-
NVIDIA released critical security updates for its Isaac Launchable platform on December 23, 2025, addressing three severe vulnerabilities that could allow unauthenticated attackers to execute arbitrary code remotely. All three flaws carry a maximum CVS…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability in M-Files Server could allow authenticated attackers to capture active user session tokens via the M-Files Web interface, enabling identity impersonation and unauthorized access to sensitive information. The flaw, tra…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical buffer overflow vulnerability in Net-SNMP’s snmptrapd daemon allows remote attackers to crash the service by sending specially crafted packets, potentially disrupting network monitoring operations across enterprise environments. The fl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated credential-stealing campaign named “Operation PCPcat” has compromised over 59,000 Next.js servers worldwide, exploiting critical vulnerabilities in the popular React framework to harvest sensitive authentication data at indu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MongoDB has disclosed a critical security vulnerability tracked as CVE-2025-14847 that could allow attackers to extract uninitialized heap memory from database servers without authentication. The flaw, affecting multiple MongoDB versions dating back to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical remote code execution vulnerability in n8n, a popular open-source workflow automation platform, threatens over 103,000 potentially vulnerable instances worldwide. Tracked as CVE-2025-68613 with a maximum CVSS severity score of 9.9, the flaw …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have confirmed the release of proof-of-concept (PoC) exploit code for CVE-2025-68613, a critical remote code execution flaw affecting n8n workflow automation platform. The vulnerability carries a maximum CVSS score of 10.0 and impa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has addressed a critical use-after-free vulnerability in its Brokering File System (BFS) driver that could allow attackers to escalate privileges on Windows systems. Tracked as CVE-2025-29970, the security flaw affects the bfs.sys component a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical race condition vulnerability in the Linux kernel’s POSIX CPU timers has been exposed through a detailed proof-of-concept, one of the most sophisticated kernel exploits targeting Android devices. CVE-2025-38352 represents a use-after-fr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Shadowserver Foundation has identified over 25,000 internet-facing Fortinet devices globally with FortiCloud Single Sign-On (SSO) functionality enabled, raising concerns about potential exposure to critical authentication bypass vulnerabilities. Th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
