Log in
A critical CVSS 9.8 vulnerability in Splunk Enterprise's PostgreSQL sidecar allows unauthenticated attackers to achieve remote code execution. CISA has added it to the KEV catalog amid confirmed in-the-wild exploitation.
A maximum-severity, no-authentication-required remote code execution vulnerability in Oracle PeopleSoft PeopleTools 8.61 and 8.62 is being actively exploited, giving attackers full control over ERP systems holding sensitive HR, financial, and operational data.
A critical flaw in Arista EOS allows unauthenticated attackers to inject traffic into internal network segments by abusing tunnel decapsulation endpoints — and Arista says no software patch is coming. The vulnerability is actively being exploited and has been added to CISA's Known Exploited Vulne...
A publicly exploitable Linux kernel vulnerability dubbed 'Copy Fail' allows any unprivileged local user to silently overwrite root-owned binaries and seize full system control. Kernels from version 4.14 through 6.18.21 are affected, and a working Python exploit is already public.
A trivially exploited authentication bypass in ConnectWise ScreenConnect — requiring nothing more than appending a slash to a URL — hands attackers SYSTEM-level control over entire managed IT networks, and ransomware crews are already cashing in.
Patterns of CNA behavior for April 2026 worth noting
A perfect CVSS 10.0 vulnerability in Atlassian Confluence lets anyone on the internet create an admin account with a single HTTP request. Nation-state actors and ransomware gangs are already exploiting it.
Cisco discloses CVE-2026-20131, a maximum-severity unauthenticated remote code execution vulnerability in its Secure Firewall Management Center. Attackers can gain root access by sending a single crafted request — no credentials required.
A perfect-10 authentication bypass in Cisco's SD-WAN Controller and Manager lets unauthenticated attackers seize control of enterprise wide-area networks. Cisco confirms active exploitation, CISA issues Emergency Directive 26-03.
A 2022 privilege escalation vulnerability in Cisco SD-WAN software is now being actively exploited in the wild, four years after patches were released. Attackers with any valid local credential can chain two path traversal bugs to seize complete root control of routers, controllers, and orchestra...
A critical OS command injection vulnerability in Soliton's FileZen file-sharing appliance is being actively exploited in the wild, giving attackers full remote code execution. A patch has been available since January — but many systems remain exposed.
A perfect CVSS 10.0 vulnerability in Dell RecoverPoint for Virtual Machines ships with hard-coded Tomcat credentials that a Chinese-linked threat group has been exploiting since mid-2024 to deploy backdoors and ransomware.