Everything you care about in one place
Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.
Get Feederkb.cert.org
CERT Recently Published Vulnerability Notes
Get the latest updates from CERT Recently Published Vulnerability Notes directly as they happen.
Follow now 67 followers
Latest posts
Last updated 5 days ago
VU#521113: Forge JavaScript library impacted by a vulnerability in signature verification.
5 days ago
Overview The Forge JavaScript library provides TLS-related cryptographic utilities. A vulnerability that...
VU#761751: fluentbit contains stack buffer overflow, authentication bypass, and path traversal flaws
6 days ago
Overview Fluent Bit is a logging and metrics processor and forwarder that...
VU#649739: Lack of Sufficient Guardrails Lead to Excessive Agency (LLM08) in Some LLM Applications
6 days ago
Overview Retell AI's API creates AI voice agents that have excessive permissions...
VU#268029: Tenda N300 Wi-Fi 4G LTE Router 4G03 Pro impacted by vulnerabilities
10 days ago
Overview A command injection vulnerability exists across multiple firmware versions that allows...
VU#553375: Unprotected temporary directories in Wolfram Cloud version 14.2 may result in privilege escalation
19 days ago
Overview Wolfram Cloud version 14.2 allows Java Virtual Machine (JVM) unrestricted access...
VU#579478: Lite XL Arbitrary Code Execution via Project Module and Legacy system.exec Function
19 days ago
Overview Lite XL is a lightweight text editor derived from the lite...
VU#263614: Vulnerability in expr-eval JavaScript library can lead to remote code execution.
23 days ago
Overview The npm package expr-eval is a JavaScript library that evaluates mathematical...
VU#517845: Authenticated SMTP users may spoof other identities due to ambiguous “From” header interpretation
about 1 month ago
Overview Email message header syntax can be exploited to bypass authentication protocols...
VU#516608: Multiple Password Managers Vulnerable to Clickjacking Attacks
about 1 month ago
Overview Browser-extension password managers, which autofill sensitive information on websites, can be...
VU#652514: DNS Rebinding and Manipulating CORS Headers Enables Exfiltration of Information
about 1 month ago
Overview A vulnerability in cross-origin resource sharing (CORS) headers in Chromium, Google...
VU#538470: Clevo UEFI firmware embedded BootGuard keys compromising Clevo's implementation of BootGuard
about 2 months ago
Overview Clevo’s UEFI firmware update packages included sensitive private keys used in...
VU#887923: Kiwire Captive Portal contains 3 web vulnerabilities
about 2 months ago
Overview The Kiwire Captive Portal, provided by SynchroWeb, is an internet access...