Vulnerability

Critical Authentication Bypass Flaw in Cal.com Exposes User Accounts to Takeover A severe vulnerability in Cal.com, an open-source…

Critical Privilege Escalation Flaw in Modular DS WordPress Plugin Exploited in the Wild A severe unauthenticated privilege escalation vulnerability in…

Microsoft Patches Critical SQL Server Privilege Escalation Flaw (CVE-2026-20803) On January 13, 2026, Microsoft released security updates to address a…

Fortinet Discloses Critical FortiSIEM Vulnerability Allowing Remote Code Execution On January 13, 2026, Fortinet issued an advisory warning of a…

CISA Issues Critical ICS Advisories for Rockwell Automation and YoSmart Vulnerabilities The U.S. Cybersecurity and Infrastructure Security Agency (CISA)…

Critical ServiceNow AI Vulnerability (CVE-2025-12420) Exposes Privilege Escalation Risk On 13 January 2026, cybersecurity researchers disclosed CVE-2025-12420, a critical vulnerability…

Critical Gogs Vulnerability (CVE-2025-8110) Actively Exploited in the Wild The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued…

Microsoft Patches Actively Exploited Zero-Day in Desktop Window Manager On January 13, 2026, Microsoft released a critical security update as…

Telegram Proxy Link Vulnerability Exposes User IP Addresses Security researchers have uncovered a critical flaw in Telegram’s proxy link…

In the first half of 2025, Ivanti became a primary target of UNC5221, a suspected China-linked state-sponsored threat group exploiting…

Perplexity’s AI-powered browser Comet was exposed to HashJack, a critical indirect prompt injection vulnerability exploiting URL fragments (after the…

OpenAI fixed a critical vulnerability named ShadowLeak in its Deep Research agent, a tool integrated with services like Gmail and…