Critical IDOR Flaw in CareFlow EHR Exposes Patient Records (CVE-2025-24970)
A critical Broken Access Control vulnerability has been discovered in the CareFlow Electronic Health Record…
Still Haunted by Ghost Signal? A Look Back at CVE-2024-53150
Last year, a critical vulnerability in the InduCore SCADA platform, nicknamed “Ghost Signal,” was disclosed….
Race Condition in ZenithPay Gateway Allows Double-Spending (CVE-2025-31334)
A high-severity race condition vulnerability has been found in the ZenithPay payment processing gateway. This…
Critical Buffer Overflow in Converse Platform (CVE-2025-24237)
A critical heap-based buffer overflow vulnerability has been discovered in the popular Converse video conferencing…
Critical SSRF Vulnerability in Axiom Mail Server (CVE-2025-22230)
A critical unauthenticated Server-Side Request Forgery (SSRF) vulnerability has been found in the Axiom Mail…
Critical SQL Injection in TitanTransfer MFT (CVE-2025-29803)
A high-severity second-order SQL injection vulnerability has been discovered in the TitanTransfer Managed File Transfer…
Critical Tenant Isolation Bypass in Gatewayd Ingress Controller (CVE-2025-21587)
A high-severity security bypass and tenant isolation vulnerability has been discovered in the Gatewayd Ingress…
Critical Command Injection in Connectify Hub OS (CVE-2025-1094)
A critical authenticated command injection vulnerability has been discovered in Connectify Hub OS, the firmware…
Critical Auth Bypass in MomentumDB (CVE-2025-31207)
A critical authentication bypass vulnerability has been discovered in the MomentumDB in-memory database platform. Tracked…
PoC Included: CVE-2025-27007 Path Traversal in LogStreamer
A high-severity unauthenticated path traversal vulnerability has been found in the LogStreamer log management platform….
End of content
End of content