ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Critical Langflow Vulnerability Exploited Hours After Public Disclosure
Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution. The post Critical Langflow Vulnerability Exploited Hours After Public Disclosure appeared first on Secu
CVE-2026-32950 - SQLBot: RCE via SQL Injection in Excel Upload Endpoint
CVE ID :CVE-2026-32950 Published : March 20, 2026, 5:16 a.m. | 59 minutes ago Description :SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a criti
CVE-2026-32756 - Admidio: Unrestricted File Upload via CSRF Token Validation Bypass in Documents & Files Module
CVE ID :CVE-2026-32756 Published : March 20, 2026, 12:16 a.m. | 1 hour, 59 minutes ago Description :Admidio is an open-source user management solution. Versions 5.0.6 and below contain a critical unrestricted file
CVE-2026-29103 - SuiteCRM Vulnerable to Remote Code Execution via Module Loader Package Scanner Bypass
CVE ID :CVE-2026-29103 Published : March 19, 2026, 11:16 p.m. | 58 minutes ago Description :SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. A Critical Remot
CVE-2026-32194 - Microsoft Bing Images Remote Code Execution Vulnerability
CVE ID :CVE-2026-32194 Published : March 19, 2026, 9:21 p.m. | 53 minutes ago Description :None Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, a
CVE-2026-32169 - Azure Cloud Shell Elevation of Privilege Vulnerability
CVE ID :CVE-2026-32169 Published : March 19, 2026, 9:17 p.m. | 58 minutes ago Description :Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a networ
CVE-2026-30402 - Apache WireGuard Code Execution Vulnerability
CVE ID :CVE-2026-30402 Published : March 19, 2026, 3:16 p.m. | 2 hours, 58 minutes ago Description :An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection
Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376
Russian APT exploits a critical XSS flaw in Zimbra, tracked as CVE-2025-66376, running scripts via HTML emails to target users in Ukraine. Russia-linked threat actor exploits a high-severity XSS vulnerability, tracked as
Critical Microsoft SharePoint flaw now exploited in attacks
A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned. [...]
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure
The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-
CVE-2025-60233 - WordPress Zuut theme <= 1.4.2 - PHP Object Injection vulnerability
CVE ID :CVE-2025-60233 Published : March 19, 2026, 9:16 a.m. | 58 minutes ago Description :Deserialization of Untrusted Data vulnerability in Themeton Zuut allows Object Injection.This issue affects Zuut: from n/a
CVE-2025-60237 - WordPress Finag theme <= 1.5.0 - PHP Object Injection vulnerability
CVE ID :CVE-2025-60237 Published : March 19, 2026, 9:16 a.m. | 58 minutes ago Description :Deserialization of Untrusted Data vulnerability in Themeton Finag allows Object Injection.This issue affects Finag: from n/
CISA Warns of Microsoft SharePoint Vulnerability Exploited in Attacks
A critical security flaw in Microsoft SharePoint has been identified as actively exploited, and on March 18, 2026, the vulnerability was officially added to the Known Exploited Vulnerabilities (KEV) catalog. This additio
Cisco Firewall 0-day Vulnerability Exploited in the Wild to Deploy Interlock Ransomware
An active campaign by the Interlock ransomware group is exploiting a critical zero-day vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC) Software. Cisco disclosed the flaw on March 4, 2026;
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software. The vulnerability
Researchers warn of unpatched, critical Telnetd flaw affecting all versions
CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company Dream disclosed a critical flaw, tracked as CVE-2026-32746 (CVSS scor
ScreenConnect Vulnerability Allows Hackers to Extract Unique Machine Keys and Hijack Sessions
ConnectWise has issued an urgent security advisory for its ScreenConnect remote desktop software, disclosing a critical cryptographic vulnerability that could allow unauthenticated attackers to extract server-level machi
CVE-2026-25449 - WordPress Traveler theme < 3.2.8.1 - PHP Object Injection vulnerability
CVE ID :CVE-2026-25449 Published : March 18, 2026, 1:12 p.m. | 1 hour ago Description :Deserialization of Untrusted Data vulnerability in Shinetheme Traveler allows Object Injection.This issue affects Traveler: fro
Critical Telnetd Vulnerability Enables Remote Attacker to Execute Arbitrary Code via Port 23
A critical buffer overflow vulnerability in the GNU Inetutils telnetd daemon. Tracked as CVE-2026-32746, this flaw allows an unauthenticated remote attacker to execute arbitrary code and gain root access to affected syst
Critical FortiClient SQL Injection Vulnerability Enables Arbitrary Database Access
A critical SQL injection vulnerability in Fortinet’s FortiClient Endpoint Management Server (EMS). Tracked as CVE-2026-21643, this severe flaw carries a CVSS score of 9.1. It allows unauthenticated attackers to execute a