A serious security hole in Fortinet's FortiWeb web application firewall (WAF) is being actively exploited by attackers, enabling them to gain complete admin control without prior access.
This vulnerability, first highlighted in a publicly shared proof-of-concept (PoC) exploit on October 6, 2025, by cybersecurity...
Palo Alto Networks has disclosed a medium-severity denial-of-service (DoS) vulnerability in its PAN-OS software, tracked as CVE-2025-4619, that allows unauthenticated attackers to reboot firewalls via specially crafted packets remotely.
Published on November 12, 2025, this flaw affects PA-Series and VM-Series firewalls and specific Prisma...
Elastic has recently released critical security patches for Kibana, addressing vulnerabilities that could expose users to significant risks in their observability and analytics platforms.
The update, detailed in Elastic Security Advisory (ESA-2025-24), targets versions 8.19.7, 9.1.7, and 9.2.1.
These flaws primarily involve improper origin...
On November 12, 2025, GitLab released critical patch versions 18.5.2, 18.4.4, and 18.3.6 for both Community Edition (CE) and Enterprise Edition (EE), addressing a series of security flaws that could expose sensitive data through prompt injection and other vectors.
These updates fix nine vulnerabilities,...
Dell Technologies has issued an urgent security advisory, DSA-2025-375, addressing multiple vulnerabilities in its Data Lakehouse platform.
Released on November 12, 2025, the update highlights a critical improper access control flaw that could allow high-privileged remote attackers to escalate their access, potentially compromising entire...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in WatchGuard Firebox firewalls to its Known Exploited Vulnerabilities (KEV) catalog, highlighting active exploitation in the wild.
Tracked as CVE-2025-9242, this out-of-bounds write flaw in the Fireware OS ike process enables...