The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert regarding a critical security vulnerability affecting Gladinet CentreStack and Triofox. The agency has added this flaw to its Known Exploited Vulnerabilities (KEV) catal…

Google has released an emergency security update for the Chrome browser, addressing two high-severity vulnerabilities that could enable remote code execution attacks. The stable channel update version 143.0.7499.146/.147 is now rolling out to Windows, …

NVIDIA has disclosed a critical security vulnerability in Isaac Lab, a component of the NVIDIA Isaac Sim framework, that could allow attackers to execute arbitrary code remotely. The company released security patches in December 2025 to address the des…

Red Hat has disclosed a significant security flaw in OpenShift GitOps that could allow authenticated users to take complete control of a cluster. Assigned the identifier CVE-2025-13888, this vulnerability allows namespace administrators to elevate thei…

Fortinet’s FortiGate appliances face immediate threat from two critical authentication bypass vulnerabilities being actively exploited in production environments. Fortinet released advisories for CVE-2025-59718 and CVE-2025-59719 on December 9, 2…

A critical local privilege escalation vulnerability in the JumpCloud Remote Assist for Windows agent allows any low-privileged user on a Windows system to gain NT AUTHORITY\SYSTEM privileges or crash the machine. Tracked as CVE-2025-34352, the flaw aff…

A critical security vulnerability has been discovered in Plesk, a widely used web hosting control panel, that enables unauthorised users to escalate privileges and gain root-level access to affected systems. This flaw poses a significant threat to web …

A new critical vulnerability in pgAdmin 4 allows remote attackers to bypass security filters and execute arbitrary shell commands on the host server. The flaw, tracked as CVE-2025-13780, exploits a weakness in how the popular PostgreSQL management tool…