Secure Bulletin Navigating the cyber sea with knowledge
Home > Categoria > Vulnerability
Latest news

PoC Exploit Released for Android Zero-Click CVE-2026-0073 — Silent ADB Shell Access on Android 14–16

13 May 2026  |  dark6  |  Vulnerability

A public PoC exploit for CVE-2026-0073 enables any network-local attacker to gain a full ADB shell on unpatched Android 14–16 devices with zero user interaction, exploiting a cryptographic...

>> read more

Critical Palo Alto PAN-OS Vulnerability CVE-2026-0300 Actively Exploited — Unauthenticated Root RCE on Firewalls

13 May 2026  |  dark6  |  Vulnerability

Palo Alto Networks is warning of a critical CVE-2026-0300 buffer overflow in PAN-OS Captive Portal that enables unauthenticated root-level remote code execution on PA-Series and VM-Series firewalls. Active...

>> read more

Microsoft Patch Tuesday May 2026: 120 Vulnerabilities Fixed, Including 29 Critical RCE Flaws

13 May 2026  |  dark6  |  Vulnerability

Microsoft's May 2026 Patch Tuesday delivers fixes for 120 vulnerabilities including 29 Critical-rated remote code execution flaws across Windows, SharePoint, Dynamics 365, and Office. No active zero-days are...

>> read more

Hackers Deploy AI-Generated Zero-Day Exploit to Bypass 2FA — Google GTIG Q2 2026 Report

12 May 2026  |  dark6  |  Vulnerability

Google's Threat Intelligence Group reveals that cybercriminals have used AI to develop a working zero-day exploit targeting a web administration platform's 2FA logic. The Q2 2026 report also...

>> read more

Let’s Encrypt Halts All Certificate Issuance After Cross-Signed Root Certificate Incident

11 May 2026  |  dark6  |  Vulnerability

Let's Encrypt temporarily suspended all certificate issuance on May 8, 2026, after engineers identified a critical issue with a cross-signed certificate linking its Generation X root to its...

>> read more

Microsoft Patches Three Critical Information Disclosure Vulnerabilities in Microsoft 365 Copilot and Edge

11 May 2026  |  dark6  |  Vulnerability

Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities — CVE-2026-26129, CVE-2026-26164, and CVE-2026-33111 — affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. All...

>> read more

Three Critical cPanel and WHM Vulnerabilities Enable Code Execution, File Reads, and DoS Attacks

11 May 2026  |  dark6  |  Vulnerability

cPanel has disclosed three critical security vulnerabilities — CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 — affecting its widely deployed cPanel & WHM web hosting control panel and WP Squared platform....

>> read more

Five Critical Redis Vulnerabilities Enable Remote Code Execution Across All Editions — Patch Now

10 May 2026  |  dark6  |  Vulnerability

Redis has disclosed five high-severity vulnerabilities (CVE-2026-23479, CVE-2026-25243, CVE-2026-25588, CVE-2026-25589, CVE-2026-23631) affecting Redis Cloud, Redis Software, and all open-source community editions. The flaws include use-after-free conditions and memory...

>> read more