HIGH

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

SecurityWeek • May 26, 2026

CRITICAL

Drupal: Critical SQL injection flaw now targeted in attacks

BleepingComputer • May 22, 2026

MEDIUM

USN-8272-1: Smarty vulnerability

Ubuntu Security • May 19, 2026

CRITICAL

Drupal to Release Urgent Core Security Updates on May 20, Sites Told to Prepare

The Hacker News • May 19, 2026

HIGH

BWH Hotels confirms cyberattack impacting customer data

SC Media • May 13, 2026

INFO

Juice Shop v20.0.0 — a fresh squeeze of features, now with AI

OWASP Blog • May 13, 2026

MEDIUM

[NEU] [mittel] Pega Platform: Schwachstelle ermöglicht Cross-Site Scripting

BSI Germany • May 13, 2026

MEDIUM

[NEU] [mittel] Kyverno: Schwachstelle ermöglicht Cross-Site Scripting

BSI Germany • May 13, 2026

INFO

CVE-2026-32207 Azure Machine Learning Notebook Spoofing Vulnerability

Microsoft Security Response Center • May 07, 2026

MEDIUM

[webapps] Python-Multipart 0.0.22 - Path Traversal

Exploit-DB • Apr 30, 2026

HIGH

Why are top university websites serving porn? It comes down to shoddy housekeeping.

Ars Technica Security • Apr 24, 2026

CRITICAL

Zimbra Collaboration Suite Information Disclosure Vulnerability

HKCERT • Apr 21, 2026

MEDIUM

Cisco Webex Contact Center Cross-Site Scripting Vulnerability

Cisco Security • Apr 15, 2026

MEDIUM

Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities

Cisco Security • Apr 15, 2026

MEDIUM

Cisco Unity Connection Arbitrary File Download Vulnerabilities

Cisco Security • Apr 15, 2026

MEDIUM

Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities

Cisco Security • Apr 15, 2026

CRITICAL

Critical nginx UI tool vulnerability opens web servers to full compromise

CSO Online • Apr 15, 2026

HIGH

WordPress plugin suite hacked to push malware to thousands of sites

BleepingComputer • Apr 15, 2026

HIGH

Medusa Ransomware Attack

FortiGuard Threat Signal • Apr 10, 2026

MEDIUM

European Commission admits attackers broke into public web systems, but says little else

The Register Security • Mar 30, 2026

MEDIUM

[NEU] [mittel] Cisco Catalyst SD-WAN Manager: Schwachstelle ermöglicht Cross-Site Scripting

BSI Germany • Mar 26, 2026

MEDIUM

[NEU] [mittel] SolarWinds Platform: Mehrere Schwachstellen ermöglichen Cross-Site Scripting

BSI Germany • Mar 26, 2026

CRITICAL

Magento PolyShell – Unauthenticated File Upload to RCE in Magento (APSB25-94)

Reddit r/netsec • Mar 26, 2026

HIGH

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

The Hacker News • Mar 26, 2026

MEDIUM

Schneider Electric Modicon Controllers M241, M251, M258, and LMC058

CISA ICS Advisories • Mar 19, 2026

CRITICAL

Claude Code Security and Magecart: Getting the Threat Model Right

The Hacker News • Mar 18, 2026

MEDIUM

[NEU] [UNGEPATCHT] [mittel] NetBox: Schwachstelle ermöglicht Cross-Site Scripting

BSI Germany • Mar 17, 2026

MEDIUM

Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities

Cisco Security • Mar 11, 2026

CRITICAL

[NEU] [hoch] Siemens SIMATIC S7: Schwachstelle ermöglicht Cross-Site Scripting

BSI Germany • Mar 10, 2026

MEDIUM

[NEU] [mittel] Drupal Extensions: Mehrere Schwachstellen

BSI Germany • Mar 05, 2026

MEDIUM

Cisco Webex Services Cross-Site Scripting Vulnerability

Cisco Security • Mar 04, 2026

MEDIUM

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Cross-Site Scripting Vulnerability

Cisco Security • Mar 04, 2026

MEDIUM

Multiples vulnérabilités dans MISP (02 mars 2026)

CERT-FR (ANSSI) • Mar 02, 2026

INFO

Fedora 42 Update: vim-9.1.1706-1.fc42 - package-announce - Fedora mailing-lists

Web Discovery • Feb 13, 2026

INFO

Battling bots face off in cybersecurity arena

CSO Online • Feb 13, 2026

MEDIUM

Dark Patterns Undermine Security One Click at a Time

Dark Reading • Feb 03, 2026