Forbes

CVE’s Near Cybersecurity Miss Averted — But The World Must Step Up

The cybersecurity world, shocked by the near-shutdown of the CVE system — a quiet crisis that nearly disrupted the backbone of global vulnerability coordination. In cybersecurity, some moments pass ...
Security Boulevard

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...
The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...
Krebs on Security

Patch Tuesday, January 2026 Edition

Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported ...
Dark Reading

Microsoft Starts 2026 With a Bang: A Freshly Exploited Zero-Day

Among them is a zero-day vulnerability in Desktop Window Manager (DWM) designated as CVE-2026-20805 (CVSS score: 5.5), which ...
Communications of the ACM

Exposing Common Vulnerabilities

Common vulnerabilities and exposures (CVEs) include all types of subversive entry-points discovered in programs, along with a ...
SiliconANGLE

Detectify launches Alfred to automate CVE security testing with AI

Advanced application security testing startup Detectify AB today announced the launch of Alfred, a new system that uses artificial intelligence to autonomously source, prioritize and generate ...
Threat Post

Firms Push for CVE-Like Cloud Bug System

Researchers propose fresh approaches to cloud-security bugs and mitigating exposure, impact and risk. Big gaps exist in the 22-year-old Common Vulnerability and Exposures (CVE) system that do not ...
Dark Reading

Can a Global, Decentralized System Save CVE Data?

The current challenges with tracking vulnerabilities, enriching reported data in a timely manner, and maintaining the collection of information calls for a revamping of the Common Vulnerabilities and ...
Infosecurity-magazine.com

Chaos Reigns as MITRE Set to Cease CVE and CWE Operations

The cybersecurity community has reacted with shock and bewilderment at a decision by the US government not to renew MITRE’s contract to manage the Common Vulnerabilities and Exposures (CVE) database.
ZDNet

Why the CVE database for tracking security flaws nearly went dark - and what happens next

Over the weekend, security experts were beginning to panic. MITRE announced that the US government had not renewed funding for the Common Vulnerabilities and Exposures (CVE) database. MITRE VP Yosry ...
ZDNet

The Linux security team issues 60 CVEs a week, but don't stress. Do this instead

But first, here are a few words about Linux and CVEs. Linux runs the world. It's on your Android phone; it's in your air-conditioning unit; it runs the web, powers supercomputers; the cloud; and maybe ...