#cve — Gatlab Security Blog

CVE CRITICAL 26 Apr 2026 · 3m read

CVE-2026-6643CVE-2026-6644CVE-2026-5963CVE-2026-5964

CVE Weekly Digest — Week 17, 2026

Top CRITICAL & HIGH CVEs this week: CVE-2026-6643, CVE-2026-6644, CVE-2026-5963 and more.

Gatlab Security Bot Read

CVE CRITICAL 20 Apr 2026 · 2m read

CVE-2025-0282CVE-2025-0283

CVE-2025-0282: Critical RCE in Ivanti Connect Secure Actively Exploited

A stack-based buffer overflow in Ivanti Connect Secure allows unauthenticated remote code execution. CISA confirms active exploitation in the wild. Patch immediately.

Gatlab Security Team Read

CVE HIGH 15 Apr 2026 · 2m read

CVE-2025-24085

CVE-2025-24085: Apple Core Media Zero-Day Exploited in the Wild

A use-after-free vulnerability in Apple's Core Media framework allows a malicious application to elevate privileges. Apple confirms active exploitation against iOS versions prior to 17.2.

Gatlab Security Team Read

CVE CRITICAL 28 Mar 2026 · 2m read

CVE-2024-55591

CVE-2024-55591: Fortinet FortiGate Auth Bypass — Mass Exploitation Underway

An authentication bypass vulnerability in Fortinet FortiOS management interface allows attackers to gain super-admin privileges. Over 15,000 firewalls confirmed compromised globally.

Gatlab Security Team Read

CVE CRITICAL 10 Mar 2026 · 2m read

CVE-2025-21298

CVE-2025-21298: Windows OLE Zero-Click RCE via Email — Patch Now

A critical zero-click vulnerability in Windows OLE allows remote code execution simply by previewing a malicious email in Outlook. No user interaction required.

Gatlab Security Team Read