Dark Reading

Microsoft Starts 2026 With a Bang: A Freshly Exploited Zero-Day

Among them is a zero-day vulnerability in Desktop Window Manager (DWM) designated as CVE-2026-20805 (CVSS score: 5.5), which ...
Hosted on MSN

Vulnerability scores, huh, what are they good for? Almost nothing

Aram Hovespyan, co-founder and CEO of security biz Codific, says that the rating systems for identifying security vulnerabilities and assessing threat risk need to be overhauled.… Having examined the ...
SecurityWeek

Critical Vulnerability Exposes n8n Instances to Takeover Attacks

CVE-2026-21858, a critical n8n vulnerability, can be exploited for unauthenticated remote code execution, leading to instance ...
Krebs on Security

Patch Tuesday, January 2026 Edition

Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported ...
TechJuice

Critical n8n Vulnerability Puts Organizations at Immediate Risk, Warns Pakistan’s National CERT

Pakistan’s National CERT warns of a critical n8n flaw CVE-2026-21858, allowing remote code execution and full system ...
SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could ...
Dark Reading

Maximum Severity HPE OneView Flaw Exploited in the Wild

Exploitation of CVE-2025-37164 can enable remote code execution on HPE's IT infrastructure management platform, leading to ...
Security Boulevard

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

A recently disclosed vulnerability affecting MongoDB instances has been reportedly exploited in the wild. Exploit code has been released for this flaw dubbed MongoBleed.Key takeaways:MongoBleed is a ...