#vulnerability
vulnerability tags
CVE-2026-5194 weakens wolfSSL certificate trust in embedded deployments
CVE-2026-5194 weakens wolfSSL certificate trust in embedded deployments CVE-2026-5194 is a reminder that core cryptographic libraries can create outsized enterp...
Lucas Oliveira
Research
CVE-2026-39987 puts exposed Marimo notebooks on a fast credential-theft path
CVE-2026-39987 puts exposed Marimo notebooks on a fast credential-theft path CVE-2026-39987 is a sharp reminder that smaller developer and data-science platform...
Lucas Oliveira
Research
CVE-2026-22557 puts internet-exposed UniFi controllers at account-takeover risk
CVE-2026-22557 puts internet-exposed UniFi controllers at account-takeover risk CVE-2026-22557 is the kind of infrastructure flaw defenders should treat as urge...
Lucas Oliveira
Research
CVE-2026-35616 puts FortiClient EMS at risk of unauthenticated code execution
CVE-2026-35616 puts FortiClient EMS at risk of unauthenticated code execution Fortinet has disclosed a critical FortiClient EMS vulnerability that defenders sho...
Lucas Oliveira
Research
CVE-2025-53521 turns into an actively exploited F5 BIG-IP APM RCE
CVE-2025-53521 turns into an actively exploited F5 BIG-IP APM RCE CVE-2025-53521 is now the kind of edge-device flaw defenders cannot afford to treat as old new...
Lucas Oliveira
Research
CVE-2026-3502 turns TrueConf updates into a KEV-listed malware channel
CVE-2026-3502 turns TrueConf updates into a KEV-listed malware channel CVE-2026-3502 is the kind of vulnerability defenders should pay attention to even if True...
Lucas Oliveira
Research
CVE-2025-32975: Quest KACE SMA auth bypass exploited in the wild
CVE-2025-32975: Quest KACE SMA auth bypass exploited in the wild Executive Summary Since March 2026, the critical CVE-2025-32975 vulnerability in Quest KACE Sys...
Lucas Oliveira
Research
CVE-2026-33017: Langflow RCE Hits Exposed AI Pipelines
CVE-2026-33017: Langflow RCE Hits Exposed AI Pipelines | 2026 CVE-2026-33017 is a critical Langflow flaw that turns a public-flow convenience feature into unaut...
Lucas Oliveira
Research
CVE-2026-32746: Critical GNU Inetutils telnetd flaw exposes legacy systems to root RCE
CVE-2026-32746: Critical GNU Inetutils telnetd flaw exposes legacy systems to root RCE Executive Summary CVE-2026-32746 is a critical pre-authentication [vulner...
Lucas Oliveira
Research
Veeam patches critical backup server flaws with RCE risk
Veeam patches critical backup server flaws with RCE risk Veeam’s March 2026 security update deserves immediate attention from enterprise defenders. The company...
Lucas Oliveira
Research
CISA KEV update puts Ivanti, SolarWinds, and Omnissa on urgent patch list
CISA KEV update puts Ivanti, SolarWinds, and Omnissa on urgent patch list CISA’s March 2026 KEV update deserves attention well beyond federal environments. By a...
Lucas Oliveira
Research
ZITADEL 1-Click XSS Enables Account Takeover | 2026
ZITADEL 1-Click XSS Enables Account Takeover | 2026 Executive Summary ZITADEL disclosed CVE-2026-29191 in early March 2026, warning that versions 4.0.0 through...
Lucas Oliveira
Research