Security Vulnerabilities

The latest Security Vulnerabilities

NewsSecurity Vulnerabilities

Microsoft Windows Desktop Window Manager Use-After-Free Local Privilege Escalation Vulnerability (CVE-2026-20871)

Luke Simmonds 820 Views 0 Comments 0 min read

– This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows.

Read More
NewsSecurity Vulnerabilities

Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities

Luke Simmonds 858 Views 0 Comments 1 min read

CVE number CVE-2026-20026 and CVE-2026-20027 Multiple Cisco products are affected by vulnerabilities in the processing of Distributed Computing Environment Remote

Read More
NewsSecurity Vulnerabilities

Katana Network Development Starter Kit executeCommand Command Injection Remote Code Execution Vulnerability (CVE-2026-0759)

Luke Simmonds 1163 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of Katana Network Development Starter Kit.

Read More
NewsSecurity Vulnerabilities

gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability (CVE-2026-0755)

Jason Davies 759 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool.

Read More
NewsSecurity Vulnerabilities

Cisco Identity Services Engine Information Disclosure Vulnerability (CVE-2026-20029)

Luke Simmonds 1110 Views 0 Comments 0 min read

CVE number = CVE-2026-20029 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Cisco Identity Services

Read More
NewsSecurity Vulnerabilities

Panda3d Uncontrolled Format String Allows Stack Memory Disclosure (CVE-2026-22190)

Jason Davies 904 Views 0 Comments 0 min read

CVE number = CVE-2026-22190 Panda3D versions up to and including 1.10.16 egg-mkfont contains an uncontrolled format string vulnerability. The -gp

Read More
NewsSecurity Vulnerabilities

Ubiquiti UniFi Connect EV Station Lite WiFi AutoLink Improper Access Control Vulnerability (CVE-2026-21635)

Jason Davies 1085 Views 0 Comments 0 min read

CVE number = CVE-2026-21635 An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station

Read More
NewsSecurity Vulnerabilities

MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability (CVE-2025-14847)

Jason Davies 1105 Views 0 Comments 0 min read

– Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client.

Read More
NewsSecurity Vulnerabilities

Hemmelig SSRF Filter bypassed in Secret Request functionality (CVE-2025-69206)

Kerry Dean 669 Views 0 Comments 0 min read

– Prior to version 7.3.3, a Server-Side Request Forgery (SSRF) filter bypass vulnerability exists in the webhook URL validation of the Secret Requests feature.

Read More
NewsSecurity Vulnerabilities

Nest.JS Fastify URL Encoding Middleware Bypass Vulnerability (CVE-2025-69211)

Jason Davies 782 Views 0 Comments 0 min read

CVE number = CVE-2025-69211 Nest is a framework for building scalable Node.js server-side applications. Versions prior to 11.1.11 have a

Read More