Do Son
A critical XML External Entity (XXE) vulnerability has been identified in multiple versions of Apache Jackrabbit, a...
Vulnerability
A critical vulnerability (CVE-2025-7503) has been uncovered in an IP camera manufactured by Shenzhen Liandian Communication Technology...
Last week, the decentralized exchange GMX fell victim to a critical security vulnerability within its smart contract...
A critical security flaw in Fortinet’s FortiWeb web application firewall has been publicly weaponized, with proof-of-concept (PoC)...
In a warning issued by CERT/CC, multiple high-impact vulnerabilities have been identified in Gigabyte UEFI firmware that...
Axis Communications has issued a security advisory for a critical vulnerability affecting several of its flagship software...
Rockwell Automation has issued a security advisory detailing two vulnerabilities affecting its Arena Simulation software. Disclosed by...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-5777 to its Known Exploited Vulnerabilities...
The Apache Software Foundation has issued a new release—Apache HTTP Server version 2.4.64—patching eight security vulnerabilities that...
On July 1, 2025—just a day after its public disclosure—Huntress witnessed the active exploitation of a critical...
Juniper Networks, a cornerstone in enterprise-grade network security, has issued a critical alert for a Missing Authorization...
A recent technical deep-dive by Synacktiv has exposed a serious yet often overlooked risk in Laravel—the popular...
The Helm project—the popular Kubernetes package manager—has released a critical security advisory for CVE-2025-53547, a high-severity vulnerability...
A critical vulnerability in the SureForms WordPress plugin—which has over 200,000 active installations—has exposed websites to a...
GitLab has released security updates for its Community Edition (CE) and Enterprise Edition (EE), addressing multiple vulnerabilities...
Security researcher Filip Dragović has been credited by Microsoft for uncovering CVE-2025-48799, a local privilege escalation (LPE)...
A newly discovered critical vulnerability (CVE-2025-7206) in the D-Link DIR-825 router running firmware version 2.10 poses a...
Multiple critical vulnerabilities have been discovered in Ruckus Wireless’ Virtual SmartZone (vSZ) and Network Director (RND), posing...
Researchers have unveiled the Opossum Attack, a novel class of desynchronization vulnerabilities that exploits the coexistence of...
Schneider Electric has issued a high-severity security advisory disclosing multiple vulnerabilities affecting its flagship infrastructure management platform,...