CVE-2026-34926 is a directory traversal flaw that can be exploited against the on-premise version of Apex One.
The post TrendAI Patches Apex One Zero-Day Exploited in the Wild appeared first on SecurityWeek.
Cisco Patches Critical Vulnerability in Secure Workload
Insufficient validation and authentication in the Secure Workload’s REST APIs provide remote attackers with Site Admin privileges.
The post Cisco Patches Critical Vulnerability in Secure Workload appeared first on SecurityWeek.
Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
CVE-2026-9082 can be exploited without authentication for information disclosure, privilege escalation, and remote code execution.
The post Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking appeared first on SecurityWeek.
Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI
More than 200 vulnerabilities patched in recent Chrome releases are marked as ‘reported by Google’.
The post Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI appeared first on SecurityWeek.
Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility
New vulnerabilities are being discovered too fast, the time-to-exploitation is too short, and our visibility into them is largely lacking.
The post Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility appeared first on SecurityWeek.
Anthropic Silently Patches Claude Code Sandbox Bypass
The researcher who found it says the vulnerability could have been chained with a prompt injection to exfiltrate data.
The post Anthropic Silently Patches Claude Code Sandbox Bypass appeared first on SecurityWeek.
Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation
Drupal says attackers may develop an exploit for the vulnerability within hours or days.
The post Drupal to Patch Highly Critical Vulnerability at Risk of Quick Exploitation appeared first on SecurityWeek.
Unpatched ChromaDB Vulnerability Can Lead to Server Takeover
The security defect can be exploited remotely, without authentication, to execute arbitrary code and leak sensitive information.
The post Unpatched ChromaDB Vulnerability Can Lead to Server Takeover appeared first on SecurityWeek.
PoC Released for DirtyDecrypt Linux Kernel Vulnerability
Patched in April, the underlying vulnerability allows local attackers to elevate their privileges to root.
The post PoC Released for DirtyDecrypt Linux Kernel Vulnerability appeared first on SecurityWeek.
Critical Vulnerability Exposes Industrial Robot Fleets to Hacking
The vulnerability, CVE-2026-8153, affects Universal Robots PolyScope 5 and it can be exploited for OS command injection.
The post Critical Vulnerability Exposes Industrial Robot Fleets to Hacking appeared first on SecurityWeek.
