Topic: patch bypass

Sort by: Relevance | Date
  • Fortinet Critical Auth Bypass Flaw Remains Unpatched
    January 25, 2026
    90%

    Fortinet Critical Auth Bypass Flaw Remains Unpatched

    A critical Fortinet SSO vulnerability (CVE-2025-59718) is being actively exploited via a bypass of the initial patch, allowing attackers to create unauthorized VPN accounts and steal configurations on fully updated devices. Fortinet has confirmed the attacks and is developing a new patch, while u...

    Read More »
  • SolarWinds Issues Urgent Patch for Critical Web Help Desk Flaw
    September 24, 2025
    90%

    SolarWinds Issues Urgent Patch for Critical Web Help Desk Flaw

    SolarWinds has released an urgent hotfix for a critical, unauthenticated remote code execution vulnerability (CVE-2025-26399) in its Web Help Desk software, which poses a severe risk to affected systems. The flaw is a patch bypass for a previous vulnerability and stems from unsafe deserialization...

    Read More »
  • Critical FreeScout Flaw: Zero-Click RCE via Email (CVE-2026-28289)
    March 6, 2026
    85%

    Critical FreeScout Flaw: Zero-Click RCE via Email (CVE-2026-28289)

    A critical vulnerability (CVE-2026-28289) in FreeScout help desk software allows remote attackers to execute code and take over servers by sending a malicious email, bypassing a previous patch. The flaw exploits a filename validation bypass using a Zero-Width Space character, enabling attackers t...

    Read More »
  • Fortinet Firewalls Hacked: Critical Configs Stolen
    January 23, 2026
    85%

    Fortinet Firewalls Hacked: Critical Configs Stolen

    An automated campaign is exploiting an unknown vulnerability in Fortinet FortiGate firewalls' SSO functionality, creating unauthorized admin accounts and stealing configuration data within seconds. The attacks resemble a previous campaign exploiting a critical authentication bypass flaw (CVE-2025...

    Read More »
  • Patched FortiGate Firewalls Still Vulnerable to Hacks
    January 23, 2026
    85%

    Patched FortiGate Firewalls Still Vulnerable to Hacks

    A critical Fortinet firewall vulnerability (CVE-2025-59718) persists despite patches, allowing unauthorized admin access via the FortiCloud SSO feature even on the latest software versions. Fortinet is preparing new updates, but the immediate recommendation is to disable the "Allow administrative...

    Read More »
  • SolarWinds Patches Critical RCE Flaw in Web Help Desk
    September 25, 2025
    85%

    SolarWinds Patches Critical RCE Flaw in Web Help Desk

    SolarWinds has released a critical update for its Web Help Desk software to patch CVE-2025-26399, an unauthenticated remote code execution vulnerability requiring immediate action to prevent system compromise. The flaw, located in the AjaxProxy class, allows remote attackers to execute arbitrary ...

    Read More »

Related Topics

remote code execution (3) vulnerability exploitation (3) vulnerability disclosure (2) forticloud sso (2) cve-2025-59718 (2) unauthenticated access (2) cisa involvement (2) indicators of compromise (2)