Vulnerability

A critical vulnerability (CVE-2025-58434, CVSS 9.8) in FlowiseAI’s password reset mechanism exposes all versions before 3.0.5…

Audi has been identified as shipping vehicles (up to at least 2024) with outdated and vulnerable software components, such as…

Researchers from the University of Maryland uncovered systemic cybersecurity vulnerabilities across 3,095 U.S. county governments, exposing 42,735…

A critical security vulnerability (CVE-2025-7353, CVSS 9.8) was discovered in Rockwell Automation’s ControlLogix Ethernet communication modules, exposing industrial…

The AI-powered developer tool Cursor was found to have a critical vulnerability (CVE-2025-54136, dubbed MCPoison), allowing attackers to permanently inject…

A critical unauthenticated Remote Code Execution (RCE) vulnerability (CVE-2025-52665, CVSS 9.8) was discovered in Ubiquiti’s UniFi OS, exposing…

A critical race condition vulnerability (CVE-2025-55680) in Microsoft Windows Cloud Minifilter (cldflt.sys) allowed attackers to exploit a time-of-check time-of-use…

A critical vulnerability (CVE-2025-59489) was discovered in Unity, the widely used game engine, allowing malicious apps on the same device…

The CVE-2025-10035 vulnerability in Fortra’s GoAnywhere MFT a critical file transfer tool was added to CISA’s Known Exploited…

A vulnerability in the American Archive of Public Broadcasting (AAPB) website an insecure direct object reference (IDOR) flaw allowed unauthorized…

In August 2016, Navis a provider of maritime logistics software faced a critical SQL injection vulnerability (CVE-2016-5817) in its WebAccess…

Adobe has disclosed a critical vulnerability (CVE-2025-54236, dubbed *SessionReaper*) in its Commerce and Magento Open Source platforms, allowing unauthenticated attackers…