Security Boulevard

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection ...

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...
SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...

Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security ...

Hackers now exploiting critical Fortinet FortiSIEM flaw in attacks

Attackers are now exploiting a critical Fortinet FortiSIEM vulnerability with publicly available proof-of-concept exploit ...
SecurityWeek

Critical HPE OneView Vulnerability Exploited in Attacks

CISA warns that CVE-2025-37164, a maximum-severity HPE OneView vulnerability leading to remote code execution, has been ...
ZDNet

23andMe and JFrog partner to solve code injection vulnerability

Security researchers at JFrog worked with biotechnology company 23andMe to address a vulnerability with Yamale, a tool written by the company and used by over 200 repositories. The smartest companies ...
The Hacker News

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via ...

CISA flags actively exploited Office relic alongside fresh HPE flaw

The latest update to CISA's Known Exploited Vulnerabilities catalog flags CVE-2025-37164, a code injection vulnerability in ...
Searchenginejournal.com

WordPress Divi Theme Code Injection Vulnerability

Elegant Themes announced that several of their products contained a code injection vulnerability and should be updated right away. The vulnerability allows an untrustworthy user to execute PHP ...
Threat Post

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug

The shopping cart application contains a PHP object-injection bug. A security vulnerability in the Welcart e-Commerce plugin opens up websites to code injection. This can lead to payment skimmers ...
Computerworld

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability. WordPress version ...