The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.
SecurityWeek

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for CVE-2026-34621, a critical Acrobat and Reader zero-day that has been exploited in the wild.
The Hacker News

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

CVE-2026-35616 (CVSS 9.1) exploited since March 31, 2026, affects FortiClient EMS 7.4.5–7.4.6, enabling privilege escalation.