More results...
A critical authentication bypass vulnerability in GNU InetUtils’ telnetd server allows remote attackers to gain root access without credentials by exploiting improper parameter sanitization. GNU InetUtils versions 1.9.3 through 2.7 contain a high…
Google has released Chrome version 144.0.7559.96/.97 to the stable channel across Windows, Mac, and Linux platforms, addressing a critical race condition vulnerability in the V8 JavaScript engine. The update is rolling out gradually to users over the c…
A critical architectural weakness in Azure’s Private Endpoint deployments could allow both accidental and intentional denial of service (DoS) attacks against cloud resources. The vulnerability stems from how Azure’s Private DNS zone resolut…
The new EU-funded GCVE project is breaking dependence on US databases to track software flaws. Discover how this decentralised system aims to ensure global cybersecurity.
The two bugs, an arbitrary file read and an SSRF bug, can be exploited without user interaction to leak credentials, databases, and other data.
The post Chainlit Vulnerabilities May Leak Sensitive Information appeared first on SecurityWeek.
Indian music streaming platform Raaga has become the latest victim of a significant cybersecurity incident after sensitive user data was posted for sale on a popular hacking forum in December 2025. The breach has exposed personal …
Apache Airflow has patched two separate credential-exposure vulnerabilities in versions before 3.1.6. The flaws could allow attackers to extract sensitive authentication data embedded in proxy configurations and templated workflow fields through log …
The OPNsense team has started the new year with the release of version 25.7.11, bringing a notable networking enhancement: a native host discovery service that deepens visibility into connected devices and tightens policy control across the&#…
An open-source Android application designed to identify and test devices vulnerable to CVE-2025-36911, a critical authentication bypass flaw in Google’s Fast Pair Bluetooth protocol. The vulnerability, commonly referred to as WhisperPair, affects…
TP-Link has disclosed a high-severity authentication bypass vulnerability affecting its VIGI security camera lineup, allowing attackers on local networks to reset administrator passwords without verification. The flaw li…