Stuxlab

Vulnerbility: Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) CVE CVE-2026-2316 CVSSv3 6.5 Medium Published… Read more: CVE-2026-2316: Insufficient policy enforcement in Frames

Vulnerability Remote command injection vulnerability in heap profiler built-in service in Apache bRPC ((all versions < 1.15.0)) on all platforms allows attacker to inject remote command. Root Cause: The bRPC heap profiler built-in service (/pprof/heap)… Read more: CVE-2025-60021: Apache Remote Code Execution

Vulnerability: A spoofing issue in Whatapp for window prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachments file name extension.A malicious crafted mismatch… Read more: CVE-2025-30401: WhatsApp Security Advisory

Vulnerbilites: Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of… Read more: CVE-2025-55177: WhatsApp Zero click vulnerbility on Apple devices

Vulnerability: Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content… Read more: CVE-2025-55179 WhatsApp security advisiorey