Vulnerabilities
-
Four OpenClaw flaws could enable data theft and persistence, researchers say
Researchers disclosed four OpenClaw flaws that could be chained for data theft, privilege escalation and persistence. The issues were fixed in version 2026.4.22, and users were advised to update.
-
Microsoft says on-prem Exchange flaw under active exploitation
Microsoft said an actively exploited Exchange Server flaw affects on-premises versions 2016, 2019 and Subscription Edition. The company issued temporary mitigations and said Exchange Online is not affected.
-
Cisco patches critical SD-WAN Controller flaw after limited exploitation
Cisco said a critical authentication bypass in Catalyst SD-WAN Controller, CVE-2026-20182, was exploited in limited attacks. The flaw can let a remote attacker gain administrative access and alter SD-WAN network settings.
-
PraisonAI flaw was probed within hours of public disclosure
PraisonAI was probed within hours of a disclosed authentication bypass, according to Sysdig. The flaw affects versions 2.5.6 through 4.6.33 and was patched in 4.6.34.
-
Two new Windows zero-days expose BitLocker and CTFMON flaws
A technical disclosure says two new Windows zero-days can bypass BitLocker in recovery mode and may enable privilege escalation in CTFMON, adding to a recent run of Microsoft security issues.
-
New Fragnesia Linux flaw can grant root access, researchers say
Fragnesia is a new Linux kernel local privilege escalation flaw that can grant root access, according to a technical analysis. The issue affects the XFRM ESP-in-TCP subsystem and has prompted advisories from multiple Linux distributions.
-
NGINX flaw left hidden for 18 years could allow remote code execution
A critical NGINX rewrite module flaw hidden for 18 years can let a remote attacker trigger code execution or denial of service with crafted requests, according to a technical analysis and vendor advisory.
-
Critical Exim flaw can let remote attackers run code on affected servers
A critical Exim flaw fixed in version 4.99.3 could let unauthenticated attackers execute code on affected mail servers. The bug affects some GnuTLS-based builds before 4.99.3 and is triggered during TLS shutdown with chunked SMTP traffic.
-
China-linked hackers hit Azerbaijani energy firm in repeated Exchange intrusions
A China-linked group targeted an Azerbaijani oil and gas firm in three waves between late December 2025 and late February 2026, repeatedly using the same Exchange Server entry point and swapping backdoors, according to a Bitdefender analysis.
-
Exim patches BDAT flaw that could lead to code execution
Exim has patched CVE-2026-45185, a use-after-free flaw in BDAT parsing that could lead to memory corruption and possible code execution in affected GnuTLS-based builds. Version 4.99.3 fixes the issue.
