This page collects WhisperX intelligence signals tagged #software-vulnerability. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical security exposure has been identified within the Vonage Video React App, stemming from its dependency on a vulnerable version of the OpenTok SDK. The `opentok-2.22.0.tgz` library contains two vulnerabilities, with the highest severity rated at 7.2 on the CVSS scale. Crucially, these flaws are flagged as 'rea...
A critical security update for the ubiquitous JavaScript utility library Lodash patches a newly disclosed vulnerability, CVE-2026-4800. This flaw exposes a fresh path for template injection attacks, stemming from incomplete validation in the `_.template` function. The vulnerability is a direct follow-on to the previous...
A critical vulnerability in church sports team management infrastructure allows organization representatives to circumvent established non-member participation limits through a timing-based exploit. The flaw targets the synchronization gap between pastoral approval workflows and backend data synchronization, enabling w...