Technology ❯ Cybersecurity ❯ Incident Response

Vulnerability Disclosure

Responsible Disclosure Patch Management CVE-2026-5027 Bug Bounty Programs Microsoft Security Policy Security Testing Rapid7 Embargo Breakage Tenable Reporting Exploitation Google Vulnerability Reward Program CoreCloud Tech Post-Mortem Analysis

Langflow Path Traversal Flaw Exploited to Write Files

Unauthenticated requests can obtain a session token to write files that may enable remote code execution, with patches released to fix the bug.

Marimo RCE Exploited Within Hours of Disclosure

Ally WordPress Plugin SQL Injection Leaves Hundreds of Thousands of Sites at Risk

CISA Puts Actively Exploited Gogs RCE on KEV, Orders Federal Fix by Feb. 2

Trend Micro Patches Critical Apex Central RCE as Public Exploits Surface

Amazon Reveals Pre‑Disclosure Exploits of Citrix NetScaler and Cisco ISE to Plant Stealth Backdoor

Fina CA Mis-Issued 12 TLS Certificates for Cloudflare’s 1.1.1.1, Now Revoked

Trend Micro Releases Mitigation Tool for Critical Apex One Zero-Days

Google Patches Account Recovery Flaw That Exposed Users’ Phone Numbers