Alerts

Microsoft has released a security update to address a vulnerability that affects Microsoft Teams. The addressed vulnerability could allow the remote unauthorized attacker to obtain sensitive information from the affected system. Microsoft Teams Information Disclosure Vulnerability (CVE-2026-21535): CVSS: 8.2 Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Consequences: Obtain Information Vulnerabilities […]

Splunk has released security updates to fix several vulnerabilities across Splunk Enterprise and Splunk Cloud Platform. The addressed vulnerabilities could allow the attacker to obtain sensitive information from internal Splunk indexes, expose authentication secrets (including SAML configurations, RSA keys, and multi-factor authentication keys), perform client-side denial of service attacks, gain elevated privileges on Windows systems

F5 has released security updates to address several vulnerabilities affecting multiple F5 products. The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, obtain sensitive information, conduct man-in-the-middle attacks, and inject plain-text data into responses sent to clients by an upstream proxied server. Sample of the addressed vulnerabilities: 1. BIG-IP Traffic Management Microkernel TMM

Google has released an updated Chrome version 145.0.7632.109/110 for Windows/Mac and 144.0.7559.109 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, cause memory corruption, or bypass security restrictions by persuading the victim to open a specially crafted PDF file or visit a malicious website. Sample of the addressed vulnerabilities: 1.

Mozilla has released an updated Firefox version 147.0.4, Firefox ESR versions 140.7.1 and 115.32.1 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, execute arbitrary code, and gain access to the affected system. Mozilla Firefox Heap Buffer Overflow Vulnerability in Libvpx (CVE-2026-2447): CVSS: 8.8 Attack Vector: Network

Microsoft has released security updates to fix several vulnerabilities across multiple versions of Microsoft Windows Admin Center and Microsoft Edge. The addressed vulnerabilities could allow the remote authorized attacker to obtain sensitive information, elevate privileges, and gain access to the affected systems. Sample of the addressed vulnerabilities: Microsoft Windows Admin Center Elevation of Privilege Vulnerability

Google has released an updated Chrome version 145.0.7632.75/76 for Windows and Mac, and version 144.0.7559.75 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Use After Free in CSS Vulnerability (CVE-2026-2441):

Apple has released security updates to address multiple vulnerabilities across macOS Tahoe, Sequoia, Sonoma, and Safari. The addressed vulnerabilities could allow the attacker to perform denial-of service attacks, corrupt memory, bypass security restrictions, conduct spoofing attacks, obtain sensitive information, gain elevated privileges, execute arbitrary code, and gain unauthorized access to the affected systems, potentially leading

Aruba has released security updates to fix several vulnerabilities across multiple HPE Aruba products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, bypass security restrictions, obtain sensitive information, conduct crosssite scripting attacks, manipulate files, or execute arbitrary code and gain access to the affected product. Sample of the addressed vulnerabilities:

Google has released an updated Chrome version 145.0.7632.45/46 for Windows and Mac, and version 145.0.7632.45 for Linux. The addressed vulnerabilities could allow the attacker to bypass security controls, obtain sensitive information, exploit heap corruption, conduct UI spoofing via a crafted HTML page, persuade the victim to perform specific UI gestures to install a malicious extension,

Intel has released security updates to address several vulnerabilities in multiple Intel products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or perform denial-of-service attacks on the affected product. Samples of the addressed vulnerabilities: 1. Intel® AMT and Intel® Standard Manageability Out-of-bounds Write in The Firmware Via Network Access

Ivanti has released a security update to fix multiple vulnerabilities across Ivanti Endpoint Manager (EPM). The addressed vulnerabilities could allow the remote attacker to read arbitrary data from the database, leak stored credential data, and bypass security restrictions on the affected systems. Sample of the addressed vulnerabilities: Ivanti Endpoint Manager Authentication Bypass Vulnerability (CVE-2026-1603): CVSS:

Cisco has released security updates to address several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to perform denial of service attacks, redirect users to malicious websites, conduct cross-site scripting attacks, upload arbitrary files, execute arbitrary commands, gain elevated privileges, and gain access to the affected products. Sample of addressed vulnerabilities:

Google has released an updated Chrome version 144.0.7559.132/.133 for Windows and Mac, and version 144.0.7559.132 for Linux. The addressed vulnerabilities could allow the attacker to obtain sensitive information, exploit heap corruption via a crafted HTML page, execute arbitrary code, and gain access to the affected product. Sample of the addressed vulnerabilities: Google Chrome Heap Buffer

Progress has released security updates to fix multiple vulnerabilities across several Progress products. The addressed vulnerabilities could allow the attacker to execute arbitrary commands and gain access by exploiting unsanitized input in the API input parameters to the affected system. Sample of the addressed vulnerabilities: Progress LoadMaster UI/API Command Injection Remote Code Execution Vulnerability (getcipherset)