A critical security issue has been identified in the Axios package for JavaScript, which poses significant risks to millions of servers due to server-side request forgery (SSRF) and credential leakage. This vulnerability occurs when absolute URLs are u…

The Cybersecurity and Infrastructure Security Agency (CISA) highlighted a critical vulnerability in Microsoft Windows’ New Technology File System (NTFS). The vulnerability, designated as CVE-2025-24984, pertains to an information disclosure issue…

Recent security bulletins from Zoom have highlighted several high-severity vulnerabilities in their client software, raising concerns about potential data breaches for users. The latest security updates, issued on March 11, 2025, address multiple criti…

A newly disclosed security vulnerability in Apache Camel, tracked as CVE-2025-27636, has raised alarms across the cybersecurity community. The flaw allows attackers to inject arbitrary headers into Camel Exec component configurations, potentially enabl…

A significant security vulnerability affecting Apache Pinot, an open-source distributed data store designed for real-time analytics, has been publicly disclosed. The flaw, identified as CVE-2024-56325, allows remote attackers to bypass authentication o…

SAP announced 21 new Security Notes and updates to 3 previously released notes on its latest Security Patch Day. This release addresses critical vulnerabilities within SAP products, underscoring the company’s commitment to safeguarding enterprise…

A critical vulnerability has been discovered in Veritas’ Arctera InfoScale product, a solution widely used for disaster recovery and high availability scenarios. The issue lies in the insecure deserialization of untrusted data in the .NET remotin…

Apache Tomcat, a widely used open-source web server software, has faced numerous security vulnerabilities in recent years. Some critical issues put servers at risk of remote code execution (RCE) and other attacks. These vulnerabilities highlight the im…