Vulnerability News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly identified Android Framework vulnerability, tracked as CVE-2025-48595, to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is actively exploited in the wild. The vulnerability affects the Android Framework component and is classified as an integer overflow issue under CWE-190. Security researchers The post CISA Warns of Android Framework Integer Overflow Vulnerability Exploited in Attacks appeared first on Cyber Security News.

A high-severity CRLF injection vulnerability in the Laravel framework, tracked as CVE-2026-48019, could allow attackers to interfere with outbound email processing in affected applications. The issue impacts Laravel versions up to 13.9.0 and versions before 12.60.0, and has been patched in 13.10.0 and 12.60.0. The vulnerability stems from improper neutralization of carriage return and line The post Laravel CRLF Injection Vulnerability Enables an Attacker to Interfere with Outbound Email Processing appeared first on Cyber Security News.

A newly disclosed critical vulnerability, tracked as CVE-2026-48710 and dubbed “BadHost,” is putting thousands of AI-powered applications at risk by enabling authentication bypass through manipulated HTTP headers. The flaw affects Starlette versions before 1.0.1, a core framework widely used in FastAPI-based applications powering modern AI infrastructure, including LLM inference servers, agent frameworks, and MCP gateways. The post Attackers Can Exploit BadHost to Access Sensitive AI Agent Server Endpoints appeared first on Cyber Security News.

CISA has issued an urgent alert regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in real-world attacks. The flaw, classified under CWE-89, affects Drupal’s database abstraction API and could allow attackers to execute malicious SQL queries through specially crafted requests. According to the Cybersecurity and The post CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks appeared first on Cyber Security News.

Two critical memory-safety vulnerabilities in PHP’s image-processing functions could allow attackers to leak sensitive heap memory or to execute denial-of-service attacks via specially crafted JPEG files. The flaws, discovered in PHP’s ext/standard extension by Positive Technologies researcher Nikita Sveshnikov, affect the widely-used getimagesize and iptcembed functions that process JPEG metadata and IPTC data. PHP Memory The post Malicious JPEG Images Could Trigger PHP Memory Safety Vulnerabilities appeared first on Cyber Security News.

A newly disclosed Linux kernel vulnerability is raising serious concerns across the security community, as it allows attackers to access highly sensitive data, including SSH private keys and password hashes, on affected systems. Tracked as CVE-2026-46333, the flaw has been nicknamed “ssh-keysign-pwn” and impacts a wide range of Linux distributions. Linux system hit with multiple vulnerabilities in 2026, The post Critical Linux Kernel Flaw ‘ssh-keysign-pwn’ Exposes SSH Keys and Shadow Passwords appeared first on Cyber Security News.

Microsoft issued an urgent security alert regarding a newly discovered vulnerability in Exchange Server that is currently being exploited in the wild. Tracked as CVE-2026-42897, this critical spoofing flaw carries a high CVSS 3.1 severity score of 8.1 and directly impacts on-premises email infrastructure. Threat actors are actively exploiting this network-based vulnerability to compromise organizational The post Critical Microsoft Exchange Server Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.

A high-severity vulnerability in Next.js threatens self-hosted web applications with severe data breaches. Threat actors can now exploit a Server-Side Request Forgery (SSRF) flaw to silently steal cloud credentials, harvest API keys, and access sensitive internal admin panels. Organizations running self-hosted Next.js environments must patch immediately to prevent attackers from pivoting into their internal networks. The post Critical Next.js Vulnerability Exposes Cloud Credentials, API keys, and Admin Panels appeared first on Cyber Security News.

A critical security flaw has been identified in the Cline Kanban server that allows threat actors to exfiltrate workspace data and execute arbitrary code silently and remotely. Security researcher TheRealSpencer recently published details of this cross-origin WebSocket hijacking vulnerability affecting the widely adopted open-source AI coding assistant. The vulnerability is tracked as CVE-2026-44211 and carries The post Critical “Cline” AI Agent Vulnerability Enables RCE Attacks appeared first on Cyber Security News.

Researchers have exposed a vulnerability hiding inside the “Claude in Chrome” extension. By weaponizing an otherwise harmless, zero-permission extension, invisible attackers can completely hijack the trusted AI assistant. Transform it into a malicious puppet that silently pillages private Gmail messages, restricted Google Drive documents, and secret GitHub repositories. This terrifying blind spot exposes the dark The post Claude’s Chrome Extension Vulnerability Allows Malicious Extensions to Steal Gmail and Drive Data appeared first on Cyber Security News.