Proof-of-Concept (PoC) exploits for the Apache web server zero-day surfaced on the internet revealing that the vulnerability is far more critical than originally disclosed. These exploits show that ...

CloudLinux’s security platform for Linux-based websites and web servers contains a high-severity PHP deserialization bug. A high-severity security vulnerability in CloudLinux’s Imunify360 ...

Discovered by Cisco Talos researcher Marcin 'Icewall' Noga, the vulnerability "could cause a deserialization condition with controllable data and then execute arbitrary code," leaving web servers open ...

The Howyar UEFI Application “Reloader” (32-bit and 64-bit), distributed as part of SysReturn prior to version 10.2.02320240919, is vulnerable to the execution of arbitrary software from a hard-coded ...

Adobe released 11 security bulletins for 25 vulnerabilities, including a critical code execution bug in ColdFusion.

Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via ...

CISA’s Known Exploited Vulnerabilities (KEV) catalog includes four weaknesses found in the product in recent years, including ...

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to engage in remote code execution (RCE) attacks.