https://www.imore.com/critical-flaw-discovered-australias-ios-covidsafe-app
Critical flaw discovered in Australia's iOS COVIDSafe app | iMore
Jun 16, 2020 - Australia's COVIDSafe app doesn't work properly after you've locked it on iOS...
critical flawin australiadiscoveredioscovidsafe
https://thehackernews.com/2019/06/evernote-extension-hacking.html?m=0
Critical Flaw Reported in Popular Evernote Extension for Chrome Users
Major Flaw in Evernote's Chrome Extension Could Have Allowed Hackers to Hijack Your Web Browser Remotely and Steal Sensitive Data From Any Website You Accessed.
extension for chromecritical flawreportedpopularevernote
https://thehackernews.com/2024/10/github-patches-critical-flaw-in.html
GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access
Update GitHub Enterprise Server to patch critical SSO bypass vulnerability (CVE-2024-9487). Protect against unauthorized access.
critical flawenterprise servergithubpatches
https://thehackernews.com/2024/09/urgent-gitlab-patches-critical-flaw.html
Urgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution
GitLab patches critical flaw (CVE-2024-6678) allowing unauthorized pipeline job execution. Update to latest version to protect your repositories
critical flawurgentgitlabpatchesallowing
https://www.cybersecuritydive.com/news/critical-flaw-in-aws-console-risked-compromise-of-build-environment/809745/
Critical flaw in AWS Console risked compromise of build environment | Cybersecurity Dive
The CodeBreach vulnerability could have enabled a massive supply chain attack, researchers warn.
critical flawaws console
https://www.tomshardware.com/news/critical-flaw-us-industrial-systems,36992.html
Critical Flaw Puts US Industrial Systems At Risk | Tom's Hardware
May 2, 2018 - Researchers discovered a critical security flaw in the InduSoft Web Studio and InTouch Machine Edition applications, both of which are made by Schneider...
critical flawus industrialat riskputs
https://securityaffairs.com/31120/hacking/fixed-critical-flaw-blogger-allows-write-posts-blog.html
Critical flaw in Blogger allows to write posts on any blog
Dec 15, 2014 - A security expert discovered a critical CSRF vulnerability in Blogger.com that allows an attacker to write posts in any blog hosted on the popular platform.
critical flawwrite postsbloggerallows
https://securityaffairs.com/148395/hacking/fortinet-fortios-fortiproxy-critical-bug-2.html
Fortinet fixed a critical flaw in FortiOS and FortiProxy
Jul 12, 2023 - Fortinet warns of a critical flaw impacting FortiOS and FortiProxy that can allow remote attackers to perform arbitrary code execution
critical flawfortinetfixedfortiosfortiproxy
https://www.cybersecuritydive.com/news/watchguard-critical-flaw-firebox-exploitation/808617/
WatchGuard warns critical flaw in Firebox devices facing exploitation | Cybersecurity Dive
The company said the threat activity is part of a larger campaign against edge devices and internet-exposed infrastructure.
critical flawwatchguardwarns
https://thehackernews.com/2024/08/solarwinds-releases-patch-for-critical.html
SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software
SolarWinds and Palo Alto Networks release critical security patches to address vulnerabilities that could allow remote code execution and command inje
web help deskcritical flawsolarwindsreleasespatch
https://thehackernews.com/2024/08/critical-flaw-in-wordpress-litespeed.html?version=meter+at+null
Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access
Critical LiteSpeed Cache plugin vulnerability allows attackers admin access to WordPress sites. Update to version 6.4 now to secure your website.
critical flawlitespeed cachewordpress
https://securityaffairs.com/148405/security/citrix-critical-flaw-secure-access-client-for-ubuntu.html
Citrix fixed a critical flaw in Secure Access Client for Ubuntu
Jul 12, 2023 - Citrix fixed a critical flaw affecting the Secure Access client for Ubuntu that could be exploited to achieve remote code execution.
critical flawsecure accesscitrixfixed
https://thehackernews.com/2018/05/windows-docker-containers.html?m=1
Microsoft Issues Emergency Patch For Critical Flaw In Windows Containers
Microsoft issues emergency security patch update for a critical RCE flaw in Windows Host Compute Service Shim (hcsshim) library used to create Windows...
critical flawmicrosoftissuesemergencypatch
https://securityaffairs.com/182075/security/critical-flaw-sessionreaper-in-commerce-and-magento-platforms-lets-attackers-hijack-customer-accounts.html
Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer...
Sep 10, 2025 - Adobe fixed a critical flaw in its Commerce and Magento Open Source platforms that allows an attacker to take over customer accounts.
critical flaw
https://thehackernews.com/2022/11/citrix-issues-patches-for-critical-flaw.html
Citrix Issues Patches for Critical Flaw Affecting ADC and Gateway Products
Citrix has released security updates to address critical vulnerabilities in Application Delivery Controller (ADC) and Gateway products.
critical flawcitrixissuespatches
https://thehackernews.com/2017/09/apache-struts-vulnerability.html?m=1
Critical Flaw in Apache Struts2 Lets Hackers Take Over Web Servers
A Critical remote code execution vulnerability (CVE-2017-9805) has been discovered in Apache Struts web application framework
critical flawtake overapachestruts2
https://thehackernews.com/2024/07/gitlab-patches-critical-flaw-allowing.html
GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs
GitLab, Citrix, and VMware release critical security patches. CISA warns about OS command injection flaws. Agencies recommend Zero Trust adoption.
critical flawgitlabpatchesallowingunauthorized
https://www.techradar.com/news/mirai-botnet-now-targeting-critical-flaw-in-thousands-of-routers
Mirai botnet now targeting critical flaw in thousands of routers | TechRadar
Aug 24, 2021 - New Mirai variant has been on the prowl since March
mirai botnetcritical flawtargeting
https://securityaffairs.com/169848/uncategorized/wordpress-jetpack-plugin-critical-flaw.html
WordPress Jetpack plugin critical flaw impacts 27 million sites
Oct 15, 2024 - WordPress Jetpack plugin issued an update to fix a critical flaw allowing logged-in users to view form submissions by others on the same site
jetpack plugincritical flaw27 millionwordpressimpacts
https://www.engadget.com/2014-12-23-critical-os-x-ntp-flaw-automatic-update.html
Critical flaw forces Apple to push first automatic OS X security update
Dec 23, 2014 - A critical security issue in the network time protocol (NTP) has prompted Apple to push an automatic OS X update to users for the first time. Google...
critical flawapple to
https://thehackernews.com/2025/04/critical-flaw-in-apache-parquet-allows.html?ref=31337infosec.com
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
Apache Parquet flaw CVE-2025-30065 enables remote code execution from crafted files, risking data pipelines.
critical flawapache parquet
https://www.techtarget.com/searchsecurity/news/252505973/Researchers-discover-critical-flaw-in-Azure-Cosmos-DB
Researchers discover critical flaw in Azure Cosmos DB | TechTarget
Security researchers at Wiz have discovered a flaw in Microsoft Azure Cosmos DB that exposes thousands of cloud databases.
azure cosmos dbcritical flawresearchersdiscovertechtarget
https://www.techtarget.com/searchsecurity/news/252488831/Intel-patches-critical-flaw-in-Active-Management-Technology
Intel patches critical flaw in Active Management Technology | TechTarget
On Patch Tuesday, Intel released a security advisory for September that addresses nine vulnerabilities, including a CVSS 9.8 vulnerability within a third-party...
active management technologyintel patchescritical flawtechtarget
https://thehackernews.com/2024/07/gitlab-patches-critical-flaw-allowing.html?m=0
GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs
GitLab, Citrix, and VMware release critical security patches. CISA warns about OS command injection flaws. Agencies recommend Zero Trust adoption.
critical flawgitlabpatchesallowingunauthorized
https://securityaffairs.com/134896/hacking/atlassian-bitbucket-flaw.html
Critical flaw impacts Atlassian Bitbucket Server and Data Center
Aug 26, 2022 - Atlassian fixed a critical flaw in Bitbucket Server and Data Center that could lead to malicious code execution on vulnerable instances
critical flawatlassian bitbucketimpactsserverdata
https://www.cybersecuritydive.com/news/north-korea-hackers-jetbrains-teamcity/697332/
Critical flaw in JetBrains TeamCity exploited weeks after patch issued | Cybersecurity Dive
State-linked actors are targeting the CI/CD platform, and the vendor warns backdoors are lingering undetected.
critical flaw
https://thehackernews.com/2019/06/evernote-extension-hacking.html
Critical Flaw Reported in Popular Evernote Extension for Chrome Users
Major Flaw in Evernote's Chrome Extension Could Have Allowed Hackers to Hijack Your Web Browser Remotely and Steal Sensitive Data From Any Website You Accessed.
extension for chromecritical flawreportedpopularevernote
https://thehackernews.com/2020/07/zoom-windows-security.html
Unpatched Critical Flaw Disclosed in Zoom Software for Windows 7 or Earlier
A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a...
software for windowscritical flaw
https://thehackernews.com/2024/12/cisa-adds-critical-flaw-in-beyondtrust.html
CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
CISA lists CVE-2024-12356, a critical BeyondTrust flaw, as actively exploited. Update on-prem systems to patch vulnerabilities.
critical flawcisaadds
https://thehackernews.com/2023/10/critical-flaw-in-nextgens-mirth-connect.html
Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data
A critical remote code execution vulnerability (CVE-2023-43208) has been uncovered in Mirth Connect.
critical flawmirth connectnextgen
https://www.itpro.com/security/23493/microsoft-rushes-to-patch-critical-flaw-affecting-every-windows-pc
Microsoft rushes to patch critical flaw affecting every Windows PC | IT Pro
Nov 12, 2014 - Bigger than Heartbleed, vulnerability means users need to download patch now
rushes tocritical flaw
https://www.itnews.com.au/news/highly-critical-flaw-in-wordpress-109503
"Highly critical" flaw in WordPress - iTnews
A flaw in WordPress 2.x rated "highly critical" was posted today.
critical flawhighlywordpressitnews
https://thehackernews.com/2024/02/vmware-alert-uninstall-eap-now-critical.html
VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk
VMware has identified a critical security flaw in its Enhanced Authentication Plugin (EAP), urging users to uninstall it.
critical flaw
https://thehackernews.com/2017/09/apache-struts-vulnerability.html?version=meter+at+null
Critical Flaw in Apache Struts2 Lets Hackers Take Over Web Servers
A Critical remote code execution vulnerability (CVE-2017-9805) has been discovered in Apache Struts web application framework
critical flawtake overapachestruts2
https://securityaffairs.com/145087/security/critical-flaw-vmware-vrealize.html
A critical flaw in VMware vRealize allows executing code as root
Apr 20, 2023 - VMware fixed two severe flaws, tracked as CVE-2023-20864 and CVE-2023-20865, impacting the VMware Aria Operations for Logs product.
critical flawvmware vrealize
https://securityaffairs.com/27617/hacking/critical-flaw-fiverr-com-potentially-exposes-millions-accounts.html
Critical flaw in Fiverr.com potentially exposes millions accounts - Security Affairs
Aug 17, 2014 - A CSRF (Cross-site request forgery) vulnerability affects the Fiverr.com website, millions users are potentially at risk.
critical flawfiverr com
https://thehackernews.com/2021/10/critical-flaw-in-opensea-could-have-let.html
Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets
OpenSea had a vulnerability that could have allowed hackers to steal cryptocurrency from wallets
critical flaw
https://www.sophos.com/en-us/blog/patch-now-critical-flaw-found-in-openwrt-router-software
Patch now! Critical flaw found in OpenWrt router software | SOPHOS
OpenWrt is an open source operating system used by millions of home and small business routers and embedded devices.
critical flawopenwrt routerpatchfoundsoftware
https://securityaffairs.com/172144/hacking/fortinet-warns-of-a-patched-fortiwlm-vulnerability.html
Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM
Dec 19, 2024 - Fortinet warns of a patched FortiWLM vulnerability that could allow admin access and sensitive information disclosure.
critical flawwireless lanfortinetwarnsmanager
https://securityaffairs.com/121485/breaking-news/cisco-apic-flaw.html
Cisco fixed a critical flaw in Cisco APIC for Nexus 9000 series switches
Aug 26, 2021 - Cisco fixed a critical security flaw in Application Policy Infrastructure Controller (APIC) interface used in its Nexus 9000 Series Switches.
nexus 9000 seriescritical flaw
https://securityaffairs.com/154215/security/business-one-product-critical-flaw.html
Critical flaw fixed in SAP Business One product
Nov 15, 2023 - Enterprise software giant SAP addressed a critical improper access control vulnerability in its Business One product.
sap business onecritical flawfixedproduct
https://securityaffairs.com/137689/security/openssl-second-critical-flaw-ever.html
OpenSSL to fix the second critical flaw ever
Oct 26, 2022 - The OpenSSL Project announced an upcoming update to address a critical vulnerability in the open-source toolkit.
to fixthe secondcritical flawopensslever
https://thehackernews.com/2020/11/researchers-warn-of-critical-flaws.html
Researchers Warn of Critical Flaw Affecting Industrial Automation Systems
Researchers Warn of Critical Flaws Affecting Real Time Automation EtherNet/IP Used in Industrial Control Systems.
critical flawindustrial automationresearcherswarnaffecting
https://securityaffairs.com/144775/security/hikvision-hybrid-san-critical-bug.html
Hikvision fixed a critical flaw in Hybrid SAN and cluster storage products
Apr 14, 2023 - Chinese video surveillance giant Hikvision addressed a critical vulnerability in its Hybrid SAN and cluster storage products.
critical flaw
https://www.helpnetsecurity.com/2016/02/22/week-in-review-the-new-help-net-security-critical-glibc-flaw-new-issue-of-insecure-magazine/
Week in review: The new Help Net Security, critical Glibc flaw, new issue of (IN)SECURE Magazine -...
Jul 31, 2018 - Here's an overview of some of last week's most interesting news, reviews and articles: Welcome to the new Help Net Security We rolled out a brand new
https://www.itnews.com.au/news/malware-sets-crosshairs-on-last-weeks-critical-windows-flaw-66044
Malware sets crosshairs on last week's critical Windows flaw - iTnews
As many IT security experts predicted, malware taking advantage of a flaw patched by the Aug. 8 MS06-040 bulletin emerged over the weekend, but Microsof...
last weekmalwaresetscrosshairs
https://thehackernews.com/2026/01/critical-gnu-inetutils-telnetd-flaw.html
Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access
A 9.8-severity flaw (CVE-2026-24061) in GNU InetUtils telnetd allows remote authentication bypass and root access in versions 1.9.3 to 2.7.
https://thehackernews.com/2021/04/cisco-will-not-patch-critical-rce-flaw.html
Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers
Cisco would not patch critical RCE flaws in end-of-life business routers, urging businesses to purchase new routers.
https://thehackernews.com/2019/02/winrar-malware-exploit.html?version=meter+at+null
Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years
Cybersecurity researchers disclosed a critical remote code execution vulnerability in WinRAR that affects all versions of the software released in last 19...
all versions
https://www.bit-tech.net/news/tech/software/firefox-3-5-suffers-critical-js-flaw/1/
Firefox 3.5 suffers critical JS flaw | bit-tech.net
A flaw in the just-in-time compiler introduced in Firefox 3.5's new JavaScript engine can lead to code execution, with Mozilla calling the un-patched hole...
firefox 3 5bit techsufferscriticaljs
https://thehackernews.com/2018/04/hacking-nas-devices.html?m=0
Critical Unpatched RCE Flaw Disclosed in LG Network Storage Devices
A security researcher has revealed details of an unpatched critical remote command execution vulnerability in LG NAS Network Attached Storage (NAS) devices
network storagecriticalrceflawdisclosed
https://thehackernews.com/2024/12/patch-alert-critical-apache-struts-flaw.html?m=1
Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected
CVE-2024-53677: Critical 9.5 CVSS Apache Struts flaw enables remote code execution; patch now in version 6.4.0.
apache strutspatchalertcriticalflaw
https://www.itnews.com.au/news/critical-chip-flaw-affects-intel-amd-and-arm-480522
Critical chip flaw affects Intel, AMD and ARM - iTnews
Google reveals research role, origins of vulnerability.
criticalchipflawaffectsintel
https://securityaffairs.com/182107/security/google-fixes-critical-chrome-flaw-researcher-earns-43k.html
Google fixes critical Chrome flaw, researcher earns $43K
Sep 11, 2025 - Google addressed a critical use-after-free vulnerability in its Chrome browser that could potentially lead to code execution.
googlefixescriticalchromeflaw
https://thehackernews.com/2025/01/cisco-fixes-critical-privilege.html?m=0
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
Cisco addresses critical CVE-2025-20156 with 9.9 CVSS, fixing admin privilege risk in Meeting Management.
privilege escalationmeeting managementciscofixescritical
https://securityaffairs.com/181614/hacking/over-28000-citrix-instances-remain-exposed-to-critical-rce-flaw-cve-2025-7775.html
Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775
Aug 27, 2025 - Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation.
https://securityaffairs.com/191130/security/microsoft-out-of-band-updates-fixed-critical-asp-net-core-privilege-escalation-flaw.html
Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw
Apr 22, 2026 - Microsoft fixed critical ASP.NET Core vulnerability, tracked as CVE-2026-40372 (CVSS score of 9.1), that lets attackers escalate privileges.
out of bandasp net core
https://securityaffairs.com/131870/hacking/rce-flaw-horde-webmail.html
A critical RCE flaw in Horde Webmail has yet to be addressed
Jun 2, 2022 - A remote code execution flaw in the open-source Horde Webmail client can allow to take over servers by sending a specially crafted email.
yet to be
https://www.itnews.com.au/news/critical-adobe-flash-and-reader-flaw-being-exploited-214387
Critical Adobe Flash and Reader flaw being exploited - iTnews
Present in latest versions.
adobe flashcriticalreaderflawexploited
https://securityaffairs.com/190471/security/attackers-exploit-critical-flowise-flaw-cve-2025-59528-for-remote-code-execution.html
Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution
Apr 7, 2026 - Attackers are exploiting a critical Flowise flaw CVE-2025-59528 to run arbitrary code and access systems via unvalidated JavaScript.
https://www.tomsguide.com/computing/online-security/critical-amazon-kindle-flaw-could-let-hackers-take-over-your-account-dont-fall-for-this
Critical Amazon Kindle flaw could let hackers take over your account - don't fall for this | Tom's...
Dec 15, 2025 - An ethical hacker discovered a Kindle exploit that could let bad actors take over your Amazon account via your Kindle.
https://thehackernews.com/2024/02/critical-jetbrains-teamcity-on-premises.html?rand=1734
Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover - Patch Now
Critical Flaw in JetBrains TeamCity On-Premises (CVE-2024-23917) Allows Attackers to Take Over Servers
on premises
https://securityaffairs.com/174999/security/elastic-kibana-critical-flaw.html
Elastic patches critical Kibana flaw allowing code execution
Mar 6, 2025 - Elastic fixed a critical flaw in Kibana data visualization dashboard software for Elasticsearch that could lead to arbitrary code execution.
elasticpatchescriticalkibanaflaw
https://www.cybersecuritydive.com/news/nearly-3k-ivanti-connect-secure-instances-vulnerable-to-critical-flaw/740994/?ref=blog.onsec.io
Nearly 3K Ivanti Connect Secure instances vulnerable to critical flaw | Cybersecurity Dive
U.S. has the most VPNs not yet patched for CVE-2025-22467.
https://thehackernews.com/2025/07/wiz-uncovers-critical-access-bypass.html
Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44
Wiz found a critical Base44 flaw letting attackers access private apps via public app_id. Fixed by Wix.
https://thehackernews.com/2019/10/iterm2-macos-terminal-rce.html?version=meter+at+null
7-Year-Old Critical RCE Flaw Found in Popular iTerm2 macOS Terminal App
A 7-year-old critical remote code execution vulnerability has been discovered in iTerm2 macOS terminal emulator app.
7 year old
https://www.techradar.com/pro/security/a-worrying-critical-security-flaw-in-apache-tomcat-could-let-hackers-take-over-servers-with-ease
A worrying critical security flaw in Apache Tomcat could let hackers take over servers with ease |...
Mar 18, 2025 - Researchers have spotted an Apache Tomcat PoC in the wild
https://thehackernews.com/2021/08/pypi-python-package-repository-patches.html?m=1
PyPI Python Package Repository Patches Critical Supply Chain Flaw
Python Package Index (PyPI) repository fixes an arbitrary code execution vulnerability that could have led to supply chain attacks.
python packagesupply chainpypirepositorypatches
https://www.techtarget.com/searchsecurity/news/252521535/Critical-Atlassian-Confluence-flaw-remains-under-attack
Critical Atlassian Confluence flaw remains under attack | TechTarget
A remote code execution vulnerability in multiple Atlassian Confluence products is still under attack by a variety of threat actors nearly two weeks later.
atlassian confluenceunder attackcriticalflawremains
https://thehackernews.com/2025/07/wiz-uncovers-critical-access-bypass.html?m=0
Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44
Wiz found a critical Base44 flaw letting attackers access private apps via public app_id. Fixed by Wix.
https://www.techtarget.com/searchSecurity/news/366614476/Fortinet-discloses-critical-zero-day-flaw-in-FortiManager
Fortinet discloses critical zero-day flaw in FortiManager | TechTarget
Fortinet confirmed reports of a critical zero-day vulnerability in FortiManager, which CISA added to its Known Exploited Vulnerabilities catalog.
zero day flawfortinetcriticalfortimanagertechtarget
https://thehackernews.com/2026/05/critical-apache-http2-flaw-cve-2026.html
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
Apache fixes CVE-2026-23918 in HTTP/2; double-free flaw enables DoS and RCE, impacting version 2.4.66 users.
https://thehackernews.com/2019/02/winrar-malware-exploit.html?fbclid=IwAR0fyunTgSFPB6XZVePEUK1yS6Sul42kGEa4doctnXh5X3ehueV5ljuu1n0
Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years
Cybersecurity researchers disclosed a critical remote code execution vulnerability in WinRAR that affects all versions of the software released in last 19...
all versions
https://thehackernews.com/2025/07/hackers-exploit-critical-wordpress.html
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Critical WordPress flaw CVE-2025-5394 lets attackers take over sites using the "Alone" theme. 120K+ attempts blocked.
https://www.redhat.com/en/blog/understanding-critical-kubernetes-privilege-escalation-flaw-openshift-3
Understanding the critical Kubernetes privilege escalation flaw in OpenShift 3
A critical security vulnerability in Kubernetes (CVE-2018-1002105) affecting OpenShift Container Platform 3 was patched by Red Hat in December 2018. The...
privilege escalationunderstandingcriticalkubernetesflaw
https://thehackernews.com/2023/07/zimbra-warns-of-critical-zero-day-flaw.html
Zimbra Warns of Critical Zero-Day Flaw in Email Software Amid Active Exploitation
Zimbra users, be cautious! Zimbra has warned of an actively exploited zero-day vulnerability in its software. Apply the manual fix ASAP to eliminate
zero day flaw
https://thehackernews.com/2019/04/wordpress-woocommerce-security.html
Critical Unpatched Flaw Disclosed in WordPress WooCommerce Extension
Critical Unpatched Flaw Disclosed in a Popular WordPress WooCommerce Extension Called WooCommerce Checkout Manager
wordpress woocommercecriticalflawdisclosedextension
https://thehackernews.com/2025/12/critical-react2shell-flaw-added-to-cisa.html
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
CISA flags the React2Shell remote code flaw after real-world attacks hit millions of exposed services.
criticalreact2shellflawadded
https://www.computerweekly.com/news/366620470/iPhone-iPad-update-fixes-critical-WebKit-flaw
iPhone, iPad update fixes critical WebKit flaw | Computer Weekly
iPhone and iPad users are advised to update their devices as Apple addresses an out-of-bounds write issue in the WebKit browser engine that appears to have...
iphone ipadupdatefixescriticalwebkit
https://thehackernews.com/2022/11/high-severity-flaw-reported-in-critical.html
High-Severity Flaw Reported in Critical System Used by Oil and Gas Companies
A new vulnerability has been discovered in a critical system used in oil and gas companies.
https://dev.to/rdin777/the-ghost-votes-of-olas-protocol-why-lack-of-sync-is-a-critical-economic-flaw-35h5
The "Ghost" Votes of Olas Protocol: Why Lack of Sync is a Critical Economic Flaw - DEV Community
Introduction In the world of DeFi and DAO governance, the voter escrowed (ve) model is a gold... Tagged with architecture, blockchain, security, web3.
https://securityaffairs.com/180484/security/critical-wordpress-post-smtp-plugin-flaw-exposes-200k-sites-to-full-takeover.html
Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover
Jul 28, 2025 - Critical vulnerability in Post SMTP plugin risks full site takeover, over 400k sites use it, and nearly half remain unpatched.
https://thehackernews.com/2021/08/pypi-python-package-repository-patches.html
PyPI Python Package Repository Patches Critical Supply Chain Flaw
Python Package Index (PyPI) repository fixes an arbitrary code execution vulnerability that could have led to supply chain attacks.
python packagesupply chainpypirepositorypatches
https://thehackernews.com/2024/08/github-patches-critical-security-flaw.html?m=1
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges
GitHub patches critical Enterprise Server vulnerabilities, including SAML SSO exploit. Update now to prevent unauthorized admin access and data breach
critical security flawenterprise servergithubpatches
https://thehackernews.com/2026/01/servicenow-patches-critical-ai-platform.html
ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation
ServiceNow fixed CVE-2025-12420, a critical flaw that let unauthenticated attackers impersonate users on its AI Platform.
ai platformservicenowpatchescriticalflaw
https://www.naturalnews.com/2025-10-14-ai-breakthrough-detects-hidden-hardware-trojans.html
AI breakthrough detects hidden hardware trojans, exposing a critical flaw in the global chip supply...
In an era where every piece of technology, from our smartphones to life-saving medical devices, is powered by computer chips, a hidden vulnerability threatens...