News & Sicurezza

CVE ID :CVE-2026-4621 Published : March 27, 2026, 12:16 p.m. | 1 hour, 37 minutes ago Description :Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-4620 Published : March 27, 2026, 12:16 p.m. | 1 hour, 37 minutes ago Description :OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-25099 Published : March 27, 2026, 12:16 p.m. | 1 hour, 37 minutes ago Description :Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension without restriction, which can then be executed, leading to Remote Code Execution. This issue was fixed in 3.18.4. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CISA adds Langflow and Trivy bugs to KEV Catalog Langflow Code Injection Flaw Actively Exploited — CVE-2026-33017CISA has added a critical code injection vulnerability in Langflow to its Known Exploited Vulnerabilities catalog, confirming active exp ... Read more Published Date: Mar 27, 2026 (2 days, 14 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-33634 CVE-2026-33017 CVE-2025-3248

Critical 9.3 CVSS Auth Bypass and XSS Flaws Hit MantisBT Security researchers have identified a trio of significant vulnerabilities within MantisBT, the popular open-source issue tracking system used by teams worldwide for project collaboration. The flaws r ... Read more Published Date: Mar 27, 2026 (2 days, 14 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-33548 CVE-2026-33517 CVE-2026-30849 CVE-2026-3584 CVE-2026-1603 CVE-2025-29969

CVE ID :CVE-2023-7339 Published : March 27, 2026, 11:16 a.m. | 2 hours, 37 minutes ago Description :Stack-based buffer overflow vulnerability in Softing Industrial Automation GmbH gateways allows overflow buffers. This issue affects pnGate: through 1.30 epGate: through 1.30 mbGate: through 1.30 smartLink HW-DP: through 1.30 smartLink HW-PN: through 1.01. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Vulnerabilities in Bludit software Vulnerabilities in Bludit software CVE ID CVE-2026-25099 Publication date 27 March 2026 Vendor Bludit Product Bludit Vulnerable versions All before 3.18.4 Vulnerability type (CWE) Unrestricted Upload ... Read more Published Date: Mar 27, 2026 (2 days, 15 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-25101 CVE-2026-25100 CVE-2026-25099

Duitse politie bezoekt bedrijven wegens kritieke PTC-kwetsbaarheid De Duitse politie is afgelopen zaterdag bij meerdere bedrijven in het land langsgegaan om te waarschuwen voor een kritieke kwetsbaarheid in producten van PTC. Sommige systeembeheerders werden in de vr ... Read more Published Date: Mar 27, 2026 (2 days, 16 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-4681

CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently disclosed code injection vul ... Read more Published Date: Mar 27, 2026 (2 days, 16 hours ago) Vulnerabilities has been mentioned in this article.

Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack The official Telnyx Python SDK on PyPI was compromised this morning as part of an escalating, weeks-long supply chain campaign orchestrated by the threat actor group TeamPCP. Malicious versions 4.87.1 ... Read more Published Date: Mar 27, 2026 (2 days, 16 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-33634

Red Hat Warns of Malware Code Embedded in Popular Linux Tool Allow Unauthorized Access to Systems Red Hat has issued a critical security warning regarding malicious code discovered in recent versions of the “xz” compression tools and libraries. Tracked as CVE-2024-3094, this highly sophisticated s ... Read more Published Date: Mar 27, 2026 (2 days, 17 hours ago) Vulnerabilities has been mentioned in this article. CVE-2024-3094

CVE ID :CVE-2026-27860 Published : March 27, 2026, 9:16 a.m. | 4 hours, 37 minutes ago Description :If auth_username_chars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing restrictions and allows probing of LDAP structure. Do not clear out auth_username_chars, or install fixed version. No publicly available exploits are known. Severity: 3.7 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...