News & Sicurezza

CVE ID :CVE-2026-21630 Published : April 1, 2026, 10:16 a.m. | 3 hours, 38 minutes ago Description :Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-23898 Published : April 1, 2026, 10:16 a.m. | 3 hours, 38 minutes ago Description :Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-21629 Published : April 1, 2026, 10:16 a.m. | 3 hours, 38 minutes ago Description :The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-23899 Published : April 1, 2026, 10:16 a.m. | 3 hours, 38 minutes ago Description :An improper access check allows unauthorized access to webservice endpoints. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-21631 Published : April 1, 2026, 10:16 a.m. | 3 hours, 38 minutes ago Description :Lack of output escaping leads to a XSS vector in the multilingual associations component. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-21632 Published : April 1, 2026, 10:16 a.m. | 3 hours, 38 minutes ago Description :Lack of output escaping for article titles leads to XSS vectors in various locations. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

NVIDIA Patches High-Severity “Insecure Deserialization” Flaws in BioNeMo Framework NVIDIA has issued an important security update for its BioNeMo Framework, a critical tool used by researchers and developers in the generative AI and drug discovery space. The update addresses two hig ... Read more Published Date: Apr 01, 2026 (1 day, 1 hour ago) Vulnerabilities has been mentioned in this article. CVE-2026-5281 CVE-2026-24165 CVE-2026-24164 CVE-2026-3502 CVE-2026-33032 CVE-2025-33244 CVE-2026-21962 CVE-2024-0143

CVE ID :CVE-2026-27101 Published : April 1, 2026, 8:16 a.m. | 1 hour, 38 minutes ago Description :Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker within the management network could potentially exploit this vulnerability, leading to remote execution. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-28265 Published : April 1, 2026, 8:16 a.m. | 1 hour, 38 minutes ago Description :PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files. Severity: 4.4 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-5259 Published : April 1, 2026, 8:16 a.m. | 1 hour, 38 minutes ago Description :A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affected element is an unknown function of the file frostmourne-monitor/src/main/java/com/autohome/frostmourne/monitor/controller/AlarmController.java of the component Alarm Preview. Executing a manipulation can lead to server-side request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse CVE-2026-20929, a vulnerability with a CVSS of 7.5 that was patched in the January 2026 Patch Tuesday update, enables attackers to exploit Kerberos authentication relay through DNS CNAME record abuse. ... Read more Published Date: Apr 01, 2026 (1 day, 2 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-20929

Steganography & Sabotage: Inside Pawn Storm’s PRISMEX Offensive Against NATO Logistics The notorious Russia-aligned threat actor known as Pawn Storm (also recognized as APT28, Fancy Bear, and Forest Blizzard) has significantly escalated its cyber operations in early 2026. According to a ... Read more Published Date: Apr 01, 2026 (1 day, 3 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-5281 CVE-2026-3502 CVE-2026-33032 CVE-2026-21513 CVE-2026-21509 CVE-2026-21962