Threat actors are exploiting a vulnerability in Gitea’s reverse-proxy authentication mechanism to access internet-accessible instances by supplying only a valid username.
A Gitea Docker vulnerability disclosed last month is now drawing real attacker interest, and it is easy to see why. CVE-2026-20896, rated 9.8 out of 10 on the CVSS scale, let anyone who could reach a ...
A newly identified malware campaign has been observed exploiting a command injection flaw in digital video recorder (DVR) devices to deploy a Mirai-based botnet, according to analysis by FortiGuard ...
Just two weeks after a massive supply chain compromise, Axios, a widely used JavaScript library for making web requests, is experiencing another critical threat. It contains a bug that allows ...
Many modern web applications rely on the flawed assumption that backends can blindly trust security-critical headers from upstream reverse proxies. This assumption breaks down because HTTP RFC ...
Four security vulnerabilities have been found in the open source Ingress NGINX traffic controller that is extensively used by organizations in Kubernetes deployments. They can only be fixed by ...
Researchers found three high-risk “Gemini Trifecta” vulnerabilities that let attackers inject prompts and steal user data. Gemini Cloud Assist could be tricked by malicious log entries to execute ...
Commix offers comprehensive support for command injection exploitation across a wide range of backend technologies and web application environments. Its flexible payload generation and injection ...
Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers. FortiWeb ...
Cybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic's Model Context Protocol (MCP) Inspector project that could result in ...
Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results