“A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions,” according to Synology’s official advisory.

Vite, the frontend build tool that powers millions of modern web applications, has been found vulnerable to a file access control bypass flaw that could expose arbitrary file contents to the browser.

CVE-2025-20229 allows low-privileged users to execute arbitrary code remotely by uploading malicious files. The second flaw, CVE-2025-20231, affects the Splunk Secure Gateway App and leads to the exposure of user session and authorization tokens.

A critical zero-day vulnerability has been discovered in Synapse, an open-source Matrix homeserver implementation. This flaw is actively being exploited in the wild and can lead to a denial-of-service condition.

The use-after-free vulnerability can be exploited to achieve privilege escalation. This could allow an attacker to gain unauthorized access to system resources and execute arbitrary commands with elevated privileges.

SectopRAT is commonly distributed through malvertising campaigns, including deceptive ads on major platforms like Google and Bing, and drive-by downloads of illegitimate software.

Multiple critical security vulnerabilities have been identified in the Frappe Framework, a full-stack web framework powering ERPNext and other database-driven applications.

To address this critical vulnerability, the plugin developers have released version 4.1.2. Users are strongly advised to update their plugin to this latest version as soon as possible to secure their websites against potential attacks.

A critical security vulnerability has been identified in CryptoLib, a C-based software implementation of the CCSDS Space Data Link Security Protocol (SDLS) and SDLS Extended Procedures (SDLS-EP).

Recent advisories revealed two vulnerabilities (CVE-2024-53678 and CVE-2024-53679) in Apache VCL, a widely-used open-source cloud computing platform designed to deliver custom computing environments.