CISA adds Langflow and Trend Micro Apex One to KEV

CISA adds Langflow and Trend Micro Apex One to KEV

CVE-2025-34291 — Langflow Origin Validation Error (RCE) CVSS: 9.4CWE: CWE-346 — Origin Validation ErrorAffected Versions: Langflow ≤ 1.6.9 Vulnerability Summary Researchers at Obsidian Security uncovered a critical vulnerability chain in…
CISA adds Seven Vulnerabilities to KEV Catalog

CISA adds Seven Vulnerabilities to KEV Catalog

CISA has added seven vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog based on confirmed evidence of active exploitation. The batch spans Microsoft Windows, Microsoft Internet Explorer, Adobe Acrobat/Reader, and…
Pwn2Own Berlin 2026 a Detailed Report

Pwn2Own Berlin 2026 a Detailed Report

The curtain has fallen on Pwn2Own Berlin 2026. Three days. 47 unique zero-day vulnerabilities. $1,298,250 in total payouts. And a competition that, for the first time in its 19-year history,…
CVE-2026-42945 — NGINX Heap Buffer Overflow RCE

CVE-2026-42945 — NGINX Heap Buffer Overflow RCE

CVE: CVE-2026-42945CVSS: 9.2 — CriticalVendor: NGINX / F5Affected Versions: 0.6.27 through 1.30.0Vulnerability Type: Heap Buffer OverflowImpact: Unauthenticated Remote Code ExecutionPoC Available: Yes — publicly on GitHubDisclosed: May 13, 2026 What…
Fortinet Patch Tuesday – May 2026

Fortinet Patch Tuesday – May 2026

Overview Fortinet published 11 advisories on Patch Tuesday describing as many bugs, including two dealing with critical-severity code execution security defects. While the company did not tag these two security…