This vulnerability is the Insecure Deserialization vulnerability in Microsoft’s Windows Server Update Services (WSUS), which allows an attacker to execute malicious commands by sending a SOAP request containing a serialized and encrypted malicious payload to /ClientWebService/Client.asmx. A security patch for this vulnerability was released in October 2025, and AIWAF products are scheduled to address this Read more about [2026.03 Vulnerability Report] Microsoft WSUS Remote Code Execution[…]

This report provides a technical analysis and mitigation strategies for CVE-2026-29000, a signature verification bypass vulnerability identified in the JWT (JSON Web Token) module, pac4j-jwt, of the Java-based open-source security engine pac4j. The vulnerability affects versions prior to 4.5.9, 5.7.9, and 6.3.3 of pac4j-jwt, and originates from a flaw in the JwtAuthenticator logic when processing Read more about [2026.03 Vulnerability Report] PlainJWT Verification Bypass in pac4j-jwt JWE (CVE-2026-29000)[…]

The CVE-2026-21962 vulnerability stems from an improper access control flaw (CWE-284) in Oracle HTTP Server and the WebLogic Server Proxy Plug-in components. It allows a remote attacker to bypass authentication controls by sending specially crafted HTTP requests, thereby granting unauthorized access to protected administrative functions and internal system resources. Given its severity and the foundational Read more about [2026.02 Vulnerability Report] Oracle Fusion Middleware: Authentication Bypass (CVE-2026-21962)[…]

Microsoft Office is a critical business asset that handles core documents and data. CVE-2026-21509 is a critical zero-day vulnerability that allows attackers to gain complete control of a system by simply opening a manipulated document, directly bypassing built-in security measures. With confirmed cases of in-the-wild attacks by APT groups already underway, and detailed analysis and Read more about [2026.02 Vulnerability Report] MS Office Zero-day (CVE-2026-21509)[…]

This vulnerability is a credential coercion vulnerability in Ivanti Endpoint Manager. An attacker can attempt to obtain credentials and ultimately take over a domain by sending SOAP XML data containing a remote UNC address accessible to the attacker’s server to /WSVulnerabilityCore/VulCore.asmx. A security patch for this vulnerability was released in January 2025, and AIWAF products Read more about [2026.02 Vulnerability Report] Ivanti EPM Absolute Path Traversal[…]

A critical vulnerability identified as CVE-2026-21858 (Ni8mare) has been discovered in the open-source workflow automation platform n8n. Assigned a maximum CVSS score of 10.0, this flaw permits unauthenticated remote code execution (RCE), enabling attackers to fully compromise affected servers. Although n8n is a popular tool for automation, its footprint is relatively niche compared to ubiquitous Read more about [2026.01 Vulnerability Report] n8n Vulnerability Analysis[…]

This vulnerability is an authentication bypass and insecure deserialization vulnerability in Fortra GoAnywhere MFT. An attacker can first obtain the authentication token value through the authentication bypass vulnerability and then execute serialized malicious code by sending it to a specific endpoint. A patch for this vulnerability was released in September 2025, and AIWAF products will Read more about [2026.01 Vulnerability Report] Fortra GoAnywhere MFT Auth Bypass & Insecure Deserialization[…]

This vulnerability is caused by a structural design flaw in the React Server Components (RSC) and Next.js Server Function processing flow, where server-side logic unsafely applies Flight-based deserialization to client-supplied input, resulting in insecure JavaScript object interpretation. An attacker can trigger the vulnerable code path using a crafted HTTP request without authentication, leading to remote Read more about [2025.12 Vulnerability Report] React2Shell (CVE-2025-55182)[…]

Grafana Enterprise is a critical asset that handles core enterprise monitoring data. CVE-2025-41115 is a critical vulnerability that allows an attacker to gain administrator privileges with a single HTTP request, without even logging in. With detailed analysis and proof-of-concept (PoC) techniques already being discussed, exploitation attempts are expected to surge. Therefore, customers using the platform Read more about [2025.12 Vulnerability Report] Grafana SCIM Privilege Escalation Vulnerability (CVE-2025-41115)[…]

This vulnerability is a remote code execution vulnerability in Oracle E-Business Suite. An attacker could exploit multiple vulnerabilities in the service to execute malicious commands. A patch for this vulnerability was released in October 2025, and AIWAF products will address this vulnerability through the “Oracle E-Business RCE Chain” pattern, which will be added in the Read more about [2025.11 Vulnerability Report] Oracle E-Business Suite RCE Chain[…]