Home/Tag/Cvss 10

Cvss 10

5 articles tagged with "Cvss 10"

Vulnerabilities3 min read

FreeScout Zero-Click RCE Lets Hackers Hijack Servers via Email

CVE-2026-28289 allows unauthenticated attackers to achieve full server compromise by sending a single crafted email. CVSS 10.0—patch to 1.8.207 now.

Marcus ChenMar 6, 2026

Vulnerabilities4 min read

WordPress Plugin Flaw Gives Attackers Admin Access Without Login

CVE-2026-23550 in Modular DS plugin scores CVSS 10.0. Active exploitation began January 13, with 40,000+ sites at risk.

Marcus ChenJan 28, 2026

Vulnerabilities4 min read

n8n 'Ni8mare' Flaw Allows Unauthenticated Server Takeover

CVE-2026-21858 scores CVSS 10.0 and requires no credentials to exploit. Attackers can read files, forge admin sessions, and execute commands.

Marcus ChenJan 8, 2026

Vulnerabilities4 min read

CVSS 10.0 Zero-Day Hits 70,000 XSpeeder Devices

CVE-2025-54322 enables unauthenticated root RCE on SD-WAN appliances and edge routers. Vendor has ignored seven months of disclosure attempts. No patch available.

Marcus ChenJan 1, 2026

Vulnerabilities4 min read

SmarterMail CVE-2025-52691 Scores Perfect 10.0 CVSS for Unauthenticated RCE

Singapore's CSA warns of a critical SmarterMail vulnerability allowing remote code execution through file upload without authentication. Patch immediately.

Marcus ChenDec 31, 2025