Linode Blog > Security

We discuss a WordPress Plugin XSS vulnerability, a cPanel XSS Vulnerability, and a potential information exposure vulnerability in Flask.

We discuss a SvelteKit CSRF protection bypass, a vm2 version sandbox escape, and HashiCorp Nomad/Nomad Enterprise ACL authorization bypasses.

We discuss canceled async Redis commands, a high-severity Elementor Pro access control issue, and sudo replay to create audit trails.

In this week's digest, learn about OAuth authentication, ShadowsocksX-NG, an Apache HTTP server vulnerability and more.

What to consider when evaluating a WAF and its implementation, and how to get started with a WAF that meets your application's needs.

We discuss an XSS vulnerability in phpMyAdmin drag-and-drop upload, a buffer overflow vulnerability in the ClamAV scanning library, and more.

This week, we discuss an OpenSSL security advisory, a vulnerability in OpenSSH Server, and improper session handling in Pi-hole Web.

We discuss how Sudoedit can edit arbitrary files, Drupal and Git security advisories, and a denial of service vulnerability in HAProxy.

This week, we discuss Apache HTTP server vulnerabilities, a Linux Kernel Netfilter Integer Overflow vulnerability, and more.

We discuss a Kibana security release, a vulnerability in Traefik managing TLS connections, and a weak randomness in Webcrypto Keygen.

In this week’s digest, we discuss a Grafana security release, Integer overflow in VLC, and a Snapd race condition vulnerability.