A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by ...

A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

An LLM-powered system found 4 security bugs, including a critical one in the web server’s URL rewrite module. Researchers have found a critical vulnerability in the widely used Nginx web server that ...

Critical SEPPmail vulnerabilities expose email gateways to remote code execution and unauthorized mail access attacks.

CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code ...

A vulnerability in Apache HTTP Server’s HTTP/2 protocol handling now has working exploit code circulating among security ...

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

A critical NGINX vulnerability, undiscovered for 18 years, allows hackers to crash servers with ease and even take full control without authentication in some common configurations. Emergency patches ...

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow ...

A code-reuse attack named "Segmentation Fault Oriented Programming (SFOP)" exploits weaknesses in signal handling and Intel ...

SAP has released 15 new security notes, including two addressing critical code injection flaws in S/4HANA and Commerce.