Sponsor of the Day:
Jerkmate
https://securityonline.info/null-byte-nightmare-critical-wpvivid-backup-flaw-cvss-9-8-exposes-800k-wordpress-sites/
Null Byte Nightmare: Critical WPvivid Backup Flaw (CVSS 9.8) Exposes 800K WordPress Sites
Critical WPvivid Backup flaw CVE-2026-1357 (CVSS 9.8) allows unauthenticated file upload via null byte key. Update to v0.9.124 to prevent RCE.
cvss 9 8null bytewordpress sitesnightmarecritical
https://pluto.security/blog/mcp-bug-nginx-security-vulnerability-cvss-9-8/
MCP Bug in Nginx: Critical CVSS 9.8 Security Vulnerability
Apr 15, 2026 - Explore the MCP bug in Nginx enabling unauthenticated access, config changes, and critical actions with a CVSS 9.8 score.
cvss 9 8security vulnerabilitymcpbugnginx
https://thecybersecurity.news/general-cyber-security-news/sglang-cve-2026-5760-cvss-9-8-enables-rce-via-malicious-gguf-model-files-36483/
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files | The Cyber Security News
A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems....
cvss 9 8cyber security newscve 2026rce viagguf model