All news

file upload vulnerability

(2 articles)
Ninja Forms File Upload Flaw: CVE-2026-0740

April 7, 2026

Ninja Forms File Upload Flaw: CVE-2026-0740

CVE-2026-0740 in Ninja Forms File Upload allows unauthenticated RCE. Over 3,600 attacks blocked in 24 hours. Update to 3.3.27 now.

New 'PolyShell' Flaw Allows Unauthenticated RCE on Magento E-Stores

March 19, 2026

New 'PolyShell' Flaw Allows Unauthenticated RCE on Magento E-Stores

The PolyShell vulnerability lets attackers execute code or hijack accounts on Magento stores without authentication - and exploit code is already circulating.