Vulnerability

The CVE-2025-10035 vulnerability in Fortra’s GoAnywhere MFT a critical file transfer tool was added to CISA’s Known Exploited…

A vulnerability in the American Archive of Public Broadcasting (AAPB) website an insecure direct object reference (IDOR) flaw allowed unauthorized…

In August 2016, Navis a provider of maritime logistics software faced a critical SQL injection vulnerability (CVE-2016-5817) in its WebAccess…

Adobe has disclosed a critical vulnerability (CVE-2025-54236, dubbed *SessionReaper*) in its Commerce and Magento Open Source platforms, allowing unauthenticated attackers…

A critical SAP S/4HANA code injection vulnerability (CVE-2025-42957, CVSS 9.9) is being actively exploited in the wild, allowing…

A critical vulnerability (CVE-2025-9696, CVSS v4: 9.4) in SunPower’s PVS6 photovoltaic inverters allows attackers within 100 meters via…

Plex is facing a critical security risk due to CVE-2025-34158, an improper input validation vulnerability in its Plex Media Server…

A physics undergraduate, Owen Mitchem, inadvertently discovered and exploited a significant security vulnerability in the University of Oregon’s computer…

A state government agency using Nucleus Security’s Insights faced severe inefficiencies in vulnerability management, drowning in tens of thousands…

Security researchers from Adversa AI uncovered PROMISQROUTE, a critical vulnerability in ChatGPT-5 and other AI systems, allowing attackers to bypass…

A series of critical vulnerabilities across multiple internal Intel websites enabled the complete exfiltration of the company’s global employee…

A critical zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) solution specifically in the elastic-endpoint-driver.sys kernel driver…