vulnerability

Ivanti’s September 2025 security bulletin addresses 13 vulnerabilities in Endpoint Manager, Connect Secure, Policy Secure, ZTA Gateways, and Neurons for Secure Access. No known exploitation reported.

A deserialization of untrusted data vulnerability in Dassault Systèmes DELMIA Apriso could allow remote code execution. Learn recommended actions to protect your systems.

A remote code execution flaw in Cursor AI Code Editor allows malicious code to run automatically when opening a project. Learn how disabling Workspace Trust exposes developers and how to protect your environment.

Microsoft’s September 2025 Patch Tuesday addresses 81 security flaws, including two publicly disclosed zero-day vulnerabilities in SMB Server and Microsoft SQL Server. Learn about critical updates and other vendor patches.

A severe remote code execution vulnerability in Progress OpenEdge AdminServer’s Java RMI interface (CVE-2025-7388) lets attackers execute commands with elevated privileges. Update to LTS versions 12.2.18 or 12.8.9 immediately.

A high-severity COOP vulnerability in pgAdmin4 (up to version 9.7) enables attackers to bypass authentication and hijack accounts. Update to version 9.8 immediately to protect your PostgreSQL environment.

A use-after-free flaw in Android Runtime may allow Chrome sandbox escape and local privilege escalation. Learn about mitigation steps and security recommendations to protect your device.

Learn about the incorrect authorization vulnerability in Meta Platforms WhatsApp that allows unauthorized processing of content from arbitrary URLs. Discover mitigation steps and security recommendations.

CISA warns of a critical Bluetooth vulnerability in SunPower PVS6 solar inverters allowing attackers to take full device control. Learn about the impact, affected devices, and recommended mitigations.

Learn about the critical Sangoma FreePBX authentication bypass vulnerability that risks remote code execution and how to protect your system.