Vulnerabilities Archives

Ivanti, Fortinet, SAP, VMware Patch Critical Vulnerabilities

Multiple vendors release fixes for remote code execution, SQL injection and privilege escalation flaws.

YellowKey exploit requires physical access but reliably defeats default BitLocker deployments on Windows 11 systems.

Security researcher releases proof-of-concept for MiniPlasma flaw affecting Windows Cloud Files Mini Filter Driver.

Heap buffer overflow vulnerability affects NGINX versions 0.6.27 through 1.30.0 with possible remote code execution.

Critical heap buffer overflow in ngx_http_rewrite_module affects both NGINX Plus and NGINX Open Source installations.

Cross-site scripting flaw in on-premise Exchange servers enables spoofing attacks via crafted emails.

Maximum-severity vulnerability CVE-2026-20182 with CVSS 10.0 score has been exploited in limited attacks.

Critical vulnerability CVE-2026-20182 in Cisco Catalyst SD-WAN Controller allows admin access, must be patched by…

Patch Tuesday delivers significant workload for administrators but no zero-day exploits reported