Critical CVE newsletter
Every day we curate the most relevant CVEs and break them down in plain English: CVSS, affected vendors, exploitation requirements, evidence of active exploit, and concrete mitigations — all in a 3-minute read before 20:00 CET. If you live and breathe security, this CVE newsletter skips the NVD-feed noise: filtered by AI, prioritised by Gorka, and only what's worth your time. We lead with actively abused exploits, CVEs with public PoCs, top-vendor advisories (Cisco, Fortinet, Microsoft, Apple, Linux kernel), and the reminders you need when a patch arrives late. Subscribe free and stop missing critical vulnerabilities.
Latest CVE articles
CVE-2026-31635 DirtyDecrypt: public PoC for Linux kernel LPE
Public PoC released for CVE-2026-31635 (DirtyDecrypt), a Linux kernel local privilege escalation flaw discovered by Zellic and V12.
CVE-2026-34926: Apex One zero-day actively exploited
CVE-2026-34926, a directory traversal zero-day in TrendAI Apex One on-premise, is being actively exploited in the wild; patch is available.