OpenSSL updates released on Tuesday patch a dozen vulnerabilities, including a high-severity remote code execution flaw.

CISA added VMware vCenter vulnerability CVE-2024-37079 to its KEV list after confirmed in-the-wild exploitation, urging ...

Microsoft released out-of-band patches for an actively exploited Microsoft Office zero-day, CVE-2026-21509, a security ...

Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were exploited in zero-day attacks.

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...

SolarWinds has patched critical Web Help Desk vulnerabilities leading to unauthenticated RCE or authentication bypass.

A new vulnerability database has launched in the EU, in a bid to reduce dependence on the U.S. program. Here's what you need ...

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM devices.Key takeaways:CVE-2025-64155 is a critical operating system (OS) ...

The WinRAR vulnerability tracked as CVE-2025-8088 was discovered and patched in July 2025, but the popular file archiver continues to suffer from its fallout. According to ...

A new service, the Global Cybersecurity Vulnerability Enumeration (GCVE), offers an alternative to the US-led CVE ...

The U.S. government funding needed for non-profit research giant MITRE to develop, operate and maintain its flagship Common Vulnerabilities and Exposures Program will expire Wednesday, the company ...