1764860700869
React2Shell : CVE-2025-55182 React & Next.js Remote Code Execution Vulnerabilities.
by AppSec PM Team
Last updated: 2025-12-05 CVE-2025-55182 / CVE -2025-66478 Severity: Critical | CVSS Score : 10 Product Impact Statement: Barracuda WAFaaS , as a platform is not affected by these vulnerabilities. Customer Recommendation: We 1757568003582
CVE Database 2025 !
by WAF PM Team
🚀 Your WAFaaS CVE Database updated! Welcome to a New Era of Security Intelligence We’re thrilled to announce a major upgrade to your WAFaaS experience! Our CVE (Common Vulnerabilities and Exposures) database now includes the latest 1676023497185
OpenSSL Vulnerabilities (CVE-2023-0286, CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217 and CVE-2023-0401)
by Scott Treacy
OpenSSL have announced a new security advisory. Please see Barracuda Campus for the latest news on this advisory. 
1671029820000
Claroty JSON SQLi Vulnerabilities
by Scott Treacy
The Claroty T82 research team released a blog last week demonstrating a newly identified SQL injection in JSON based SQL and how this bypasses many name brand WAF vendors... 1667300400000
OpenSSL v3 X.509 Email Address Buffer Overflows (CVE-2022-3786 and CVE-2022-3602)
by Scott Treacy
Last week the OpenSSL Project announced they would release OpenSSL v3.0.7 on November 1st, highlighting that this release will be a security fix for a critical vulnerability of the highest severity. Upon release of the fix and the advisory, 1666279800000
Apache Commons Text packages (CVE-2022-42889)
by Scott Treacy
This article provides an update on the recently discovered vulnerability in Apache Commons Text packages (CVE-2022-42889). 1664555921055
Updated: Microsoft Exchange Zero-Day (CVE-2022-41040 and CVE-2022-41082)
by Scott Treacy
This article provides information on how you can mitigate the newly discovered Zero-day vulnerabilities in Microsoft Exchange Server using Barracuda WAF-as-a-Service. These vulnerabilities were published on September 29, 2022, and affect 1654868880000
Atlassian Confluence Remote Code Execution Vulnerability (CVE-2022-26134)
by Scott Treacy
In the next few hours we are starting to deploy improvements to the security posture of all customer applications within WAF-as-a-Service in order to provide better protection against the Atlassian Confluence Remote Code Execution
1652282400000
Spring4Shell framework vulnerabilities (CVE-2022-22963 and CVE-2022-22965)
by Scott Treacy
We are rolling out improvements to the security posture of all applications within WAF-as-a-Service in order to provide better protection against the Spring4Shell framework vulnerabilities (CVE-2022-22963 and CVE-2022-22965). If for some