CVE-2026-39808 is an OS command injection flaw in FortiSandbox that allows unauthenticated attackers to execute unauthorized ...

VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication on unpatched systems. vCenter Server is the control ...

Cisco warned customers today of a critical authentication bypass vulnerability with public exploit code affecting multiple end-of-life (EoL) VPN routers. It is caused by improper validation of user ...

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...

Docker CVE-2026-34040 enables AuthZ bypass via padded requests, risking host compromise; fixed in version 29.3.1.

Microsoft researchers discovered the firmware flaws in the DGN-2200v1 series router that can enable authentication bypass to take over devices and access stored credentials. Netgear has patched three ...

A 10-year-old issue involving Docker Engine and the AuthZ authorization plug-in lives again to enable attackers to gain ...

Developers behind FreeRADIUS, an open source implementation of the networking protocol RADIUS, are encouraging users to update to address an authentication bypass found in the server. Developers ...

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.