Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
Ravie LakshmananMar 21, 2026Vulnerability / Threat Intelligence Oracle has released security updates…
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
Ravie LakshmananFeb 27, 2026Network Security / Vulnerability The Shadowserver Foundation has revealed…
CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog
Ravie LakshmananFeb 21, 2026Vulnerability / Patch Management The U.S. Cybersecurity and Infrastructure…
Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions
Jan 09, 2026Ravie LakshmananVulnerability / Endpoint Security Trend Micro has released security…
HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution
Dec 18, 2025Ravie LakshmananVulnerability / Enterprise Security Hewlett Packard Enterprise (HPE) has…
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances
Dec 17, 2025Ravie LakshmananVulnerability / Network Security SonicWall has rolled out fixes…
New React RSC Vulnerabilities Enable DoS and Source Code Exposure
Dec 12, 2025Ravie LakshmananSoftware Security / Vulnerability The React team has released…
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
Dec 06, 2025Ravie LakshmananVulnerability / Patch Management The U.S. Cybersecurity and Infrastructure…
Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation
Nov 21, 2025Ravie LakshmananVulnerability / Threat Mitigation Grafana has released security updates…