Vulnerabilities CVE-2026-55200 (CVSS 9.2) and CVE-2026-55199 (CVSS 8.2) in libssh2 1.11.1 and older versions require immediate patches, but are not yet available in official releases.
An unpatched security vulnerability in Everest Forms Pro (up to version 1.9.12) allows unauthenticated attackers to execute arbitrary PHP code on WordPress websites and take control.
Cisco disclosed 17 vulnerabilities in firewall products including critical flaws (CVSS 10.0) that allow attackers to execute code with root privileges without authentication. Immediate updates are required; no workarounds are available.