CVE-2026-5734 and CVE-2026-5735: Critical memory safety vulnerabilities in Mozilla Firefox (before 149.0.2) and Thunderbird with CVSS 9.8 scores. Evidence of memory corruption suggests exploitability for arbitrary code execution. Update all Firefox and Thunderbird installations immediately. Daily Security Briefing April 7, 2026 CVE-2026-5734 | CVSS 9.8 | CRITICAL Severity | No Known Active Exploitation Affected Product Mozilla Firefox < 149.0.2, Firefox ESR < 1

CVE-2026-35616 is a critical (CVSS 9.8) improper access control vulnerability in Fortinet FortiClient EMS versions 7.4.5 through 7.4.6 that is actively being exploited in the wild. Organizations running affected versions should apply Fortinet's patch immediately -- CISA requires federal agencies to remediate by April 9, 2026. Daily Security Briefing April 6, 2026 CVE-2026-35616 | CVSS 9.8 | CRITICAL Severity | Actively Exploited (CISA KEV) Affected Product Fort

Five critical Microsoft Azure vulnerabilities (CVSS 9.1-10.0) were disclosed on April 3, 2026, affecting Azure AI Foundry, Azure Kubernetes Service, Azure Databricks, Azure Custom Locations, and Azure MCP Server. All are hosted-service vulnerabilities already addressed by Microsoft. Review your Azure audit logs and confirm no anomalous activity occurred prior to remediation. Daily Security Briefing April 4, 2026 CVE-2026-32213 | CVSS 10.0 | CRITICAL Severity | N

Daily Security Briefing April 3, 2026 CVE-2026-3502 | CVSS 7.8 | HIGH Severity | Actively Exploited (CISA KEV) Affected Product TrueConf TrueConf Client for Windows, all versions prior to 8.5.3.884 Description TrueConf Client downloads application update code and applies it without performing integrity verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the malicious payload is executed or in

Daily Security Briefing April 2, 2026 CVE-2026-20093 | CVSS 9.8 | CRITICAL Severity | No Known Active Exploitation Affected Product Cisco Integrated Management Controller (IMC) Description A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) allows an unauthenticated, remote attacker to bypass authentication and gain Admin-level access. The flaw stems from incorrect handling of password change requests. An attack

Daily Security Briefing April 1, 2026 CVE-2026-5281 | CVSS 8.8 | HIGH Severity | Actively Exploited in the Wild Affected Product Google Chrome (Dawn / WebGPU component) — versions prior to 135.0.7049.95 (Windows/Mac) and 135.0.7049.52 (Linux) Description A use-after-free vulnerability in Dawn, Google Chrome's WebGPU implementation, allows remote attackers to achieve code execution via a crafted HTML page. Dawn handles GPU-accelerated graphics operations in Chr

Daily Security Briefing April 1, 2026 CVE-2026-5281 | CVSS 8.8 | HIGH Severity | Actively Exploited (CISA KEV) Affected Product Google Chrome (Dawn component) prior to version 146.0.7680.178 on Windows, macOS, and Linux Description A use-after-free vulnerability exists in the Dawn WebGPU implementation within Google Chrome. An attacker who has already compromised the Chrome renderer process can exploit this flaw to execute arbitrary code on the victim's system

Daily Security Briefing March 31, 2026 CVE-2026-3055 | CVSS 9.3 | CRITICAL Severity | Actively Exploited (CISA KEV) Affected Product Citrix NetScaler ADC and NetScaler Gateway (all versions when configured as a SAML Identity Provider) Description An out-of-bounds read vulnerability exists in Citrix NetScaler ADC and NetScaler Gateway when configured as a SAML Identity Provider (IDP). Insufficient input validation allows an unauthenticated remote attacker to tr

Daily Security Briefing March 30, 2026 CVE-2026-32922 | CVSS 9.9 | Critical Severity | No Known Active Exploitation Affected Product OpenClaw (Node.js) — versions before 2026.3.11 Description OpenClaw contains a privilege escalation vulnerability in the device.token.rotate endpoint. Callers with operator.pairing scope can mint tokens with broader scopes because newly minted scopes are not constrained to the caller's existing scope set. This allows an attacker

Daily Security Briefing March 21, 2026 CISA added three Apple vulnerabilities to the Known Exploited Vulnerabilities catalog on March 20, 2026. These affect iOS, iPadOS, macOS, watchOS, visionOS, tvOS, and Safari. All three are confirmed actively exploited in the wild and require patching by April 3, 2026. 1. Safari and WebKit Memory Corruption CVE-2025-31277 | CVSS 8.8 | HIGH Severity | Actively Exploited Affected Product Apple Safari (prior to 18.6), iOS and

Daily Security Briefing March 20, 2026 CVE-2026-20131 | CVSS 10.0 | CRITICAL Severity | Actively Exploited (Known Ransomware Use) Affected Product Cisco Secure Firewall Management Center (FMC) versions 6.4.0.13 through 7.7.11 and version 10.0.0. Over 70 affected version branches spanning multiple major releases. Also affects Cisco Security Cloud Control (SCC) Firewall Management. Description An insecure deserialization vulnerability (CWE-502) exists in the web

Daily Security Briefing March 18, 2026 CVE-2026-21994 | CVSS 9.8 | CRITICAL Severity | Public Disclosure (NVD) Affected Product Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit version 0.3.0 Description A critical unauthenticated remote code execution vulnerability exists in Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit version 0.3.0. An unauthenticated attacker with network access via HTTP can exploit this flaw to achi

Daily Security Briefing March 17, 2026 Both vulnerabilities below were originally published by NVD on March 13, 2026 and added to the CISA Known Exploited Vulnerabilities (KEV) catalog on March 16, 2026. This briefing is issued on March 17 to highlight the active exploitation risk for organizations that have not yet applied patches. CVE-2026-3909 | CVSS 8.8 | HIGH Severity | Actively Exploited (CISA KEV) Affected Product Google Chrome (all versions prior to 14

Daily Security Briefing March 16, 2026 CVE-2025-47813 | CVSS 4.3 | MEDIUM Severity | Actively Exploited (CISA KEV) Affected Product Wing FTP Server (all versions before 7.4.4) by Wing FTP Software Description loginok.html in Wing FTP Server before version 7.4.4 discloses the full local installation path of the application when a long value is supplied in the UID cookie. This information disclosure can be leveraged by authenticated attackers to map server-side