AI-Powered Cyber Threat Intelligence
threatpod_automation 🟠 HIGH Severity Overview CVSS Base Score: 8.8 Severity: HIGH CVSS Version: 3.1 Priority: High priority Summary Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Analyst Takeaway This vulnerability … Read more
🔴 CRITICAL Severity Overview CVSS Base Score: 9.3 Severity: CRITICAL CVSS Version: 4.0 Priority: Critical priority Summary Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread Analyst Takeaway This vulnerability is already in CISA KEV, which means exploitation has been observed in the wild and the issue should be … Read more
🔴 CRITICAL Severity Overview CVSS Base Score: 9.3 Severity: CRITICAL CVSS Version: 4.0 Priority: Critical priority Summary When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution (RCE). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Analyst Takeaway … Read more
🔴 CRITICAL Severity Overview CVSS Base Score: 9.3 Severity: CRITICAL CVSS Version: 4.0 Priority: Critical priority Summary Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses … Read more
🔴 CRITICAL Severity Overview CVSS Base Score: 9.4 Severity: CRITICAL CVSS Version: 4.0 Priority: Critical priority Summary Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 version tags in `aquasecurity/trivy-action` to credential-stealing malware, and replace all 7 tags … Read more