Attackers exploit this vulnerability through the router's web interface components, specifically "cgibin" and "hnap_main," by submitting input that exceeds allocated…
Security researchers have uncovered a severe flaw in Apache Tika, a popular open-source toolkit for content analysis and extraction. CVE-2025-66516…
Attackers can keep access to AWS accounts even after admins delete compromised keys. New research from OffensAI shows how AWS…
CISA has added CVE-2025-55182, dubbed React2Shell, to its Known Exploited Vulnerabilities (KEV) catalog due to confirmed active exploitation. This critical…
Vercel has released a new command-line tool, fix-react2shell-next, to help developers quickly detect and patch CVE-2025-66478, a critical remote code…
Cal.com, a popular open-source scheduling platform, faces a critical authentication flaw that allows attackers to bypass password checks by using…
React Server Components (RSC) in React 19.x suffer from insecure deserialization in the "Flight" protocol, allowing attackers to send crafted…
A critical XML External Entity (XXE) vulnerability in Apache Tika, tracked as CVE-2025-66516, exposes users to attacks through specially crafted…
The UK's National Cyber Security Centre (NCSC) has rolled out its Proactive Notification Service, partnering with internet monitoring firm Netcraft…
NVIDIA has issued a security bulletin warning about two high-severity vulnerabilities in its Triton Inference Server software. These flaws allow…