Cisco on Wednesday announced patches for multiple vulnerabilities across its enterprise products, including five high-severity bugs. Two high-severity issues, tracked as CVE-2026-20034 and CVE-2026-20035, which could lead to server-side request forgery (SSRF) attacks, were resolved in Cisco Unity Connection. Rooted… Read More "Cisco Patches High-Severity Vulnerabilities in Enterprise Products"
Starting this month, Oracle is supplementing the quarterly Critical Patch Update (CPU) fixes with monthly security releases focused on high-priority vulnerabilities. The first monthly Critical Security Patch Update (CSPU) will roll out on May 28, addressing critical-severity vulnerabilities in the… Read More "Oracle Debuts Monthly Critical Security Patch Updates"
Meta-owned WhatsApp has published two new security advisories describing vulnerabilities that were patched earlier this year in the popular messaging app. One of the vulnerabilities is CVE-2026-23863, a medium-impact attachment spoofing issue affecting WhatsApp for Windows prior to version 2.3000.1032164386.258709.… Read More "WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities"
Apache on Monday released patches for over a dozen vulnerabilities in HTTP Server and MINA, including critical and high-severity issues that could be exploited for remote code execution (RCE). Apache HTTP Server 2.4.67 was released with fixes for 11 vulnerabilities,… Read More "Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server"
Google announced on Monday the release of an Android update patching a critical vulnerability that can be exploited for remote code execution. The flaw, tracked as CVE-2026-0073, affects Android’s System component, allowing an attacker to exploit it to execute code… Read More "Critical Remote Code Execution Vulnerability Patched in Android"
