Advisories

Security Advisories

Vulnerability disclosures, affected system information, and mitigation guidance from our research team.

All Critical High Medium Low Informational

4 results

OCIC-2026-0001

Critical RCE in Widely Deployed VPN Appliance

An unauthenticated remote code execution vulnerability in a popular enterprise VPN appliance allows full system compromise via a crafted HTTP request to the management interface.

Critical

Jun 1, 2026

OCIC-2026-0002

Privilege Escalation via Misconfigured sudo Rule

A commonly applied sudo configuration pattern allows local users to escalate to root on Linux systems through a wildcard expansion flaw in sudoedit.

High

May 20, 2026

OCIC-2026-0003

SSRF in Cloud Metadata Service Proxy

A server-side request forgery vulnerability in a widely-used cloud proxy library enables attackers to reach the instance metadata endpoint, leaking IAM credentials.

High

May 10, 2026

OCIC-2026-0004

Reflected XSS in Enterprise SIEM Dashboard

A reflected cross-site scripting vulnerability in the search parameter of an enterprise SIEM product allows session hijacking of authenticated analysts.

Medium

Apr 28, 2026

Explore More

Discover our capabilities, products, and knowledge resources.