDO) Elevation of Privilege Vulnerability
CVE ID :CVE-2026-42822 Published : May 18, 2026, 6:17 p.m. | 18 hours, 4 minutes ago Description :Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges