| Sep 22, 2025 Google Urgently Patches Sixth Chrome Zero-Day Vulnerability of 2025 Google has urgently released a security update to address a critical zero-day vulnerability (CVE-2025-10585) in its Chrome web browser.
| Sep 15, 2025 Hackers Hijack NPM Packages in Major Supply Chain Attack A major software supply chain attack has shaken the open-source JavaScript ecosystem, as attackers hijacked several high-profile npm packages.
| Sep 4, 2025 Critical Memory Overflow in Citrix NetScaler ADC & Gateway CVE-2025-7775 is a critical memory overflow vulnerability in Citrix NetScaler ADC and NetScaler Gateway that enables unauthenticated RCE and/or DoS.
| Aug 18, 2025 Unauthenticated RCE Vulnerability in Microsoft SharePoint Server CVE-2025-53770 is a critical unauthenticated remote code execution (RCE) vulnerability affecting on-premises Microsoft SharePoint Server deployments.
| May 27, 2025 WordPress Review Plugin Vulnerability: CVE-2025-2158 LFI Risk Alert CVE-2025-2158 is a high-severity LFI vulnerability affecting the WordPress Review Plugin: The Ultimate Solution for Building a Review Website.
| May 16, 2025 Azure Vulnerability CVE-2025-33072: Information Disclosure Risks CVE-2025-33072 is a high-severity information disclosure vulnerability in Microsoft Azure resulting from improper access control on a web service endpoint.
| May 16, 2025 Critical Azure Automation Vulnerability: CVE-2025-29827 Explained CVE-2025-29827 is a critical vulnerability affecting Microsoft's Azure Automation service.
| May 9, 2025 Critical SQL Injection Vulnerability in Codeastro Bus Ticket System CVE-2025-25775 is a critical SQL injection vulnerability identified in Codeastro Bus Ticket Booking System v1.0.
| May 9, 2025 Critical Deserialization Vulnerability in FluentBoards: CVE-2025-39551 CVE-2025-39551 is a critical deserialization vulnerability in FluentBoards that permits Object Injection via the unsafe deserialization of untrusted data.
| May 8, 2025 Critical SAP NetWeaver Visual Composer Vulnerability: Act Immediately CVE-2025-31324 is a critical vulnerability affecting the SAP NetWeaver Visual Composer's Metadata Uploader component, which lacks proper auth controls.
