Jun 26, 2025Ravie LakshmananOpen Source / Vulnerability Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (“open-vsx[.]org”) […]
Category: Critical
Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access
Jun 26, 2025Ravie LakshmananVulnerability, Network Security Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine […]
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI
Jun 05, 2025Ravie LakshmananNetwork Security / Vulnerability Cisco has released security patches to address a critical security flaw impacting the […]
Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code
Jun 03, 2025Ravie LakshmananEmail Security / Vulnerability Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube […]
Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise
May 22, 2025Ravie LakshmananCybersecurity / Vulnerability A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it […]
Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence
May 06, 2025Ravie LakshmananCybersecurity / Vulnerability A recently disclosed critical security flaw impacting the open-source Langflow platform has been added […]
New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework
Apr 25, 2025Ravie LakshmananVulnerability / Enterprise Security Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload […]
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely
Apr 24, 2025Ravie LakshmananData Breach / Vulnerability A critical security flaw has been disclosed in the Commvault Command Center that […]
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
Apr 17, 2025Ravie LakshmananVulnerability / Network Security A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) […]
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence
Apr 15, 2025Ravie LakshmananVulnerability / Software Security A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based […]