-
A critical privilege escalation vulnerability has been identified in ServiceNow’s AI Platform, posing significant risks to enterprise users worldwide. Tracked as CVE-2025-12420, this security flaw allows unauthenticated attackers to impersonate o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MITRE has released a list of Top 25 Most Dangerous Software Errors (CWE Top 25) that are widely spread and leads to serious vulnerabilities. The list was generated based on the vulnerabilities published within the National Vulnerability Database. These…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical remote code execution vulnerability has left over 100,000 n8n workflow automation instances exposed to potential cyberattacks. The Shadowserver Foundation disclosed that 105,753 vulnerable instances were identified on January 9, 2026, repres…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high Cross-Site Scripting (XSS) vulnerability has been discovered in Angular’s Template Compiler, potentially exposing millions of web applications to malicious JavaScript execution. The flaw, tracked as CVE-2026-22610, affects multiple version…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Gogs, a self-hosted Git service, to its Known Exploited Vulnerabilities catalog, warning that the flaw is being actively exploited in the wild. Critical V…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Vulnerability is the weakness that allows the attacker to enter and harm, it may be a flaw in design or misconfiguration. To exploit the vulnerability attacker should have an applicable tool or technique that connects to the system’s weakness. Th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A security researcher has published proof-of-concept code for a critical authentication bypass vulnerability in the Atarim WordPress plugin that could allow attackers to steal sensitive user data and system configuration details. The flaw, tracked as C…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed vulnerability in Apache Struts 2’s XWork component could expose sensitive data and open the door to denial‑of‑service and server‑side request forgery (SSRF) attacks if left unpatched. The flaw, tracked as CVE-2025-68493, is rated Impo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability has been discovered in React Router and Remix that could allow attackers to access or modify sensitive files on web servers. The flaw affects multiple packages and has received a severity rating of Critical with a CVSS score of…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have discovered critical vulnerabilities in InputPlumber, a Linux input device utility used in SteamOS, that could allow attackers to inject keystrokes, leak sensitive information, and cause denial-of-service conditions. The flaws,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
