Secure Bulletin Navigating the cyber sea with knowledge
Home > Categoria > Vulnerability
Latest news

Google Patches Actively Exploited Chrome Zero-Day CVE-2026-5281 — CISA Deadline Hits Today

15 April 2026  |  dark6  |  Vulnerability

Google has patched a high-severity use-after-free zero-day in Chrome's WebGPU implementation (CVE-2026-5281) that is actively exploited in the wild. CISA set a mandatory federal remediation deadline of April...

>> read more

Critical Marimo Python Notebook Zero-Day (CVE-2026-39987) Exploited Within 10 Hours of Disclosure

14 April 2026  |  dark6  |  Vulnerability

A critical pre-authentication RCE vulnerability (CVE-2026-39987, CVSS 9.3) in the popular Marimo Python notebook platform was weaponised within 10 hours of public disclosure. Attackers are actively harvesting credentials,...

>> read more

Fortinet Issues Emergency Patch for Actively Exploited FortiClient EMS Zero-Day CVE-2026-35616

13 April 2026  |  dark6  |  Vulnerability

A critical zero-day vulnerability (CVE-2026-35616, CVSS 9.1) in Fortinet FortiClient EMS was exploited in the wild before Fortinet published its advisory. The pre-authentication flaw allows remote code execution...

>> read more

PoC Exploit Leaked for Unpatched Windows Privilege Escalation Zero-Day ‘BlueHammer’

13 April 2026  |  dark6  |  Vulnerability

A disgruntled researcher has published a working exploit for BlueHammer, an unpatched Windows local privilege escalation zero-day that abuses Windows Defender's update mechanism. Fully patched Windows 10, 11,...

>> read more

Adobe Patches Actively Exploited Acrobat Reader Zero-Day CVE-2026-34621 — Exploited Since December 2025

13 April 2026  |  dark6  |  Vulnerability

Adobe has issued an emergency patch for CVE-2026-34621 (CVSS 8.6), a prototype pollution zero-day in Acrobat Reader actively exploited since December 2025. Attackers can achieve code execution by...

>> read more

Google Patches Actively Exploited Chrome Zero-Day CVE-2026-5281 — Update Now

12 April 2026  |  dark6  |  Vulnerability

Google has confirmed that CVE-2026-5281, a high-severity use-after-free vulnerability in Chrome's Dawn WebGPU implementation, is being actively exploited in the wild. CISA has added the flaw to its...

>> read more

CVE-2026-39987: Critical Marimo Python Notebook RCE Exploited Within 10 Hours of Disclosure

11 April 2026  |  dark6  |  Vulnerability

A pre-authentication remote code execution flaw (CVSS 9.3) in the Marimo Python notebook framework was weaponized by attackers within just 10 hours of public disclosure. The vulnerability allows...

>> read more

Windows Zero-Day “BlueHammer” Exploit Code Released — SYSTEM Privileges at Risk

10 April 2026  |  dark6  |  Vulnerability

Exploit code has been publicly released for BlueHammer, a Windows zero-day privilege escalation vulnerability that allows attackers to gain full SYSTEM or administrator access. The availability of working...

>> read more