CISA added FileZen CVE-2026-25108 (CVSS 8.7) to its KEV catalog after active exploitation, affecting versions 4.2.1–4.2.8 and ...
Zyxel fixes a handful of worrying router flaws ...
Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.
Over 900 FreePBX systems remain infected after CVE-2025-64328 exploitation, now listed in CISA KEV amid active attacks.
Zyxel has patched a critical-severity OS command execution vulnerability that is remotely exploitable via crafted UPnP requests.
Required patches for HIPAA-compliant routers and gateways address a critical vulnerability affecting more than a dozen models. The two-part flaw opens a door to unauthenticated remote command ...
Taiwan networking provider Zyxel has released security updates to address a critical vulnerability affecting over a dozen router models that can allow unauthenticated attackers to gain remote command ...
February 2026 Patch Tuesday restricts Windows credential autofill to fix a Windows Hello input injection flaw (CVE-2026-20804).
CISA and the FBI urged software companies on Wednesday to review their products and eliminate path OS command injection vulnerabilities before shipping. Velvet Ant, the Chinese state-sponsored threat ...
The US government has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities. The alert from the Cybersecurity and Infrastructure ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results