A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Adobe has released patches for 52 vulnerabilities across 10 products, including flaws leading to arbitrary code execution.

Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could ...

For roughly 18 years, a chunk of code inside one of the internet’s most popular web servers quietly carried a critical ...

A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by ...

Fortinet and Ivanti have released fixes for multiple vulnerabilities, including critical flaws leading to code execution.

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Admins with Dynamics 365 on-prem should also take note of a “severe” vulnerability that allows remote code execution.

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

This month's Patch Tuesday addressed 120 vulnerabilities across Windows, Office, and cloud services, including critical ...

Remote code execution vulnerabilities pose especially critical threats to organizations, and VMware’s stronghold in data centers worldwide give patching these flaws particular urgency. VMware fixed ...