A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...
CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...
Stop losing customers to password fatigue. Learn how implementing passwordless authentication removes friction, slashes ...
A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.
Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration ...
Passwords are responsible for 80% of data breaches. Passwordless authentication eliminates the attack surface entirely. Here ...
A critical authentication bypass in nginx-ui, a widely used open-source web interface for managing nginx servers, has been ...
4d
Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP
CVE-2026-39808 is an OS command injection flaw in FortiSandbox that allows unauthenticated attackers to execute unauthorized ...
An emerging threat cluster is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to steal credentials ...
Google’s Device Bound Session Credentials in Chrome protect against session cookie theft by binding authentication to the ...
Cookie-gated PHP web shells enable persistent Linux RCE via cron-based re-creation, reducing detection in routine traffic logs.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results