vulnerability
CVE-2026-33032 in nginx-ui Enables Full Nginx Server Takeover via Unauthenticated MCP Access
CVE-2026-33032 in nginx-ui Enables Full Nginx Server Takeover via Unauthenticated MCP Access A critical flaw in nginx-ui, the web-based Nginx management tool, c...
Lucas Oliveira
Research
CVE-2026-5194 weakens wolfSSL certificate trust in embedded deployments
CVE-2026-5194 weakens wolfSSL certificate trust in embedded deployments CVE-2026-5194 is a reminder that core cryptographic libraries can create outsized enterp...
Lucas Oliveira
Research
Docker AuthZ Plugin Bypass in CVE-2026-34040 Weakens API-Level Container Controls
Docker AuthZ Plugin Bypass in CVE-2026-34040 Weakens API-Level Container Controls A newly disclosed Docker Engine and Moby flaw, tracked as CVE-2026-34040, show...
Lucas Oliveira
Research
CVE-2026-22557 puts internet-exposed UniFi controllers at account-takeover risk
CVE-2026-22557 puts internet-exposed UniFi controllers at account-takeover risk CVE-2026-22557 is the kind of infrastructure flaw defenders should treat as urge...
Lucas Oliveira
Research
CVE-2026-34040 puts Docker image-mount trust on the host-root risk path
CVE-2026-34040 puts Docker image-mount trust on the host-root risk path CVE-2026-34040 is the kind of Docker bug that changes the conversation from ordinary con...
Lucas Oliveira
Research
CVE-2026-35616 puts exposed FortiClient EMS servers into the incident-response lane
CVE-2026-35616 puts exposed FortiClient EMS servers into the incident-response lane CVE-2026-35616 is the second serious FortiClient EMS story in less than two...
Lucas Oliveira
Research
CVE-2026-35616 puts FortiClient EMS at risk of unauthenticated code execution
CVE-2026-35616 puts FortiClient EMS at risk of unauthenticated code execution Fortinet has disclosed a critical FortiClient EMS vulnerability that defenders sho...
Lucas Oliveira
Research
CVE-2025-53521 turns into an actively exploited F5 BIG-IP APM RCE
CVE-2025-53521 turns into an actively exploited F5 BIG-IP APM RCE CVE-2025-53521 is now the kind of edge-device flaw defenders cannot afford to treat as old new...
Lucas Oliveira
Research
CVE-2026-3502 turns TrueConf updates into a KEV-listed malware channel
CVE-2026-3502 turns TrueConf updates into a KEV-listed malware channel CVE-2026-3502 is the kind of vulnerability defenders should pay attention to even if True...
Lucas Oliveira
Research
GIGABYTE Control Center flaw turns a convenience utility into a remote compromise path
GIGABYTE Control Center flaw turns a convenience utility into a remote compromise path Security teams often focus on browsers, VPNs, and internet-facing servers...
Lucas Oliveira
Research
CVE-2026-21643: FortiClient EMS exploitation puts exposed endpoint managers at immediate risk
CVE-2026-21643: FortiClient EMS exploitation puts exposed endpoint managers at immediate risk CVE-2026-21643 is the kind of flaw defenders should treat as an im...
Lucas Oliveira
Research
CVE-2025-53521: F5 BIG-IP APM KEV warning raises urgent RCE risk
CVE-2025-53521: F5 BIG-IP APM KEV warning raises urgent RCE risk CVE-2025-53521 has become a much bigger operational problem than many defenders first assumed....
Lucas Oliveira
Research