CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a ...

A new bug introduced in Windows 11 earlier this week may prevent you from shutting down your computer or putting it to sleep. Instead, the devices restart, potentially causing some users to lose ...

A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week. The ...

Fortinet on Tuesday announced patches for 17 vulnerabilities, including a zero-day resolved with the latest FortiWeb updates. Tracked as CVE-2025-58034 (CVSS score of 6.7), the bug is described as an ...

A critical security weakness was discovered and patched in the popular @react-native-community/cli package, which supports developers building React Native mobile apps. The vulnerability could let ...

Details have emerged about a now-patched critical security flaw in the popular "@react-native-community/cli" npm package that could be potentially exploited to run malicious operating system (OS) ...

TP-Link is warning of two command injection vulnerabilities in Omada gateway devices that could be exploited to execute arbitrary OS commands. Omada gateways are marketed as full-stack solutions ...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...

Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary system commands. Tracked ...

Hundreds of Model Context Protocol (MCP) servers used to link LLMs to third-party services, data sources, and tools include default configurations that could expose users to unauthorized OS command ...