#CVE
CISA KEV flags Quest KACE SMA auth bypass as a high-priority risk
CISA KEV flags Quest KACE SMA auth bypass as a high-priority risk CVE-2025-32975 is the kind of issue defenders should triage quickly because it affects a manag...
Lucas Oliveira
Research
SGLang CVE-2026-5760 turns malicious GGUF models into RCE
SGLang CVE-2026-5760 turns malicious GGUF models into RCE Executive summary A newly disclosed flaw in SGLang means a malicious GGUF model file can become an exe...
Lucas Oliveira
Research
Apache ActiveMQ RCE CVE-2026-34197 Lands in CISA KEV
Apache ActiveMQ RCE CVE-2026-34197 lands in CISA KEV Executive summary CISA has added CVE-2026-34197 to the Known Exploited Vulnerabilities catalog after attack...
Lucas Oliveira
Research
CVE-2026-5194 weakens wolfSSL certificate trust in embedded deployments
CVE-2026-5194 weakens wolfSSL certificate trust in embedded deployments CVE-2026-5194 is a reminder that core cryptographic libraries can create outsized enterp...
Lucas Oliveira
Research
CVE-2026-39987 puts exposed Marimo notebooks on a fast credential-theft path
CVE-2026-39987 puts exposed Marimo notebooks on a fast credential-theft path CVE-2026-39987 is a sharp reminder that smaller developer and data-science platform...
Lucas Oliveira
Research
CVE-2026-22557 puts internet-exposed UniFi controllers at account-takeover risk
CVE-2026-22557 puts internet-exposed UniFi controllers at account-takeover risk CVE-2026-22557 is the kind of infrastructure flaw defenders should treat as urge...
Lucas Oliveira
Research
CVE-2026-34040 puts Docker image-mount trust on the host-root risk path
CVE-2026-34040 puts Docker image-mount trust on the host-root risk path CVE-2026-34040 is the kind of Docker bug that changes the conversation from ordinary con...
Lucas Oliveira
Research
CVE-2026-35616 puts exposed FortiClient EMS servers into the incident-response lane
CVE-2026-35616 puts exposed FortiClient EMS servers into the incident-response lane CVE-2026-35616 is the second serious FortiClient EMS story in less than two...
Lucas Oliveira
Research
CVE-2026-35616 puts FortiClient EMS at risk of unauthenticated code execution
CVE-2026-35616 puts FortiClient EMS at risk of unauthenticated code execution Fortinet has disclosed a critical FortiClient EMS vulnerability that defenders sho...
Lucas Oliveira
Research
CVE-2025-53521 turns into an actively exploited F5 BIG-IP APM RCE
CVE-2025-53521 turns into an actively exploited F5 BIG-IP APM RCE CVE-2025-53521 is now the kind of edge-device flaw defenders cannot afford to treat as old new...
Lucas Oliveira
Research
CVE-2026-3502 turns TrueConf updates into a KEV-listed malware channel
CVE-2026-3502 turns TrueConf updates into a KEV-listed malware channel CVE-2026-3502 is the kind of vulnerability defenders should pay attention to even if True...
Lucas Oliveira
Research
GIGABYTE Control Center flaw turns a convenience utility into a remote compromise path
GIGABYTE Control Center flaw turns a convenience utility into a remote compromise path Security teams often focus on browsers, VPNs, and internet-facing servers...
Lucas Oliveira
Research