More than 46,000 internet-facing Grafana instances remain unpatched against a high-severity vulnerability (CVE-2025-4123) that chains an open...
CVE News
Trend Micro has released urgent security updates addressing multiple critical-severity vulnerabilities in its Apex Central and Endpoint...
GitLab has released security updates addressing multiple high-severity vulnerabilities in its DevSecOps platform, including flaws that could...
Microsoft has confirmed the release of a revised security update for Windows 11 24H2, specifically targeting systems...
Microsoft has addressed critical authentication failures affecting Windows Server domain controllers following the April 2025 security updates....
A newly disclosed Secure Boot vulnerability, tracked as CVE-2025-3052, allows attackers to disable security protections on PCs...
Microsoft’s June 2025 Patch Tuesday has arrived, delivering security updates for 66 vulnerabilities, including one actively exploited...
Google has addressed a high-severity vulnerability that allowed attackers to brute-force recovery phone numbers tied to user...
A new variant of the Mirai botnet is actively exploiting a command injection vulnerability (CVE-2024-3721) in TBK...
Cisco has issued patches for three high-severity vulnerabilities affecting its Identity Services Engine (ISE) and Customer Collaboration...
Hewlett Packard Enterprise (HPE) has issued an urgent security bulletin warning of eight vulnerabilities in its StoreOnce...
Qualcomm has addressed three critical zero-day vulnerabilities in its Adreno Graphics Processing Unit (GPU) driver that were...
Technical details surrounding CVE-2025-20188, a maximum-severity arbitrary file upload vulnerability affecting Cisco IOS XE Wireless LAN Controller...
A newly identified weakness in Apple’s Safari browser enables attackers to execute fullscreen browser-in-the-middle (BitM) attacks, potentially...
Multiple critical vulnerabilities in Versa Networks’ Concerto platform remain unpatched, exposing enterprise networks to authentication bypass and...
A critical authentication bypass vulnerability (CVE-2025-47949) in the Node.js SAML library samlify allows attackers to forge admin-level...
A critical privilege escalation vulnerability (CVE-2025-4322) has been identified in the premium WordPress Motors theme, allowing unauthenticated...
A recently discovered vulnerability in O2 UK’s implementation of Voice over LTE (VoLTE) and WiFi Calling technologies...
Microsoft has addressed a critical issue affecting dual-boot systems where Linux distributions failed to boot after installing...
Ivanti has issued an urgent patch advisory for two zero-day vulnerabilities (CVE-2025-4427 and CVE-2025-4428) affecting its Endpoint...