CVE-2026-35616 is a critical (CVSS 9.8) improper access control vulnerability in Fortinet FortiClient EMS versions 7.4.5 through 7.4.6 that is actively being exploited in the wild. Organizations running affected versions should apply Fortinet's patch immediately -- CISA requires federal agencies to remediate by April 9, 2026. Daily Security Briefing April 6, 2026 CVE-2026-35616 | CVSS 9.8 | CRITICAL Severity | Actively Exploited (CISA KEV) Affected Product Fort

Daily Security Briefing April 3, 2026 CVE-2026-3502 | CVSS 7.8 | HIGH Severity | Actively Exploited (CISA KEV) Affected Product TrueConf TrueConf Client for Windows, all versions prior to 8.5.3.884 Description TrueConf Client downloads application update code and applies it without performing integrity verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the malicious payload is executed or in

Daily Security Briefing April 1, 2026 CVE-2026-5281 | CVSS 8.8 | HIGH Severity | Actively Exploited in the Wild Affected Product Google Chrome (Dawn / WebGPU component) — versions prior to 135.0.7049.95 (Windows/Mac) and 135.0.7049.52 (Linux) Description A use-after-free vulnerability in Dawn, Google Chrome's WebGPU implementation, allows remote attackers to achieve code execution via a crafted HTML page. Dawn handles GPU-accelerated graphics operations in Chr

Daily Security Briefing April 1, 2026 CVE-2026-5281 | CVSS 8.8 | HIGH Severity | Actively Exploited (CISA KEV) Affected Product Google Chrome (Dawn component) prior to version 146.0.7680.178 on Windows, macOS, and Linux Description A use-after-free vulnerability exists in the Dawn WebGPU implementation within Google Chrome. An attacker who has already compromised the Chrome renderer process can exploit this flaw to execute arbitrary code on the victim's system

Daily Security Briefing March 31, 2026 CVE-2026-3055 | CVSS 9.3 | CRITICAL Severity | Actively Exploited (CISA KEV) Affected Product Citrix NetScaler ADC and NetScaler Gateway (all versions when configured as a SAML Identity Provider) Description An out-of-bounds read vulnerability exists in Citrix NetScaler ADC and NetScaler Gateway when configured as a SAML Identity Provider (IDP). Insufficient input validation allows an unauthenticated remote attacker to tr

Daily Security Briefing March 21, 2026 CISA added three Apple vulnerabilities to the Known Exploited Vulnerabilities catalog on March 20, 2026. These affect iOS, iPadOS, macOS, watchOS, visionOS, tvOS, and Safari. All three are confirmed actively exploited in the wild and require patching by April 3, 2026. 1. Safari and WebKit Memory Corruption CVE-2025-31277 | CVSS 8.8 | HIGH Severity | Actively Exploited Affected Product Apple Safari (prior to 18.6), iOS and

Daily Security Briefing March 20, 2026 CVE-2026-20131 | CVSS 10.0 | CRITICAL Severity | Actively Exploited (Known Ransomware Use) Affected Product Cisco Secure Firewall Management Center (FMC) versions 6.4.0.13 through 7.7.11 and version 10.0.0. Over 70 affected version branches spanning multiple major releases. Also affects Cisco Security Cloud Control (SCC) Firewall Management. Description An insecure deserialization vulnerability (CWE-502) exists in the web

Daily Security Briefing March 17, 2026 Both vulnerabilities below were originally published by NVD on March 13, 2026 and added to the CISA Known Exploited Vulnerabilities (KEV) catalog on March 16, 2026. This briefing is issued on March 17 to highlight the active exploitation risk for organizations that have not yet applied patches. CVE-2026-3909 | CVSS 8.8 | HIGH Severity | Actively Exploited (CISA KEV) Affected Product Google Chrome (all versions prior to 14

Daily Security Briefing March 16, 2026 CVE-2025-47813 | CVSS 4.3 | MEDIUM Severity | Actively Exploited (CISA KEV) Affected Product Wing FTP Server (all versions before 7.4.4) by Wing FTP Software Description loginok.html in Wing FTP Server before version 7.4.4 discloses the full local installation path of the application when a long value is supplied in the UID cookie. This information disclosure can be leveraged by authenticated attackers to map server-side