Google pays $250K for Linux vulnerability allowing guest VM escapes
Both vulnerabilities allow untrusted users to gain root privileges.
Tech news from the best sources
Both vulnerabilities allow untrusted users to gain root privileges.
Are you looking for vulnerability intel that standard scanners skip? OSV-Scanner is an awesome SCA tool for unearthing vulnerabilities in open-source …
Someone double-clicks what they think is Maccy, a clipboard manager, and gets a macOS password prompt: "Maccy wants to make changes." They type it in.…
Thousands of software bugs are discovered every day around the world. But turning these bugs into an official, globally recognized CVE code (such as C…
The vulnerability, disclosed 12 months ago, affects multiple manufacturers.
You triaged the CVE. A scanner flagged CVE-2023-45853 in zlib, you read the advisory, confirmed the vulnerable code path isn’t reachable from your ima…
A separate zero-day also disclosed by Nightmare Eclipse appears to be patched as well.
Май 2026 года ознаменовался всплеском критических уязвимостей в корпоративных и потребительских технологиях. Подводим итоги месяца: три уязвимости в п…
Use-after-free bug can be exploited to evade sandbox defenses.
Google publishes exploit code before patch, reported 29 months earlier, is fixed.
It's not entirely clear how the exploit works. Microsoft says it's investigating.
Production-version patches are coming online and should be installed pronto.
CVE-2026-26268 is a CVSS 8.1 high-severity vulnerability in the Cursor AI IDE that lets a malicious repository execute arbitrary code on a developer's…
The developer of Firefox says it has "completely bought in" on AI-assisted bug discovery.
Собрали самые интересные CVE апреля в нашу традиционную подборку. Критическими уязвимостями под RCE в прошлом месяце отметились Microsoft Azure и Bing…