Do Son
Elastic has disclosed a high-severity vulnerability (CVE-2024-43706) affecting its Kibana observability platform, specifically in the Synthetic Monitoring...
Web Security
Security researcher Matt Palmer has uncovered a critical vulnerability in the Lovable low-code platform, now tracked as...
A severe vulnerability in the PayU CommercePro plugin for WordPress, which has over 5,000 active installations, allows...
A newly disclosed vulnerability in the Auth0 PHP SDK—a widely-used authentication toolkit with over 16 million downloads—poses...
The ModSecurity project has issued a security advisory disclosing a new vulnerability—CVE-2025-48866—in its widely used open-source web...
Google has rolled out a critical security update for the Chrome browser in its Stable channel, bumping...
A newly disclosed vulnerability in the Fabio load balancer, tracked as CVE-2025-48865, allows malicious clients to manipulate...
In a revelation for web security, researchers from Tsinghua University have exposed two novel, off-path attacks —...
Varnish Software has disclosed a client-side desynchronization vulnerability, tracked as CVE-2025-47905, in both Varnish Cache and Varnish...
The React Router team has issued the advisory addressing two vulnerabilities affecting applications running in Framework mode:...
A critical vulnerability tracked as CVE-2025-43859 has been disclosed in h11, a minimalist, I/O-agnostic HTTP/1.1 protocol library...
Craft CMS, a widely used content management system for developers and agencies, has disclosed a critical vulnerability...
A security vulnerability has been identified in Apache Roller, a Java-based blog server, that could allow unauthorized...
Apple previously proposed to the CA/Browser Forum—an industry consortium overseeing the management of SSL/TLS certificates—that the validity...
Renowned security researcher Renniepak, the founder of Hacker Hideout, has launched an open-source tool called CSP Bypass....