A critical vulnerability (CVE-2026-8206, CVSS 9.8) was disclosed affecting the Kirki Freeform Page Builder, Website Builder & Customizer plugin for...
A critical vulnerability (CVE-2026-41089, CVSS 9.8) was disclosed affecting all supported Windows Server versions configured as domain controllers, allowing attackers...
Table of contentsTechnical OverviewAffected SystemsRisk ImpactHow Orca Can Help A critical supply-chain attack has compromised 32 official npm packages under...
A critical vulnerability (CVE-2026-45618, CVSS 10.0) was disclosed affecting LiquidJS, a widely used Node.js implementation of Shopify's Liquid template language...
A critical access control vulnerability (CVE-2026-27771) has been disclosed in Gitea's built-in container registry, allowing any unauthenticated remote attacker to...
A critical vulnerability (CVE-2026-45695, CVSS 9.8) was disclosed affecting Kopia, the open-source backup and restore tool, allowing attackers to achieve...
A max-severity vulnerability (CVE-2026-45829, CVSS 10.0) was disclosed affecting ChromaDB, the widely used open-source vector database for AI applications, allowing...
A critical vulnerability (CVE-2026-46354, CVSS 9.1) was disclosed affecting Coder, a popular open-source remote development platform, allowing attackers to steal...
Executive Summary Security researchers disclosed new exploitation techniques for the previously documented “PoolSlip” vulnerability affecting NGINX, demonstrating that earlier mitigations...
Personalized Demo
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.
Chat with Us
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.
No Slack account required.
Chat with an Orca Expert