#Authentication Bypass
Check Point hotfixes actively exploited IKEv1 VPN bypass
Check Point hotfixes actively exploited IKEv1 VPN bypass CVE-2026-50751 is the kind of security flaw that punishes organizations for leaving legacy remote-acces...
Lucas Oliveira
Research
PAN-OS GlobalProtect auth bypass is now an incident response problem
PAN-OS GlobalProtect auth bypass is now an incident response problem Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, an authentication by...
Lucas Oliveira
Research
Palo Alto GlobalProtect auth bypass turns cookie trust into VPN access risk
Palo Alto GlobalProtect auth bypass turns cookie trust into VPN access risk CVE-2026-0257 matters because it turns a trust shortcut on the VPN edge into an iden...
Lucas Oliveira
Research
CVE-2024-12802 leaves SonicWall Gen6 VPNs exposed after incomplete patching
CVE-2024-12802 leaves SonicWall Gen6 VPNs exposed after incomplete patching CVE-2024-12802 is the kind of edge-device flaw that can fool defenders twice: once d...
Lucas Oliveira
Research
CVE-2026-20182 makes Cisco SD-WAN controllers an urgent KEV priority
CVE-2026-20182 makes Cisco SD-WAN controllers an urgent KEV priority CVE-2026-20182 is not landing as a routine patch bulletin. Cisco says the flaw is already b...
Lucas Oliveira
Research
CVE-2026-41940 turns exposed cPanel and WHM servers into control-plane takeover targets
CVE-2026-41940 turns exposed cPanel and WHM servers into control-plane takeover targets CVE-2026-41940 is a critical authentication bypass in cPanel and WHM, an...
Lucas Oliveira
Research
CVE-2026-33032 lets attackers take over exposed nginx-ui servers
CVE-2026-33032 lets attackers take over exposed nginx-ui servers CVE-2026-33032 is the kind of [vulnerability](https://invaders.ie/resources/glossary/vulnerabil...
Lucas Oliveira
Research
CISA KEV flags Quest KACE SMA auth bypass as a high-priority risk
CISA KEV flags Quest KACE SMA auth bypass as a high-priority risk CVE-2025-32975 is the kind of issue defenders should triage quickly because it affects a manag...
Lucas Oliveira
Research
CVE-2026-35616 puts exposed FortiClient EMS servers into the incident-response lane
CVE-2026-35616 puts exposed FortiClient EMS servers into the incident-response lane CVE-2026-35616 is the second serious FortiClient EMS story in less than two...
Lucas Oliveira
Research
CVE-2026-35616 puts FortiClient EMS at risk of unauthenticated code execution
CVE-2026-35616 puts FortiClient EMS at risk of unauthenticated code execution Fortinet has disclosed a critical FortiClient EMS vulnerability that defenders sho...
Lucas Oliveira
Research
CVE-2025-32975: Quest KACE SMA auth bypass exploited in the wild
CVE-2025-32975: Quest KACE SMA auth bypass exploited in the wild Executive Summary Since March 2026, the critical CVE-2025-32975 vulnerability in Quest KACE Sys...
Lucas Oliveira
Research