Alerts

Intel has released security updates to address several vulnerabilities in multiple Intel products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or perform denial of service attacks on the affected product. Samples of the addressed vulnerabilities: 1. Intel® 800 Series Ethernet Escalation of Privilege Vulnerability (CVE-2025-24325): CVSS: 8.8 Attack […]

Google has released an updated Chrome version 139.0.7258.127/.128 for Windows, Mac, and 139.0.7258.127 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, perform denial of service attacks, or execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of

Ivanti has released security updates to fix several vulnerabilities across multiple Ivanti products. The addressed vulnerabilities could allow the attacker to trigger denial of service attacks, obtain sensitive information, or execute arbitrary code and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Ivanti Connect-Secure Buffer Over-Read Vulnerability (CVE-2025-5456): CVSS: 7.5 Attack

WinRAR has released a security update to fix a zero-day vulnerability affecting WinRAR 7.12 and prior. The addressed vulnerability could allow the attacker to execute arbitrary code and gain access to the affected system. WinRAR Remote Code Execution Vulnerability (CVE-2025-8088): CVSS: 8.4 Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Active Consequences:

Google has released an updated Chrome version 139.0.7258.66/67 for Windows, Mac, and 139.0.7258.66 for Linux. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: 1. Google Chrome

Google has released an updated Chrome version 138.0.7204.183/.184 for Windows, Mac, and 138.0.7204.183 for Linux. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2025-8292): CVSS: 8.8 Attack Vector: Network

Tenable has released security updates to address several vulnerabilities across Tenable Patch Management and third-party components (sqlite, ua-parser-js, libxml2, libxslt, Erlang OTP, Curl, nodeJS, and .NET) that are used by multiple Tenable products. The addressed vulnerabilities could allow the attacker to perform denial-of-service attacks, conduct man-in-the-middle and spoofing attacks, manipulate data, gain elevated privileges, or

SolarWinds has released security updates to address multiple vulnerabilities affecting SolarWinds SWOSH and SolarWinds Web Help Desk. The addressed vulnerabilities could allow the attacker to obtain sensitive information or gain elevated privileges to the affected product. The addressed vulnerabilities: 1. SolarWinds Observability Self-Hosted Deserialization of Untrusted Data Privilege Escalation Vulnerability (CVE-2025-26397): CVSS: 7.8 Attack Vector:

Mozilla has released an updated Firefox version 141, Firefox ESR versions 140.1, 128.13, and 115.26 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to perform a denial of service attack, bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, and gain access to the affected system. Sample of

Google has released an updated Chrome version 138.0.7204.168/.169 for Windows, Mac, and 138.0.7204.168 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability (CVE-2025-8010):

Microsoft has released an updated version of Microsoft Edge in the stable channel, “138.0.3351.95” to address multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed

Grafana has released security updates to address multiple vulnerabilities affecting Grafana. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions or perform Cross-Site Scripting attacks against the affected product. Sample of the addressed vulnerabilities: 1. Grafana Cross-Site-Scripting (XSS) via scripted dashboards (CVE-2025-6023): CVSS: 7.6 Attack Vector: Network Attack Complexity: Low Privileges Required: