A command injection flaw in the Windows Notepad App now gives remote attackers a path to execute code over a network, turning ...

CVE-2026-21525 is a denial-of-service vulnerability affecting the Windows Remote Access Connection Manager. “Exploitation is local, requires no privileges, and does not rely on user interaction,” ...

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager ...

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.

Google has patched a high-severity zero-day bug in its Chrome Web browser that attackers are actively exploiting. It paves the way for code execution and other cyberattacks on targeted endpoints. The ...

Docker patched a critical Ask Gordon AI flaw enabling code execution and data theft via malicious image metadata in version 4.50.0.

Vulnerabilities that went undetected for a decade left thousands of macOS and iOS apps susceptible to supply-chain attacks. Hackers could have added malicious code compromising the security of ...

Anthropic's Opus 4.6 system card breaks out prompt injection attack success rates by surface, attempt count, and safeguard ...

SAP platforms, used by 99 of the Fortune 100 companies and with over 280 million cloud subscribers worldwide, are among the most reliable business applications. As SAP administrators, your role in ...

Vulnerabilities in PDF platforms from Foxit and Apryse could have been exploited for account takeover, data exfiltration, and ...