Technology ❯ Software Development

Security Flaws

Remote Code Execution Input Validation Exploit Techniques Malware CVE Identifiers Zero-Day Vulnerabilities Privilege Escalation Implementation Issues Patching Zero-Click Attacks User Privacy Deserialization Vulnerabilities Digital Signatures Database Security Exploit Mitigation Operational Security Patch Development Severity Ratings Local File Inclusion CVE Use-After-Free Vulnerabilities Code Execution Vishing Injection Attacks Identification Systems Research Zero-Day Exploits Use-After-Free Bugs CVE-2025-55177 Server-Side Request Forgery

Microsoft Defender Zero-Days Are Being Exploited as Two Remain Unpatched

Public exploit code accelerated real-world attacks, according to Huntress.

GrafanaGhost Vulnerability Lets AI Features Leak Data From Grafana

Fortinet FortiClient EMS CVE-2026-21643 Now Under Active Exploitation

Salesforce Alerts Customers to Experience Cloud Scans After ShinyHunters Claims Data Thefts

Google Rushes Patch for Chrome Zero‑Day Exploited in the Wild

n8n Issues Fixes After JFrog Uncovers Sandbox Escapes Allowing Authenticated RCE

EU-Backed GCVE Launches as Decentralized Alternative to CVE

Active Attacks Target Adobe Commerce With 'SessionReaper' Exploit

Active Exploits Target Gladinet CentreStack and TrioFox Zero-Day That Can Lead to RCE

Google Patches 'Gemini Trifecta' Flaws Enabling Indirect Prompt Injection

SolarWinds Ships Third Hotfix for Critical Web Help Desk RCE Bypass

CISA Adds Actively Exploited DELMIA Apriso Flaw to KEV With Oct. 2 Fix Deadline

Commvault Patches Four Flaws That Enable Pre‑Auth RCE Chains in On‑Prem Backup Suite

Trend Micro Releases Mitigation Tool for Critical Apex One Zero-Days

Google Deploys Protections for Gmail AI Summaries to Thwart Phishing Exploit

Microsoft Fixes Zero-Click EchoLeak Flaw in Copilot as Researchers Call for AI Agent Redesign