fromThe Hacker News3 months agoCritical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session PersistenceA session management vulnerability exists in Apache Roller before version 6.1.5 where active user sessions are not properly invalidated after password changes.Information security
Information securityfromSecuritymagazine5 months agoMITRE Caldera security advisory warns of maximum severity flawA critical Remote Code Execution vulnerability (CVE-2025-27364) has been identified in MITRE Caldera's dynamic compilation functionality.