Secure Bulletin Navigating the cyber sea with knowledge
Home > Categoria > Vulnerability
Latest news

Critical Fortinet FortiClient EMS Zero-Day CVE-2026-35616 Actively Exploited — Patch Now

10 April 2026  |  dark6  |  Vulnerability

A critical zero-day in Fortinet FortiClient EMS (CVE-2026-35616, CVSS 9.8) is being actively exploited in the wild. CISA has added it to its Known Exploited Vulnerabilities catalog, mandating...

>> read more

CVSS 10.0: Critical Flowise AI Vulnerability Is Being Actively Exploited — 15,000+ Instances Still Exposed

9 April 2026  |  dark6  |  AI

A maximum-severity RCE vulnerability (CVE-2025-59528, CVSS 10.0) in the popular Flowise AI agent builder is under active attack. Over 15,000 instances are still exposed online. Here’s what you...

>> read more

Chrome’s Fourth Zero-Day of 2026: CISA Orders Federal Agencies to Patch CVE-2026-5281 by April 15

9 April 2026  |  dark6  |  Vulnerability

Google has patched CVE-2026-5281, a use-after-free zero-day in Chrome’s WebGPU engine already exploited in the wild. It’s the fourth Chrome zero-day of 2026. CISA has mandated federal agencies...

>> read more

Unpatched Adobe Reader Zero-Day Has Been Silently Exploiting Users Since December

9 April 2026  |  dark6  |  Vulnerability

A highly sophisticated zero-day exploit targeting Adobe Reader has been active since December 2025, requiring just a single click to open a PDF. No patch is available yet...

>> read more

GitLab Releases Critical Security Patch for Multiple High-Severity Vulnerabilities

11 December 2025  |  dark6  |  Vulnerability

Security researchers have uncovered vulnerabilities in GitLab’s Community Edition and Enterprise Edition platforms, prompting the company to release critical security patches. On December 10th, 2025, Gitlab released update...

>> read more

A Critical Patch for Vulnerable Next.js: New Scanner Unveils Hidden Attacks

4 December 2025  |  dark6  |  Vulnerability

With the rise of Serverless functions, static site generators like Next.js have become ubiquitous in web development, streamlining functionality and boosting speed. However, while these frameworks offer undeniable...

>> read more

A Silent Vulnerability Exposed: How Hackers Used Hidden Commands to Steal Sensitive Data

3 December 2025  |  dark6  |  Vulnerability

Microsoft’s seemingly “unremarkable” November 2025 Patch Tuesday update actually contained a major security fix. But even the most meticulous patching process can sometimes be outmaneuvered by cunning threat...

>> read more

Chrome 143: A Patch Day For Deep Dive Cybersecurity Professionals

3 December 2025  |  dark6  |  Vulnerability

Google has just released Chrome 143, ushering in a new era of browser security with 13 addressed vulnerabilities. This release is no mere formality – it’s a critical...

>> read more