ABB has issued a cybersecurity advisory disclosing multiple vulnerabilities affecting its ASPECT Building Management System (BMS), including...
Authentication Bypass
The ESPHome project, a popular open-source firmware framework for ESP32- and ESP8266-based smart home devices, has disclosed...
watchTowr Labs has released a detailed analysis of CVE-2025-54309, a zero-day authentication bypass vulnerability in CrushFTP, the...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-severity alert for a missing authentication...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning about a critical authentication...
Dell Technologies has released an urgent security advisory addressing multiple vulnerabilities affecting its PowerProtect Data Domain Operating...
SUSE has issued a high-severity security advisory for CVE-2025-46811, a critical vulnerability in SUSE Manager that allows...
A critical vulnerability in the popular OAuth2-Proxy open-source authentication tool has been discovered, allowing attackers to bypass...
Critical Flaw in Wix’s New AI Platform Base44 Allowed Unauthorized Access to Private Enterprise Apps
Critical Flaw in Wix’s New AI Platform Base44 Allowed Unauthorized Access to Private Enterprise Apps
In a significant finding that highlights the risks associated with emerging AI development platforms, Wiz Research has...
A newly disclosed critical vulnerability in Node-SAML, a widely used SAML 2.0 authentication provider for Node.js, could...
A critical vulnerability has been discovered in the popular open-source Node.js library Node-SAML, used to implement SAML...
Mitel has issued a security advisory addressing a critical-severity vulnerability in the Provisioning Manager component of its...
Samsung’s widely used MagicINFO 9 Server, a digital signage management platform, was found multi security vulnerabilities. Security...
A critical vulnerability was found in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC. Tracked as CVE-2025-20337,...
Juniper Networks, a cornerstone in enterprise-grade network security, has issued a critical alert for a Missing Authorization...
Multiple critical vulnerabilities have been discovered in Ruckus Wireless’ Virtual SmartZone (vSZ) and Network Director (RND), posing...
HPE Aruba Networking has issued a critical security advisory for its Instant On Access Points, urging users...
iemens has released a critical security advisory detailing multiple high-severity vulnerabilities affecting SINEC NMS, its flagship network...
In a coordinated disclosure with CERT@VDE, Phoenix Contact GmbH & Co. KG has issued an urgent advisory...
A coordinated disclosure by CERT@VDE and WAGO has unveiled a devastating vulnerability—CVE-2025-41672—impacting WAGO’s industrial automation platform Device...
In a recent security advisory, researchers from Synacktiv revealed two chained vulnerabilities in ScriptCase’s Production Environment module—known...
Two critical vulnerabilities recently disclosed by CERT@VDE, in coordination with industrial automation company Pilz, highlight a sobering...