vulnerability

A remote code execution flaw in Cursor AI Code Editor allows malicious code to run automatically when opening a project. Learn how disabling Workspace Trust exposes developers and how to protect your environment.

Microsoft’s September 2025 Patch Tuesday addresses 81 security flaws, including two publicly disclosed zero-day vulnerabilities in SMB Server and Microsoft SQL Server. Learn about critical updates and other vendor patches.

A severe remote code execution vulnerability in Progress OpenEdge AdminServer’s Java RMI interface (CVE-2025-7388) lets attackers execute commands with elevated privileges. Update to LTS versions 12.2.18 or 12.8.9 immediately.

A high-severity COOP vulnerability in pgAdmin4 (up to version 9.7) enables attackers to bypass authentication and hijack accounts. Update to version 9.8 immediately to protect your PostgreSQL environment.

A use-after-free flaw in Android Runtime may allow Chrome sandbox escape and local privilege escalation. Learn about mitigation steps and security recommendations to protect your device.

Learn about the incorrect authorization vulnerability in Meta Platforms WhatsApp that allows unauthorized processing of content from arbitrary URLs. Discover mitigation steps and security recommendations.

CISA warns of a critical Bluetooth vulnerability in SunPower PVS6 solar inverters allowing attackers to take full device control. Learn about the impact, affected devices, and recommended mitigations.

Learn about the critical Sangoma FreePBX authentication bypass vulnerability that risks remote code execution and how to protect your system.

Discover critical vulnerabilities in Citrix Session Recording that pose risks to organizations. Learn about improper privilege management and deserialization flaws, along with recommended mitigation actions.

Apple has released critical updates to address CVE-2025-43300, a zero-day vulnerability affecting iOS, iPadOS, and macOS. Learn about the impact, affected devices, and how to stay secure.