authentik is an open-source Identity Provider that emphasizes flexibility and versatility, with support for a wide set of protocols. In versions 2025.4.4 and earlier, as well as versions 2025.6.0-rc1 ...

Continue Reading

July 24, 2025

marshmallow-packages/nova-tiptap is a rich text editor for Laravel Nova based on tiptap. Prior to 5.7.0, a vulnerability was discovered in the marshmallow-packages/nova-tiptap Laravel Nova package tha ...

Continue Reading

July 23, 2025

All versions of the package bun are vulnerable to Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the $ shell API due to improper neutralization ...

Continue Reading

July 23, 2025

Security Advisory Description In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of se ...

Continue Reading

July 23, 2025

Security Advisory Description In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. (CVE-2025-46394) Impact An attacker ...

Continue Reading

July 23, 2025

Security update for salt Announcement ID: SUSE-SU-2025:02500-1 Release Date: 2025-07-23T12:46:44Z Rating: important References: bsc#1236621 bsc#1243268 bsc#1244561 bsc#1244564 bsc#1244565 bsc#1244566 ...

Continue Reading

July 23, 2025

Security update for salt Announcement ID: SUSE-SU-2025:02501-1 Release Date: 2025-07-23T12:47:48Z Rating: important References: bsc#1236621 bsc#1243268 bsc#1244561 bsc#1244564 bsc#1244565 bsc#1244566 ...

Continue Reading

July 23, 2025

Impact Administrator users on Harbor could exploit an ORM Leak (https://www.elttam.com/blog/plormbing-your-django-orm/) vulnerability that was present in the /api/v2.0/users endpoint to leak users ...

Continue Reading

July 23, 2025