Ivanti Endpoint Manager Mobile Vulnerability Exploited in the Wild (CVE-2026-6973) Ivanti released security updates to address five high-severity vulnerabilities impacting Endpoint Manager Mobile (EPMM). One of these vulnerabilities, tracked as CVE-202606973, is said to be exploited in zero-day attacks.... 08/05/2026 Qualys-Threat-Protect
vm2 Sandbox Escape Vulnerability Allows Attackers to Execute Code (CVE-2026-26956) Security researchers have identified a critical severity vulnerability impacting the popular Node.js sandboxing library vm2. Tracked as CVE-2026-26956, successful exploitation of the vulnerability allows an attacker to escape the sandbox and execute arbitrary... 07/05/2026 Qualys-Threat-Protect
Apache Addresses Multiple Vulnerabilities Impacting the HTTP Server Apache has released security updates for the HTTP Server, addressing several security vulnerabilities. One of the vulnerabilities, tracked as CVE-2026-23918, can result in remote code execution. The Apache HTTP Server,... 07/05/2026 Qualys-Threat-Protect
PAN-OS User-ID Authentication Portal Vulnerability Exploited in Attacks (CVE-2026-0300) Palo Alto has warned its users about the active exploitation of a vulnerability in the Palo Alto User-ID Authentication Portal (aka Captive Portal) service running on... 07/05/2026 Qualys-Threat-Protect
Linux Kernel Vulnerability Exploited in the Wild (Copy Fail) (CVE-2026-31431) Threat actors are exploiting a vulnerability in the Linux Kernel tracked as CVE-2026-31431. Named Copy Fail, it’s a critical Linux kernel local privilege escalation vulnerability that allows unprivileged... 05/05/2026 Qualys-Threat-Protect
cPanel and WHM Authentication Bypass Vulnerability Exploited in the Wild (CVE-2026-41940) Security researchers have identified a critical severity vulnerability impacting cPanel and WHM (Web Host Manager). Tracked as CVE-2026-41940, the vulnerability... 01/05/2026 Qualys-Threat-Protect
Oracle Critical Patch Update, April 2026 Security Update Review Oracle released its second quarterly edition of this year’s Critical Patch Update. The update received patches for 481 security vulnerabilities. Some of... 23/04/2026 Qualys-Threat-Protect
Apache ActiveMQ Remote Code Execution Vulnerability Added to CISA KEV (CVE-2026-34197) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of active exploitation of the Apache ActiveMQ vulnerability (CVE-2026-34197). CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog, urging... 17/04/2026 Qualys-Threat-Protect
Microsoft Patch Tuesday, April 2026 Security Update Review April 2026’s Patch Tuesday arrives with Microsoft addressing a fresh set of vulnerabilities across its ecosystem, reinforcing the ongoing need... 15/04/2026 Qualys-Threat-Protect
Adobe Acrobat and Reader Arbitrary Code Execution Vulnerability Exploited in the Wild (CVE-2026-34621) Adobe released a security update to address an actively exploited vulnerability impacting Adobe Acrobat and Reader. Tracked as CVE-2026-34621, the vulnerability may allow an attacker to run malicious code on affected installations.... 14/04/2026 Qualys-Threat-Protect
