-
Elastic has released urgent security patches addressing four significant vulnerabilities in Kibana that could enable attackers to steal sensitive files, trigger service outages, and exhaust system resources. The advisories, published on January 14, 202…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has launched Chrome 144 for desktop platforms, addressing ten security vulnerabilities including multiple high-severity flaws in the V8 JavaScript engine. The stable channel update began rolling out on January 13, 2026, for Windows, Mac, and Lin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has disclosed a critical information disclosure vulnerability in the Desktop Window Manager that threat actors are actively exploiting. The vulnerability, tracked as CVE-2026-20805, was publicly released on January 13, 2026, and allows authen…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Node.js project has released critical security updates addressing multiple vulnerabilities affecting all active release lines. On January 13, 2026, the Node.js team announced patches for versions 20.x, 22.x, 24.x, and 25.x, tackling three high-seve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high heap-based buffer overflow vulnerability in the cw_acd daemon component of Fortinet’s FortiOS and FortiSwitchManager has been disclosed, enabling remote unauthenticated attackers to execute arbitrary code on affected systems. The vulnerabi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released its January 2026 Patch Tuesday security updates, addressing 114 vulnerabilities across Windows, Office, and other products. The update includes three actively exploited zero-day vulnerabilities and 12 critical-severity flaws that…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SAP released 17 new security notes on January 13, 2026, addressing vulnerabilities affecting widely deployed enterprise systems. The patch day includes four critical-severity flaws spanning SQL injection, remote code execution, and code injection attac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hikvision has disclosed two high buffer overflow vulnerabilities affecting its security devices that could allow network-based attackers to cause device malfunctions. The security flaws, tracked as CVE-2025-66176 and CVE-2025-66177, impact select acces…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical privilege escalation vulnerability has been identified in ServiceNow’s AI Platform, posing significant risks to enterprise users worldwide. Tracked as CVE-2025-12420, this security flaw allows unauthenticated attackers to impersonate o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MITRE has released a list of Top 25 Most Dangerous Software Errors (CWE Top 25) that are widely spread and leads to serious vulnerabilities. The list was generated based on the vulnerabilities published within the National Vulnerability Database. These…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
