LIVE · cybersecurity feed

exploitation

zeroday.news · 1d ago·critical

Critical Gitea Flaw Under Active Exploitation, Researchers Warn

A critical vulnerability in Gitea, tracked as CVE-2026-20896, is being actively exploited. The flaw lets attackers bypass authentication with a single HTTP header to access repositories and secrets.

zeroday.news · 1d ago·critical

Critical Adobe ColdFusion Vulnerability Exploited in Attacks

A critical Adobe ColdFusion vulnerability, CVE-2026-48282 with a maximum CVSS score of 10, is being actively exploited in attacks. The flaw poses a severe risk to affected systems.

zeroday.news · 1d ago·high

Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities

Researchers have identified a new cyberattack campaign targeting academic institutions in North America. The attackers, believed to be linked to China, are exploiting vulnerabilities within the Roundcube webmail system used by physics and engineering departments.

zeroday.news · 12d ago·critical

In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw

A critical vulnerability affecting Cisco Unified CM and Unified CM SME deployments, which allows for server-side request forgery (SSRF) and root privilege escalation, was rapidly exploited by attackers. Threat actors weaponized the flaw within 24 hours of its public disclosure.