IBM has disclosed multiple security vulnerabilities in its Cloud Pak System that could allow remote attackers to compromise system integrity through HTML injection and prototype pollution, reports GBHackers News.
SecurityWeek reports that updates have been released by Grafana to resolve a quartet of high-severity flaws impacting its Image Renderer plugin and Synthetic Monitoring Agent's Chromium library.
Numerous Citrix NetScaler ADC and NetScaler Gateway instances were discovered by watchTowr Labs researchers to remain unpatched against the critical severity CitrixBleed 2 flaw, tracked as CVE-2025-5777, amid the growing prevalence of circulating exploits, reports The Register.
MITRE Corporation's Common Vulnerabilities and Exposures program had its board introduce a pair of new forums to strengthen the initiative's future following the Cybersecurity and Infrastructure Security Agency's last-minute decision in April to fund the program for the next 11 months, Infosecurity Magazine reports.
Affected by the vulnerability, which stems from the availability of static user credentials for root accounts during development, were Cisco Unified CM and Unified CM SME Engineering Special releases 15.0.1.13010-1 to 15.0.1.13017-1.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
