Apache Commons Text: Code injection vulnerability in older versions

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of ...

HPE OneView: Critical vulnerability allows code smuggling from the network

In HPE's OneView, malicious actors can inject malicious code from the network without authentication. An update is available.
The Hacker News

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...
The Hacker News

HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

HPE patched a critical OneView vulnerability with CVSS 10.0 that could allow unauthenticated remote code execution in ...
TechCrunch

Ox Security lands a fresh $60M to scan for vulnerabilities in code

As “vibe coding” gains in popularity and tech companies push devs in their employ to embrace generative AI tools, a platform that scans for vulnerabilities in AI-generated code has raised a fresh ...
NextBigFuture

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

React2Shell (CVE-2025-55182) is a critical vulnerability affecting the most widely used React-based services across the web ecosystem. With low exploitation complexity and publicly available PoCs, ...