Vulnerability

A critical race condition vulnerability (CVE-2025-55680) in Microsoft Windows Cloud Minifilter (cldflt.sys) allowed attackers to exploit a time-of-check time-of-use…

A critical vulnerability (CVE-2025-59489) was discovered in Unity, the widely used game engine, allowing malicious apps on the same device…

The CVE-2025-10035 vulnerability in Fortra’s GoAnywhere MFT a critical file transfer tool was added to CISA’s Known Exploited…

A vulnerability in the American Archive of Public Broadcasting (AAPB) website an insecure direct object reference (IDOR) flaw allowed unauthorized…

In August 2016, Navis a provider of maritime logistics software faced a critical SQL injection vulnerability (CVE-2016-5817) in its WebAccess…

Adobe has disclosed a critical vulnerability (CVE-2025-54236, dubbed *SessionReaper*) in its Commerce and Magento Open Source platforms, allowing unauthenticated attackers…

A critical SAP S/4HANA code injection vulnerability (CVE-2025-42957, CVSS 9.9) is being actively exploited in the wild, allowing…

A critical vulnerability (CVE-2025-9696, CVSS v4: 9.4) in SunPower’s PVS6 photovoltaic inverters allows attackers within 100 meters via…

Plex is facing a critical security risk due to CVE-2025-34158, an improper input validation vulnerability in its Plex Media Server…

A physics undergraduate, Owen Mitchem, inadvertently discovered and exploited a significant security vulnerability in the University of Oregon’s computer…

A state government agency using Nucleus Security’s Insights faced severe inefficiencies in vulnerability management, drowning in tens of thousands…

Security researchers from Adversa AI uncovered PROMISQROUTE, a critical vulnerability in ChatGPT-5 and other AI systems, allowing attackers to bypass…