A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...

For roughly 18 years, a chunk of code inside one of the internet’s most popular web servers quietly carried a critical ...

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for ...

A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by ...

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

Microsoft’s May Patch Tuesday fixes 120 flaws, including 31 remote code execution bugs, with no zero-days reported at release ...

Windows networking and authentication components, including four critical remote code execution bugs patched in this month’s ...

Exim has released security updates to address a severe security issue affecting certain configurations that could enable ...

Microsoft has unveiled a new AI-driven vulnerability discovery system that identified 16 previously unknown Windows ...

Microsoft's May Patch Tuesday release broke a long zero-day streak, arriving without any vulnerabilities listed as exploited or publicly disclosed.