Security Boulevard

Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic

CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy Plug-in for Apache HTTP Server and Microsoft IIS. An unauthenticated attacker with HTTP ...
Bleeping Computer

CrushFTP warns users to patch unauthenticated access flaw immediately

CrushFTP warned customers of an authentication bypass security vulnerability and urged them to patch their servers immediately. As the company also explained in an email sent to customers on Friday ...