Security Advisories
5 advisories · RSS feedCritical Path Traversal Vulnerability in Adobe ColdFusion (CVE-2026-48282)
Adobe ColdFusion versions 2025.9, 2023.20, and earlier contain a path traversal vulnerability (CVSS 10.0) that could allow arbitrary code execution. Immediate patching is required to mitigate remote code execution risks.
Read full advisory →Critical RCE Vulnerability in PraisonAI CodeAgent (CVE-2026-61447)
PraisonAI versions prior to 1.6.78 contain a remote code execution flaw in CodeAgent._execute_python(), allowing attackers to execute arbitrary Python code via manipulated LLM outputs. Immediate upgrade required.
Read full advisory →Critical Command Injection Vulnerability in Storage Concentrator (CVE-2026-56413)
A critical command injection flaw in Storage Concentrator appliances allows unauthenticated attackers to execute arbitrary commands as root via crafted network packets on port 9000. CVSS score: 10.0.
Read full advisory →Critical Command Injection Vulnerability in Storage Concentrator (CVE-2026-56415)
A critical command injection vulnerability (CVE-2026-56415) in Storage Concentrator (SC & SCVM) allows unauthenticated attackers to execute arbitrary commands with root privileges via a crafted HTTP request. CVSS score: 10.0.
Read full advisory →Critical Mass Assignment Vulnerability in Hoppscotch Backend (CVE-2026-50160)
A critical mass assignment vulnerability in Hoppscotch self-hosted deployments allows unauthenticated attackers to overwrite sensitive configuration secrets via the /v1/onboarding/config endpoint.
Read full advisory →Get Alerts in Your Inbox
Subscribe to receive these advisories as soon as they are published.
Subscribe Now