ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Critical flaw lets hackers track, eavesdrop via Bluetooth audio devices
A critical vulnerability in Google's Fast Pair protocol can allow attackers to hijack Bluetooth audio accessories like wireless headphones and earbuds, track users, and eavesdrop on their conversations. [...]
Critical flaw lets hackers track, eavesdrop via Bluetooth audio devices
A critical vulnerability in Google's Fast Pair protocol can allow attackers to hijack Bluetooth audio accessories like wireless headphones and earbuds, track users, and eavesdrop on their conversations. [...]
Critical WordPress Plugin Vulnerability Exploited in the Wild to Gain Instant Admin Access
A critical unauthenticated privilege escalation vulnerability in the Modular DS WordPress plugin allows attackers to gain instant admin access, with exploitation confirmed in the wild. Affecting over 40,000 sites, the fl
Palo Alto Networks Firewall Vulnerability Allows Attacker to Trigger DoS Attacks
Palo Alto Networks has patched a critical denial-of-service vulnerability in its PAN-OS firewall software, tracked as CVE-2026-0227, which lets unauthenticated attackers disrupt GlobalProtect gateways and portals. The fl
Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a Network
Microsoft released security updates on January 13, 2026, addressing a critical elevation of privilege vulnerability in SQL Server that enables authorized attackers to bypass authentication controls and gain elevated syst
Stealthy CastleLoader Malware Attacking US Government Agencies and Critical Infrastructure
A sophisticated malware loader known as CastleLoader has emerged as a critical threat to US government agencies and critical infrastructure organizations. First identified in early 2025, this stealthy malware has been us
CVE-2025-70968 - FreeImage Use After Free Vulnerability
CVE ID : CVE-2025-70968 Published : Jan. 14, 2026, 5:16 p.m. | 2 hours, 13 minutes ago Description : FreeImage 3.18.0 contains a Use After Free in PluginTARGA.cpp;loadRLE(). Severity: 9.8 | CRITICAL Visit the link f
Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited
Microsoft on Tuesday rolled out its first security update for 2026, addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild. Of the 114 flaws, eight are rated Criti
Fortinet fixed two critical flaws in FortiFone and FortiSIEM
Fortinet fixed six security flaws, including two critical bugs in FortiFone and FortiSIEM that attackers could exploit without authentication. Fortinet released patches for six vulnerabilities, including two critical fla
Exploit code public for critical FortiSIEM command injection flaw
Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a remote, unauthenticated
Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution
Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances. The operating system (OS) injection vulne
Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow
Node.js has released updates to fix what it described as a critical security issue impacting "virtually every production Node.js app" that, if successfully exploited, could trigger a denial-of-service (DoS) condition. "N
CVE-2026-23550 - WordPress Modular DS plugin <= 2.5.1 - Privilege Escalation vulnerability
CVE ID : CVE-2026-23550 Published : Jan. 14, 2026, 9:16 a.m. | 1 day, 2 hours ago Description : Incorrect Privilege Assignment vulnerability in Modular DS allows Privilege Escalation.This issue affects Modular DS: fro
Microsoft Patch Tuesday security updates for January 2026 fixed actively exploited zero-day
Microsoft Patch Tuesday addressed 112 security flaws across Windows, Office, Azure, Edge, and more, including eight critical vulnerabilities, kicking off the new year with a major patch update. Microsoft Patch Tuesday se
Patch Tuesday, January 2026 Edition
Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software. Eight of the vulnerabilities earned Microsoft's most-dire "critical" rating, and the com
CVE-2026-22686 - Sandbox Escape via Host Error Prototype Chain in enclave-vm
CVE ID : CVE-2026-22686 Published : Jan. 14, 2026, 12:15 a.m. | 1 day, 11 hours ago Description : Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.7.0, there is a critical s
ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation
ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow artificial intelligence (AI) Platform that could enable an unauthenticated user to impersonate another user and perform ar
Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions
Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution. Th
Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances
Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify, an open-source, self-hosting platform, that could result in authentication bypass and remote code execution
Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control
Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated remote attacker to gain complete control over