Ivanti warns of two EPMM flaws exploited in zero-day attacks

Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were exploited in zero-day attacks.
SecurityWeek

SolarWinds Patches Critical Web Help Desk Vulnerabilities

SolarWinds has patched critical Web Help Desk vulnerabilities leading to unauthenticated RCE or authentication bypass.
CSO Online

EU’s answer to CVE solves dependency issue, adds fragmentation risks

Integration with common vulnerability management tools is needed for GCVE.eu to reach its full potential — and not introduce additional friction and confusion into CISOs’ remediation strategies.
Dark ReadingOpinion

Hand CVE Over to the Private Sector

By the time of CVE's launch, ISS (later acquired by IBM) maintained a fully public VDB, as of August 1997. A company I helped ...
Dark Reading

Europe's GCVE Raises Concerns Over Fragmentation in Vulnerability Databases

GCVE would enhance global collaboration, flexibility, and efficiency in tracking vulnerabilities. Duplicate entries and ...

DTEX Designated as CVE Numbering Authority (CNA) Partner

Company Unlocks Faster and Transparent Vulnerability Management for Enterprise CustomersSAN JOSE, Calif., Jan. 22, 2026 (GLOBE NEWSWIRE) -- DTEX, a leader in risk-adaptive security and behavioral ...
Infosecurity Magazine

Experts Welcome Global Cybersecurity Vulnerability Enumeration Launch

A new service, the Global Cybersecurity Vulnerability Enumeration (GCVE), offers an alternative to the US-led CVE ...
Cybernews

EU alternative to US-led CVE vulnerability database is now live

The EU has launched a new alternative to the US-led CVE vulnerability database, offering European security teams a decentralized backup amid funding and continuity concerns.
Healthcare IT News

Cyber threat roundup: Akira ransomware, zero-day vulnerabilities and more

With the end of the government shutdown comes reauthorization of the Cybersecurity and Infrastructure Security Agency. The Department of Homeland Security agency has released a series of cybersecurity ...
Bleeping Computer

CISA warns of Akira ransomware Linux encryptor targeting Nutanix VMs

US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks. An updated joint advisory from CISA, the FBI, the Department ...
Business Wire

Tanium Joins Common Vulnerabilities and Exposures (CVE™) Program as a CVE Numbering Authority

EMERYVILLE, Calif.--(BUSINESS WIRE)--Tanium, a leader in Autonomous Endpoint Management (AEM), announced today it has been authorized by the CVE Program as a CVE Numbering Authority (CNA). As a CNA, ...
Morningstar

Tanium Joins Common Vulnerabilities and Exposures (CVE™) Program as a CVE Numbering Authority

Tanium, a leader in Autonomous Endpoint Management (AEM), announced today it has been authorized by the CVE Program as a CVE Numbering Authority (CNA). As a CNA, Tanium will publicly document and ...