CVE
A catalogue of CVE vulnerabilities impacting web applications. Detailed analyses, CVSS scores, affected products, attack vectors and available fixes.
CVE Cisco Unified CM: CVE-2026-20230 SSRF already exploited
Cisco Unified CM fixes CVE-2026-20230, a high-severity SSRF flaw already being exploited that could expose internal services.
Read the article
CVE PTC Windchill: critical RCE exploited, CISA mandates patching
CISA is warning about a critical PTC Windchill RCE flaw already being exploited via web shells. Exposed servers must be patched without delay.
Read the article
CVE FatFs: 7 flaws affect millions of embedded devices
Seven vulnerabilities in FatFs expose millions of embedded devices to memory corruption, crashes, and possible code execution.
Read the article
CVE libssh2 CVE-2026-55200: Public PoC for a Critical Flaw
A public PoC targets libssh2 via a malicious SSH server and can trigger client-side memory corruption. Update quickly.
Read the article
CVE SharePoint: May RCE now actively exploited
CISA warns that a Microsoft SharePoint RCE flaw, patched in May, is now being actively exploited. Admins and CISOs should verify exposure and apply the patch.
Read the article
CVE Oracle E-Business Suite: CVE-2026-46817 actively exploited
Oracle E-Business Suite is targeted by CVE-2026-46817, a critical flaw actively exploited that could compromise the financial application.
Read the article
CVE SharePoint CVE-2026-45659: Active RCE, CISA Sounds the Alarm
The RCE flaw CVE-2026-45659 in Microsoft SharePoint Server is now being actively exploited. Admins and CISOs must patch without delay.
Read the article