The Hacker News

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

Fortinet, Ivanti, and SAP patched critical flaws up to CVSS 10.0, reducing RCE, admin takeover, and data exposure risks.
SecurityWeek

Critical Vulnerabilities Patched in Fortinet, Ivanti Products

Fortinet and Ivanti have released patches for remote, unauthenticated critical OS command injection vulnerabilities.
The Hacker News

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Attackers are exploiting three Fortinet FortiSandbox flaws, including one patched last week, risking auth bypass and command ...
Bleeping Computer

Fortinet warns of critical command injection bug in FortiSIEM

Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through ...

Ivanti Sentry: Confusion over abuse of critical command injection vulnerability

Ivanti is currently warning of critical security vulnerabilities in Sentry. CISA warns of attacks, but Ivanti downplays them.

Fortinet closes command injection vulnerability in FortiSandbox and more

Fortinet warns of a critical security vulnerability in FortiSandbox and other leaks in FortiPortal and FortiOS/FortiProxy.
SecurityWeek

Atlassian, Splunk Patch Critical Vulnerabilities

Atlassian and Splunk have released patches for critical vulnerabilities, including dozens of flaws in third-party ...
Bleeping Computer

Latest Command Injection news

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting ...
Dark Reading

CISA, FBI Warn of OS Command-Injection Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a critical alert urging software developers to focus on removing weaknesses that allow unauthorized users to run ...