CVE-2026-53653: CWE-770: Allocation of Resources Without Limits or Throttling in getgrav grav
Grav is a file-based Web platform. Prior to 1.7.53 and 2.0.0-rc.8, Grav allows an unauthenticated visitor to exhaust server memory and CPU by requesting image derivatives with oversized dimensions…
Read the full articleYou might also wanna read

WAF - WAF Release - 2026-05-15 - Emergency
This emergency release introduces two new rules to detect nginx heap buffer overflow and heap spray exploitation attempts targeting the rewr
Technical Analysis of CVE-2025-53149: Heap-based Buffer Overflow in Windows Kernel Streaming Driver
Technical deep-dive into CVE-2025-53149, a heap-based buffer overflow in the Windows Kernel Streaming WOW Thunk Service driver (ksthunk.sys)
Analysis of CVE-2026-4020: Coordinated Google Cloud Fleet Exploiting Gravity SMTP WordPress Vulnerability
Almost every IP we logged exploiting the Gravity SMTP credential bug shares one HTTP fingerprint. Behind it is a Google Cloud fleet of thous
CVE-2026-8037: Critical Unauthenticated RCE in Progress Kemp LoadMaster Actively Exploited
CVE-2026-8037: Unauthenticated RCE in Progress Kemp LoadMaster – Patch Now or Get Pwned + Video - "Undercode Testing": Monitor hackers like
undercodetesting.com·6d ago
WAF - WAF Release - 2026-04-15
This week's release introduces a new detection for a critical Remote Code Execution (RCE) vulnerability in Mesop (CVE-2026-33057), alongside

WAF - WAF Release - 2025-05-19
This week's analysis covers four vulnerabilities, with three rated critical due to their Remote Code Execution (RCE) potential. One targets

Comments
Sign in to join the conversation.
No comments yet. Be the first.