cve-2026-23918
48 articles with this tag
✨
AI summary
Loading…
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
CRITICAL
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
INFO
HIGH
INFO
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
CRITICAL
HIGH
CRITICAL
CRITICAL
INFO
INFO
INFO
CRITICAL
HIGH
HIGH
[webapps] Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service
Multiples vulnérabilités dans Microsoft Azure Linux (18 mai 2026)
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
How AI Hallucinations Are Creating Real Security Risks
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
Most Remediation Programs Never Confirm the Fix Actually Worked
[Webinar] Why Your AppSec Tools Miss the "Lethal Path" (and How to Fix It)
GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
Android Adds Intrusion Logging for Sophisticated Spyware Forensics
Patch Tuesday - May 2026
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android
TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
'Dirty Frag' Linux zero-day exposes most distributions to LPE
Federal agencies ordered to patch Ivanti EPMM zero-day in 3 days
Apache fixes critical HTTP/2 vulnerability allowing remote code execution
CVE-2026-23918 Apache HTTP Server: http2: double free and possible RCE on early reset
USN-8239-1: Apache HTTP Server vulnerabilities
DSA-6248-1 apache2 - security update
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
Multiples vulnérabilités dans Apache HTTP Server (05 mai 2026)
Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server