#patches

#patches

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary actions as that user. The vulnerability, tracked as CVE-2025-12420, carries a CVSS score of 9.3 out of 10.0 "This issue [...] could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform," the company said in an advisory released Monday.

The most serious, with a CVSS score of 9.8, allows attackers to execute code with SYSTEM privileges without authentication. Organizations should immediately patch to Build 7190. The most dangerous vulnerability, CVE-2025-69258, is a remote code execution vulnerability in LoadLibraryEX. An attacker can load a malicious DLL into a critical part of the system without login credentials. This gives them full control with the highest system privileges. The impact is significant: confidentiality, integrity, and availability are all at stake.

As Kotaku reported Tuesday, the whole ordeal was a "shitshow," where yet again Bethesda only succeeded in making the once-beloved open-world RPG worse. Once more breaking user-created mods, this latest update went even further adding a wealth of new game-breaking bugs, some of which were reportedly destroying save games, as well as a completely broken version of the company's Creations mod-distributing feature.

The PC edition hasn't been without its issues, though, as players have complained about a range of technical and performance-related problems. Gearbox boss Randy Pitchford has chimed in as well with a string of controversial posts on the subject. Some of the issues are significant enough that Gearbox has already released updates that aimed to improve stability and improvements, while another update is coming today, September 18. "This is our top priority," the developer said about addressing the PC issues.