-
Ivanti has released critical security updates for Ivanti Endpoint Manager to address three high-severity vulnerabilities that could allow authenticated attackers to write arbitrary files to any location on affected systems. The company disclosed the se…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A security vulnerability has been discovered in Zoom Workplace’s VDI Client for Windows that could allow attackers to escalate their privileges on affected systems. The flaw, tracked as CVE-2025-64740 and assigned bulletin ZSB-25042, has been rat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SAP has released a significant security update addressing 18 new vulnerabilities across its enterprise software portfolio, including several critical flaws related to code execution and data injection. This monthly security patch day features four high…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Devolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies. The vulnerability, identified as CVE-2025-12485, carries a critical CVS…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A security vulnerability has been discovered in WatchGuard Firebox devices that could allow attackers to bypass authentication mechanisms and gain unauthorized SSH access to affected systems. Tracked as CVE-2025-59396, this flaw poses a significant thr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical remote code execution vulnerability affecting Samsung mobile devices to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. Track…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers from Mandiant Threat Defense have uncovered a critical zero-day vulnerability in Gladinet’s Triofox file-sharing platform that allowed attackers to bypass authentication and execute malicious code with system-level privi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization library, affecting versions before 3.0. The flaw resides in the JsonPlusSerializer component, which is the default serialization protocol u…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Three critical vulnerabilities in runc, the widely-used container runtime that powers Docker and Kubernetes, have been disclosed, allowing attackers to break out of container isolation and gain root access to host systems. The flaws, identified as CVE-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have discovered an actively exploited remote code execution vulnerability in Monsta FTP, a web-based FTP client used by financial institutions, enterprises, and individual users worldwide. The flaw, now tracked as CVE-2025-34299, a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
