Three Defender zero-days exploited since April 10, 2026, enabling privilege escalation and DoS, forcing isolation of affected ...

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.

Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.

NIST is applying a risk-based model to NVD enrichment, prioritizing CVEs in the CISA KEV catalog and in critical software.

Microsoft’s April 2026 Patch Tuesday fixes 165 vulnerabilities, including two zero-days, in one of the company’s largest ...

NIST limits CVE enrichment after 263% surge since 2020, prioritizing KEV and federal software, shifting thousands to “Not ...

The latest monthly Patch Tuesday update from Microsoft landed earlier on 14 April, including two notable zero-day flaws amid ...

The cybersecurity world, shocked by the near-shutdown of the CVE system — a quiet crisis that nearly disrupted the backbone of global vulnerability coordination. In cybersecurity, some moments pass ...

Forbes contributors publish independent expert analyses and insights. Kate O’Flaherty is a cybersecurity and privacy journalist. U.S. President Donald Trump has cut funding for the global database of ...

Under a new model announced by the National Institute of Standards and Technology, NVD will no longer enrich every CVE.

The Common Vulnerability and Exposures, or CVE, repository holds the answers to some of information security’s most vital questions. Namely, which security issue are we talking about, exactly, and how ...

CVE stands for Common Vulnerabilities and Exposures. It is a program launched in 1999 by MITRE, a nonprofit that operates research and development centers sponsored by the federal government, to ...