The Squid Project has issued an urgent advisory for CVE-2025-54574 (CVSS 9.3), a heap buffer overflow bug...
Vulnerability
In a recently disclosed advisory, HashiCorp has patched a critical vulnerability—CVE-2025-6000—in Vault, its industry-standard secrets management solution....
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory about a critical vulnerability—CVE-2025-8286—impacting...
Enable Security has disclosed critical vulnerabilities in Rtpengine, a popular media relay component used in Voice over...
SUSE has issued a high-severity security advisory for CVE-2025-46811, a critical vulnerability in SUSE Manager that allows...
A critical vulnerability in the popular OAuth2-Proxy open-source authentication tool has been discovered, allowing attackers to bypass...
Elastic has issued patches for two local privilege escalation (LPE) vulnerabilities affecting its popular observability tools—APM Server...
A severe server-side request forgery (SSRF) vulnerability has been disclosed in BentoML, a widely used Python framework...
Critical Flaw in Wix’s New AI Platform Base44 Allowed Unauthorized Access to Private Enterprise Apps
Critical Flaw in Wix’s New AI Platform Base44 Allowed Unauthorized Access to Private Enterprise Apps
In a significant finding that highlights the risks associated with emerging AI development platforms, Wiz Research has...
A critical-severity vulnerability in the popular Alone – Charity Multipurpose Non-profit WordPress Theme has left thousands of...
The CERT Coordination Center (CERT/CC) has issued a vulnerability note concerning a flaw in the TP-Link Archer...
BeyondTrust, a global leader in intelligent identity and access security, has issued two advisories addressing two local...
SonicWall, a prominent provider of cybersecurity solutions, has disclosed a critical vulnerability—CVE-2025-40600—affecting the SSL VPN interface of...
Google has announced a Stable Channel update for Chrome Desktop, pushing version 138.0.7204.183/.184 to users on Windows...
Microsoft Threat Intelligence has unveiled a critical macOS vulnerability that exploits Spotlight plugins to bypass the system’s...
ASUS has issued security updates to patch two vulnerabilities in its MyASUS software, a pre-installed utility application...
A newly discovered vulnerability in Python’s tarfile module, identified as CVE-2025-8194, threatens to hang applications that process...
A newly disclosed critical vulnerability in Node-SAML, a widely used SAML 2.0 authentication provider for Node.js, could...
Developers relying on CodeIgniter, one of the most widely adopted PHP full-stack web frameworks with over 2.9...
A critical command injection vulnerability has been disclosed in the widely used GitHub Action tj-actions/branch-names, affecting over...