The cve.tools Blog
Product updates, the weekly threat signal, and monthly trends — what shipped, what's exploited, and where we're heading.
Windchill in the crosshairs: CVE-2026-12569, the first PTC bug in CISA's KEV
Product lifecycle management (PLM) software rarely makes security headlines — but it holds the crown jewels: the CAD models, bills of materials, and manufacturing specs of aerospace, defense,…
SimpleHelp's 10.0 auth bypass: forge a token, own the RMM (CVE-2026-48558)
SimpleHelp is remote-support / RMM software — the kind of tool that, by design, can remote into, transfer files to, and run scripts on every machine it manages. CVE-2026-48558 turns that reach…
Clearer CVE explainers, and a blog with diagrams
Hey there 👋 The last few days were all about making the why clearer — a sharper read on what a CVE actually means, and a proper home for these very updates. Here's what landed.
BRIDGE:BREAK — one request to root on an internet-exposed OT device
Some bugs are dangerous because they're clever. CVE-2025-67038 is dangerous because it's simple, it's on a device that should never have been on the internet, and it lands you at the doorway to an…
UniFi OS root with no password: CVE-2026-34910 and the unauthenticated RCE chain
On its own, CVE-2026-34910 is a command-injection flaw in a UniFi OS Server update endpoint. The reason it's an emergency is the company it keeps: Bishop Fox showed it chains with two sibling bugs…
PixelSmash: one video file that puts FFmpeg-powered servers at risk
FFmpeg's libavcodec is the quiet engine behind a staggering amount of the internet's media handling — media servers, file-sync previews, desktop thumbnailers, NAS boxes, and AI data pipelines all…
CVE-2026-24858 and FortiBleed: the Fortinet auth bypass behind a credential gold rush
CVE-2026-24858 keeps showing up in coverage of FortiBleed — the credential-harvesting campaign that exposed tens of thousands of Fortinet devices — so it's worth separating the two cleanly. The…
UniFi OS root with no password: CVE-2026-34910 and the unauthenticated RCE chain
On its own, CVE-2026-34910 is a command-injection flaw in a UniFi OS Server update endpoint. The reason it's an emergency is the company it keeps: Bishop Fox showed it chains with two sibling bugs…
Cisco SD-WAN root access: inside CVE-2026-20245, exploited for months before disclosure
Cisco's Catalyst SD-WAN management plane took another hit. CVE-2026-20245 lets an authenticated attacker who already holds netadmin rights run arbitrary commands as root on SD-WAN Controller…
One Box, Three Perfect 10s: The Week Networking Gear Broke Bad
Ubiquiti's UniFi OS collected three CVSS-10 bugs on CISA's KEV in one June 23 batch. A casual, no-FUD roundup of what's actually being exploited — and how to prioritise it.
See what’s actively exploited right now — Threat Radar is live
Hey there 👋 It's been a busy couple of weeks, and almost all of it lands right where you'll see it. We've been making it easier to tell what actually matters today, to browse CVEs the way you…
Browse CVEs by vendor, product and sector
Raw vulnerability data is a mess. The same vendor shows up spelled five different ways. A single product is scattered across dozens of near-duplicate version strings. Ask a simple question — "show…
Security news, trend reports and sector intel arrive
Hey there 👋 It's been a big week. cve.tools grew two whole new public sections — a security news feed and monthly trend reports — and the database itself got smarter about who is affected, not…
What's new — late May & early June
Over the past two weeks we shipped the things you've been asking for: personal API keys, a public place to file bugs and ideas, and a much more lively landing page. Smaller polish along the way.