Vulnerabilities

Stay ahead of cyber threats with our deep dives into software vulnerabilities. Explore technical breakdowns, CVE analysis, and expert remediation strategies.

  • Mar 10, 2026

Signature Verification Bypass in Authlib (CVE-2026-28802): What Cloud Security Teams Need to Know

OAuth and OpenID Connect are the backbone of modern cloud-native identity and access management. From...

Ben Hirschberg

CTO & Co-founder
  • Mar 5, 2026

Four Critical RCE Vulnerabilities in n8n: What Cloud Security Teams Need to Know

Automation platforms sit at the center of modern infrastructure. They connect APIs, databases, CI/CD pipelines,...

Ben Hirschberg

CTO & Co-founder
  • Jan 14, 2026

See the Attack Before It Lands: What the ARMO-Rapid7 Partnership Unlocks

The ARMO-Rapid7 partnership connects broad attack surface coverage with deep cloud and Kubernetes runtime security...

Shauli Rozen

CEO & Co-founder
  • Dec 28, 2025

MongoBleed (CVE-2025-14847): Unauthenticated Memory Disclosure in MongoDB

A newly disclosed MongoDB vulnerability, tracked as CVE-2025-14847 and informally referred to as MongoBleed, allows...

Ben Hirschberg

CTO & Co-founder
  • Nov 6, 2025

Three New High-Severity Vulnerabilities in runc: What You Need to Know

Within 24 hours, three new high-severity vulnerabilities were disclosed in runc, the low-level runtime that...

Ben Hirschberg

CTO & Co-founder
  • Nov 3, 2025

ARMO Monthly Product Roundup – November 2025 

Hi there,We’ve just dropped a fresh batch of updates to help you cut through the...

Yossi Ben Naim

VP of Product Management
  • Jun 10, 2025

Can We Manage Vulnerabilities with Two Giants in the Room?

Recently, the EU officially launched its vulnerability catalog: the European Vulnerability Database (EUVD). This move...

Ben Hirschberg

CTO & Co-founder
  • Apr 16, 2025

The Future of CVE Is at Risk – What the End of MITRE’s Role Could Mean for Cybersecurity

With DHS ending MITRE’s CVE funding, the future of global vulnerability tracking is uncertain. Here’s...

Ben Hirschberg

CTO & Co-founder
  • Mar 25, 2025

IngressNightmare: Analysis of Critical Vulnerabilities in Kubernetes Ingress NGINX Controller

Executive Summary On March 24, 2025, Wiz Research disclosed a series of critical vulnerabilities in...

Amit Schendel

Head of Security Research
  • Jan 15, 2025

Tackling the recent Kong ingress controller security incident with ARMO’s behavioral CADR

Imagine this situation: you recently updated one of your infrastructure software components. A few weeks...

Ben Hirschberg

CTO & Co-founder
  • Dec 26, 2024

Top cloud-native CVEs of 2024: A Comprehensive Recap

In 2024, several significant vulnerabilities were identified within the Kubernetes and broader cloud-native ecosystem. In...
  • Oct 10, 2024

The vulnerability puzzle: understanding base images and their relationship to CVEs

Have you ever heard of CVEs? Maybe not by their acronym, but Common Vulnerabilities and...

Jonathan Green

Cloud Security Software Engineer
slack_logos Continue to Slack

Get the information you need directly from our experts!

new-messageContinue as a guest