A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...

A jsPDF vulnerability tracked as CVE-2025-68428 could allow attackers to read arbitrary files, exposing configurations and ...

Proof-of-Concept (PoC) exploits for the Apache web server zero-day surfaced on the internet revealing that the vulnerability is far more critical than originally disclosed. These exploits show that ...

Fortinet has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now being widely exploited. A Fortinet FortiWeb path traversal vulnerability is being ...

Russia-linked attackers found and exploited a high-severity WinRAR vulnerability before the maintainers of the Windows file archiver issued a fix.… The bug, tracked as CVE-2025-8088, is a ...

Multi-function printer (MFP) devices and software provider Kyocera Document Solutions has a path traversal vulnerability in its web-based device manager tool used for managing large printer fleets in ...

A critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers. A day after proof-of-concept (PoC) exploit ...

Ad Inserter, a popular Ad management WordPress Plugin was discovered to contain a critical vulnerability. The vulnerability allows an authenticated user as low as a subscriber to execute code on the ...

The spam campaign is being used to spread a malicious .exe file, taking advantage of a vulnerability in WinRAR which was patched in January. A critical 19-year-old WinRAR vulnerability disclosed last ...

Starting with yesterday, there is now public proof-of-concept exploit code for CVE-2019-19781, a vulnerability in Citrix enterprise equipment that can allow hackers to take over devices and access a ...