Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to engage in remote code execution (RCE) attacks.

Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via ...

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...

Overview On January 14, NSFOCUS CERT detected that Microsoft released the January Security Update patch, which fixed 112 security issues involving widely used products such as Windows, Microsoft ...

Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could ...

A high-severity security flaw in the Gogs Git service is being actively exploited, leading to remote code execution ...

Adobe released 11 security bulletins for 25 vulnerabilities, including a critical code execution bug in ColdFusion.

The patched issues span core standard library components including archive/zip and net/http, as well as security-sensitive ...

CISA’s Known Exploited Vulnerabilities (KEV) catalog includes four weaknesses found in the product in recent years, including ...

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...