Server-Side Request Forgery is a attack_type tracked across 27 threat clusters and 32 intelligence report mentions on ThreatCluster. First observed November 11, 2025; most recent activity July 13, 2026.
Cisco has disclosed a critical authentication bypass vulnerability, CVE-2026-20182, affecting its Catalyst SD-WAN Controller and Manager. This flaw allows unauthenticated remote attackers to bypass authentication and…
A pre-authentication remote code execution (RCE) vulnerability, CVE-2026-35273, was discovered in Oracle PeopleSoft PeopleTools, affecting versions 8.61 and 8.62. The vulnerability allows unauthenticated attackers to…
Recent updates to RoundcubeMail for Fedora 43 and 44 revealed critical vulnerabilities, including SQL injection and cross-site scripting (XSS) issues. CVE-2026-48842 details a pre-auth SQL injection in the…
In July 2026, Adobe and Microsoft released significant security updates addressing numerous vulnerabilities. Adobe issued 12 bulletins for 88 unique CVEs, with a focus on ColdFusion and Commerce patches, including a…
Fluentd v1.19.3 addresses multiple vulnerabilities, including a critical RCE flaw tracked as CVE-2026-44024. These vulnerabilities can allow unauthenticated remote attackers to execute arbitrary code, access sensitive…
Cisco has confirmed that attackers are exploiting a vulnerability in its Unified Communications Manager (Unified CM), tracked as CVE-2026-20230, which was patched on June 3, 2026. This vulnerability allows for…
A study by security startup Tenzai revealed that popular vibe coding platforms produce insecure code, including critical vulnerabilities, when responding to common programming prompts. The assessment, conducted in…
Two critical server-side request forgery (SSRF) vulnerabilities have been identified in Azure services. The first allows authorized attackers to elevate privileges in Azure MCP Server, while the second enables…
On March 10, 2026, SAP released 15 security notes, including two critical vulnerabilities that could allow remote code execution and system compromise. Administrators are urged to apply the patches promptly to protect…
Multiple critical vulnerabilities affecting React Server Components and .js have been disclosed, including denial of service, server-side request forgery, and middleware bypass issues. These flaws impact versions 13.x…