Critical RSC flaws in React and Next.js enable unauthenticated remote code execution; users should update to patched versions ...

American IT software company Ivanti warned customers today to patch a newly disclosed vulnerability in its Endpoint Manager ...

A critical, unauthenticated remote code execution vulnerability known as React2Shell has been added to the Cybersecurity and ...

Vendors fix critical flaws across Fortinet, Ivanti, and SAP to prevent authentication bypass and remote code execution.

In the remote maintenance software Connectwise ScreenConnect, authenticated attackers can inject malicious code. An update is ...

A critical RCE flaw in React.js, dubbed React2Shell (CVE-2025-55182), has been disclosed with a maximum CVSS score of 10.0, ...

Microsoft’s big December 2025 Patch Tuesday fixes 3 zero-day flaws and 57 other vulnerabilities.

React2Shell (CVE-2025-55182) is a critical vulnerability affecting the most widely used React-based services across the web ...

A six-month investigation into AI-assisted development tools has uncovered over thirty security vulnerabilities that allow ...

A critical Ivanti EPM vulnerability could allow unauthenticated attackers to execute arbitrary code remotely with ...

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

The American Hospital Association is advising hospitals and health systems to fix a cybersecurity flaw that received the highest vulnerability score possible. The remote code execution vulnerability ...