Your Security Digest · 29 apr

Today, 2 things to read.

2 critical · 0 to skim · 1 to act on

tracked2

critical2

active exploit1

showing 2 of 160·sorted by date desc

Apr 1614d ago

criticalcritical-infrastructure

Anviz Multiple Products

Multiple Anviz biometric access control products (CX2 Lite, CX7 firmware, and CrossChex Standard software) contain numerous critical vulnerabilities including missing authentication, command injection, and improper authorization flaws. All firmware versions are affected, with CVSS scores reaching 9.8, meaning attackers could gain full root-level control, execute arbitrary code, capture sensitive data, and compromise credentials on these physical security devices. Developers and security teams integrating or managing Anviz hardware should treat these devices as untrusted until patches are available and isolate them from sensitive network segments.

affectedAnviz Multiple Productssocial1031 · down

Apr 1416d ago

criticalzero-dayexploited in the wild

Patch Tuesday, April 2026 Edition

Microsoft's April 2026 Patch Tuesday addresses 167 security vulnerabilities, including an actively exploited SharePoint Server zero-day and a publicly disclosed Windows Defender flaw called 'BlueHammer'. Google Chrome patched its fourth zero-day of 2026, and Adobe Reader received an emergency fix for an actively exploited remote code execution vulnerability. Developers should prioritize updating all affected systems immediately, especially those running SharePoint Server, Chrome, and Adobe Reader, as active exploitation is confirmed.

affectedPatch Tuesday, April 2026 Editionsocial1500 · up

scanning advisory feeds…