SonicWall Wednesday disclosed a zero-day vulnerability impacting its SMA1000 access platform that is under active exploitation via chained attacks. CVE-2025-40602 is a medium-severity local privilege escalation vulnerability in SonicWall’s SMA1000 …
Tag:
hit
Safety & Security
Apache Tika hit by critical vulnerability thought to be patched months ago
by David Walker
CVE superset The maintainers have now realized that the XXE injection flaw is not limited to this module. It affects additional Tika components, namely Apache Tika tika-core, versions 1.13 to …