What One Predator Case Can Reveal About an Online Platform’s Safety Gaps

When a predator contacts a child through an online platform, the details of how it happened often expose…...

Heym 安全漏洞

Heym is an open-source AI-native workflow automation platform developed by heymrun. Versions of Heym prior to 0.0.21 contained security vulnerabilities. These vulnerabilities stemmed from sandbox escape vulnerabilities in custom Python tool executors, which could allow authenticated workflow...

Security Bulletin: Vulnerabilities found in Java SE affect Rational Business Developer

Summary There are vulnerabilities in Java SE including Oracle January 2026 CPU used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused ...

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to multiple issues

Summary Multiple vulnerabilities affect IBM Sterling External Authentication Server and are addressed in the latest release and fixpack Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that...

GHSA-R4VM-3MC7-PRGX vulnerabilities

Vulnerabilities for packages: linux-aws, linux-azure, linux-gcp...

Security Bulletin: Several Security Vulnerabilities have been discovered in IBM Security Verify Directory Appliance

Summary Security Vulnerabilities have been addressed in IBM Security Verify Directory Appliance. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and hig...

EUVD-2021-19551

Malware in sbrugna...

EUVD-2013-1413

Malware in sbrugna...

EUVD-2007-1366

Malware in sbrugna...

EUVD-2025-23657

Malicious code in bioql PyPI...

GHSA-C62W-9MVR-73GF vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-8-openj9, openjdk-11-openj9, openjdk-25-openj9, openjdk-21-openj9, openjdk-26-openj9...

AMD Client Vulnerabilities – August 2025

Summary Potential vulnerabilities in AMD Client Processor platforms that affect SMM, ASP, and other platform components, were found during audits performed internally and by third parties...

CVE-2025-32430

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-3 through 16.4.7, 16.5.0-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2, two templates contain reflected XSS vulnerabilities, allowing an attacker to execute...

CVE-2025-32430 XWiki Platform contains Reflected XSS vulnerability in two templates

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-3 through 16.4.7, 16.5.0-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2, two templates contain reflected XSS vulnerabilities, allowing an attacker to execute...

CVE-2025-2160

Pega Platform versions 8.4.3 to Infinity 24.2.1 are affected by an XSS issue with Mashup...

Vulnerabilities fixed in SolarWinds Platform and Network Configuration Manager

SolarWinds has fixed vulnerabilities in SolarWinds Platform and Network Configuration Manager. A malicious party could exploit the vulnerabilities to gain access to system data or execute arbitrary code, possibly with SYSTEM privileges. SolarWinds has released updates to fix the vulnerabilities...

PT-2023-8615 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 14.0-rc-1 through 14.4.7 XWiki Platform versions 14.0-rc-1 through 14.10.3 XWiki Platform versions 14.0-rc-1 through 14.9.x XWiki Platform version 15.0-rc-1 is not affected, but versions prior to it are Description: Th...

Fedora 37 : golang (2023-1819dc9854)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1819dc9854 advisory. This update includes a security fix to the crypto/tls package, as well as bug fixes to the assembler and the compiler. ---- This update includes a...

The vulnerabilities of Microsoft Visual Studio, the Microsoft.NET platform, and the ASP.NET Core platform allow attackers to gain access to confidential information.

The vulnerability of Microsoft Visual Studio, a software development tool, and the Microsoft.NET platform is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the NSX for vSphere and Cloud Foundation network virtualization platform arises from the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands.

The vulnerability of the NSX for vSphere and Cloud Foundation network virtualization platforms exists due to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability could allow a attacker to execute arbitrary commands...