Adobe has released patches for 52 vulnerabilities across 10 products, including flaws leading to arbitrary code execution.

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...

An unpatched vulnerability in ChromaDB could be exploited without authentication for remote code execution and server ...

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could ...

Apple released patches for a cluster of security flaws internally grouped under the tag “Coruna,” and at least one of them ...

Critical out-of-bounds read in Ollama before 0.17.1 leaks process memory including API keys from over 300000 servers via ...

Critical SEPPmail vulnerabilities expose email gateways to remote code execution and unauthorized mail access attacks.

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code to escape the container and do nasty things to IT environments. As a result, ...