GNU Guix has [disclosed vulnerabilities](https://guix.gnu.org/blog/2026/guix-substitute-pull-vulnerabilities/) affecting two of its most critical operations: `guix substitute`, which fetches pre-built
Security firm runZero has [disclosed seven vulnerabilities](https://thehackernews.com/2026/07/unpatched-flaws-disclosed-in-filesystem.html) in **FatFs**, a compact open-source filesystem library used
A [security researcher's writeup](https://mrbruh.com/msicenter/) published this week details a local privilege escalation (LPE) in MSI Center, the system management utility bundled with MSI gaming mot
Adobe has released an out-of-band security update addressing [seven maximum-severity vulnerabilities](https://www.bleepingcomputer.com/news/security/adobe-patches-seven-max-severity-coldfusion-campaig
A maximum-severity vulnerability in SimpleHelp remote support software is being exploited in the wild right now, and the payload is ugly: credential-stealing malware with no patch lag between disclosu
Threat intelligence firm Defused has confirmed that attackers are actively exploiting **CVE-2026-46817**, a critical vulnerability in Oracle E-Business Suite (EBS). Active exploitation means this has
A public proof-of-concept exploit has dropped for [CVE-2026-55200](https://thehackernews.com/2026/06/public-poc-released-for-critical.html), a critical memory-corruption vulnerability in libssh2. The
A vulnerability in **Cisco Unified Communications Manager (UCM)** is being actively exploited in the wild, and CISA has issued an emergency directive giving federal agencies until **this Sunday** to a
Security researchers at Paradigm Shift have published a working exploit called [usbliter8](https://thehackernews.com/2026/06/unpatchable-usbliter8-exploit-breaks.html) that achieves arbitrary code exe
Threat actors are actively exploiting an unauthenticated information disclosure vulnerability in the **Gravity SMTP** WordPress plugin, which is installed on approximately 100,000 sites, according to
Palo Alto Networks Unit 42 disclosed a supply-chain-style vulnerability in the [Google Cloud Vertex AI SDK for Python](https://thehackernews.com/2026/06/google-vertex-ai-sdk-flaw-let-attackers.html) t
SimpleHelp, a remote monitoring and management (RMM) platform used by IT teams and managed service providers worldwide, has a vulnerability that lets unauthenticated attackers create privileged techni
**Patch deadline: June 18, 2026.** That is 48 hours from now.
Security researchers have disclosed a critical vulnerability chain in Microsoft 365 Copilot Enterprise, dubbed [SearchLeak](https://www.bleepingcomputer.com/news/security/new-attack-turned-microsoft-3
Palo Alto Networks has confirmed that an unknown threat actor is actively exploiting [CVE-2026-0257](https://thehackernews.com/2026/06/palo-alto-warns-of-active-exploitation.html), a high-severity aut
Security researchers at Depth First have published findings documenting [twenty-one zero-day vulnerabilities in FFmpeg](https://depthfirst.com/research/21-zero-days-in-ffmpeg) — one of the most widely
Researchers have disclosed three security vulnerabilities in LangGraph, the open-source framework from LangChain used to build stateful, multi-step AI agent workflows. One of those flaws forms a criti
CISA issued [Binding Operational Directive (BOD) 26-04](https://www.bleepingcomputer.com/news/security/cisa-gives-feds-3-days-to-patch-ivanti-flaw-exploited-in-attacks/) on June 12, ordering all feder
A maximum-severity vulnerability in Ivanti Sentry is being actively exploited in the wild, [according to BleepingComputer](https://www.bleepingcomputer.com/news/security/max-severity-ivanti-sentry-vul
Attackers are actively exploiting **CVE-2026-5027**, a high-severity path traversal flaw in [Langflow](https://www.bleepingcomputer.com/news/security/path-traversal-flaw-in-ai-dev-platform-langflow-ex
Ivanti has disclosed and patched two critical vulnerabilities in its Sentry secure mobile gateway — including a [maximum-severity flaw that allows unauthenticated remote attackers to execute arbitrary
Microsoft's June 2026 Patch Tuesday — the largest in company history at [nearly 200 vulnerabilities patched in a single cycle](https://krebsonsecurity.com/2026/06/a-record-breaking-patch-tuesday-for-j
CISA has added **CVE-2026-42271** in [BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog](https://thehackernews.com/2026/06/litellm-flaw-cve-2026-42271-exploited.html), confirming active e
A newly identified botnet called **C0XMO** is actively exploiting a vulnerability in [DD-WRT router firmware](https://www.bleepingcomputer.com/news/security/c0xmo-botnet-spreads-via-dd-wrt-router-flaw
CISA has issued an active-exploitation warning for a high-severity vulnerability in SolarWinds Serv-U file-transfer software. According to [BleepingComputer's report](https://www.bleepingcomputer.com/
Threat actors are actively exploiting [CVE-2026-3300](https://thehackernews.com/2026/06/hackers-exploit-critical-everest-forms.html), a critical remote code execution vulnerability in **Everest Forms
Cisco has issued an urgent advisory for [CVE-2026-20245](https://www.bleepingcomputer.com/news/security/new-cisco-sd-wan-flaw-exploited-in-zero-day-attacks-to-gain-root/), a high-severity privilege es
Cisco has patched a critical flaw in Unified Communications Manager (Unified CM) — **CVE-2026-20230** — that lets an unauthenticated attacker on the same network write arbitrary files to the device an
CISA has added **CVE-2026-45247** to its [Known Exploited Vulnerabilities (KEV) catalog](https://thehackernews.com/2026/06/cisa-adds-exploited-magento-rce-flaw.html), confirming active in-the-wild exp
A coordinated advisory from CISA, the FBI, the NSA, the Department of Energy, and several other U.S. government agencies is warning that threat actors are actively targeting internet-exposed **automat
Researchers have publicly disclosed a remote denial-of-service vulnerability dubbed **HTTP/2 Bomb** that exploits behavior in the HTTP/2 protocol itself. According to [The Hacker News](https://thehack
Attackers are actively exploiting a critical privilege escalation vulnerability in the Kirki Customizer Framework plugin for WordPress, using it to silently promote themselves to administrator on any
Belgium's Centre for Cybersecurity (CCB) issued an emergency warning Friday: threat actors are **actively exploiting** a recently patched critical remote code execution vulnerability in Windows Netlog
Threat actors are actively exploiting a critical vulnerability in **WP Maps Pro**, a commercial WordPress plugin with over 15,000 sales on Envato Market, to register unauthorized administrator account
Palo Alto Networks has confirmed that attackers are actively exploiting [CVE-2026-0257](https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-att
A newly disclosed local privilege escalation (LPE) vulnerability, dubbed **CIFSwitch**, has been found in the Linux kernel. [BleepingComputer reports](https://www.bleepingcomputer.com/news/security/ne
Threat actors are actively exploiting a critical vulnerability in Fortinet's FortiClient Endpoint Management Server (EMS) to deploy credential-stealing malware across managed enterprise environments,
A zero-day vulnerability in [Gogs](https://gogs.io/), the popular self-hosted Git service, is actively exploitable and currently has **no patch**. According to [BleepingComputer](https://www.bleepingc
A newly disclosed vulnerability in Gitea — the popular self-hosted Git and container registry platform — allows any unauthenticated remote attacker to pull private container images from an exposed Git
The U.S. Cybersecurity and Infrastructure Security Agency has added a critical vulnerability in the LiteSpeed cPanel user-end plugin to its [Known Exploited Vulnerabilities catalog](https://www.bleepi
A critical zero-day vulnerability in the **KnowledgeDeliver** learning management system is being actively exploited in the wild, with attackers using it to deploy the **Godzilla web shell** on compro
A critical vulnerability dubbed **"BadHost"** has been discovered in [Starlette](https://arstechnica.com/information-technology/2026/05/millions-of-ai-agents-imperiled-by-critical-vulnerability-in-ope
Drupal's security team issued a "highly critical" SQL injection advisory earlier this week — and [BleepingComputer now reports](https://www.bleepingcomputer.com/news/security/drupal-critical-sql-injec
Supply-chain compromise has moved from targeted espionage tool to volume business — and a single group is now responsible for an attack pace that package maintainers and platform operators alike are s
This week's dominant story isn't a zero-day in enterprise software — it's developers themselves becoming the attack surface, their tools weaponized before a single line of production code is touched.