Three critical vulnerabilities (CVE-2026-44182, CVSS 10.0; CVE-2026-44181, CVSS 10.0; CVE-2026-44180, CVSS 9.8) were disclosed affecting Jupyter Enterprise Gateway, a widely...
A coordinated supply chain attack targeting PyPI has compromised 26 packages (37 malicious wheel files) across bioinformatics, graph ML, deep-learning,...
A critical vulnerability (CVE-2026-8206, CVSS 9.8) was disclosed affecting the Kirki Freeform Page Builder, Website Builder & Customizer plugin for...
A critical vulnerability (CVE-2026-41089, CVSS 9.8) was disclosed affecting all supported Windows Server versions configured as domain controllers, allowing attackers...
Table of contentsTechnical OverviewAffected SystemsRisk ImpactHow Orca Can Help A critical supply-chain attack has compromised 32 official npm packages under...
A critical vulnerability (CVE-2026-45618, CVSS 10.0) was disclosed affecting LiquidJS, a widely used Node.js implementation of Shopify's Liquid template language...
A critical access control vulnerability (CVE-2026-27771) has been disclosed in Gitea's built-in container registry, allowing any unauthenticated remote attacker to...
A critical vulnerability (CVE-2026-45695, CVSS 9.8) was disclosed affecting Kopia, the open-source backup and restore tool, allowing attackers to achieve...
A max-severity vulnerability (CVE-2026-45829, CVSS 10.0) was disclosed affecting ChromaDB, the widely used open-source vector database for AI applications, allowing...
