ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
CVE-2025-63939 - Anirudhkannan Grocery Store Management System SQL Injection Vulnerability
CVE ID :CVE-2025-63939 Published : April 14, 2026, 4:16 p.m. | 23 minutes ago Description :Improper input handling in /Grocery/search_products_itname.php, in anirudhkannan Grocery Store Management System 1.0, allow
CISA Warns of Fortinet SQL Injection Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Fortinet products. On April 13, 2026, the agency added a severe SQL injection vulnerability t
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: while raw alert volume grew by 52% year-over-year, prioritized critical risk grew by nearly
Attackers target unpatched ShowDoc servers via CVE-2025-0520
A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (CVSS score of 9.4), affec
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 (aka C
CVE-2026-40288 - PraisonAI: Critical RCE via `type: job` workflow YAML
CVE ID :CVE-2026-40288 Published : April 14, 2026, 4:17 a.m. | 23 minutes ago Description :PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the workflo
CVE-2026-6264 - Critical Security fix for the Talend JobServer and Talend Runtime
CVE ID :CVE-2026-6264 Published : April 14, 2026, 3:16 a.m. | 1 hour, 24 minutes ago Description :A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via
Critical flaw in wolfSSL library enables forged certificate use
A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm or its size when checking Elliptic Curve Digital Signature Algorithm (ECDSA) signatures. [...]
Marimo RCE Vulnerability Exploited in the Within 10 Hours of Disclosure
A critical vulnerability was disclosed in Marimo, an open-source reactive Python notebook platform. Less than 10 hours later, attackers successfully weaponized the flaw to steal sensitive cloud credentials, highlighting
Critical Axios Vulnerability Allows Remote Code Execution – PoC Released
The cybersecurity community is on high alert after the disclosure of a critical security flaw in Axios, a widely used promise-based HTTP client for Node.js and browsers. Security researcher Jason Saayman recently disclos
Apache Tomcat Vulnerabilities Enables Bypass of EncryptInterceptor
The Apache Software Foundation has released emergency security updates to address multiple vulnerabilities in Apache Tomcat. The latest advisories highlight a critical patching error that inadvertently exposed servers to
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in
Adobe Patches Acrobat Reader 0-Day Vulnerability Exploited in the Wild
Adobe has issued an emergency security patch to neutralize a critical zero-day vulnerability in Acrobat Reader that is currently being exploited in the wild. Tracked as CVE-2026-34621, this severe flaw enables threat act
Critical WordPress Plugin Flaw Lets Attackers Bypass Authentication and Gain Admin Access
A critical security flaw found in a widely used WordPress plugin is putting thousands of websites at serious risk worldwide. Tracked as CVE-2026-1492, this vulnerability affects the User Registration & Membership plugin
CVE-2026-34865 - Apache Web Out-of-Bounds Write Vulnerability
CVE ID :CVE-2026-34865 Published : April 13, 2026, 7:16 a.m. | 1 hour, 23 minutes ago Description :Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affe
Critical Marimo pre-auth RCE flaw now under active exploitation
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged for credential theft. [...]
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS sc
CVE-2026-39987: Marimo RCE exploited in hours after disclosure
A critical flaw, tracked as CVE-2026-39987, in the open-source Python notebook tool Marimo was exploited within 10 hours of disclosure. A critical flaw in Marimo, tracked as CVE-2026-39987 (CVSS score of 9.3) was exploit
Juniper Networks Default Password Vulnerability Let Attacker Take Full Control of the Device
A critical security alert warns of a severe default password vulnerability affecting Support Insights Virtual Lightweight Collector (vLWC) appliances. This flaw enables unauthenticated network-based attackers to gain ful
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in