ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
CVE-2026-0562 - Insecure Direct Object Reference (IDOR) in parisneo/lollms
CVE ID :CVE-2026-0562 Published : March 29, 2026, 6:16 p.m. | 19 minutes ago Description :A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject
Urgent Alert: NetScaler bug CVE-2026-3055 probed by attackers could leak sensitive data
Attackers are actively probing a critical Citrix NetScaler flaw (CVE-2026-3055) that can leak sensitive data via a memory overread issue. A critical vulnerability, tracked as CVE-2026-3055 (CVSS score of 9.3), in Citrix
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity, according to Defused Cyber and watchTowr. The vulnerability, CVE-2026-3055 (C
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evide
CISA Adds Aquasecurity Trivy Scanner Vulnerability to KEV Catalog
CISA has officially added a critical vulnerability affecting Aquasecurity’s Trivy scanner to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-33634, this alarming security flaw poses a severe risk t
CVE-2026-33765 - Pi-hole Web Interface has a Command Injection Vulnerability
CVE ID :CVE-2026-33765 Published : March 27, 2026, 8:16 p.m. | 19 minutes ago Description :Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking applicati
CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw
CISA warns of a critical flaw in PTC Windchill and FlexPLM (CVE-2026-4681), with no patch yet and potential for imminent exploitation. CISA issued an advisory about a critical vulnerability, tracked as CVE-2026-4681 (CVS
Red Hat Warns of Malware Code Embedded in Popular Linux Tool Allow Unauthorized Access to Systems
Red Hat has issued a critical security warning regarding malicious code discovered in recent versions of the “xz” compression tools and libraries. Tracked as CVE-2024-3094, this highly sophisticated supply chain compromi
Critical Citrix NetScaler and Gateway Vulnerabilities Let Remote Attackers Leak Sensitive Information
Cloud Software Group has issued a critical security bulletin detailing two newly discovered vulnerabilities affecting customer-managed NetScaler ADC and NetScaler Gateway appliances. These flaws, tracked as CVE-2026-3055
ISC Warns of High-Severity Kea DHCP Flaw That Can Crash Services Remotely
The Internet Systems Consortium (ISC) has released a critical security advisory warning network administrators of a high-severity vulnerability affecting the Kea DHCP server. Tracked as CVE-2026-3608, this flaw allows un
CVE-2026-32678 - Buffalo Wi-Fi Router Authentication Bypass Vulnerability
CVE ID :CVE-2026-32678 Published : March 27, 2026, 6:16 a.m. | 18 minutes ago Description :Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configur
Claude Chrome Extension 0-Click Vulnerability Enables Silent Prompt Injection Attacks
A critical zero-click vulnerability in Anthropic’s Claude Chrome Extension exposed over 3 million users to silent prompt-injection attacks, allowing malicious websites to hijack the AI assistant without user interaction.
CISA: New Langflow flaw actively exploited to hijack AI workflows
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework for building AI agen
CISA Warns of Langflow Code Injection Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the Langflow platform to its Known Exploited Vulnerabilities (KEV) catalog on March 25, 2026. The vulner
IDrive for Windows Vulnerability Let Attackers Escalate Privileges
A critical local privilege escalation vulnerability has been identified in the IDrive Cloud Backup Client for Windows. Tracked as CVE-2026-1995, this local privilege escalation vulnerability affects the IDrive Cloud Back
Synology DiskStation Manager Vulnerability Allow Remote Attackers to Execute Arbitrary Commands
A critical security advisory has been issued for a severe vulnerability in DiskStation Manager (DSM) that allows unauthenticated remote attackers to execute arbitrary commands. Given the widespread use of Synology networ
Cisco Secure Firewall Vulnerability Allows Remote Code Execution as Root User
Cisco has released an urgent security advisory addressing a critical vulnerability in its Secure Firewall Management Center (FMC) software. This severe flaw allows unauthenticated remote attackers to execute arbitrary co
CVE-2025-32991 - Apache N2WS Backup & Recovery Remote Code Execution Vulnerability
CVE ID :CVE-2025-32991 Published : March 25, 2026, 3:16 p.m. | 1 hour, 18 minutes ago Description :In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution.
Hackers Exploiting Magento to Execute Remote Code and Gain Complete Account Access
A critical unrestricted file upload vulnerability, dubbed “PolyShell,” is actively being exploited in Magento and Adobe Commerce stores. Discovered by the Sansec Forensics Team, this flaw allows unauthenticated attackers
Multiple TP-Link Vulnerabilities Allow Attackers to Execute Arbitrary Commands on System
TP-Link has recently issued a critical security advisory addressing multiple high-severity vulnerabilities impacting its Archer NX series routers. These flaws, which affect the Archer NX200, NX210, NX500, and NX600 model