Research Alerts
- CVE-2023-48788: Fortinet confirmed in-the-wild exploitation for this flaw has been observed. Organizations using FortiClientEMS are strongly encouraged to upgrade as soon as possible.
- CVE-2024-21410: With the wide use of Exchange Server and since this vulnerability has been exploited in the wild as a zero-day, immediate patching is recommended.
- CVE-2024-25153: With the severity and a public PoC, as well as MFT solutions being frequently targeted by threat actors, immediate patching or remediation is recommended
- CVE-2024-1597: A maximum severity SQL Injection affecting PostgreSQL's pgjdbc driver, could be exploitable in non-default conditions. Patching is recommended
- CVE-2023-48022: Zero-day in Ray framework has been exploited in the wild. Patch not available. Isolate Ray cluster from the public internet as interim fix.