The Hacker News

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.
TechSpot

Security experts urge Chrome users to patch new zero-day exploit immediately

What just happened? Google just released an emergency security update to patch a newly discovered vulnerability in the Chrome web browser. The buffer overflow-based exploit was discovered by Clément ...
CSOonline

New Snort overflow exploit

Snort can be buffer overflowed. About once a year, Snort gets a buffer overflow vulnerability. Any piece of additional software in a defense strategy has to be carefully considered (e.g. Snort, ...
Infosecurity-magazine.com

CISA and FBI Warn Against Buffer Overflow Vulnerabilities

A new alert from the US Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) has outlined strategies to eliminate buffer overflow vulnerabilities in ...
Bleeping Computer

Cisco warns of denial of service flaw with PoC exploit code

Cisco has released security updates to patch a ClamAV denial-of-service (DoS) vulnerability, which has proof-of-concept (PoC) exploit code. Tracked as CVE-2025-20128, the vulnerability is caused by a ...