Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

IBM Concert SoftwareMultiple Vulnerabilities in IBM Concert Software.

Risk 86
Severity
9.8
First published (updated )
CVE-2025-33089

npm/langchainLangChain serialization injection vulnerability enables secret extraction

Risk 66
Severity
9.1
First published (updated )
CVE-2025-68665

pip/langchain-coreLangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs

Risk 70
Severity
9.3
Exploited
First published (updated )
CVE-2025-68664

fontTools FontToolsfontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

Risk 86
Severity
9.8
First published (updated )
CVE-2025-66034

npm/expr-eval-forkCode Injection, Input Validation

Risk 91
Severity
9.8
First published (updated )
CVE-2025-12735
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Microsoft cbl2 golang 1.22.7-3Request smuggling due to acceptance of invalid chunked data in net/http

Risk 71
Severity
9.1
First published (updated )
CVE-2025-22871

Koajs Koa Node.jsKoa has Inefficient Regular Expression Complexity

Risk 35
Severity
9.2
EPSS
0.04%
First published (updated )
CVE-2025-25200

npm/vitestRemote Code Execution when accessing a malicious website while Vitest API server is listening

Risk 58
Severity
9.7
EPSS
0.04%
First published (updated )
CVE-2025-24964

Axios axiosIn axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an …

Risk 86
Severity
9.8
First published (updated )
CVE-2024-57965

go/golang.org/x/cryptoMisuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

Risk 72
Severity
9.1
First published (updated )
CVE-2024-45337
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Microsoft cbl2 expat 2.6.2-2Integer Overflow

Risk 92
Severity
9.8
First published (updated )
CVE-2024-45491

Apple iPadOSInput Validation, Race Condition, Use After Free, XEE, Integer Overflow

Risk 93
Severity
9.8
First published (updated )
CVE-2024-45490

Microsoft cbl2 expat 2.6.2-2Integer Overflow, Buffer Overflow, Use After Free

Risk 93
Severity
9.8
First published (updated )
CVE-2024-45492

Golang GoUnexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip

Risk 93
Severity
9.8
First published (updated )
CVE-2024-24790

Golang GoImproper handling of JavaScript whitespace in html/template

Risk 90
Severity
9.8
First published (updated )
CVE-2023-24540
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Golang GoBackticks not treated as string delimiters in html/template

Risk 90
Severity
9.8
First published (updated )
CVE-2023-24538

Numfocus Pandaspandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to t…

Risk 86
Severity
9.8
First published (updated )
CVE-2020-13091

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203