Security researchers at JFrog worked with biotechnology company 23andMe to address a vulnerability with Yamale, a tool written by the company and used by over 200 repositories. The smartest companies ...

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of ...

The most critical bug fixed this time is a code injection vulnerability discovered in SAP Solution Manager ST 720, a specific support package stack level of SAP Solution Manager 7.2 that provides ...

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables ...

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...

A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, researchers warn. Ivanti has released security updates for Ivanti Connect ...

This summer, a WinRAR update closed a security vulnerability that allowed code smuggling. It is now being attacked.

Elegant Themes announced that several of their products contained a code injection vulnerability and should be updated right away. The vulnerability allows an untrustworthy user to execute PHP ...

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability. WordPress version ...

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability. WordPress version ...

Researchers at Rapid7 found a vulnerability in the Swagger Code Generator that could execute arbitrary code embedded in a Swagger document. An unexpected behavior in a relatively new and popular open ...