CVE CyberSecurity Database News

Apr 9, 2026 Exploit

CVE-2025-62718 - Axios Proxy Bypass and SSRF Vulnerability Explained

The world of web development relies on trustworthy libraries. One of the most popular HTTP clients for JavaScript, Axios, faced a serious issue that you

Apr 4, 2026 RCE API API Security

CVE-2026-35616 - Breaking Down the Fortinet FortiClientEMS Improper Access Control Vulnerability (7.4.5 - 7.4.6)

Fortinet is a trusted name in the world of cybersecurity. Its FortiClientEMS product is often the backbone of endpoint management for thousands of organizations worldwide.

Apr 2, 2026 Exploit

CVE-2026-35414 - Exploiting OpenSSH’s authorized_keys Principals Mishandling

CVE-2026-35414 is a newly disclosed vulnerability affecting OpenSSH versions prior to 10.3. This flaw opens the door to unexpected access due to the way

Apr 2, 2026

CVE-2026-35385 - OpenSSH SCP Protocol Setuid/Setgid File Installation Flaw (Exclusive Exploit Breakdown)

A quietly dangerous flaw exists in versions of OpenSSH before 10.3, where a file downloaded over SCP as root with -O (Old protocol) and

Apr 1, 2026 Google Chrome

CVE-2026-5281 - Understanding the “Use After Free” Vulnerability in Dawn on Google Chrome (Before 146..768.178)

Recently, a critical vulnerability known as CVE-2026-5281 was discovered in the graphics engine Dawn as used within Google Chrome. Affecting Chrome versions prior to 146.