Vulnerability

GitHub’s Copilot Chat, an AI-powered coding assistant, was found vulnerable to a critical flaw named CamoLeak (CVSS 9.6)…

WatchGuard disclosed CVE-2025-9242, a critical remote code execution (RCE) vulnerability in its Firebox firewalls due to an out-of-bounds write flaw…

Suspected state-sponsored attackers exploited a zero-day command injection vulnerability (CVE-2025-59689) in Libraesva Email Security Gateway (ESG), versions 4.5 to…

A federal agency suffered a cyber intrusion in July 2024 due to unpatched vulnerabilities (CVE-2024-36401) in its public-facing GeoServer, exploited…

Researchers uncovered critical API authentication vulnerabilities in Pudu Robotics’ entire fleet of service robots (BellaBot, KettyBot, PuduBot, etc.), deployed globally…

Threat actors have identified a critical exposure in SMA’s deprecated Sunny WebBox devices, which remain widely internet-exposed despite being…

Hewlett Packard Enterprise (HPE) disclosed eight critical vulnerabilities in its StoreOnce data backup and deduplication platform, with the most severe…

AutomationDirect’s MB-Gateway devices, widely deployed in critical infrastructure, are affected by a maximum-severity missing authentication vulnerability (CVE-2025-36535), enabling remote…

The Node.js project disclosed CVE-2025-23166, a high-severity vulnerability in its core cryptographic operations that enables remote attackers to crash…

Security researchers identified three critical vulnerabilities in Google’s Gemini AI assistant, dubbed the 'Trifecta,' which could have…

Grafana Labs disclosed a critical vulnerability (CVE-2025-41115) in its Grafana Enterprise product, enabling privilege escalation or impersonation of administrators when…

A critical security vulnerability was discovered in GoSign Desktop, a widely used electronic signature solution by Tinexta InfoCert. The flaws…