Latest alerts
Vulnerabilities disclosed in recent days
Frameworks MediaWiki fixes XSS flaws and data leakage
Debian has released a MediaWiki fix for several flaws that could lead to XSS and information disclosure on exposed wikis.
Read the alert
Servers Debian fixes critical Linux kernel flaws to watch
Debian has released DSA-6355-1 to fix several Linux kernel flaws that could lead to privilege escalation, denial of service, or information leakage.
Read the alertFFmpeg fixes PixelSmash, an RCE threatening Jellyfin
FFmpeg fixes PixelSmash, a flaw that could lead to remote code execution on Jellyfin via video decoding. Update recommended.
Read the alert
Frameworks Moodle fixes several security flaws that need to be addressed quickly
CERT-FR warns of several vulnerabilities in Moodle that could cause denial of service, information disclosure, and other impacts depending on the versions.
Read the alert
CVE Cisco Unified CM: CVE-2026-20230 SSRF already exploited
Cisco Unified CM fixes CVE-2026-20230, a high-severity SSRF flaw already being exploited that could expose internal services.
Read the alert
Browsers Chrome fixes critical flaws in the desktop stable channel
Google has released a security update for Chrome desktop stable that fixes several vulnerabilities that could lead to a crash or code execution.
Read the alertExplore by topic
Web application security, sorted for you
Your application security watch, simplified
FailleWeb continuously monitors the NVD, CERT-FR, Patchstack, BleepingComputer, Google TAG, Snyk and GitHub advisories to bring you the vulnerabilities that matter every day — decoded, with their impact and remediation.
Learn more