In 2003 security researcher Katie Moussouris was working at the enterprise security firm @stake—which would later be acquired by Symantec—when she spotted a bad flaw in an encrypted flash drive from ...

The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw. The ...

A critical Langflow vulnerability leading to unauthenticated remote code execution has been exploited hours after public disclosure.

CISA adds Wing FTP CVE-2025-47813 to KEV after active exploitation, exposing server paths and aiding attacks; patch by March 30, 2026.

CISA warns that a Wing FTP vulnerability leading to the disclosure of the full local installation path has been exploited in attacks.

The Smithsonian Institution is committed to ensuring the security of the American public by protecting their information and the nation’s heritage. This policy is intended to give security researchers ...

eBay has fixed a pair of security vulnerabilities in its site that could enable attackers to upload executable files disguised as benign file types, construct full path URLs and then point victims to ...

Vulnerability Disclosure and Reporting Guidelines The World Bank Group encourages the public to assist and support the World Bank Group in its continuous efforts to improve the protection and security ...