Bleeping Computer

Actively exploited Apache 0-day also allows remote code execution

Proof-of-Concept (PoC) exploits for the Apache web server zero-day surfaced on the internet revealing that the vulnerability is far more critical than originally disclosed. These exploits show that ...
SecurityWeek

Hackers Targeting Cisco Unified CM Zero-Day

Cisco announced patches for CVE-2026-20045, a zero-day vulnerability in Unified CM that has been targeted by hackers.
Threat Post

PoC Exploit Circulating for Critical Windows Print Spooler Bug

The “PrintNightmare” bug may not be fully patched, some experts are warning, leaving the door open for widespread remote code-execution attacks. A proof-of-concept for a critical Windows security ...
The Hacker News

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via ...
Dark Reading

PoC Exploits Heighten Risks Around Critical New Jenkins Vuln

Some 45,000 Internet-exposed Jenkins servers remain unpatched against a critical, recently disclosed arbitrary file-read vulnerability for which proof-of-exploit code is now publicly available.