A recently disclosed vulnerability in the widely used JavaScript cryptography library node-forge—tracked as CVE-2025-66030—allows specially crafted ASN.1 Object Identifier (OID) values to be mis-parsed due to integer truncation, letting an attacker spoof OIDs and potentially bypass downstream...
Siemens and upstream OpenSSL vulnerabilities that allow out-of-bounds reads — tracked under CVE-2021-3712 — remain a live operational risk across dozens of Siemens industrial networking, communications, and automation products; Siemens has published ProductCERT guidance and fixes for many...
