CISA adds an actively exploited Digiever DS-2105 Pro NVR vulnerability to KEV, warning of botnet attacks and urging ...
Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...
An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.
A critical Ivanti EPM vulnerability could allow unauthenticated attackers to execute arbitrary code remotely with ...
Over the weekend, Google's threat intelligence team linked five more Chinese hacking groups to attacks exploiting the ...
A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
In the remote maintenance software Connectwise ScreenConnect, authenticated attackers can inject malicious code. An update is ...
Huntress reports active attacks abusing Gladinet’s fixed cryptographic keys to forge tickets and gain remote code execution ...
In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...
React2Shell (CVE-2025-55182) is a critical vulnerability affecting the most widely used React-based services across the web ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback