Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could ...

Veeam released security updates to patch multiple security flaws in its Backup & Replication software, including a critical ...

Earlier this week, security researchers from VulnCheck announced finding a command injection vulnerability due to improper ...

Veeam patched four Backup & Replication flaws, including CVE-2025-59470 (CVSS 9.0) enabling RCE; update to version ...

Threat actors are exploiting CVE-2026-0625, a critical zero-day vulnerability in discontinued D-Link devices for remote code ...

CVE-2026-21877, a critical authenticated RCE flaw with CVSS 10.0, fixed in version 1.121.3 after affecting earlier releases.

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

On January 6, 2026, Veeam released security updates to address four vulnerabilities affecting its Backup & Replication solution.

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...

D-Link is warning that four remote code execution (RCE) flaws impacting all hardware and firmware versions of its DIR-846W router will not be fixed as the products are no longer supported. The four ...