A Linux kernel use-after-free in the epoll path shows how a narrow timing bug in object cleanup can become a serious privilege-escalation risk on unpatched systems.
CVE-2026-12184 shows how an ordinary outbound fetch path can become a denial-of-service trigger for PHP applications that rely on proxies and PHP-FPM.
A critical flaw in a Telegram MCP gateway shows how a single filesystem mistake can turn bearer-token authentication into an unexpected route into a live account session.
A high-severity TLS stream flaw and a heap-corruption bug in PHP’s OpenSSL extension now push operators to verify patched builds across supported branches.
CVE-2026-46242 shows how a use-after-free in a core kernel event path can turn local access into full control, with patch provenance now more important than the nickname attached to the bug.
A token-theft workflow tied to Umbrij shows how ordinary browser developer features can be turned into quiet access to corporate Gmail and other Google services.
A new advisory on Erlang/OTP shows how a runtime built for resilience can still be shaken by flaws in transport parsing, authentication, and trust-boundary checks.
A high-severity bug in a popular content platform shows how one insecure workflow can change records that editors assumed were safe.
A security update for Cisco's ClamAV closes seven high-severity holes, and the main risk is not data theft but the kind of service disruption that can silently weaken scanning pipelines.
A freshly disclosed CitrixBleed-branded flaw is already being used with public exploit code, showing how quickly identity edge devices can turn into memory-disclosure channels.
The reported malware chain targets Google’s OAuth flow, showing how a live browser session can become the real prize in email compromise.
Microsoft fixed a known issue in Classic Outlook for Windows that caused Copilot Chat or Copilot buttons to disappear for users with the Copilot Chat (Basic) license, a reminder that even small UI faults can shake trust in business tools.
More than 900 internet-facing Oracle E-Business Suite instances were flagged while defenders tracked active abuse of CVE-2026-46817, a high-severity weakness in Oracle Payments.
Adobe’s June security updates for Campaign Classic and ColdFusion close high-risk holes in software that can sit close to web traffic, customer workflows, and administrative access.
Version 1.19.3 closes a critical remote code execution flaw and three high-severity bugs, underscoring how a logging collector can become a sensitive part of the attack surface.
A six-bug patch cycle on a widely deployed appliance shows how quickly availability risk and session-integrity risk can meet at the network edge.
A reported ToddyCat operation points to a quieter kind of account abuse: Windows sideloading, browser remote debugging, and OAuth token flow instead of direct credential theft.
A fresh cluster of NetScaler ADC and Gateway vulnerabilities shows why edge appliances remain high-value targets: when the front door falters, availability and sensitive data can both be at risk.
A reported flaw in Anthropic's buffa library shows how attacker-controlled parsing can turn compatibility features into availability risk, even in memory-safe code.
A reported zero-day in a Rust-based protobuf library shows how attacker-controlled parsing logic can turn a small message into a denial-of-service event.