authentication bypass Articles

SolarWinds Patches Critical RCE and Auth Bypass Flaws in Web Help Desk

Four critical vulnerabilities in SolarWinds Web Help Desk allow unauthenticated remote code execution and authentication bypass. CISA confirms active exploitation with February 6 federal deadline.

January 29, 2026 SolarWinds RCE vulnerability

Fortinet Patches FortiCloud SSO Authentication Bypass Under Active Exploitation

CVE-2026-24858 allows attackers with any FortiCloud account to authenticate to other customers' devices. Arctic Wolf observed automated exploitation creating backdoor admin accounts within seconds.

January 27, 2026 Fortinet zero-day vulnerability