A critical security vulnerability has been identified and patched in Next.js, the popular React-based web framework.
The vulnerability, designated as CVE-2025-49826, affects specific versions of the framework and could allow attackers to exploit cache poisoning mechanisms to trigger denial-of-service conditions on vulnerable applications.
The security...
A critical vulnerability in HIKVISION's applyCT security management platform that could allow attackers to execute arbitrary code on affected systems without authentication.
The vulnerability, designated CVE-2025-34067, has been assigned the maximum CVSS score of 10.0, indicating its severe impact on enterprise security infrastructure.
The vulnerability...
Microsoft has issued an urgent security update for its Edge browser to address a critical vulnerability that cybercriminals are actively exploiting in real-world attacks.
The company released Edge Stable Channel Version 138.0.3351.65 on July 1, 2025, specifically targeting CVE-2025-6554, a Chromium-based security flaw that...
A critical vulnerability in the widely-used Sudo utility that has remained hidden for over 12 years, potentially affecting millions of Linux and Unix systems worldwide.
The vulnerability , designated CVE-2025-32462, allows authorized users to escalate their privileges to root access through a simple command...
A newly disclosed security vulnerability in Apache Seata, a distributed transaction solution, exposes applications to potential remote code execution through deserialization attacks.
The vulnerability affects a significant range of versions and represents a correction to a previously reported security issue that had an incorrectly...
Cisco Systems has disclosed a critical vulnerability in its Unified Communications Manager (Unified CM) platform that could allow unauthenticated remote attackers to gain root access to affected systems.
The security vulnerability, tracked as CVE-2025-20309 and assigned a maximum CVSS score of 10.0, represents one...