Content Paint
Search
Sign in
Membership

vulnerabiities

 |  vulnerabiities  | Jun 15, 2026
Multi-billion install cURL takes security reports summer holiday
Multi-billion install cURL takes security reports summer holiday

For a month over the Northern Hemisphere summer, your security issues will have to wait, unless you pay for support.

 |  Security  | Mar 17, 2026
4 KVM vendors, 9 vulns – including an unfixed CVSS 9.8
4 KVM vendors, 9 vulns – including an unfixed CVSS 9.8

All the joy of physical-presence vulnerabilities but remotely, and many cheap, single-port IP-KVMs are wide open, says Eclypsium.

Security  | Mar 05, 2026
Two different CVSS 10s offer root on Cisco Secure Firewall Management Center
Two different CVSS 10s offer root on Cisco Secure Firewall Management Center

No reports yet that CVE-2026-20079 and CVE-2026-20131 are being exploited, but we happen to know Cisco 0days get quietly exploited for years.

Security  | Feb 26, 2026
Banks – and Google – open to Gemini-powered exfil via public API keys, researchers say
Banks – and Google – open to Gemini-powered exfil via public API keys, researchers say

The API keys Google told you to make public can now be used to exfiltrate data via Gemini or run up usage, says Truffle.

 |  Security  | Feb 16, 2026
Malicious servers beat zero-knowledge encryption for major cloud password managers, researchers show
Malicious servers beat zero-knowledge encryption for major cloud password managers, researchers show

Assuming a vendor is compromised (yet again), standard claims of password safety simply don't hold up, says a paper published on Monday.

Security  | Jun 24, 2025
CVE-2025-5777 – Citrix Bleed, Redux?
CVE-2025-5777 – Citrix Bleed, Redux?

That advisory got a worrying update...

Security  | Nov 08, 2024
CISA: Critical Palo Alto Networks vulnerability exploited in the wild
CISA: Critical Palo Alto Networks vulnerability exploited in the wild

Expedition, a migration tool, hit by bug that could allow attackers with network access to "access secrets, credentials, and other data".

zero day  | Aug 27, 2024
China's Volt Typhoon exploits zero-day vulnerability to zap ISPs and MSPs
ChatGPT's depiction of a Volt Typhoon

APT deploys web shell disguised as a PNG file in a bid to steal credentials and crack into customers' networks downstream.

Business  | Jul 18, 2024
Critical Cisco vulnerability CVE-2024-20419 lets unauthenticated attackers change admin passwords
Critical Cisco vulnerability CVE-2024-20419 lets unauthenticated attackers change admin passwords

"A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user."

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2026 The Stack
©  2026 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.