Category: Vulnerabilities
Active Exploitation of PAN-OS GlobalProtect Auth Bypass CVE-2026-0257
Unit 42 has confirmed active in-the-wild exploitation of a PAN-OS authentication bypass affecting GlobalProtect portals and gateways, with the flaw added to…
Horner Automation Cscape Flaw Enables Code Execution via Malicious Files
An out-of-bounds read vulnerability in Horner Automation Cscape prior to version 10.2 SP3 allows a local attacker to disclose information and execute…
CISA Warns of Two High-Severity Flaws in AzeoTech DAQFactory
CISA has published an updated advisory detailing two memory-corruption vulnerabilities in AzeoTech DAQFactory that allow arbitrary code execution via malicious control files.
Critical Path Traversal Flaw in pynetdicom Threatens Healthcare Systems
A critical path traversal vulnerability in the pynetdicom library allows unauthenticated attackers to write files to arbitrary locations, affecting all versions from…
Mitsubishi MELSEC iQ-F EtherNet/IP Module Vulnerable to Remote DoS
An integer overflow flaw in the FX5-EIP module allows unauthenticated remote attackers to crash the device by flooding it with TCP connections.…
CISA Flags Two High-Severity Flaws in H.VIEW HV-500S6 IP Camera
A pair of vulnerabilities in H.VIEW's HV-500S6 IP camera allow authenticated attackers to execute arbitrary commands and upload malicious files. The vendor…
Bucket Squatting Flaw in Vertex AI Python SDK Enabled Cross-Tenant RCE
A now-patched vulnerability in Google Cloud's Vertex AI Python SDK allowed an attacker with no access to a victim's project to hijack…
Russian Intelligence Actors Evolve Signal Phishing to Steal Backup Recovery Keys
A campaign attributed to Russian Intelligence Services has expanded beyond account hijacking to trick high-value targets into surrendering their Signal Backup Recovery…