Category

Actively Exploited

40 articles · Page 2 of 4
All News Malware Ransomware Breaches Vulnerabilities Nation-State CVEs
CVE
CVE-2026-3502 — TrueConf Client Download of Code Without Integrity Check Vulnerability
TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update…
CISA KEV · Apr 2, 2026 · CRITICAL
CVE
CVE-2026-5281 — Google Dawn Use-After-Free Vulnerability
Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process t…
CISA KEV · Apr 1, 2026 · CRITICAL
CVE
CVE-2026-3055 — Citrix NetScaler Out-of-Bounds Read Vulnerability
Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain a…
CISA KEV · Mar 30, 2026 · CRITICAL
CVE
CVE-2025-53521 — F5 BIG-IP Stack-Based Buffer Overflow Vulnerability
F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code executio…
CISA KEV · Mar 27, 2026 · CRITICAL
CVE
CVE-2026-33634 — Aquasecurity Trivy Embedded Malicious Code Vulnerability
Aquasecurity Trivy contains an embedded malicious code vulnerability that could allow an attacker to gain access to everything in …
CISA KEV · Mar 26, 2026 · CRITICAL
CVE
CVE-2026-33017 — Langflow Code Injection Vulnerability
Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication. Required…
CISA KEV · Mar 25, 2026 · CRITICAL
CVE
CVE-2025-32432 — Craft CMS Code Injection Vulnerability
Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code. Required action: Apply …
CISA KEV · Mar 20, 2026 · CRITICAL
CVE
CVE-2025-54068 — Laravel Livewire Code Injection Vulnerability
Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execu…
CISA KEV · Mar 20, 2026 · CRITICAL
CVE
CVE-2025-43510 — Apple Multiple Products Improper Locking Vulnerability
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious appli…
CISA KEV · Mar 20, 2026 · CRITICAL
CVE
CVE-2025-43520 — Apple Multiple Products Classic Buffer Overflow Vulnerability
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow a maliciou…
CISA KEV · Mar 20, 2026 · CRITICAL
CVE
CVE-2025-31277 — Apple Multiple Products Buffer Overflow Vulnerability
Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow the process…
CISA KEV · Mar 20, 2026 · CRITICAL
CVE
CVE-2026-20131 — Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deseri…
CISA KEV · Mar 19, 2026 · CRITICAL