F5 fixes CVE-2026-42530 and CVE-2026-42055 in NGINX Open Source, addressing HTTP/3 and HTTP/2 flaws that could allow remote ...

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...

F5 has patched multiple NGINX vulnerabilities, including critical flaws leading to unauthenticated, remote code execution.

Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and ...

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity ...

Actively exploited CVE-2026-5027 lets attackers write files to arbitrary locations on vulnerable Langflow servers, creating a path to remote code execution and full system compromise.

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...

Three vulnerabilities disclosed in the SEPPmail Secure Email Gateway in recent weeks have put thousands of organizations on ...