A critical vulnerability CVE-2025-53772, was disclosed on August 12, 2025, and carries a CVSS score of 8.8, indicating high severity.
CVE-2025-6558, the security bug is due to the incorrect validation of untrusted input in the ANGLE (Almost Native Graphics Layer Engine) open-source graphics abstraction layer, which processes GPU commands and
The vulnerability poses a significant risk, potentially allowing malicious users to manipulate system settings, access sensitive data, and compromise the application’s integrity.
CVE-2025-49719 in Microsoft SQL Server enables unauthorized attackers to disclose uninitialized memory contents without requiring authentication or user interaction.
The vulnerability CVE-2025-48817, affects multiple versions of Windows and poses significant security risks on Remote Desktop Protocol (RDP) connections.
Fortinet disclosed a significant security flaw in its FortiOS, CVE-2025-24477, which is classified under CWE-122, could enable an authenticated attacker to execute arbitrary code or commands through specially crafted requests.
Service-specific roles inadvertently granted far broader permissions and provide the equivalent of full read access across entire Azure subscriptions than their names and descriptions suggest.
The vulnerability has been patched in WinRAR 7.12 beta 1, released on June 10, 2025, and users are advised to upgrade to it ASAP.
Multiple critical security vulnerabilities CVE-2025-48976, CVE-2025-48988, CVE-2025-49124, and CVE-2025-49125 affecting Apache Tomcat web servers impact millions of web applications running on Tomcat v9.0.x to 11.0.x series.
Microsoft acknowledged the issues following a wave of customer reports from April 18th regarding MFA errors when trying to sign up for Microsoft 365 services.
The high-severity flaw is being tracked as CVE-2025-5419 (CVSS score: 8.8), and has been flagged as an out-of-bounds read and write vulnerability in the V8 JavaScript and WebAssembly engine.
BadSuccessor: A Windows Server 2025 Vulnerability That Is Trivial To Exploit
VMware rolled out urgent patches for flaws lead to data leakage, command execution and DOS attacks, with no temporary workarounds available.
Mozilla’s Firefox has issued an emergency fix for two security vulnerabilities used in real-life attacks.
Google has warned that Chrome is open to attack, and has rushed out a fix for a vulnerability that enables a hacker to steal login credentials and bypass multi-factor authentication.
Microsoft releases fixes for 72 vulnerabilities; Among these, CVE-2025-32705-a remote code execution (RCE) vulnerability in Outlook is highlighted.
The vulnerability, tracked as CVE-2025-22247, affects both Windows and Linux versions of VMware Tools 11.x.x and 12.x.x, with macOS unaffected.
Cloud Common Vulnerabilities and Exposures (CVE) transparency by both Microsoft and Google that hit the max Common Vulnerability Scoring System severity rating of 10.
Apache Tomcat vulnerability Identified as CVE-2025-31650 posing a significant security risk.
The vulnerability tracked as CVE-2025-29810, was patched as part of Microsoft’s Apr 2025 Patch Tuesday security update cycle.
