Cisco Catalyst SD-WAN Controller has maximum severity flaw, attacker could log in as internal, high-prilvileged. non-root user.

11 – 17 May 2026 This week’s spotlight is on CVE‑2026‑41089, a critical stack‑based buffer overflow in the Windows Netlogon service that allows remote, unauthenticated code execution on domain controllers. The issue stems from a stack‑based buffer overflow triggered during the processing of specific Netlogon …

04 – 10 May 2026 Our CVE of the Week is about PAN-OS, which is the specialized operating system that powers all Palo Alto Networks next-generation firewalls (physical, virtual, and cloud). It provides complete visibility and control over network traffic by identifying users, applications, and …

27 Apr – 03 May 2026 In this week’s CVE of the Week we’ll be looking CVE-2025-32201, a spoofing vulnerability in Microsoft SharePoint Server caused by improper input validation, with a CVSS score of 6.5 It allows a remote, unauthenticated attacker to impersonate trusted users …

20 -26 Apr 2026 Our CVE of the Week series continues as we reveal an Apache ActiveMQ Classic vulnerability that went undetected for 13 years before being discovered with the help of the Claude AI assistant. Tracked as CVE-2026-34197 (CVSS score: 8.8), this high-severity security …

13 -19 Apr 2026 In this week’s CVE of the Week, we’re looking at a critical, actively exploited vulnerability in Adobe Acrobat and Adobe Reader that allows attackers to execute arbitrary code by simply getting a user to open a malicious PDF file. CVE‑2026‑34621 is …