Vulnerabilities Archives – SecurityWeek Cybersecurity News, Insights & Analysis
- ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Aveva, Phoenix Contact
by Eduard Kovacs on January 15, 2026 at 9:05 amOnly a dozen new advisories have been published this Patch Tuesday by industrial giants. The post ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Aveva, Phoenix Contact appeared first on SecurityWeek.
- Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEMby Ionut Arghire on January 14, 2026 at 9:56 am
Exploitable without authentication, the two security defects could lead to configuration leak and code execution. The post Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM appeared first on SecurityWeek.
- Chrome 144, Firefox 147 Patch High-Severity Vulnerabilitiesby Ionut Arghire on January 14, 2026 at 9:50 am
The two browser updates resolve 26 security defects, including bugs that could be exploited for code execution. The post Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
- Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilitiesby Eduard Kovacs on January 13, 2026 at 9:00 pm
Two vulnerabilities patched this month by Microsoft were disclosed publicly before fixes were released. The post Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities appeared first on SecurityWeek.
- Adobe Patches Critical Apache Tika Bug in ColdFusionby Ionut Arghire on January 13, 2026 at 7:54 pm
Adobe has released patches for 25 vulnerabilities across its products, including a critical Apache Tika flaw in ColdFusion. The post Adobe Patches Critical Apache Tika Bug in ColdFusion appeared first on SecurityWeek.
- SAP’s January 2026 Security Updates Patch Critical Vulnerabilitiesby Ionut Arghire on January 13, 2026 at 12:20 pm
SAP has released 17 security notes, including four that address critical SQL injection, RCE, and code injection vulnerabilities. The post SAP’s January 2026 Security Updates Patch Critical Vulnerabilities appeared first on SecurityWeek.
- Trend Micro Patches Critical Code Execution Flaw in Apex Centralby Eduard Kovacs on January 9, 2026 at 2:01 pm
Tenable has released PoC code and technical details after the vendor announced the availability of patches for three vulnerabilities. The post Trend Micro Patches Critical Code Execution Flaw in Apex Central appeared first on SecurityWeek.
- CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Overby Ionut Arghire on January 9, 2026 at 1:41 pm
The Emergency Directives were retired because they achieved objectives or targeted vulnerabilities included in the KEV catalog. The post CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over appeared first on SecurityWeek.
- Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosureby Ionut Arghire on January 9, 2026 at 11:34 am
Fresh attacks targeted three VMware ESXi vulnerabilities that were disclosed in March 2025 as zero-days. The post Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure appeared first on SecurityWeek.
- Critical Vulnerability Patched in jsPDFby Ionut Arghire on January 8, 2026 at 1:17 pm
The bug can allow attackers to read arbitrary files from the system, potentially exposing configurations and credentials. The post Critical Vulnerability Patched in jsPDF appeared first on SecurityWeek.
