Latest news
Vulnerability
CVE-2026-5027: Critical Langflow Path Traversal Flaw Actively Exploited for Remote Code Execution
12 June 2026 dark6
A critical path traversal vulnerability (CVE-2026-5027, CVSS 8.8) in Langflow is being actively exploited to achieve remote code execution on...
Vulnerability
Three Critical cPanel and WHM Vulnerabilities Enable Code Execution, File Reads, and DoS Attacks
11 May 2026 dark6
cPanel has disclosed three critical security vulnerabilities — CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 — affecting its widely deployed cPanel & WHM...
Vulnerability
Critical CVSS 9.8 Flaw in CrowdStrike LogScale Lets Unauthenticated Attackers Read Server Files
28 April 2026 dark6
CrowdStrike has issued an emergency advisory for CVE-2026-40050, a CVSS 9.8 unauthenticated path-traversal flaw in LogScale that lets remote attackers...
Vulnerability
CISA Adds Two Actively Exploited SimpleHelp Vulnerabilities to KEV Catalog — May 8 Patch Deadline
26 April 2026 dark6
CISA has added two chained vulnerabilities in SimpleHelp remote support software — CVE-2024-57726 (missing authorization) and CVE-2024-57728 (path traversal) —...