Zyxel is warning customers of two critical-severity vulnerabilities in several of its firewall and VPN products that attackers could leverage without authentication. Both security issues are buffer ...

Cisco has fixed critical security vulnerabilities affecting Small Business VPN routers and enabling unauthenticated, remote attackers to execute arbitrary code or commands and trigger denial of ...

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.

Unauthenticated, remote attackers can achieve root-level RCE on SMA 100-series appliances. Critical security vulnerabilities in SonicWall’s Secure Mobile Access (SMA) 100-series VPN appliances could ...

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection ...

At the end of last week, Rapid7 disclosed a nasty bug in Zyxel firewalls that could allow for an unauthenticated remote attacker to execute code as the nobody user. The programming issue was not ...

Details have been released on multiple vulnerabilities affecting the SonicWall Secure Mobile Access (SMA) 100 series of devices, which includes the SMA 200, 210, 400, 410, and 500v. Rapid7 lead ...

Eleven vulnerabilities in the cloud-management platforms of three industrial cellular router vendors put operational technology (OT) networks at risk for remote code execution, even if the platform is ...

Researchers have chained two medium severity vulnerabilities to execute "world ending" remote code execution, and a real-world exploit has been found. Hackers have begun exploiting recently patched ...