SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
Threat Post

Magento Patches Critical SQL Injection and RCE Vulnerabilities

Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site. Magento patched 37 vulnerabilities on Thursday, ...
CSOonline

Critical Ivanti flaw exploited despite available patches

The SQL injection flaw allowing RCE is confirmed to have in-the-wild exploits despite Ivanti fixing it in May. The US Cybersecurity and Infrastructure Security Agency (CISA) has warned Ivanti ...
Dark Reading

Patch Now: Critical Fortinet RCE Bug Under Active Attack

As expected, cyberattackers have pounced on a critical remote code execution (RCE) vulnerability in the Fortinet Enterprise Management Server (EMS) that was patched last week, allowing them to execute ...
Bleeping Computer

Latest SQL Injection news

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers. A threat ...