Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

Microsoft patches 59 vulnerabilities, including six actively exploited zero-days, with CISA mandating urgent federal remediation.

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.

Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. The post CVE-2026-1281 & CVE-2026-1340: ...

The European Union Agency for Cybersecurity (ENISA) has recently launched the beta of the European Vulnerability Database (EUVD), a new public platform operating alongside, but independently from, the ...

Microsoft’s monthly release of security updates Tuesday included fixes for six vulnerabilities that are considered to be ...

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws to KEV list.

Attackers can target various Cisco products such as Meeting Management and Prime Infrastructure.

FIRST forecasts a record surge in disclosed vulnerabilities in 2026, but security researchers say most will not translate ...

Forbes contributors publish independent expert analyses and insights. Kate O’Flaherty is a cybersecurity and privacy journalist. U.S. President Donald Trump has cut funding for the global database of ...

Were the CVE program to be discontinued, security teams would have a hard time finding one resource that would function with the same impact across the board. Here are current issues of relying on CVE ...