Hundreds of TeslaMate installations are publicly accessible on the internet without authentication, exposing sensitive Tesla vehicle data including GPS coordinates, charging patterns, and driving habits.
The findings highlight critical security oversights in how Tesla owners deploy this popular open-source data logging tool.
TeslaMate is a...
The PostgreSQL Global Development Group has released urgent security updates on August 14, 2025, addressing three critical vulnerabilities that affect all supported versions of the world's most advanced open-source relational database.
The update covers PostgreSQL versions 17.6, 16.10, 15.14, 14.19, and 13.22, along with...
A critical vulnerabilities in Xerox FreeFlow Core that enable unauthenticated remote attackers to achieve remote code execution on vulnerable systems.
The vulnerabilities, discovered during investigation of an apparent false positive detection, affect the widely-deployed print orchestration platform used by commercial print shops, universities, and...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities affecting N-able N-Central to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The addition of CVE-2025-8875 and CVE-2025-8876 to the catalog on August 13, 2025,...
GitLab has released critical security patches addressing 12 vulnerabilities across versions 18.2.2, 18.1.4, and 18.0.6 for both Community Edition (CE) and Enterprise Edition (EE).
The vulnerabilities include multiple high-severity cross-site scripting (XSS) vulnerabilities that could enable account takeover attacks and unauthorized code execution on...
Microsoft has released critical security updates addressing multiple use-after-free vulnerabilities in Office applications that could allow attackers to execute arbitrary code on victim systems.
The August 2025 Patch Tuesday includes fixes for three high-severity Office vulnerabilities, with two receiving critical CVSS scores of 8.4.
Three...