Vulnerabilities - The Secure Truth

Breaking

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Hackers Hide Credit Card Stealer in Pixel-Sized SVG Images Targeting Magento Stores Microsoft Suspends Developer Accounts for High-Profile Open Source Projects European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Ransomware Attacks Surge in 2026: Healthcare and Finance Most Targeted Google Chrome Zero-Day Vulnerability Actively Exploited – Update Immediately Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Hackers Hide Credit Card Stealer in Pixel-Sized SVG Images Targeting Magento Stores Microsoft Suspends Developer Accounts for High-Profile Open Source Projects European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Ransomware Attacks Surge in 2026: Healthcare and Finance Most Targeted Google Chrome Zero-Day Vulnerability Actively Exploited – Update Immediately

4083 CVEs This Month

6 Actively Exploited

2 Ransomware Activity

18 Breaches YTD

Threat Investigation Portal

Investigate an IOC in the live graph workspace.

Investigate IOC

Vulnerabilities

Home ->

Vulnerabilities

New Dirty Frag Linux Kernel Vulnerability Enables Local Privilege Escalation Across Major Distributions

A new unpatched local privilege escalation vulnerability named Dirty Frag has been reported in the Linux kernel, succeeding...

Thirumala Rao Padilam May 8, 2026

Vulnerabilities

Critical Vulnerabilities in vm2 Node.js Library Allow Sandbox Escape and Arbitrary Code Execution

Multiple critical flaws in the vm2 Node.js library can enable attackers to escape sandbox restrictions and execute arbitrary...

Thirumala Rao Padilam May 7, 2026

Vulnerabilities

CISA Adds Linux Local Privilege Escalation Bug CVE-2026-31431 to Known Exploited Vulnerabilities List

CISA has included a local privilege escalation vulnerability affecting multiple Linux distributions in its Known Exploited Vulnerabilities catalog...

Thirumala Rao Padilam May 3, 2026

Vulnerabilities

Critical Authentication Bypass Vulnerability CVE-2026-41940 Exploited in cPanel, WHM, and WP Squared

A critical authentication bypass vulnerability, CVE-2026-41940, affecting cPanel, WHM, and WP Squared is being actively exploited in the...

Thirumala Rao Padilam April 30, 2026

Vulnerabilities

Google Patches Critical CVSS 10 Gemini CLI Vulnerability Allowing Remote Code Execution

Google has fixed a critical vulnerability in its Gemini CLI npm package and GitHub Actions workflow that could...

Thirumala Rao Padilam April 30, 2026

Vulnerabilities

New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions

A newly disclosed Linux local privilege escalation vulnerability, CVE-2026-31431, allows unprivileged users to gain root access by writing...

Thirumala Rao Padilam April 30, 2026

Vulnerabilities

VECT 2.0 Ransomware Flaw Causes Data Wiping of Large Files Instead of Encryption

The VECT 2.0 ransomware contains a critical flaw that results in the permanent destruction of large files rather...

Thirumala Rao Padilam April 29, 2026

Vulnerabilities

Critical CVE-2026-3854 GitHub Vulnerability Enables Remote Code Execution via Single Git Push

A severe command injection vulnerability in GitHub.com and GitHub Enterprise Server can allow remote code execution by an...

Thirumala Rao Padilam April 29, 2026

Vulnerabilities

Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE

A critical vulnerability (CVE-2026-25874) affecting Hugging Face’s LeRobot open-source robotics platform could allow unauthenticated attackers to execute arbitrary...

Thirumala Rao Padilam April 28, 2026

Threat Intelligence

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

The pro-Ukrainian hacktivist group PhantomCore has been actively exploiting multiple vulnerabilities in TrueConf video conferencing servers targeting Russian...

Thirumala Rao Padilam April 27, 2026

« Previous 1 2 3 4 5 Next »

error: Content is protected !!