Latest news
Vulnerability
Researcher Chains a Guardrail Bypass With a Path Traversal Flaw to Access System Files in ChatGPT
4 July 2026 dark6
A proof-of-concept disclosed by researcher zer0dac combined social engineering against ChatGPT's own safety logic with a path traversal bug to...
Vulnerability
Critical Fortinet FortiSandbox Vulnerabilities Actively Exploited in the Wild
17 June 2026 dark6
Threat actors are actively exploiting three critical Fortinet FortiSandbox vulnerabilities — including CVE-2026-39813, which has no prior exploitation history. All...
Vulnerability
CVE-2026-5027: Critical Langflow Path Traversal Flaw Actively Exploited for Remote Code Execution
12 June 2026 dark6
A critical path traversal vulnerability (CVE-2026-5027, CVSS 8.8) in Langflow is being actively exploited to achieve remote code execution on...
Vulnerability
Three Critical cPanel and WHM Vulnerabilities Enable Code Execution, File Reads, and DoS Attacks
11 May 2026 dark6
cPanel has disclosed three critical security vulnerabilities — CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 — affecting its widely deployed cPanel & WHM...
Vulnerability
Critical CVSS 9.8 Flaw in CrowdStrike LogScale Lets Unauthenticated Attackers Read Server Files
28 April 2026 dark6
CrowdStrike has issued an emergency advisory for CVE-2026-40050, a CVSS 9.8 unauthenticated path-traversal flaw in LogScale that lets remote attackers...
Vulnerability
CISA Adds Two Actively Exploited SimpleHelp Vulnerabilities to KEV Catalog — May 8 Patch Deadline
26 April 2026 dark6
CISA has added two chained vulnerabilities in SimpleHelp remote support software — CVE-2024-57726 (missing authorization) and CVE-2024-57728 (path traversal) —...