Latest Threats news

Veeam Patches Four CVSS 9.9 Flaws in Backup and Replication Software

by Artem Safonov March 13, 2026

Four CVSS 9.9 remote code execution flaws patched in Veeam Backup and Replication. Authenticated domain users could run arbitrary code on backup servers. Past Veeam vulnerabilities were weaponized by Akira, Fog, and Frag ransomware within weeks of disclosure.

CVE roundup March 9. UltraVNC DLL hijack, Tiandy surveillance flaws, and a flood of PHP noise

by Artem Safonov March 9, 2026

March 9 brought 117 new CVEs but no critical-severity entries. The two worth tracking are an unpatched UltraVNC DLL hijack with a public exploit, and two Tiandy surveillance flaws from a vendor that has ignored disclosures since 2017.

Menu

Latest Threats news

Veeam Patches Four CVSS 9.9 Flaws in Backup and Replication Software

CVE roundup March 9. UltraVNC DLL hijack, Tiandy surveillance flaws, and a flood of PHP noise

Latest News

Editor's Choice

Menu

Latest Threats news

Veeam Patches Four CVSS 9.9 Flaws in Backup and Replication Software

CVE roundup March 9. UltraVNC DLL hijack, Tiandy surveillance flaws, and a flood of PHP noise

Latest News

Editor's Choice

Stay informed on cybersecurity