T1190 - Exploit Public-Facing Application is a mitre_attack tracked across 50 threat clusters and 524 intelligence report mentions on ThreatCluster. First observed October 30, 2025; most recent activity July 16, 2026.
A cyberattack targeting Poland's energy grid in December has been linked to a Russian government-affiliated hacking group. The attack affected 30 wind and photovoltaic farms and prompted the Cybersecurity and…
SonicWall has reported two critical vulnerabilities, CVE-2026-15409 and CVE-2026-15410, affecting its SMA1000 Series appliances, which are currently being actively exploited. The first vulnerability, CVE-2026-15409, is…
Cisco has disclosed a critical authentication bypass vulnerability, CVE-2026-20182, affecting its Catalyst SD-WAN Controller and Manager. This flaw allows unauthenticated remote attackers to bypass authentication and…
A critical vulnerability in the Joomla Content Editor (JCE), tracked as CVE-2026-48907, allows unauthenticated attackers to execute remote code on affected Joomla sites. This flaw affects JCE versions below 2.9.99.6 and…
Hackers are actively exploiting a critical Remote Code Execution (RCE) vulnerability in Oracle WebLogic Server, tracked as CVE-2026-21962, which has a maximum CVSS score of 10.0. This unauthenticated flaw allows…
Active exploitation of two critical vulnerabilities has been reported: CVE-2026-20230 in Cisco Unified CM and CVE-2026-20971 in Samsung KNOX. The Cisco flaw, a server-side request forgery (SSRF), poses an immediate…
A critical command injection vulnerability, CVE-2026-42271, in LiteLLM, an open-source AI gateway, allows unauthenticated remote code execution (RCE) when chained with CVE-2026-48710, a Host header validation bypass in…
OpenSSL has patched a high-severity stack buffer overflow vulnerability, tracked as CVE-2025-15467. This flaw allows unauthenticated attackers to trigger denial-of-service conditions and potentially execute remote code…
CVE-2026-52887 is a critical SQL injection vulnerability affecting NocoBase, an AI-powered no-code/low-code platform. The flaw allows unauthenticated remote attackers to execute arbitrary SQL queries via the…
A cyber threat actor has been exploiting a zero-day vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller since 2023. This vulnerability allows unauthenticated remote attackers to bypass authentication and…