Vulnerebility Blog- 2026 2025 2024 2023 2022 2021 2020 2019 2018
APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
DATE | NAME |
Info | CATEG. |
WEB |
| 25.4.26 | The calm before the ransom: What you see is not all there is | A breach claims the systems as well as the confidence that was, in retrospect, a major vulnerability | Vulnerebility blog | Eset |
| 18.4.26 | The Week in Vulnerabilities: Azure AI, Spring AI, Fortinet, and Critical ICS Exposure | Cyble’s weekly vulnerability report tracked 1,431 vulnerabilities and 6 ICS flaws last week. Know more... | Vulnerebility blog | Cyble |
| 18.4.26 | A Deep Dive Into Attempted Exploitation of CVE-2023-33538 | We identified active, automated scans and probes attempting to exploit CVE-2023-33538, a vulnerability in several end-of-life TP-Link Wi-Fi router models: | Vulnerebility blog | Palo Alto |
| 18.4.26 | The Q1 vulnerability pulse | Thor provides an overview of the Q1 2026 vulnerability statistics, highlighting key trends in legacy CVEs and the evolving impact of AI on the threat landscape. | Vulnerebility blog | CISCO TALOS |
| 18.4.26 | Foxit, LibRaw vulnerabilities | Cisco Talos’ Vulnerability Discovery & Research team recently disclosed one Foxit Reader vulnerability, and six LibRaw file reader vulnerabilities. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s thir | Vulnerebility blog | CISCO TALOS |
| 11.4.26 | Eclypsium Detects F5 BIG-IP Remote Code Execution Vulnerability (CVE-2025-53521) | A vulnerability in F5 BIG-IP systems that allows unauthenticated remote code execution by attackers has been added to the CISA Known Exploited Vulnerabilities catalog. CVE-2025-53521 was disclosed on October 15, 2025, but only added to the KEV on March 27, 2026. The vulnerability was originally given a severity score of 7.5, but was adjusted upward to 9.8 when new information emerged in March. | Vulnerebility blog | Eclypsium |
| 11.4.26 | The Week in Vulnerabilities: OpenClaw, FreeBSD, F5 BIG-IP, and Critical ICS Bugs | Vulnerabilities in OpenClaw, FreeBSD, F5 BIG-IP, and industrial control systems show risks growing across enterprise and critical infrastructure environments. | Vulnerebility blog | Cyble |
| 11.4.26 | Year in Review: Vulnerabilities old and new and something React2 | The year was characterized by an unending beat-down on infrastructure that relied on older enmeshed dependencies (e.g., Log4j and PHPUnit), while React2Shell rocketed to the highest percentage of attacks for the entire year within the last three weeks of 2025. | Vulnerebility blog | CISCO TALOS |
| 4.4.26 | Eclypsium Detects F5 BIG-IP Remote Code Execution Vulnerability (CVE-2025-53521) | A vulnerability in F5 BIG-IP systems that allows unauthenticated remote code execution by attackers has been added to the CISA Known Exploited Vulnerabilities catalog. CVE-2025-53521 was disclosed on October 15, 2025, but only added to the KEV on March 27, 2026. | Vulnerebility blog | Eclypsium |
| 4.4.26 | Three Decades for a 3-Line Fix: The Critical telnetd Bug Hiding in Plain Sight (CVE-2026-32746) | The SonicWall Capture Labs threat research team became aware of an out-of-bounds write vulnerability in the Telnet server shipped with GNU Inetutils, assessed its impact and developed mitigation measures. Telnetd hardly needs an introduction. It is one of the oldest and most widely distributed network utilities on Linux systems. | Vulnerebility blog | SonicWall |
| 28.3.26 | Juniper JunOS Evolved Pre-authenticated Remote Code Execution (CVE-2026-21902) | The SonicWall Capture Labs threat research team became aware of a severe unauthenticated Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS Evolved (PTX Series), assessed their impact, and developed mitigation measures. | Vulnerebility blog | SonicWall |
| 28.3.26 | Three Decades for a 3-Line Fix: The Critical telnetd Bug Hiding in Plain Sight (CVE-2026-32746) | The SonicWall Capture Labs threat research team became aware of an out-of-bounds write vulnerability in the Telnet server shipped with GNU Inetutils, assessed its impact and developed mitigation measures. Telnetd hardly needs an introduction. It is one of the oldest and most widely distributed network utilities on Linux systems. | Vulnerebility blog | SonicWall |
| 28.3.26 | Google Authenticator: The Hidden Mechanisms of Passwordless Authentication | Passwordless authentication is often presented as the end of account takeover. But to understand the real threat landscape, we need to examine how passwordless is actually deployed in the real world. Attackers do not break protocols in theory. | Vulnerebility blog | Palo Alto |
| 28.3.26 | TP-Link, Canva, HikVision vulnerabilities | Cisco Talos’ Vulnerability Discovery & Research team recently disclosed a vulnerability in HikVision, as well as 10 in TP-Link, and 19 in Canva. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-p | Vulnerebility blog | CISCO TALOS |
| 21.3.26 | Your KVM is the Weak Link: How $30 Devices Can Own Your Entire Network | 9 vulnerabilities across 4 vendors turn low-cost IP-KVMs into attack platforms | Vulnerebility blog | Eclypsium |
| 21.3.26 | The Week in Vulnerabilities: Juniper, Cisco SD-WAN, and Critical ICS Exposure | Critical Juniper, Cisco SD-WAN, and EV charging infrastructure vulnerabilities surfaced on underground forums, while ICS flaws impacted Energy and Transportation sectors. | Vulnerebility blog | Cyble |
| 21.3.26 | Juniper JunOS Evolved Pre-authenticated Remote Code Execution (CVE-2026-21902) | The SonicWall Capture Labs threat research team became aware of a severe unauthenticated Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS Evolved (PTX Series), assessed their impact, and developed mitigation measures. Juniper PTX Series routers are high-performance core and peering routers built for high throughput, low latency, and scale. They are commonly used by internet service providers, telecommunication services, and cloud network applications. | Vulnerebility blog | SonicWall |
| 21.3.26 | A Deep Dive into the GetProcessHandleFromHwnd API | In my previous blog post I mentioned the GetProcessHandleFromHwnd API. This was an API I didn’t know existed until I found a publicly disclosed UAC bypass using the Quick Assist UI Access application. This API looked interesting so I thought I should take a closer look. | Vulnerebility blog | PROJECT ZERO |
| 14.3.26 | DirectX, OpenFOAM, Libbiosig vulnerabilities | Cisco Talos’ Vulnerability Discovery & Research team recently disclosed vulnerabilities in the BioSig Project Libbiosig library and OpenCFD OpenFOAM, as well as an unpatched vulnerability in Microsoft DirectX. The vulnerabilities mentioned in this blog post have been patched | Vulnerebility blog | CISCO TALOS |
| 14.3.26 | Microsoft Patch Tuesday for March 2026 — Snort rules and prominent vulnerabilities | Microsoft has released its monthly security update for March 2026 which includes 79 vulnerabilities, including three that Microsoft marked as “critical.” | Vulnerebility blog | CISCO TALOS |
| 7.3.26 | Budibase Cloud View Filter Eval Injection Allows Full Remote Code Execution | SonicWall Capture Labs threat research team became aware of the threat CVE-2026-27702, assessed its impact, and developed mitigation measures for this vulnerability. CVE-2026-27702, also known as Budibase Cloud View Filter Map Function RCE, is a critical remote code execution vulnerability affecting Budibase in versions prior to 3.30.4. | Vulnerebility blog | SonicWall |
| 7.3.26 | Patch, track, repeat: The 2025 CVE retrospective | Thor analyzes CVE data from 2025 and provides recommendations for where and how organizations should strengthen their defenses. | Vulnerebility blog | CISCO TALOS |
| 28.2.26 | Cisco SD-WAN vulnerabilities (CVE-2026-20127, CVE-2022-20775) in active exploitation | On February 25, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and UK National Cyber Security Centre warned that vulnerabilities affecting Cisco software-defined wide-area network (SD-WAN) systems (CVE-2026-20127 and CVE-2022-20775) are actively being exploited. | Vulnerebility blog | SOPHOS |
| 28.2.26 | Mandiant and Google Threat Intelligence Group (GTIG) have identified the zero-day exploitation of a high-risk vulnerability in Dell RecoverPoint for Virtual Machines, tracked as CVE-2026-22769, with a CVSSv3.1 score of 10.0 | Vulnerebility blog | GTI | |
| 28.2.26 | The Week in Vulnerabilities: WordPress, BeyondTrust, and Critical ICS Bugs | Critical WordPress, BeyondTrust, Honeywell CCTV, and PUSR router vulnerabilities surfaced on underground forums, while CISA issued 8 ICS advisories impacting critical manufacturing sectors. | Vulnerebility blog | Cyble |
| 28.2.26 | From Token Theft to Full System Takeover: Breaking OpenClaw’s RCE Flaw (CVE-2026-25253) | The SonicWall Capture Labs threat research team became aware of an authentication token theft vulnerability in OpenClaw, assessed its impact and developed mitigation measures. OpenClaw is a widely used open-source AI assistant platform that integrates with numerous messaging services and provides deep system-level capabilities. | Vulnerebility blog | SonicWall |
| 28.2.26 | Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852 | Check Point Research has discovered critical vulnerabilities in Anthropic’s Claude Code that allow attackers to achieve remote code execution and steal API credentials through malicious project configurations. | Vulnerebility blog | CHECKPOINT |
| 28.2.26 | Active exploitation of Cisco Catalyst SD-WAN by UAT-8616 | Cisco Talos is tracking the active exploitation of CVE-2026-20127, a vulnerability in Cisco Catalyst SD-WAN Controller, formerly vSmart, that allows an unauthenticated remote attacker to bypass authentication and obtain administrative privileges. | Vulnerebility blog | CISCO TALOS |
| 28.2.26 | “Good enough” emulation: Fuzzing a single thread to uncover vulnerabilities | A Talos researcher used targeted emulation of the Socomec DIRIS M-70 gateway’s Modbus thread to uncover six patched vulnerabilities, showcasing efficient tools and methods for IoT security testing. | Vulnerebility blog | CISCO TALOS |
| 21.2.26 | The Week in Vulnerabilities: SolarWinds, Ivanti, and Critical ICS Exposure | Critical SolarWinds, Ivanti EPMM, Microsoft Office, and Siemens ICS vulnerabilities are being discussed on underground forums, while 15 CISA ICS advisories impacted Energy and Critical Manufacturing sectors. | Vulnerebility blog | Cyble |
| 21.2.26 | VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731) | On Feb. 6, 2026, BeyondTrust released a security advisory regarding CVE-2026-1731. BeyondTrust is an identity and access management platform. This specific vulnerability involves a pre-authentication remote code execution (RCE) issue within BeyondTrust remote support software. | Vulnerebility blog | Palo Alto |
| 21.2.26 | Critical Vulnerabilities in Ivanti EPMM Exploited | Two critical zero-day vulnerabilities (CVE-2026-1281 and CVE-2026-1340) affecting Ivanti Endpoint Manager Mobile (EPMM) are being actively exploited in the wild, affecting enterprise mobile fleets and corporate networks. These vulnerabilities allow unauthenticated attackers to remotely execute arbitrary code on target servers, granting them full control over mobile device management (MDM) infrastructure without requiring user interaction or credentials. | Vulnerebility blog | Palo Alto |
| 14.2.26 | The Week in Vulnerabilities: SolarWinds, AI Fixes Urged by Cyble | SolarWinds Web Help Desk and OpenClaw flaws are among the vulnerabilities, drawing significant interest by threat actors. | Vulnerebility blog | Cyble |
| 14.2.26 | The Bug Report - January 2026 Edition | New Year, new exploits! We break down critical January CVEs in Microsoft Office, n8n, and AI tools. Don't let your resolution be a breach—read the report. | Vulnerebility blog | Trelix |
| 7.2.2026 | The Week in Vulnerabilities: Open-Sources Fixes Urged by Cyble | Vulnerabilities affecting n8n, OpenSSL and GNU Inetutils are among the flaws being noticed by threat actors and security researchers alike. | Vulnerebility blog | Cyble |
| 7.2.2026 | Living Off Legit Tools: Stealthy Installation of Remote Monitoring Agents Using SmartScreen Bypass | Recently, the SonicWall Capture Labs threat research team has observed a new campaign delivering batch files leading to unwanted installation of remote connect software like ScreenConnect or Action1 Agent. Once installed, a service is created so, threat actors may get control of the infected system. | Vulnerebility blog | SonicWall |
| 1.2.26 | Microsoft Office vulnerability (CVE-2026-21509) in active exploitation | On January 26, 2026, Microsoft released an out-of-band update to address a high-severity (CVSS score of 7.8) vulnerability affecting multiple Microsoft Office products. This vulnerability, tracked as CVE-2026-21509, is being actively exploited in the wild and has been added to CISA's Known Exploited Vulnerabilities (KEV) Catalog. | Vulnerebility blog | SOPHOS |
| 1.2.26 | Fortinet Under Fire: Why Your Network Edge Remains Attackers' Favorite Entry Point | Fortinet’s January patch for CVE-2025-59718 didn’t hold. On January 21, FortiGate admins began reporting that patched systems were still being exploited. Two days later, Fortinet confirmed the patch had failed to fully remediate the vulnerability. As reported by BleepingComputer, Fortinet is now recommending that admins restrict administrative access and disable FortiCloud SSO while they work on a follow-up fix. | Vulnerebility blog | Eclypsium |
| 1.2.26 | Fortinet Under Fire: Why Your Network Edge Remains Attackers' Favorite Entry Point | Fortinet’s January patch for CVE-2025-59718 didn’t hold. On January 21, FortiGate admins began reporting that patched systems were still being exploited. Two days later, Fortinet confirmed the patch had failed to fully remediate the vulnerability. As reported by BleepingComputer, Fortinet is now recommending that admins restrict administrative access and disable FortiCloud SSO while they work on a follow-up fix. | Vulnerebility blog | Eclypsium |
| 1.2.26 | The Week in Vulnerabilities: Cyble Urges Oracle, OpenStack Fixes | Oracle, OpenStack, SAP, Salesforce and ServiceNow are among the high-profile enterprise products with vulnerabilities in need of attention by security teams. | Vulnerebility blog | Cyble |
| 1.2.26 | "Ni8mare" - RCE Vulnerability in N8n AI Workflow Automation (CVE-2026-21858) | The SonicWall Capture Labs threat research team became aware of a Critical unauthenticated file read vulnerability in n8n – a flexible AI workflow automation platform, assessed their impact, and developed mitigation measures. | Vulnerebility blog | SonicWall |
| 1.2.26 | Multiple vulnerabilities in SolarWinds Web Help Desk Leading to RCE: CVE-2025-40551 | The SonicWall Capture Labs threat research team became aware of a critical vulnerability chain in SolarWinds Web Help Desk (WHD), assessed its impact and developed mitigation measures. | Vulnerebility blog | SonicWall |
| 1.2.26 | Foxit, Epic Games Store, MedDreams vulnerabilities | Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Foxit PDF Editor, one in the Epic Games Store, and twenty-one in MedDream PACS.. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, al | Vulnerebility blog | CISCO TALOS |
| 1.2.26 | Microsoft releases update to address zero-day vulnerability in Microsoft Office | Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office that has been reportedly exploited in the wild. | Vulnerebility blog | CISCO TALOS |
| 1.2.26 | Bypassing Windows Administrator Protection | A headline feature introduced in the latest release of Windows 11, 25H2 is Administrator Protection. The goal of this feature is to replace User Account Control (UAC) with a more robust and importantly, securable system to allow a local user to access administrator privileges only when necessary. | Vulnerebility blog | Project Zero |
| 24.1.26 | Foxit, Epic Games Store, MedDreams vulnerabilities | Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Foxit PDF Editor, one in the Epic Games Store, and twenty-one in MedDream PACS.. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, al | Vulnerebility blog | CISCO TALOS |
| 17.1.26 | Executive Summary Check Point Research identified active, large-scale exploitation of CVE-2025-37164, a critical remote code ... | Vulnerebility blog | CHECKPOINT | |
| 17.1.26 | Threat Brief: MongoDB Vulnerability (CVE-2025-14847) | On Dec. 19, 2025, MongoDB publicly disclosed MongoBleed, a security vulnerability (CVE-2025-14847) that allows unauthenticated attackers to leak sensitive heap memory by exploiting a trust issue in how MongoDB Server handles zlib-compressed network messages. This flaw occurs prior to authentication, meaning an attacker only needs network access to the database's default port to trigger it. | Vulnerebility blog | Palo Alto |
| 17.1.26 | Analyzing React2Shell Threat Actors | In this installment of the Sensor Intel Series, we provide an analysis of the most exploited vulnerabilities, highlighting trends and significant activity, with a deep-dive into React2Shell exploitation attempts, methods and tactics. This article focuses on the top 10 CVEs, their rankings, and long-term trends, offering insights into the evolving threat landscape. | Vulnerebility blog | F5 |
| 10.1.26 | The Week in Vulnerabilities: 2026 Starts with 100 PoCs and New Exploits | The year may be a little more than a week old, but threat actors have already amassed nearly 100 Proof of Concepts and newly exploited vulnerabilities. | Vulnerebility blog | |
| 10.1.26 | Singapore Cyber Agency Warns of Critical IBM API Connect Vulnerability (CVE-2025-13915) | A critical authentication bypass flaw, CVE-2025-13915, affects IBM API Connect. Singapore issues alert as IBM releases fixes. | Vulnerebility blog | |
| 10.1.26 | Fortinet Under Fire: Why Your Network Edge Remains Attackers' Favorite Entry Point | CVE-2020-12812, a five-year-old authentication bypass flaw that should have been relegated to history, is being actively exploited. Coming on the heels of two brand-new SAML authentication bypass vulnerabilities (CVE-2025-59718 and CVE-2025-59719) discovered in late 2025, Fortinet administrators must be on high alert and work to remediate them as quickly as possible, as the trend of network device exploitation is continuing. | Vulnerebility blog | Eclypsium |
| 10.1.26 | MongoBleed MongoDB SBE Use-After-Free (CVE-2025-6706 / CVE-2025-14847) | SonicWall Capture Labs threat research team became aware of the threats CVE-2025-6706 and CVE-2025-14847, assessed their impact, and developed mitigation measures for these vulnerabilities. CVE-2025-6706, also known as MongoDB SBE Use-After-Free, is a critical memory corruption vulnerability affecting MongoDB Server in versions 7.0.0 through 7.0.16. | Vulnerebility blog | SonicWall |