Critical154Important1Moderate0LowMicrosoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day ...

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware.

Elevation-of-privilege bugs accounted for more than half of the 165 vulnerabilities patched, with two zero-days in that mix.

ShowDoc CVE-2025-0520 exploited due to unpatched versions before 2.8.7, enabling remote code execution on 2,000+ instances.

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

CISA has expanded the KEV catalog to include seven vulnerabilities, including Windows flaws that lead to privilege escalation ...

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over ...

The decade-old ActiveMQ flaw was uncovered and weaponized in minutes, showing AI’s exploit-building potential amid the Mythos ...

Google is bringing memory-safe Rust code to the Pixel 10 modem to protect users from remote hacking and memory-safety ...

Hackers have been targeting a critical file upload flaw in an addon for the Ninja Forms WordPress plugin that leads to remote ...