Vulnerabilities News

Computer screen displaying code representing Windows BitLocker security vulnerability

Vulnerabilities 2026-05-20 19 views

YellowKey BitLocker Zero-Day Bypass Exploits Windows Recovery

Microsoft issues emergency mitigation for YellowKey CVE-2026-45585, a BitLocker zero-day bypass requiring only a USB stick and physical access.

Read more →

Terminal code on a dark screen representing Linux kernel vulnerability exploitation

Vulnerabilities 2026-05-06 30 views

Linux Kernel Copy Fail Flaw Enables Root in 732 Bytes

CVE-2026-31431 Copy Fail lets unprivileged users gain Linux root access with a 732-byte script. CISA mandates patching by May 15.

Read more →

Network cables and server infrastructure representing web server vulnerabilities

Vulnerabilities 2026-05-06 22 views

Apache HTTP/2 Double-Free Flaw Enables Remote Code Execution

Apache patches CVE-2026-23918, a double-free flaw in mod_http2 enabling RCE with two HTTP/2 frames. Immediate upgrade to 2.4.67 urged.

Read more →

Close-up of a computer screen displaying cybersecurity code and network monitoring data

Vulnerabilities 2026-02-10 52 views

BeyondTrust Critical Pre-Auth RCE Flaw Exposes Thousands of Instances

BeyondTrust discloses CVE-2026-1731, a critical 9.9 CVSS pre-auth RCE flaw affecting Remote Support and Privileged Remote Access with 11,000 exposed instances.

Read more →

Network router device representing vulnerable D-Link DSL routers under attack

Vulnerabilities 2026-01-22 44 views

Critical D-Link Router Flaw Under Active Attack Enables Remote Hijacking

Critical CVE-2026-0625 (CVSS 9.3) in legacy D-Link DSL routers actively exploited. Unauthenticated attackers can execute commands and hijack DNS. No patches available.

Read more →

AI artificial intelligence technology code visualization representing framework security

Vulnerabilities 2026-01-21 35 views

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

Critical Chainlit AI framework flaws CVE-2026-22218 and CVE-2026-22219 enable attackers to steal cloud credentials and sensitive data via file read and SSRF attacks.

Read more →

WordPress security vulnerability protection concept with shield icon

Vulnerabilities 2026-01-21 41 views

Critical WordPress Modular DS Flaw Actively Exploited for Admin Takeover

Critical CVE-2026-23550 vulnerability in WordPress Modular DS plugin allows unauthenticated attackers to gain full admin access. Over 40,000 sites at risk.

Read more →

Hacker working on laptop with code representing ChatGPT vulnerability exploitation

Vulnerabilities 2026-01-15 50 views

ZombieAgent: ChatGPT Vulnerability Enables Persistent Data Theft

Radware researchers discover ZombieAgent vulnerability in ChatGPT enabling persistent data theft across multiple user sessions through prompt injection.

Read more →

Shield turning into sword representing AI safeguards weaponization attack

Vulnerabilities 2026-01-15 57 views

Turning AI Safeguards Into Weapons: HITL Dialog Forging Attack

Checkmarx discovers HITL Dialog Forging attack that weaponizes human-in-the-loop AI safeguards by manipulating approval dialogs for malicious actions.

Read more →

Machine learning code and neural network representing AI model format vulnerabilities

Vulnerabilities 2026-01-15 49 views

Remote Code Execution in Modern AI/ML Formats and Libraries

Unit42 discloses RCE vulnerabilities in NVIDIA NeMo, Salesforce, and FlexTok AI libraries through unsafe model configuration deserialization.

Read more →