A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...

Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...

The RCE flaw lets remote attackers gain root on affected systems with no user interaction. Cisco has released multiple ...

The popular tool for creating no-code workflows has four critical vulnerabilities, one with the highest score. Admins should ...

A critical vulnerability in the zlib library, included in many operating systems and programs, allows code smuggling.

Cisco has released urgent security updates to patch a critical zero-day vulnerability in its Unified Communications and Webex ...

Microsoft is publishing 114 vulnerabilities this Patch Tuesday. Today’s menu includes just one vulnerability marked as ...

Update to the latest version and monitor for unexpected .git directories in non-repository folders, developers are told.

The US used a cyberattack to turn off power in Caracas during the raid to seize Maduro. The US grid is also vulnerable to ...

Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could enable account takeover and RCE via malicious model URLs and Functions API ...

A vulnerability in an ACF addon plugin exposes up to 100,000 installations to a complete site takeover by unauthenticated ...