CVE-2026-21877, a critical authenticated RCE flaw with CVSS 10.0, fixed in version 1.121.3 after affecting earlier releases.

Unauthenticated RCE means anyone on the network can seize full control A maximum-severity bug in the popular automation ...

Firmware security research company Binarly has discovered four new vulnerabilities affecting the UEFI (Unified Extensible Firmware Interface) on multiple Gigabyte motherboards. The vulnerabilities ...

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. Exploitation of critical vulnerabilities in ...

In an attempt to reduce the use of sensationalized and scary vulnerability names, the CERT/CC team launched a Twitter bot that will assign random and neutral names to every security bug that receives ...

GUEST OPINION: The Australian cybersecurity landscape is undergoing a rapid transformation. As cloud adoption soars, propelled by Australia's global leadership in this domain, organisations face a ...

The European Union Agency for Cybersecurity (ENISA) becoming a Common Vulnerabilities and Exposures (CVE) Program Root marks a significant advancement in the EU’s digital security strategy. This new ...

Since the Dependency Graph feature is intertwined with the Security Alerts (Vulnerability Alerts) feature, this also means GitHub users will also be eligible to receive automatic security alerts for ...

A record-breaking number of 20,832 vulnerabilities have been discovered in 2017 but only 12,932 of these received an official CVE identifier last year, a Risk Based Security (RBS) report reveals. This ...