access control bypass

Triple CVSS 10.0 Warning: Critical Ubiquiti UniFi OS Flaws Allow Unauthenticated Remote Takeovers

• Vulnerability Report

Triple CVSS 10.0 Warning: Critical Ubiquiti UniFi OS Flaws Allow Unauthenticated Remote Takeovers

Do Son May 22, 2026 0

Ubiquiti has issued a major security advisory addressing five distinct vulnerabilities across its UniFi OS ecosystem. Three...

Read More Read more about Triple CVSS 10.0 Warning: Critical Ubiquiti UniFi OS Flaws Allow Unauthenticated Remote Takeovers

Splunk Patches High-Severity Bugs Granting DoS and Internal Log Leaks

• Vulnerability Report

Splunk Patches High-Severity Bugs Granting DoS and Internal Log Leaks

Do Son May 22, 2026 0

Splunk has issued a coordinated batch of security advisories targeting vulnerabilities across Splunk Enterprise, Splunk Cloud Platform,...

Read More Read more about Splunk Patches High-Severity Bugs Granting DoS and Internal Log Leaks

Critical Spring AI Flaws Expose Databases to SQL and JSONPath Injection

• Vulnerability Report

Critical Spring AI Flaws Expose Databases to SQL and JSONPath Injection

Do Son March 17, 2026 0

Security researchers have issued a dual-threat alert for developers utilizing the Spring AI framework, a popular tool...

Read More Read more about Critical Spring AI Flaws Expose Databases to SQL and JSONPath Injection

Major Security Overhaul for Apache Superset: Five Vulnerabilities Patched

• Vulnerability Report

Major Security Overhaul for Apache Superset: Five Vulnerabilities Patched

Do Son February 26, 2026 0

Apache Superset is a modern data exploration and data visualization platform. Superset can replace or augment proprietary...

Read More Read more about Major Security Overhaul for Apache Superset: Five Vulnerabilities Patched

“Better Auth” Framework Alert: The Double-Slash Trick That Bypasses Security Controls

• Vulnerability Report

“Better Auth” Framework Alert: The Double-Slash Trick That Bypasses Security Controls

Do Son December 18, 2025 0

A high-severity vulnerability has been disclosed in Better Auth, a rapidly growing authentication framework for TypeScript, potentially...

Read More Read more about “Better Auth” Framework Alert: The Double-Slash Trick That Bypasses Security Controls

Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247)

• Vulnerability Report

Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247)

Do Son August 29, 2025 0

The Hikvision Security Response Center (HSRC) has released a new advisory detailing three vulnerabilities affecting different versions...

Read More Read more about Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247)

Apache Traffic Server Flaws Allow Access Bypass & Remote DoS

• Vulnerability

Apache Traffic Server Flaws Allow Access Bypass & Remote DoS

Do Son June 19, 2025 0

Two newly disclosed vulnerabilities in Apache Traffic Server (ATS)—a core component of many cloud and content delivery...

Read More Read more about Apache Traffic Server Flaws Allow Access Bypass & Remote DoS

Critical NetScaler Flaws Allow Access Control Bypass & Memory Overread

• Vulnerability Report

Critical NetScaler Flaws Allow Access Control Bypass & Memory Overread

Do Son June 18, 2025 0

The Cloud Software Group has issued a security bulletin addressing two critical vulnerabilities in NetScaler ADC (formerly...

Read More Read more about Critical NetScaler Flaws Allow Access Control Bypass & Memory Overread

Critical Flaw in Fabio Load Balancer Allows HTTP Header Tampering & Access Bypass

• Vulnerability

Critical Flaw in Fabio Load Balancer Allows HTTP Header Tampering & Access Bypass

Do Son June 2, 2025 0

A newly disclosed vulnerability in the Fabio load balancer, tracked as CVE-2025-48865, allows malicious clients to manipulate...

Read More Read more about Critical Flaw in Fabio Load Balancer Allows HTTP Header Tampering & Access Bypass