An analysis of CVE-2026-1241, a critical authentication bypass in Pelco Sarix cameras that allows unauthorized access to live video feeds and operational data.
An analysis of CVE-2026-21902, a critical vulnerability in Juniper's Junos OS Evolved allowing unauthenticated remote root code execution on PTX Series routers.
An analysis of four high-severity vulnerabilities (CVE-2026-21659, 21657, 21656, 21654) affecting Johnson Controls Frick Controls Quantum HD, including unauthenticated RCE and code injection.
An analysis of several access control vulnerabilities in OpenEMR prior to version 8.0.0, highlighting the risks of broken authorization logic in healthcare software.
An analysis of the critical CVSS 10.0 authentication bypass affecting Cisco Catalyst SD-WAN, its active exploitation in the wild, and remediation guidance.
An analysis of VMSA-2026-0001, covering critical vulnerabilities in VMware Aria Operations including command injection, stored XSS, and privilege escalation.
An analysis of CVE-2026-1670, a critical authentication bypass vulnerability in Honeywell CCTV cameras that allows unauthenticated password resets.
An analysis of three high-severity vulnerabilities in Dell Unisphere for PowerMax 10.2, exploring risks from missing authorization, arbitrary file overwrite, and deletion.
An analysis of three critical authorization vulnerabilities in GitHub Enterprise Server, exploring how authenticated logic gaps can lead to token leakage, migration tampering, and unauthorized merges.
Dell has published details of CVE-2026-22769, a critical hardcoded credential vulnerability in Dell RecoverPoint for VMs, which allows for remote, unauthenticated system access.
An analysis of CVE-2026-26220, a critical unauthenticated remote code execution (RCE) vulnerability in the LightLLM inference framework caused by unsafe pickle deserialization.
An analysis of CVE-2026-0969, a critical remote code execution (RCE) vulnerability in the popular next-mdx-remote library for Next.js.
An unauthenticated authentication bypass vulnerability in the AdForest WordPress theme allows attackers to log in as any user, including administrators, leading to full site compromise.
A roundup of February 2026 security patches beyond the major vendors, focusing on firmware, databases, and infrastructure vulnerabilities.
An analysis of CVE-2026-22153, an authentication bypass vulnerability in FortiOS that can allow an unauthenticated attacker to bypass LDAP authentication under certain conditions.