WAF

This week's update This week’s focus highlights newly disclosed vulnerabilities in web frameworks, enterprise applications, and widely deployed CMS plugins. The vulnerabilities include SSRF, authentication bypass, arbitrary file upload, and remote code execution (RCE), exposing organizations to high-impact risks such…

This week's update This week, new critical vulnerabilities were disclosed in Sitecore’s Sitecore Experience Manager (XM), Sitecore Experience Platform (XP), specifically versions 9.0 through 9.3, and 10.0 through 10.4. These flaws are caused by unsafe data deserialization and code reflection,…

This week's update This week, a critical vulnerability was disclosed in Fortinet FortiWeb (versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and versions 7.0.10 and below), linked to improper parameter handling that could allow unauthorized access.…

Announcement DateRelease DateRelease BehaviorLegacy Rule IDRule IDDescriptionComments2025-09-012025-09-08Log100007D7c5812a31fd94996b3299f7e963d7afc Command Injection - Common Attack Commands ArgsBeta detection. This will be merged into the original rule "Command Injection - Common Attack Commands" (ID: 89557ce9b26e4d4dbf29e90c28345b9b )2025-09-012025-09-08Log100617cd528243d6824f7ab56182988230a75b Next.js - SSRF - CVE:CVE-2025-57822This is a New…