On January 6, 2026, Veeam released security updates to address four vulnerabilities affecting its Backup & Replication solution.

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...

A high-severity flaw in MongoDB instances could allow unauthenticated remote bad actors to leak sensitive data from MongoDB servers. Dubbed "MongoBleed," the security flaw is being exploited in the ...

Those responsible for a MongoDB instance cannot rest easy: an exploit for a critical vulnerability makes upgrades even more ...

WordPress powers about 43% of all websites worldwide. This makes it an indispensable platform for organizations of all sizes. Unfortunately, that popularity also makes WordPress a prime target for ...

MongoDB warns of a critical security vulnerability affecting recent versions. Admins should patch immediately.

CVE-2025-55182 (also referred to as React2Shell and includes CVE-2025-66478, which was merged into it) is a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server ...

CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. In such attacks, an XML input containing a ...

XSS remains the top software weakness, followed by SQL injection and CSRF. Buffer overflow issues and improper access control make it to top 25. The MITRE Corporation has released an updated Common ...

Because user input is not sufficiently sanitized, attackers could exploit the flaw to define external entities within an XML request. The US cybersecurity agency CISA on Thursday warned that threat ...

SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three critical-severity flaws. The most severe (CVSS score: 9.9) of all the issues is ...