CVE-2026-57219: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in rabbitmq rabbitmq-server
RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, the obsolete GET /api/auth endpoint can disclose the OAuth 2 client secret on RabbitMQ installations…
Read the full articleYou might also wanna read
CVE-2026-45185 (Dead.Letter): Unauthenticated RCE in Exim Discovered by XBOW
XBOW discovered CVE-2026-45185, a critical unauthenticated RCE in Exim, and used the disclosure window to test how far human and autonomous
CVE-2026-48558: Critical Authentication Bypass Vulnerability in SimpleHelp RMM Exploited for Credential Theft and Malware Delivery
Summary CVE-2026-48558 is a critical authentication bypass vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software, caus
CVE-2026-8037: Critical Unauthenticated RCE in Progress Kemp LoadMaster Actively Exploited
CVE-2026-8037: Unauthenticated RCE in Progress Kemp LoadMaster – Patch Now or Get Pwned + Video - "Undercode Testing": Monitor hackers like
undercodetesting.com·7d ago
CVE-2026-48558: SimpleHelp OIDC Auth Bypass Used to Deploy Infostealer Payloads
CVE-2026-48558: SimpleHelp OIDC Auth Bypass Used to Deploy Infostealer Payloads CVE-2026-48558 is a critical authentication bypass affecting

WAF - WAF Release - 2026-04-21
This week's release introduces a new detection for a Remote Code Execution (RCE) vulnerability in Apache ActiveMQ (CVE-2026-34197) and an up
Critical Authentication Bypass Vulnerability Discovered in cPanel & WHM (CVE-2026-41940)
Hello! Yes, it's all a disaster again! Let's get this party started: 0:00 /0:12 1× No comments today, so imagine this: * We wrote something
watchTowr Labs·2mo ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.