Vulnerability

In this section, we talk about the newest information about vulnerabilities, such as stories on newly found security holes, patches, and updates. Keep up with the latest major flaws in systems, hardware, and software, as well as the best ways to reduce risks. Our coverage gives you information on how these holes in security affect things and what you can do to avoid them.

Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks

A new report has put the spotlight on potential security vulnerabilities within the popular open-source framework Next.js, demonstrating how improper…

3 hours ago

SonicWall Arbitrary OS Commands Execution Vulnerability Exploited in Attacks

 A critical vulnerability in SonicWall's SMA1000 series tracked as CVE-2025-23006, has come under active exploitation by threat actors. SonicWall's PSIRT (Product…

11 hours ago

Rails Apps Arbitrary File Write Vulnerability Let Attackers Execute Code Remotely

A newly exposed vulnerability in Ruby on Rails applications allows attackers to achieve Remote Code Execution (RCE) through a flaw…

14 hours ago

Open-Source ClamAV Releases Security Update for Buffer Overflow Vulnerability – Patch Now

ClamAV, a widely used open-source antivirus software, has released security patch updates to address a critical buffer overflow vulnerability (CVE-2025-20128).…

15 hours ago

WordPress Plugin Vulnerability Exposes 23k+ Websites to Hacking

Researchers from Patchstack have warned that over 23,000 real estate websites using the popular RealHomes WordPress theme and its bundled…

17 hours ago

Cisco Warns of Meeting Management API Privilege Escalation Vulnerability

Cisco has issued a critical advisory regarding a privilege escalation vulnerability in its Meeting Management REST API. The flaw tracked…

17 hours ago

SQL Injection Vulnerability in Microsoft’s DevBlogs Lets Hackers Injecting Malicious SQL

In a recent discovery, a security researcher uncovered a critical SQL injection vulnerability on Microsoft’s DevBlogs website (accessible at https://devblogs.microsoft.com). This…

2 days ago

Three New ICS Advisories Released by CISA Detailing Vulnerabilities & Mitigations

The Cybersecurity and Infrastructure Security Agency (CISA) announced three new Industrial Control Systems (ICS) advisories. These advisories provide critical insights…

2 days ago

Security Researchers Discover Critical RCE Vulnerability, Earned $40,000 Bounty

Cybersecurity researchers Abdullah Nawaf and Orwa Atyat, successfully escalated a limited path traversal vulnerability into a full-blown remote code execution…

2 days ago

PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887)

A security researcher, exploring reverse engineering and exploit development, has successfully identified a critical vulnerability in the TP-Link TL-WR940N router,…

2 days ago