AgentGG: Open-source agentic SAST scanner
Static analysis tools have spent years matching source code against known-bad patterns and handing engineers long lists of candidate issues to triage by hand...
Apache
10 articles
Critical Apache ActiveMQ Vulnerability Exposes Systems to Security Header Injection Attacks
Apache ActiveMQ users are being urged to apply immediate patches following the disclosure of a critical vulnerability, CVE-2026-42253, that enables HTTP resp...
Apache CXF Flaw Exposes Systems to LDAP Injection Attacks
Apache CXF users are facing a significant security risk following the disclosure of a new vulnerability that exposes systems to LDAP injection attacks, poten...
[webapps] Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service
Apache HTTP Server 2.4.
Apache OFBiz RCE Flaw Abuses Password-Change Restrictions for Authentication Bypass
A critical authentication bypass vulnerability in Apache OFBiz allows attackers to hijack forced password-change flows and achieve remote code execution (RCE...
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv e...
[webapps] Apache HertzBeat 1.8.0 - Remote Code Execution
Apache HertzBeat 1.8.
Apache fixes critical HTTP/2 vulnerability allowing remote code execution
The vulnerability, identified as CVE-2026-23918 with a CVSS score of 8.8, is a double-free error within the HTTP/2 implementation.
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnera...
Claude Discovers Apache ActiveMQ Bug Hidden for 13 Years
Anthropic’s Claude AI has helped researchers find a vulnerability in Apache ActiveMQ Classic