Following the critical vulnerability CVE-2025-55182 in React Server Components, researchers have found three new leaks. Two ...

CISA warns that a critical XXE vulnerability in OSGeo GeoServer tracked as CVE-2025-58360 has been exploited in the wild.

Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft ...

Unpatched Gogs flaw CVE-2025-8110 enables file overwrite and code execution, driving over 700 confirmed compromises.

As it turns out, the vulnerability is part of several complex attack chains. Security companies such as BI.ZONE, Foresiet, ...

KB5072033 addresses vulnerabilities across Windows systems and Office applications—including one actively exploited zero-day.

The Chinese are not the only ones exploiting React2Shell, a maximum-severity vulnerability that was recently discovered in ...

Microsoft Patch Tuesday fixes 56 vulnerabilities, including one actively exploited zero-day Key flaws: CVE-2025-62221 ...

EPM has been targeted before. In March, CISA added three EPM vulnerabilities to its Known Exploited Vulnerabilities catalog ...

The most critical bug fixed this time is a code injection vulnerability discovered in SAP Solution Manager ST 720, a specific ...

CISA warns WinRAR CVE-2025-6218 is under active attack by multiple threat groups, requiring federal fixes by Dec. 30, 2025.

SAP released 14 new security notes, including 3 addressing critical vulnerabilities in Solution Manager, Commerce Cloud, and ...