Frameworks
Watch on backend and fullstack frameworks: Laravel, Symfony, Ruby on Rails, Django, Express, Fastify, Spring Boot, NestJS, Phoenix. CVEs, GitHub advisories and security updates.
Frameworks MediaWiki fixes XSS flaws and data leakage
Debian has released a MediaWiki fix for several flaws that could lead to XSS and information disclosure on exposed wikis.
Read the article
Frameworks Moodle fixes several security flaws that need to be addressed quickly
CERT-FR warns of several vulnerabilities in Moodle that could cause denial of service, information disclosure, and other impacts depending on the versions.
Read the article
Frameworks Amazon Q Developer: booby-trapped repository, code execution, and AWS theft
A flaw in Amazon Q Developer allowed a malicious repository to execute commands and steal cloud credentials via booby-trapped MCP configs.
Read the article
Frameworks Adobe ColdFusion: 7 critical vulnerabilities to patch urgently
Adobe fixes seven maximum-severity flaws in ColdFusion and Campaign Classic, with risk of code execution and server compromise.
Read the article