CWE-78 - OS Command Injection is a cwe tracked across 50 threat clusters and 236 intelligence report mentions on ThreatCluster. First observed April 14, 2026; most recent activity July 17, 2026.
SonicWall has reported two critical vulnerabilities, CVE-2026-15409 and CVE-2026-15410, affecting its SMA1000 Series appliances, which are currently being actively exploited. The first vulnerability, CVE-2026-15409, is…
A critical command injection vulnerability, CVE-2026-42271, in LiteLLM, an open-source AI gateway, allows unauthenticated remote code execution (RCE) when chained with CVE-2026-48710, a Host header validation bypass in…
On June 17, 2026, F5 released emergency patches for two critical vulnerabilities in NGINX, CVE-2026-42530 and CVE-2026-42055. These vulnerabilities affect NGINX Open Source, NGINX Plus, and related products, allowing…
Operation Escaneo is a coordinated cyberattack attributed to the MexicanMafia group, targeting critical infrastructure across Latin America, primarily Mexico. The campaign, which spanned from 2025 to 2026, utilized…
Flowise has disclosed a critical remote code execution vulnerability, tracked as CVE-2026-56274, affecting versions prior to 3.1.2 of its Custom MCP Server feature. The flaw allows attackers to exploit multiple OS…
Forescout Technologies has identified 22 new vulnerabilities in serial-to-IP converters from Lantronix and Silex, which are widely used in critical sectors like healthcare and utilities. These vulnerabilities,…
A critical vulnerability (CVE-2026-8206) in the Kirki WordPress plugin allows unauthenticated attackers to hijack user accounts, including admin accounts, on over 500,000 websites. Detected by Defiant's Wordfence…
On April 24, 2026, CISA added four actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog. The affected products include SimpleHelp remote management software, Samsung MagicINFO 9 Server, and…
Ubiquiti has issued security updates for five critical vulnerabilities in UniFi OS, including three maximum severity flaws (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910) that allow remote attackers to execute…
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo, an open-source Python notebook platform, was disclosed on April 8, 2026, and exploited within 9 hours and 41 minutes. The vulnerability,…