Topic: cisa involvement

Sort by: Relevance | Date
  • Fortinet Critical Auth Bypass Flaw Remains Unpatched
    January 25, 2026
    80%

    Fortinet Critical Auth Bypass Flaw Remains Unpatched

    A critical Fortinet SSO vulnerability (CVE-2025-59718) is being actively exploited via a bypass of the initial patch, allowing attackers to create unauthorized VPN accounts and steal configurations on fully updated devices. Fortinet has confirmed the attacks and is developing a new patch, while u...

    Read More »
  • Patch MongoDB Now: Critical Security Alert
    December 26, 2025
    75%

    Patch MongoDB Now: Critical Security Alert

    A critical, high-severity vulnerability (CVE-2025-14847) in MongoDB allows unauthenticated attackers to remotely read uninitialized heap memory due to a flaw in the server's zlib compression implementation. The vulnerability impacts a wide range of MongoDB versions, from 3.6 through 8.2.2, and th...

    Read More »
  • SolarWinds Issues Urgent Patch for Critical Web Help Desk Flaw
    September 24, 2025
    70%

    SolarWinds Issues Urgent Patch for Critical Web Help Desk Flaw

    SolarWinds has released an urgent hotfix for a critical, unauthenticated remote code execution vulnerability (CVE-2025-26399) in its Web Help Desk software, which poses a severe risk to affected systems. The flaw is a patch bypass for a previous vulnerability and stems from unsafe deserialization...

    Read More »

Related Topics

security advisory (2) vulnerability exploitation (2) patch bypass (2) patch management (1) credential rotation (1) remote code execution (1) vendor response (1) vulnerability disclosure (1)