#vulnerability
vulnerability tags
CVE-2025-32975: Quest KACE SMA auth bypass exploited in the wild
CVE-2025-32975: Quest KACE SMA auth bypass exploited in the wild Executive Summary Since March 2026, the critical CVE-2025-32975 vulnerability in Quest KACE Sys...
Lucas Oliveira
Research
CVE-2026-33017: Langflow RCE Hits Exposed AI Pipelines
CVE-2026-33017: Langflow RCE Hits Exposed AI Pipelines | 2026 CVE-2026-33017 is a critical Langflow flaw that turns a public-flow convenience feature into unaut...
Lucas Oliveira
Research
CVE-2026-32746: Critical GNU Inetutils telnetd flaw exposes legacy systems to root RCE
CVE-2026-32746: Critical GNU Inetutils telnetd flaw exposes legacy systems to root RCE Executive Summary CVE-2026-32746 is a critical pre-authentication [vulner...
Lucas Oliveira
Research
Veeam patches critical backup server flaws with RCE risk
Veeam patches critical backup server flaws with RCE risk Veeam’s March 2026 security update deserves immediate attention from enterprise defenders. The company...
Lucas Oliveira
Research
CISA KEV update puts Ivanti, SolarWinds, and Omnissa on urgent patch list
CISA KEV update puts Ivanti, SolarWinds, and Omnissa on urgent patch list CISA’s March 2026 KEV update deserves attention well beyond federal environments. By a...
Lucas Oliveira
Research
ZITADEL 1-Click XSS Enables Account Takeover | 2026
ZITADEL 1-Click XSS Enables Account Takeover | 2026 Executive Summary ZITADEL disclosed CVE-2026-29191 in early March 2026, warning that versions 4.0.0 through...
Lucas Oliveira
Research
Critical Nginx UI Flaw (CVE-2026-27944) Exposes Server Backups
Critical Nginx UI Flaw (CVE-2026-27944) A critical vulnerability has been reported in Nginx UI, tracked as CVE-2026-27944 (CVSS 9.8). The flaw allows unauthenti...
Lucas Oliveira
Research
SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
SolarWinds Web Help Desk: Five Critical Vulnerabilities, Patch Bypass History, and the Most Dangerous IT Service Management Flaw of 2026 Executive Summary On Ja...
Lucas Oliveira
Research
CVE-2026-21643 & CVE-2026-24858: Fortinet Critical Flaws | 2026
Executive Summary Since December 2025, two critical vulnerabilities in Fortinet's infrastructure have created a perfect storm for enterprise compromise: [CVE-20...
Lucas Oliveira
Research
IBM API Connect Authentication Bypass Vulnerability
Published: December 31, 2025 Severity Level: CRITICAL (9.8/10) CVE ID: [CVE-2025-13915](https://nvd.nist.gov/vuln/detail/CVE-2025-13915) --- Executive Summary I...
Lucas Oliveira
Research
Cybersecurity Advisory – WinRAR Zero-Day Exploit by 'RomCom' Hacking Group
📌 Overview A critical cybersecurity incident has emerged involving a severe vulnerability in the popular file archiver WinRAR. The flaw, tracked as CVE-2025-80...
Lucas Oliveira
Research
The July 2025 Zero-Day Storm: SharePoint and CrushFTP Under Active Attack
🛡️ The July 2025 Zero-Day Storm: SharePoint and CrushFTP Under Active Attack The cybersecurity landscape was rocked in July 2025 by two major[ zero-day](/resou...
Lucas Oliveira
Research