#Authentication Bypass

CVE-2024-12802 leaves SonicWall Gen6 VPNs exposed after incomplete patching CVE-2024-12802 is the kind of edge-device flaw that can fool defenders twice: once d...

Lucas Oliveira

Research

CVE-2026-20182 makes Cisco SD-WAN controllers an urgent KEV priority CVE-2026-20182 is not landing as a routine patch bulletin. Cisco says the flaw is already b...

Lucas Oliveira

Research

CVE-2026-41940 turns exposed cPanel and WHM servers into control-plane takeover targets CVE-2026-41940 is a critical authentication bypass in cPanel and WHM, an...

Lucas Oliveira

Research

CVE-2026-33032 lets attackers take over exposed nginx-ui servers CVE-2026-33032 is the kind of [vulnerability](https://invaders.ie/resources/glossary/vulnerabil...

Lucas Oliveira

Research

CISA KEV flags Quest KACE SMA auth bypass as a high-priority risk CVE-2025-32975 is the kind of issue defenders should triage quickly because it affects a manag...

Lucas Oliveira

Research

CVE-2026-35616 puts exposed FortiClient EMS servers into the incident-response lane CVE-2026-35616 is the second serious FortiClient EMS story in less than two...

Lucas Oliveira

Research

CVE-2026-35616 puts FortiClient EMS at risk of unauthenticated code execution Fortinet has disclosed a critical FortiClient EMS vulnerability that defenders sho...

Lucas Oliveira

Research

CVE-2025-32975: Quest KACE SMA auth bypass exploited in the wild Executive Summary Since March 2026, the critical CVE-2025-32975 vulnerability in Quest KACE Sys...

Lucas Oliveira

Research