What's actively being exploited right now, how it works, and exactly what to do about it.
Every web form with a file upload field is a potential entry point. This is not a theoretical concern. It is the fundamental design flaw that attackers exploit over and over: the a
A critical out-of-bounds write vulnerability in Fortinet FortiOS and FortiProxy is being actively exploited in the wild. CVE-2024-21762 allows unauthenticated remote attackers to e
A critical missing authentication vulnerability in Oracle PeopleSoft Enterprise PeopleTools (CVE-2026-35273) is under active exploitation. The flaw allows unauthenticated remote at
CVE-2026-41089 is a vulnerability that has been assigned a CVE identifier, but at the time of this writing, detailed technical information, affected product specifics, and exploita
A critical authentication bypass vulnerability in Check Point Security Gateways is under active exploitation. CVE-2026-50751 affects the Remote Access VPN and Mobile Access feature
A local privilege escalation vulnerability in Microsoft Defender's Malware Protection Engine is under active exploitation. CVE-2026-41091 exploits improper symbolic link resolution
CVE-2023-23397 is a critical privilege escalation vulnerability in Microsoft Outlook for Windows that allows attackers to steal NTLM authentication hashes without any user interact
Microsoft's June 2026 Patch Tuesday release contains no security patches. This is an exceptionally rare occurrence; months with zero patches are nearly unheard of in the modern era
A local privilege escalation vulnerability in VMware Aria Operations and VMware Tools is under active exploitation. CVE-2025-41244 allows any non-administrative user with local acc
A local privilege escalation vulnerability in the Linux kernel's cryptographic subsystem (algif_aead) is now under active exploitation. CVE-2026-31431 stems from an incorrect resou
A critical vulnerability in the Linux kernel's ESP (Encapsulating Security Payload) handling allows local attackers to escalate privileges to root. Tracked as CVE-2026-43284, the f
Three actively exploited Fortinet CVEs show why firewalls and VPN appliances are high-value targets, not just protective controls. A CVSS score does not tell you whether your perimeter device is already being scanned for exploitation.
Two critical vulnerabilities in nginx-ui chain together for complete unauthenticated server takeover. Attackers are not going after nginx — they are going after the management tooling organizations layer on top of it.
CVE-2025-23419 is a vulnerability in F5 NGINX that allows attackers to bypass client certificate authentication when TLS session tickets are enabled across multiple virtual servers
CVE-2016-5195, widely known as "Dirty COW," is a race condition vulnerability in the Linux kernel's memory subsystem that allows local privilege escalation to root. The flaw exists