Microsoft released out-of-band patches for an actively exploited Microsoft Office zero-day, CVE-2026-21509, a security ...

Microsoft recently published a security advisory warning of a newly discovered zero-day vulnerability in Office applications.

Integration with common vulnerability management tools is needed for GCVE.eu to reach its full potential — and not introduce additional friction and confusion into CISOs’ remediation strategies.

Microsoft forced to issue an emergency patch to fix an Office zero-day being actively exploited.

A new vulnerability database has launched in the EU, in a bid to reduce dependence on the U.S. program. Here's what you need ...

Fortinet released updates for an actively exploited FortiOS SSO authentication bypass flaw, CVE-2026-24858, now listed by ...

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...

By the time of CVE's launch, ISS (later acquired by IBM) maintained a fully public VDB, as of August 1997. A company I helped ...

The CVE security program used to track vulnerabilities in both hardware and software has had its federal funding removed with immediate effect. Apple is one of a number of tech giants who rely on the ...

Forbes contributors publish independent expert analyses and insights. Kate O’Flaherty is a cybersecurity and privacy journalist. U.S. President Donald Trump has cut funding for the global database of ...

Cybersecurity company FuzzingLabs has accused the Y Combinator-backed startup, Gecko Security, of replicating its vulnerability disclosures and backdating blog posts. According to the company, Gecko ...

A new patch fixes six important GitLab flaws ...