2 – 8 Feb 2026 Earlier this week, a security advisory reported a high-severity vulnerability in Notepad++, rated CVSS 7.7. But first of all, what is Notepad++? For those who may not be familiar with it, Notepad++ is a free, open-source text and source code …

26 Jan – 1 Feb 2026 This week’s CVE of the Week highlights an actively exploited security feature bypass vulnerability in Microsoft Office. Microsoft Office is an office suite and a family of client software, server software, and services developed by Microsoft.It’s one of the …

12 – 18 Jan 2026 This week’s CVE of the Week is about the recent remote code execution vulnerability in Cisco’s Unified Communications (CM) products and Webex Calling Dedicated Instance, that has been actively exploited as a zero-day. This vulnerability is due to improper validation …

12 – 18 Jan 2026 Our CVE of the Week series continues with an AI Agent vulnerability that affected ServiceNow, one of the most popular cloud-based platforms for IT and business process automation. The CVE-2025-12420 vulnerability, assigned with a CVSS 4.0 score of 9.3, allows …

5 – 11 Jan 2026 A new year, the same mission: raising awareness of critical vulnerabilities. Our CVE of the Week series continues in 2026 to help you stay ahead of emerging security risks. Let’s get started. Our first choice in 2026 is a vulnerability …

15 – 21 Dec 2025 As we reached the end of 2025 we have looked back to see the most impactful vulnerabilities of the year. Come and go through the TOP 10 CVEs of the year selected by our experts! A critical CVSS 9.1 flaw …

8 – 14 Dec 2025 A remote code execution vulnerability was found in React Server Components: CVE-2025-55182 – React2Shell. This week’s CVE of the Week is about the recent pre-authentication remote code execution vulnerability in Meta’s React Server Components. React is a free and open-source …

1 – 7 Dec 2025 Critical vulnerability has been found with the CVSS score of 10 in Manager-io/Manager, which is an accounting software. CVE-2025-64180 is the vulnerability of this week. In Manager Desktop and Server versions 25.11.1.3085 and below, a critical vulnerability permits unauthorized access …

14 – 30 Nov 2025 A newly disclosed and actively exploited FortiWeb vulnerability (CVE-2025-58034) allows authenticated attackers to execute arbitrary OS commands, posing a serious risk to organizations relying on the platform for critical web application protection. Despite its medium-severity vulnerability (CVSS score of 6.7), …

17 – 23 Nov 2025 On Monday Google released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. Our CVE of the Week is about CVE-2025-13223 vulnerability with a CVSS score of …