Latest news

Three Critical cPanel and WHM Vulnerabilities Enable Code Execution, File Reads, and DoS Attacks
Vulnerability

Three Critical cPanel and WHM Vulnerabilities Enable Code Execution, File Reads, and DoS Attacks

11 May 2026 dark6

cPanel has disclosed three critical security vulnerabilities — CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 — affecting its widely deployed cPanel & WHM...
Read more 0
Five Critical Redis Vulnerabilities Enable Remote Code Execution Across All Editions — Patch Now
Vulnerability

Five Critical Redis Vulnerabilities Enable Remote Code Execution Across All Editions — Patch Now

10 May 2026 dark6

Redis has disclosed five high-severity vulnerabilities (CVE-2026-23479, CVE-2026-25243, CVE-2026-25588, CVE-2026-25589, CVE-2026-23631) affecting Redis Cloud, Redis Software, and all open-source community...
Read more 0
WatchGuard Agent Vulnerabilities Allow Attackers to Escalate to Full SYSTEM Privileges on Windows
Vulnerability

WatchGuard Agent Vulnerabilities Allow Attackers to Escalate to Full SYSTEM Privileges on Windows

10 May 2026 dark6

WatchGuard has released urgent security updates patching four high-severity vulnerabilities in the WatchGuard Agent for Windows, including chained CVE-2026-6787 and...
Read more 0
Critical Next.js and React Server Components Vulnerabilities: SSRF, DoS, and Middleware Bypass Patched
Vulnerability

Critical Next.js and React Server Components Vulnerabilities: SSRF, DoS, and Middleware Bypass Patched

9 May 2026 dark6

Vercel has released a sweeping set of security advisories for Next.js addressing more than a dozen vulnerabilities including denial-of-service, SSRF...
Read more 0
New Ivanti EPMM Zero-Day CVE-2026-6973 Actively Exploited — Patch Immediately
Vulnerability

New Ivanti EPMM Zero-Day CVE-2026-6973 Actively Exploited — Patch Immediately

8 May 2026 dark6

Ivanti has confirmed active exploitation of CVE-2026-6973, a new zero-day vulnerability in its on-premises Endpoint Manager Mobile (EPMM) product. The...
Read more 0
Dirty Frag: New Linux Kernel Vulnerability Chains Two Flaws to Grant Root Privileges — Public PoC Released
Vulnerability

Dirty Frag: New Linux Kernel Vulnerability Chains Two Flaws to Grant Root Privileges — Public PoC Released

8 May 2026 dark6

A newly disclosed Linux kernel vulnerability dubbed Dirty Frag chains two page-cache write flaws to achieve full root access on...
Read more 0
Critical Palo Alto PAN-OS Zero-Day CVE-2026-0300 Actively Exploited — Root Access Granted on 5,800+ Exposed Firewalls
Vulnerability

Critical Palo Alto PAN-OS Zero-Day CVE-2026-0300 Actively Exploited — Root Access Granted on 5,800+ Exposed Firewalls

7 May 2026 dark6

A critical buffer overflow zero-day in Palo Alto Networks PAN-OS (CVE-2026-0300, CVSS 9.3) is being actively exploited in the wild....
Read more 0
Critical Apache HTTP Server 2.4.67 Patches RCE Flaw CVE-2026-23918 — Upgrade All Servers Immediately
Vulnerability

Critical Apache HTTP Server 2.4.67 Patches RCE Flaw CVE-2026-23918 — Upgrade All Servers Immediately

5 May 2026 dark6

Apache has released HTTP Server 2.4.67, patching five vulnerabilities including a critical double-free bug CVE-2026-23918 (CVSS 8.8) in the HTTP/2...
Read more 0
Critical Android Zero-Click Vulnerability CVE-2026-0073 Allows Remote Shell Access Without User Interaction
Vulnerability

Critical Android Zero-Click Vulnerability CVE-2026-0073 Allows Remote Shell Access Without User Interaction

5 May 2026 dark6

Google has disclosed a critical zero-click remote code execution vulnerability tracked as CVE-2026-0073 in the Android System component. The flaw...
Read more 0
Microsoft Defender False Positive Quarantines DigiCert Root Certificates, Risks Breaking SSL Across Enterprise Networks
Vulnerability

Microsoft Defender False Positive Quarantines DigiCert Root Certificates, Risks Breaking SSL Across Enterprise Networks

4 May 2026 dark6

A faulty Microsoft Defender antimalware definition update incorrectly flagged two legitimate DigiCert root certificates as malware, automatically quarantining them from...
Read more 0
FreeBSD DHCP Client Flaw CVE-2026-42511 Allows Root Code Execution via Rogue DHCP Server
Vulnerability

FreeBSD DHCP Client Flaw CVE-2026-42511 Allows Root Code Execution via Rogue DHCP Server

4 May 2026 dark6

A critical vulnerability in the FreeBSD DHCP client, CVE-2026-42511, allows attackers on the same local network to execute arbitrary commands...
Read more 0
Exim 4.99.2 Patches Four Vulnerabilities Including Heap Corruption, DNS Crash, and Memory Leaks
Vulnerability

Exim 4.99.2 Patches Four Vulnerabilities Including Heap Corruption, DNS Crash, and Memory Leaks

4 May 2026 dark6

The Exim development team has released version 4.99.2 to fix four security vulnerabilities — including a DNS-triggered crash on musl...
Read more 0