Category
Vulnerabilities
All posts in the Vulnerabilities category.
vulnerabilities
Three Years Undetected: The Cisco SD-WAN Zero-Day That Triggered a Five-Eyes Alert
CVE-2026-20127 in Cisco SD-WAN controllers was exploited for three years before CISA and Five-Eyes partners issued emergency guidance.
vulnerabilities
BeyondTrust CVE-2026-1731: Pre-Auth RCE Exploited Within 24 Hours of PoC Release
Critical CVSS 9.9 pre-auth RCE in BeyondTrust Remote Support and PRA is now actively exploited after a PoC was published on GitHub.
vulnerabilities
Microsoft February 2026 Patch Tuesday: Six Zero-Days Under Active Exploitation
Microsoft patches 55 vulnerabilities including six actively exploited zero-days targeting Windows Shell, MSHTML, Word, DWM, RDP, and RasMan.
vulnerabilities
Ivanti EPMM Zero-Days Chained for Unauthenticated RCE Against NATO-Allied Government
CVE-2026-1281 and CVE-2026-1340 give attackers full remote code execution on Ivanti mobile device management servers. Already exploited in the wild.
vulnerabilities
Fortinet FortiCloud SSO Authentication Bypass Under Active Exploitation
CVE-2026-24858 lets attackers with any FortiCloud account access other organizations' devices. CISA KEV listed, CVSS 9.4.