Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

Nightmare Eclipse Zero-Days: Three zero-day vulnerabilities disclosed by Nightmare Eclipse, complete with exploit code, were ...

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...

Actively exploited CVE-2026-5027 lets attackers write files to arbitrary locations on vulnerable Langflow servers, creating a path to remote code execution and full system compromise.

Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution.

Fortinet, Ivanti, and SAP patched critical flaws up to CVSS 10.0, reducing RCE, admin takeover, and data exposure risks.

Google patches high‑severity Chrome V8 bug (CVE‑2026‑11645) exploited in the wild Flaw allows remote code execution via ...

Tenet Security researchers reveal how new “agentjacking” attacks could trick coding agents into executing arbitrary code ...

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...

MIT's Fractal OS has found the first evidence of Apple M1 Phantom speculation and overturned prior research on the M1's ...

Ivanti Sentry vulnerability patch is mandatory for federal agencies by June 14 under CISA’s BOD 26-04, which replaces flat ...

Two vulnerabilities in the secure mobile gateway appliance allow unauthenticated attackers to bypass authentication and ...