Proof-of-concept (PoC) code has been published for a one-click RCE vulnerability in open source LLM building platform Flowise.

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...

An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. Designed as an alternative to GitHub ...

A 9.9-severity vulnerability in Flowise’s MCP stdio implementation can allow attackers to achieve remote code execution in ...

Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.

It takes one file. A single chatflow import, the kind Flowise users share routinely, can give an attacker full command ...

Three vulnerabilities disclosed in the SEPPmail Secure Email Gateway in recent weeks have put thousands of organizations on notice: the appliance that encrypts, signs, and routes their corporate email ...

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...

The Indian Computer Emergency Response Team has issued a high-risk alert for users of Microsoft products due to multiple ...

India's cybersecurity agency CERT-In has issued a critical advisory for Google Chrome users on Windows, Mac, and Linux ...

A sizeable group of Linux-powered broadband ISP routers, widely used both around the world and across the United Kingdom, ...

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...