CVE-2026-21486

iccDEV is affected in versions 2.3.1.1 and earlier, where the CIccSparseMatrix::CIccSparseMatrix function contains Use After Free, Heap-based Buffer Overflow, Integer Overflow/Wraparound, and Out-of-bounds Write vulnerabilities. The issue is fixed in version 2.3.1.2. Affected products: iccDEV lib...

PT-2026-1394

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.1 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have a memory leak in the XML MPE Parsing Path iccFromXml. Recommendations Update to...

PT-2026-1409

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below contain issues including an Out-of-bounds Read, Use of Out-of-range Pointer Offset,...

UBUNTU-CVE-2025-65110

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Prior to versions 6.1.2 and 5.6.3, applications meeting two conditions are at risk of arbitrary JavaScript code execution, even if "safe mode" expressionInterpreter is used...

CVE-2025-57275 vulnerabilities

Vulnerabilities for packages: longhorn-spdk...

NordVPN Denies Breach After Hacker Claims Access to Salesforce Dev Data

A hacker using the alias 1011 has claimed to breach a NordVPN development server, posting what appears to…...

Grok apologizes for creating image of young girls in “sexualized attire”

Another AI system designed to be powerful and engaging ends up illustrating how guardrails routinely fail when development speed and feature races outrun safety controls. In a post on X, AI chatbot Grok confirmed that it generated an image of young girls in “sexualized attire.” The potential...

Expanding the Zero Critical Club to set a new standard for AppSec and SecOps teams

We are introducing Zero Code Criticals and Zero Time to Respond clubs to give every team a clear north star for secure development and rapid response...

SUSE SLES15 / openSUSE 15 Security Update : dpdk22 (SUSE-SU-2025:4534-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4534-1 advisory. Update to version 22.11.10. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a...

Security Bulletin: IBM i is affected by exposure of sensitive information and improper access control vulnerabilities in IBM Java SDK and IBM Java Runtime [CVE-2025-53066, CVE-2025-53057]

Summary IBM SDK Java Technology Edition and IBM Runtime Environment Java used by IBM i to support the building and running of Java applications are vulnerable to unauthorized access to data by using APIs in the JAXP component CVE-2025-53066 and creation, deletion or modification access to data by...

Security update for dpdk22

This update for dpdk22 fixes the following issues: Update to version 22.11.10. Security issues fixed: CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other updates and...

CVE-2025-68474

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...

CVE-2025-68474 ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...

CVE-2025-67014

Incorrect access control in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H.01 allows unauthenticated attackers to access an administrative endpoint...

SUSE CVE-2023-53994

In the Linux kernel, the following vulnerability has been resolved: ionic: remove WARNON to prevent paniconwarn Remove unnecessary early code development check and the WARNON that it uses. The irq alloc and free paths have long been cleaned up and this check shouldn't have stuck around so long...

Analyzing Code Injection Attacks on LLM-Based Multi-Agent Systems in Software Development

Agentic AI and Multi-Agent Systems are poised to dominate industry and society imminently. Powered by goal-driven autonomy, they represent a powerful form of generative AI, marking a transition from reactive content generation into proactive multitasking capabilities. As an exemplar, we propose a...

0pflow (>=0.1.0-dev.0de2bc6 <=0.1.0-dev.f5622ac), @0xgasless/agent-sdk (>=0.1.1 <=0.1.2) +1343 more potentially affected by CVE-2025-68665 via @langchain/core (>=1.0.1 <=1.1.8-dev-1766775128110)

@langchain/core NPM version =1.0.1, =0.1.0-dev.0de2bc6, =0.1.1, =1.0.0, =0.1.0, =0.0.1, =1.0.0, =0.0.1, =0.0.1, =1.0.0, =1.0.0, =1.48.0 - @adminforth/completion-adapter-open-ai-chat-gpt =2.0.21 and more Source cves: CVE-2025-68665 Source advisory: OSV:GHSA-R399-636X-V7F6...

How an LMS Cloud Model Supports Scalable Learning

There's a new era for training and development programs, making the LMS Learning Management System cloud model the…...

[SECURITY] Fedora 43 Update: pgadmin4-9.11-1.fc43

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

VulnCheck KEV: CVE-2025-11953

The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary...