Vulnerability

AMD disclosed **CVE-2025-62626 (AMD-SB-7055)**, a high-severity vulnerability in its **Zen 5 processors** affecting the **RDSEED instruction**, critical for cryptographic random…

A critical vulnerability named **ForcedLeak** was discovered in Salesforce’s **Agentforce** AI platform, enabling external attackers to exploit **prompt injection*…

Cybersecurity researchers from Trend Micro uncovered two critical authentication bypass vulnerabilities (CVE-2025-10643 and CVE-2025-10644, CVSS scores 9.1 and 9.…

Western Digital disclosed a critical OS command injection vulnerability (CVE-2025-30247) in multiple My Cloud NAS models, including PR2100, PR4100, EX4100,…

SolarWinds disclosed a **critical remote code execution (RCE) vulnerability (CVE-2025-26399)** in its **Web Help Desk (WHD) 12.8.7 and…

Libraesva’s Email Security Gateway (ESG), a widely used email protection solution for over 200,000 users across SMBs and…

A critical token validation failure (CVE-2025-55241, CVSS 10.0) in Microsoft Entra ID (formerly Azure AD) was discovered by researcher…

WatchGuard disclosed a critical out-of-bounds write vulnerability (CVE-2025-9242, CVSS 9.3/10) in its Firebox firewalls, allowing remote, unauthenticated attackers…

Samsung patched CVE-2025-21043, a critical remote code execution (RCE) vulnerability in libimagecodec.quram.so, a closed-source image parsing library by…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about active exploitation of CVE-2025-5086, a critical remote…

Samsung patched a critical zero-day vulnerability (CVE-2025-21043) in its Android devices (Android 13+), exploited in real-world attacks. The flaw, an…

A critical security vulnerability was discovered in Cursor, an AI-powered fork of Visual Studio Code, where a disabled-by-default Workspace Trust…