More results...
Next.js developers have a new weapon in the fight against the critical “React2Shell” vulnerability. This new scanner offers a simple, one-line solution for development teams to identify vulnerable versions of Next.js and React Server Compon…
WatchGuard Technologies has disclosed critical security vulnerabilities affecting its Firebox firewall products that could allow attackers to bypass system integrity checks and execute malicious code. The company released patches on December 4, 2025, a…
Cal.com has disclosed a critical authentication bypass vulnerability that could allow attackers to gain unauthorized access to user accounts by exploiting a flaw in password verification logic. The flaw, tracked as CVE-2025-66489 and assigned a critica…
A critical remote code execution vulnerability in React Server Components has emerged as an active exploitation target, with security researchers observing widespread automated attacks across the internet. The flaw, tracked as CVE-2025-55182 …
Security teams worldwide are rushing to patch systems after the disclosure of a critical React vulnerability, CVE-2025-55182, widely known as “React2Shell.” The flaw affects React Server Components (RSC) and has a maximum CVSS score of 10, the highest …
SAFA researchers uncovered four kernel heap overflow vulnerabilities in Avast Antivirus’s aswSnx.sys driver, designated CVE-2025-13032, affecting versions before 25.3 on Windows. These flaws originate from double-fetch issues in IOCTL handling, a…
A newly disclosed critical vulnerability in Apache Tika could allow attackers to compromise servers by simply uploading a malicious PDF file, according to a security advisory published by Apache maintainers. Tracked as CVE-2025-66516, the flaw aff…
A newly disclosed security flaw in the open-source monitoring platform Cacti could allow attackers to execute arbitrary commands on vulnerable servers. The issue, rated High severity and tracked as CVE-2025-66399, affects Cacti vers…
Security researchers have released a specialized scanning tool to identify vulnerable React Server Component (RSC) endpoints in modern web applications, addressing a critical gap in the detection of CVE-2025-55182. New Detection Approach Challenges Exi…
A high security vulnerability has been discovered in Vim for Windows that could allow attackers to run malicious code on affected systems. The flaw, tracked as CVE-2025-66476, affects Vim versions earlier than 9.1.1947 and received a high severity rati…