This vulnerability, dubbed the “WorkflowKit Race Vulnerability,” targets the extraction and signing processes of shortcuts within WorkflowKit, potentially allowing a malicious app to intercept and modify shortcut files during import.

Versa Networks has issued a security advisory addressing a critical vulnerability (CVE-2024-42450) affecting its Versa Director software. The vulnerability, carries a CVSS score of 10, could allow unauthenticated attackers to access sensitive data.

A high-severity vulnerability has been discovered in Kubernetes, potentially allowing attackers to execute arbitrary commands outside of container boundaries. It is tracked as CVE-2024-10220 and assigned a CVSS score of 8.1.

A recently discovered vulnerability in the Trend Micro Deep Security 20 Agent could have allowed attackers to execute arbitrary code on affected machines. The vulnerability, identified as CVE-2024-51503, has been addressed in the latest update.

A critical vulnerability has been discovered in Cobbler, a popular Linux installation server used for network-based deployments. The vulnerability is tracked as CVE-2024-47533 and assigned a CVSS score of 9.8.

Oracle has issued an urgent security alert regarding a critical vulnerability in its Agile PLM software, tracked as CVE-2024-21287. This flaw allows attackers to remotely access sensitive files without any authentication.

Atlassian has issued a security advisory warning of a critical remote code execution (RCE) vulnerability in its popular Sourcetree software for Mac and Windows. It is tracked as CVE-2024-21697 and scores an 8.8 on the CVSS scale.

Google has released a new stable version of its Chrome browser for desktop, addressing three security vulnerabilities. The update, versions 131.0.6778.85/.86 for Windows and Mac and 131.0.6778.85 for Linux, is rolling out to users.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited vulnerabilities affecting popular networking and security products.

A recent security advisory from the LibreNMS project has revealed a severe vulnerability (CVE-2024-51092) affecting versions up to 24.9.1 of the widely-used network monitoring platform. The flaw is rated a critical 9.1 on the CVSS scale.