Critical vulnerability discoveries, CVE research, and responsible disclosure reports
[*] Accessing category: CVE & Bug Bounty
[+] Database query returned 14 results
root@sekurity:~/categories/cve-bug-bounty$ _
Critical stack-based buffer overflow in Windows Netlogon lets unauthenticated attackers run SYSTEM code on any Windows domain controller over the network -- now under active exploitation
An unauthenticated SQL injection in Drupal core's PostgreSQL EntityQuery handler -- anonymous attackers turn JSON object keys and JSON:API filter parameters into raw SQL fragments. Drupal-rated 23/25 'Highly Critical', CISA KEV, 15,000+ exploit attempts in 48 hours
A size-mismatch bug in the NGINX rewrite module lets a remote, unauthenticated attacker overflow the heap with a single crafted HTTP request -- reliable worker crashes for everyone, potential RCE where ASLR is off. CVSS 4.0 9.2, public PoC, exploited in the wild since 2026-05-16, ~5.7M exposed servers
A buffer overflow in the PAN-OS User-ID Authentication Portal lets a remote, unauthenticated attacker pop a root shell on PA-Series and VM-Series firewalls -- CVSS 9.3, CISA KEV, actively exploited by a likely state-sponsored cluster (CL-STA-1132)
A nine-year-old logic bug in the Linux kernel's algif_aead crypto module lets any local user write 4 bytes into the page cache of any readable file -- root, container escape, no race condition, public PoC
Critical pre-auth race condition in the Windows TCP/IP stack lets remote attackers run code over IPv6 against any IPsec-enabled host -- wormable, no credentials, no user interaction
Critical pre-auth double free in the Windows IKE Service Extensions (IKEEXT.dll) lets remote attackers reach SYSTEM over UDP/500 and UDP/4500 -- wormable, public PoC already online
Critical pre-authentication flaw in Cisco Integrated Management Controller lets remote attackers reset any admin password and seize full out-of-band control of UCS servers
Critical improper access control vulnerability in Fortinet FortiClient EMS actively exploited as zero-day - Unauthenticated API bypass leads to remote code execution
Critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Manager actively exploited - Unauthenticated access with netadmin privileges possible
Critical zero-day vulnerability in Windows Shell allows attackers to bypass SmartScreen and Mark of the Web protections through a single malicious click
Critical vulnerability in OpenClaw AI Agent enables Remote Code Execution with just one click - Authentication token exfiltration through manipulated URLs
Critical zero-day vulnerability in Cisco Unified Communications Manager and Webex actively exploited - Root access via code injection possible
Critical path traversal vulnerability in node-tar allows arbitrary file overwrite through manipulated hardlinks and symlinks in TAR archives
root@sekurity:~/categories/cve-bug-bounty$ echo "Query complete"
Query complete
root@sekurity:~/categories/cve-bug-bounty$ _