CVE-2026-20245: Cisco SD-WAN Manager Zero-Day Enables Root Command Execution
Cisco has disclosed a seventh SD-WAN zero-day exploited in 2026, tracked as CVE-2026-20245. The flaw affects the command-line interface of…
Threats
CVE-2026-49975: HTTP/2 Bomb Attack Can Knock Web Servers Offline in Seconds
A newly disclosed denial-of-service vulnerability, tracked as CVE-2026-49975, shows how long-known HTTP/2 weaknesses can still be chained into a highly…
CVE-2026-48095: 7-Zip Heap Buffer Overflow Can Lead to Code Execution
CVE-2026-48095 in 7-Zip has raised fresh concerns around malicious archive handling and user-driven exploitation. According to GitHub Security Lab, the…
UAC-0057 Attack Detection: OYSTERFRESH, OYSTERSHUCK, and OYSTERBLUES Fuel Phishing Campaigns Against Ukrainian State Organizations
Phishing remains one of the most effective tools in the cybercriminal arsenal, especially when threat actors abuse trusted identities, compromised…
CVE-2026-9082: Highly Critical Drupal Core SQL Injection Flaw Threatens PostgreSQL Sites
Drupal has released security updates for a “highly critical” security vulnerability in Drupal Core that can be exploited by anonymous…
CVE-2026-45585: YellowKey BitLocker Bypass Exposes Encrypted Data on Windows Devices
BitLocker is designed to protect data at rest even when a device is lost, stolen, or powered off, which is…
CVE-2026-20182: Critical Authentication Bypass in Cisco SD-WAN Can Grant Admin Access
A vulnerability affecting Cisco Catalyst SD-WAN Controller has drawn urgent attention after Cisco, Rapid7, and CISA confirmed active exploitation. CVE-2026-20182…
CVE-2026-42897: Exchange Server OWA Spoofing Flaw Exploited via Crafted Email
Microsoft has disclosed a vulnerability impacting on-premise versions of Exchange Server that is already seeing active exploitation in the wild.…
CVE-2026-42945: 18-Year-Old NGINX Rewrite Flaw May Enable Unauthenticated RCE
Web infrastructure bugs remain especially dangerous when they sit in widely deployed request-handling logic for years without detection. Among the…
CVE-2026-46300: Fragnesia Linux Kernel Flaw Grants Root via Page Cache Corruption
Local privilege-escalation bugs remain especially dangerous when they turn an ordinary user foothold into immediate root access. The CVE-2026-46300 vulnerability,…