LR pixel

Langflow Missing Authentication Vulnerability

What is the Vulnerability?A critical missing authentication vulnerability, identified as CVE-2025-3248, has been discovered in Langflow, a web application designed for creating AI-driven agents. This vulnerability allows remote, unauthenticated attackers to execute...

Erlang/OTP RCE (CVE-2025-32433)

What is the Vulnerability? A critical SSH vulnerability has recently been identified in the Erlang/Open Telecom Platform (OTP). The vulnerability, tracked as CVE-2025-32433, has been assigned a CVSS score of 10.0. It is unauthenticated, remotely exploitable, and...

Windows CLFS Driver Elevation of Privilege

What is the Vulnerability?A zero-day vulnerability has recently been identified in the Common Log File System (CLFS) kernel driver. CLFS is a general-purpose logging subsystem within the Windows operating system that provides a high-performance way to store log data...

CrushFTP Authentication Bypass

What is the Vulnerability?FortiGuard Labs has observed in-the-wild attack attempts targeting CVE-2025-31161, an authentication bypass vulnerability in CrushFTP managed file transfer (MFT) software. Successful exploitation may grant attackers administrative access to...