Vulnerability

In this section, we talk about the newest information about vulnerabilities, such as stories on newly found security holes, patches, and updates. Keep up with the latest major flaws in systems, hardware, and software, as well as the best ways to reduce risks. Our coverage gives you information on how these holes in security affect things and what you can do to avoid them.

46 New Vulnerabilities in Solar Inverter Systems Allow Attackers to Tamper with Settings46 New Vulnerabilities in Solar Inverter Systems Allow Attackers to Tamper with Settings

46 New Vulnerabilities in Solar Inverter Systems Allow Attackers to Tamper with Settings

Forescout Vedere Labs has uncovered 46 new vulnerabilities in solar power systems, primarily affecting inverters from three leading manufacturers Sungrow,…

1 day ago
GLPI ITSM Tool Flaw Allows Attackers to Inject Malicious SQL QueriesGLPI ITSM Tool Flaw Allows Attackers to Inject Malicious SQL Queries

GLPI ITSM Tool Flaw Allows Attackers to Inject Malicious SQL Queries

A critical SQL injection vulnerability, tracked as CVE-2025-24799, has been identified in GLPI, a widely used open-source IT Service Management (ITSM) tool.…

1 day ago
Synology Mail Server Vulnerability Enables Remote System Configuration TamperingSynology Mail Server Vulnerability Enables Remote System Configuration Tampering

Synology Mail Server Vulnerability Enables Remote System Configuration Tampering

Synology announced the discovery and resolution of a moderate-severity vulnerability in their Mail Server, which could allow remote authenticated attackers…

2 days ago
CISA Adds Sitecore CMS Code Execution Vulnerability to Exploited ListCISA Adds Sitecore CMS Code Execution Vulnerability to Exploited List

CISA Adds Sitecore CMS Code Execution Vulnerability to Exploited List

 The Cybersecurity and Infrastructure Security Agency (CISA) has included a critical deserialization vulnerability affecting Sitecore CMS and Experience Platform (XP).…

2 days ago
PoC Exploit Released for Ingress-NGINX RCE VulnerabilitiesPoC Exploit Released for Ingress-NGINX RCE Vulnerabilities

PoC Exploit Released for Ingress-NGINX RCE Vulnerabilities

A recently disclosed vulnerability in Ingress-NGINX, tracked as CVE-2025-1974, has raised concerns about the security of Kubernetes environments. This vulnerability…

2 days ago
Exim Use-After-Free Vulnerability Enables Privilege EscalationExim Use-After-Free Vulnerability Enables Privilege Escalation

Exim Use-After-Free Vulnerability Enables Privilege Escalation

A significant security threat has been uncovered in Exim, a popular open-source mail transfer agent (MTA) widely used in Linux…

3 days ago
Splunk RCE Vulnerability Enables Remote Code Execution via File UploadSplunk RCE Vulnerability Enables Remote Code Execution via File Upload

Splunk RCE Vulnerability Enables Remote Code Execution via File Upload

A severe vulnerability in Splunk Enterprise and Splunk Cloud Platform has been identified, allowing for Remote Code Execution (RCE) via…

3 days ago
Production Line Camera Flaws Allow Hackers to Disable RecordingsProduction Line Camera Flaws Allow Hackers to Disable Recordings

Production Line Camera Flaws Allow Hackers to Disable Recordings

Nozomi Networks Labs has uncovered four severe vulnerabilities in the Inaba Denki Sangyo Co., Ltd. IB-MCT001, a camera widely used…

3 days ago
Windows MMC Framework Zero-Day Exploited to Execute Malicious CodeWindows MMC Framework Zero-Day Exploited to Execute Malicious Code

Windows MMC Framework Zero-Day Exploited to Execute Malicious Code

Trend Research has uncovered a sophisticated campaign by the Russian threat actor Water Gamayun, exploiting a zero-day vulnerability in the…

3 days ago
CrushFTP Warns of HTTP(S) Port Vulnerability Enabling Unauthorized AccessCrushFTP Warns of HTTP(S) Port Vulnerability Enabling Unauthorized Access

CrushFTP Warns of HTTP(S) Port Vulnerability Enabling Unauthorized Access

Both CrushFTP, a popular file transfer technology, and Next.js, a widely used React framework for building web applications, have come…

3 days ago