Public exploit code has been released for the **"wp2shell" remote code execution vulnerabilities** in WordPress Core, according to [BleepingComputer](https://www.bleepingcomputer.com/news/security/wor
CISA has added **CVE-2026-58644**, a critical remote code execution zero-day in Microsoft SharePoint Server, to its [Known Exploited Vulnerabilities (KEV) catalog](https://thehackernews.com/2026/07/ci
CISA has added [CVE-2026-25089](https://hellorecon.com/blog/cve-2026-25089) to its Known Exploited Vulnerabilities catalog — meaning there is confirmed, active exploitation in the wild. The flaw is an
Zoom has released an emergency patch for [CVE-2026-53412](https://thehackernews.com/2026/07/zoom-patches-critical-windows-flaw-that.html), a critical vulnerability scoring **9.8 on the CVSS scale** af
SonicWall has confirmed two zero-day vulnerabilities in its Secure Mobile Access (SMA) 1000 series appliances are being actively exploited in the wild. The more severe of the two, [CVE-2026-15409](htt
CISA has added two maximum-severity vulnerabilities in popular Joomla extensions to its [Known Exploited Vulnerabilities (KEV) catalog](https://thehackernews.com/2026/07/icagenda-and-balbooa-forms-joo
Zimbra has disclosed a [critical stored cross-site scripting (XSS) vulnerability](https://thehackernews.com/2026/07/critical-zimbra-flaw-could-let-crafted_0483473395.html) in its Classic Web Client. T
A newly disclosed Linux kernel vulnerability dubbed **Januscape** allows an attacker inside a virtual machine to escape that VM boundary and execute arbitrary code directly on the host system. Accordi
BeyondTrust has disclosed and patched two critical authentication bypass vulnerabilities affecting its Remote Support (RS) and Privileged Remote Access (PRA) products. If exploited, either flaw allows
Attackers are actively exploiting a maximum-severity (CVSS 10.0) vulnerability in Adobe ColdFusion, tracked as [CVE-2026-48282](https://www.bleepingcomputer.com/news/security/max-severity-adobe-coldfu
GNU Guix has [disclosed vulnerabilities](https://guix.gnu.org/blog/2026/guix-substitute-pull-vulnerabilities/) affecting two of its most critical operations: `guix substitute`, which fetches pre-built
A [security researcher's writeup](https://mrbruh.com/msicenter/) published this week details a local privilege escalation (LPE) in MSI Center, the system management utility bundled with MSI gaming mot
Security researchers have confirmed that [over 900 Oracle E-Business Suite (EBS) instances are exposed to the internet and under active attack](https://www.bleepingcomputer.com/news/security/over-900-
Adobe has released an out-of-band security update addressing [seven maximum-severity vulnerabilities](https://www.bleepingcomputer.com/news/security/adobe-patches-seven-max-severity-coldfusion-campaig
Threat intelligence firm Defused has confirmed that attackers are actively exploiting **CVE-2026-46817**, a critical vulnerability in Oracle E-Business Suite (EBS). Active exploitation means this has
A public proof-of-concept exploit has dropped for [CVE-2026-55200](https://thehackernews.com/2026/06/public-poc-released-for-critical.html), a critical memory-corruption vulnerability in libssh2. The
A public, working exploit for **CVE-2026-46331** — nicknamed "pedit COW" — is already in the wild. Any local unprivileged user on a vulnerable Linux system can use it to gain root. If you run Linux se
A Linux kernel privilege escalation flaw tracked as **CVE-2026-43503** (CVSS 8.8) — dubbed **DirtyClone** — now has a fully working public exploit as of June 25. This is an immediate patching emergenc
F5 has issued [out-of-band security patches for multiple NGINX vulnerabilities](https://www.bleepingcomputer.com/news/security/f5-issues-out-of-band-patches-for-critical-nginx-vulnerabilities/), inclu
Threat intelligence firm Defused has confirmed that attackers are actively exploiting multiple critical vulnerabilities in Fortinet's FortiSandbox platform, the appliance many organizations rely on to
SimpleHelp, a remote monitoring and management (RMM) platform used by IT teams and managed service providers worldwide, has a vulnerability that lets unauthenticated attackers create privileged techni
Security researchers at Depth First have published findings documenting [twenty-one zero-day vulnerabilities in FFmpeg](https://depthfirst.com/research/21-zero-days-in-ffmpeg) — one of the most widely
Researchers have disclosed three security vulnerabilities in LangGraph, the open-source framework from LangChain used to build stateful, multi-step AI agent workflows. One of those flaws forms a criti
CISA issued [Binding Operational Directive (BOD) 26-04](https://www.bleepingcomputer.com/news/security/cisa-gives-feds-3-days-to-patch-ivanti-flaw-exploited-in-attacks/) on June 12, ordering all feder
A maximum-severity vulnerability in Ivanti Sentry is being actively exploited in the wild, [according to BleepingComputer](https://www.bleepingcomputer.com/news/security/max-severity-ivanti-sentry-vul
Attackers are actively exploiting **CVE-2026-5027**, a high-severity path traversal flaw in [Langflow](https://www.bleepingcomputer.com/news/security/path-traversal-flaw-in-ai-dev-platform-langflow-ex
Researchers have demonstrated that three previously patched vulnerabilities in Ubiquiti's UniFi OS can be chained to achieve remote code execution with root privileges — entirely without authenticatio
CISA has issued an active-exploitation warning for a high-severity vulnerability in SolarWinds Serv-U file-transfer software. According to [BleepingComputer's report](https://www.bleepingcomputer.com/
Threat actors are actively exploiting [CVE-2026-3300](https://thehackernews.com/2026/06/hackers-exploit-critical-everest-forms.html), a critical remote code execution vulnerability in **Everest Forms
Cisco has patched a critical flaw in Unified Communications Manager (Unified CM) — **CVE-2026-20230** — that lets an unauthenticated attacker on the same network write arbitrary files to the device an
Russia-linked **Gamaredon** (also tracked as Armageddon, Shuckworm, UAC-0010) is [actively weaponizing CVE-2025-8088](https://thehackernews.com/2026/06/gamaredon-exploits-winrar-to-deliver.html), a pa
Belgium's Centre for Cybersecurity (CCB) issued an emergency warning Friday: threat actors are **actively exploiting** a recently patched critical remote code execution vulnerability in Windows Netlog
Threat actors are actively exploiting a critical vulnerability in **WP Maps Pro**, a commercial WordPress plugin with over 15,000 sales on Envato Market, to register unauthorized administrator account
Threat actors are actively exploiting a critical vulnerability in Fortinet's FortiClient Endpoint Management Server (EMS) to deploy credential-stealing malware across managed enterprise environments,
A newly disclosed vulnerability in Gitea — the popular self-hosted Git and container registry platform — allows any unauthenticated remote attacker to pull private container images from an exposed Git
The U.S. Cybersecurity and Infrastructure Security Agency has added a critical vulnerability in the LiteSpeed cPanel user-end plugin to its [Known Exploited Vulnerabilities catalog](https://www.bleepi
A critical vulnerability dubbed **"BadHost"** has been discovered in [Starlette](https://arstechnica.com/information-technology/2026/05/millions-of-ai-agents-imperiled-by-critical-vulnerability-in-ope
Drupal's security team issued a "highly critical" SQL injection advisory earlier this week — and [BleepingComputer now reports](https://www.bleepingcomputer.com/news/security/drupal-critical-sql-injec