A critical security vulnerability in the Linux kernel's netfilter ipset subsystem has been disclosed, allowing attackers to achieve privilege escalation through an out-of-bounds write primitive. The vulnerability, tracked as CVE-2024-53141, affects Linux kernel versions up to commit 041bd1e4 and...

Hundreds of TeslaMate installations are publicly accessible on the internet without authentication, exposing sensitive Tesla vehicle data including GPS coordinates, charging patterns, and driving habits. The findings highlight critical security oversights in how Tesla owners deploy this popular open-source...

The PostgreSQL Global Development Group has released urgent security updates on August 14, 2025, addressing three critical vulnerabilities that affect all supported versions of the world's most advanced open-source relational database. The update covers PostgreSQL versions 17.6, 16.10, 15.14,...

A critical vulnerabilities in Xerox FreeFlow Core that enable unauthenticated remote attackers to achieve remote code execution on vulnerable systems. The vulnerabilities, discovered during investigation of an apparent false positive detection, affect the widely-deployed print orchestration platform used by...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities affecting N-able N-Central to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The addition of CVE-2025-8875 and CVE-2025-8876 to the...

GitLab has released critical security patches addressing 12 vulnerabilities across versions 18.2.2, 18.1.4, and 18.0.6 for both Community Edition (CE) and Enterprise Edition (EE). The vulnerabilities include multiple high-severity cross-site scripting (XSS) vulnerabilities that could enable account takeover attacks...