CVE-2026-21525 is a denial-of-service vulnerability affecting the Windows Remote Access Connection Manager. “Exploitation is local, requires no privileges, and does not rely on user interaction,” ...

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but ...

Docker has released security fixes for a critical vulnerability affecting its AI-assisted feature known as Ask Gordon. The ...

Also today, SAP released 27 new and updated security notes, including two that address critical-severity vulnerabilities.

According to Microsoft's release notes, the update fixes 25 elevation of privilege flaws, 12 remote code execution ...

Google has patched a high-severity zero-day bug in its Chrome Web browser that attackers are actively exploiting. It paves the way for code execution and other cyberattacks on targeted endpoints. The ...

Anthropic's Opus 4.6 system card breaks out prompt injection attack success rates by surface, attempt count, and safeguard ...

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...

A pair of critical-severity vulnerabilities affecting an Ivanti mobile management tool have been exploited in cyberattacks, according to the company.

SAP platforms, used by 99 of the Fortune 100 companies and with over 280 million cloud subscribers worldwide, are among the most reliable business applications. As SAP administrators, your role in ...