Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > SQL Injection
#SQL Injection

APT Campaign Exploits cPanel CVE-2026-41940 to Breach Government and Military Servers Across South-East Asia

3 May 2026  |  dark6  |  Vulnerability

A sophisticated threat actor has exploited the critical cPanel authentication bypass CVE-2026-41940 to compromise government and military servers across South-East Asia, while also deploying a custom zero-day SQL-to-OS...

>> read more

Critical SAP SQL Injection CVE-2026-27681 (CVSS 9.9) Exposes Financial Data in Business Planning and Warehouse Systems

19 April 2026  |  dark6  |  Vulnerability

SAP's April 2026 Patch Day addresses CVE-2026-27681, a near-perfect CVSS 9.9 SQL injection flaw in SAP Business Planning and Consolidation (BPC) and Business Warehouse (BW). A low-privileged user...

>> read more

Critical Fortinet FortiClient EMS Vulnerability CVE-2026-21643 Actively Exploited — CISA Demands Patch Today

16 April 2026  |  dark6  |  Vulnerability

CISA has added CVE-2026-21643, a critical pre-authentication SQL injection flaw in Fortinet FortiClient EMS (CVSS 9.1), to its Known Exploited Vulnerabilities catalog with a mandatory patching deadline of...

>> read more