An unpatched vulnerability in ChromaDB could be exploited without authentication for remote code execution and server ...

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...

For roughly 18 years, a chunk of code inside one of the internet’s most popular web servers quietly carried a critical ...

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for ...

A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by ...

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

Microsoft patches a critical Outlook vulnerability tracked as CVE-2026-40361 that can be exploited for remote code execution.

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

"A buffer overflow vulnerability in the User-ID Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code ...

Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by ...