Tag: critical vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed active exploitation of a critical vulnerability in the self-hosted Git service Gogs, adding it to the Known Exploited Vulnerabilities (KEV) catalog. Federal Civilian Executive Branch agencies must apply mitigations or discontinue...

Darshit Kothari / January 15, 2026

Cybersecurity Threat Advisory: ServiceNow AI Platform vulnerability

Featured Security

Cybersecurity Threat Advisory: ServiceNow AI Platform vulnerability

ServiceNow has revealed details of a critical vulnerability—now patched—in its AI Platform that could allow an unauthenticated attacker to impersonate any user and execute actions with that user’s privileges. Review this Cybersecurity Threat Advisory now to mitigate your risk and...

Eniola Fakoya / January 15, 2026

Cybersecurity Threat Advisory: HPE OneView vulnerability enables RCE

Featured Security

Cybersecurity Threat Advisory: HPE OneView vulnerability enables RCE

A newly disclosed vulnerability, tracked as CVE‑2025‑37164, affects the Hewlett Packard Enterprise (HPE) OneView product and has been assigned a CVSS score of 10.0. Read this Cybersecurity Threat Advisory for more details and recommended steps to protect your environment. What...

Owen Kenny / December 25, 2025

Cybersecurity Threat Advisory: SonicWall SMA 100 appliance vulnerability

Featured Security

Cybersecurity Threat Advisory: SonicWall SMA 100 appliance vulnerability

A SonicWall SMA 100 vulnerability, tracked as CVE‑2025‑40602, is actively being exploited in the wild. SonicWall has issued patches, and CISA added the flaw to its KEV catalog, requiring federal agencies to patch by Dec. 24, 2025. Read this Cybersecurity...

Asaad Shaikh / December 23, 2025

Cybersecurity Threat Advisory: WinRAR vulnerability exploit

Featured Security

Cybersecurity Threat Advisory: WinRAR vulnerability exploit

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-6218, a path traversal vulnerability in WinRAR for Windows, to its Known Exploited Vulnerabilities (KEV) catalog following confirmed exploitation by multiple advanced persistent threat (APT) groups. Read this Cybersecurity Threat Advisory...

Stacey Landrum / December 15, 2025

Cybersecurity Threat Advisory: Critical FortiCloud SSO flaws

Featured Security

Cybersecurity Threat Advisory: Critical FortiCloud SSO flaws

Fortinet has disclosed two critical authentication bypass vulnerabilities in its FortiCloud SSO login feature. Both carry a CVSS score of 9.8, signaling near-maximum severity. Read this Cybersecurity Threat Advisory for more details on how to secure your network infrastructure. What...

Spartak Myrto / December 12, 2025

Cybersecurity Threat Advisory: Critical Microsoft Outlook vulnerability

Featured Security

Cybersecurity Threat Advisory: Critical Microsoft Outlook vulnerability

A newly disclosed Microsoft Outlook vulnerability, tracked as CVE-2025-62562, could allow for remote code execution (RCE). Read this Cybersecurity Threat Advisory to mitigate you and your clients’ risk now. What is the threat? This use-after-free vulnerability introduces a use-after-free flaw...

Asaad Shaikh / December 11, 2025

Cybersecurity Threat Advisory: Critical Grafana SCIM vulnerability

Featured Security

Cybersecurity Threat Advisory: Critical Grafana SCIM vulnerability

A critical security vulnerability in Grafana Enterprise could allow attackers to escalate privileges and impersonate users. Tracked as CVE-2025-41115, the flaw carries the maximum CVSS score of 10.0. Continue reading this Cybersecurity Threat Advisory to learn how to protect you...

Mandeep Gujral / November 25, 2025

Cybersecurity Threat Advisory: Critical Linux sudo vulnerability

Featured Security

Cybersecurity Threat Advisory: Critical Linux sudo vulnerability

Security researchers have uncovered a serious vulnerability in sudo, the tool that runs commands with elevated privileges on Linux systems. It is tracked as CVE-2025-32463 and carries a CVSS score of 9.3. This flaw poses a serious risk to Linux...

Asaad Shaikh / October 2, 2025

Cybersecurity Threat Advisory: Critical Microsoft Entra ID vulnerability

Featured Security

Cybersecurity Threat Advisory: Critical Microsoft Entra ID vulnerability

A critical token validation vulnerability, tracked as CVE-2025-55241 with a CVSS of 10, in Microsoft Entra ID has been discovered. This flaw could have allowed attackers to impersonate any user, including global admins, across any tenant. Continue reading this Cybersecurity...

Spartak Myrto / September 23, 2025

Categories

Tags

Archives

Tag: critical vulnerability

Cybersecurity Threat Advisory: Path traversal RCE in Gogs

Cybersecurity Threat Advisory: ServiceNow AI Platform vulnerability

Cybersecurity Threat Advisory: HPE OneView vulnerability enables RCE

Cybersecurity Threat Advisory: SonicWall SMA 100 appliance vulnerability

Cybersecurity Threat Advisory: WinRAR vulnerability exploit

Cybersecurity Threat Advisory: Critical FortiCloud SSO flaws

Cybersecurity Threat Advisory: Critical Microsoft Outlook vulnerability

Cybersecurity Threat Advisory: Critical Grafana SCIM vulnerability

Cybersecurity Threat Advisory: Critical Linux sudo vulnerability

Cybersecurity Threat Advisory: Critical Microsoft Entra ID vulnerability