ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Google API Keys Expose Private Data Silently Through Gemini
A critical privilege escalation vulnerability affecting Google Cloud API keys specifically how legacy public-facing keys now silently grant unauthorized access to Google’s Gemini AI endpoints, exposing private files, cac
CVE-2026-27028 - Mobility46 mobility46.se Missing Authentication for Critical Function
CVE ID : CVE-2026-27028 Published : Feb. 27, 2026, 1:16 a.m. | 1 hour, 33 minutes ago Description : WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impers
CVE-2026-27767 - SWITCH EV swtchenergy.com Missing Authentication for Critical Function
CVE ID : CVE-2026-27767 Published : Feb. 27, 2026, 12:16 a.m. | 33 minutes ago Description : WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation
CVE-2026-27772 - EV Energy ev.energy Missing Authentication for Critical Function
CVE ID : CVE-2026-27772 Published : Feb. 27, 2026, 12:16 a.m. | 33 minutes ago Description : WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation
CVE-2026-25851 - Chargemap chargemap.com Missing Authentication for Critical Function
CVE ID : CVE-2026-25851 Published : Feb. 27, 2026, 12:16 a.m. | 33 minutes ago Description : WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation
CVE-2026-24731 - EV2GO ev2go.io Missing Authentication for Critical Function
CVE ID : CVE-2026-24731 Published : Feb. 27, 2026, 12:16 a.m. | 33 minutes ago Description : WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation
CVE-2026-20781 - CloudCharge cloudcharge.se Missing Authentication for Critical Function
CVE ID : CVE-2026-20781 Published : Feb. 27, 2026, 12:16 a.m. | 33 minutes ago Description : WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation
Trend Micro fixes two critical flaws in Apex One
Trend Micro fixed two critical Apex One flaws enabling remote code execution on vulnerable Windows systems and urged immediate updates. Trend Micro has addressed two critical vulnerabilities in Apex One that could allow
Trend Micro warns of critical Apex One code execution flaws
Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems. [...]
Critical Juniper Networks PTX flaw allows full router takeover
A critical vulnerability in the Junos OS Evolved network operating system running on PTX Series routers from Juniper Networks could allow an unauthenticated attacker to execute code remotely with root privileges. [...]
Critical ServiceNow AI Platform Vulnerability Enables Remote Code Execution
A critical vulnerability in an enterprise AI platform has been patched, addressing a flaw that could allow unauthenticated remote code execution. Tracked as CVE-2026-0542, this security flaw poses a significant risk to o
Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control
Cisco SD-WAN vulnerability CVE-2026-20127 has been exploited since 2023 to gain unauthenticated admin access. A critical Cisco SD-WAN vulnerability, tracked as CVE-2026-20127 (CVSS score of 10.0), has been actively explo
Critical Claude Code Vulnerabilities Enables Remote Code Execution Attacks
A critical security flaw in Anthropic’s Claude Code demonstrates how threat actors can exploit repository configuration files to execute malicious code and steal sensitive API keys. The vulnerabilities, tracked as CVE-20
Critical Cisco SD-WAN 0-Day Vulnerability Exploited Since 2023 to Gain Root Access
Cisco has disclosed a critical zero-day vulnerability in its Catalyst SD-WAN products that threat actors have exploited since 2023 to bypass authentication and achieve root access. Tracked as CVE-2026-20127, the flaw aff
Critical Zyxel router flaw exposed devices to remote attacks
Zyxel fixed a critical flaw in multiple routers that lets unauthenticated attackers remotely execute commands on vulnerable devices. Zyxel addressed a critical remote code execution vulnerability, tracked as CVE-2025-139
CVE-2026-21902 - Junos OS Evolved: PTX Series: A vulnerability allows a unauthenticated, network-based attacker to execute code as root
CVE ID : CVE-2026-21902 Published : Feb. 25, 2026, 6:23 p.m. | 25 minutes ago Description : An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper N
Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023
Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers
CVE-2026-2624 - Authentication Bypass in ePati's Antikor NGFW
CVE ID : CVE-2026-2624 Published : Feb. 25, 2026, 1:16 p.m. | 1 hour, 32 minutes ago Description : Missing Authentication for Critical Function vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Ge
Zyxel warns of critical RCE flaw affecting over a dozen routers
Taiwan networking provider Zyxel has released security updates to address a critical vulnerability affecting over a dozen router models that can allow unauthenticated attackers to gain remote command execution on unpatch
SolarWinds Critical Serv-U Vulnerabilities Enables Root Access
An urgent security update has been released for the Serv-U file server software to fix multiple critical vulnerabilities that could allow attackers to fully compromise affected systems. The latest release, Serv-U version