Blog

Insights from application security experts and industry leaders

Featured

CVE-2025-55182: Remote Code Execution in React Server Components

Dec 3, 2025

On December 3, 2025, the React and Vercel teams disclosed CVE-2025-55182, a critical remote-code-execution (RCE) vulnerability (CVSS 10) affecting React Server Components (RSC) as used in the Flight protocol implementation.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

January 2025 Edition of Kodem Kernels - Product Advancements and Innovations

Kodem introduces transformative updates for security teams: runtime-informed prioritization, actionable remediation guidance with detailed fixes, and runtime-driven function-level analysis across multiple languages.

January 10, 2025
Kodem Kernels - Product Updates

Vulnerability Alert: CVE-2024-53677:

CVE-2024-53677 is a critical file upload vulnerability affecting Apache Struts2 versions 2.0.0 through 6.3.0. At its core, the vulnerability stems from flaws in the deprecated “File Upload Interceptor” component. CVE-2024-53677 is a critical file upload vulnerability affecting Apache Struts2 versions 2.0.0 through 6.3.0. At its core, the vulnerability stems from flaws in the deprecated “File Upload Interceptor” component.

December 20, 2024
Vulnerabilities

A Comparative Study of Reachability Analysis in Application Security

Explore our comparative study on reachability analysis in AppSec, highlighting modern solutions that integrate static and runtime data for precise vulnerability management and prioritization.

December 4, 2024
Application Security
SCA Security

How to Manage and Fix Security Risks Utilizing Free Tooling

DevOps security can utilize free tooling to detect hard-coded secrets, generate SBOMs, and enforce best practices.

November 19, 2024
Application Security
SCA Security

Winner of Top Infosec Innovators Award for Application Security

Cyber Defense Magazine annually spotlights top innovators and names Kodem Security as the winner of 2024 Top Application Security

November 1, 2024
Kodem News

‍How OpenAI o1 Changed Offensive Security

OpenAI o1 model's iterative thinking and mid-attack adaptation mark a breakthrough in AI-enhanced penetration testing.

October 18, 2024
Application Security
Runtime Intelligence

Attack Chain Methodology: Aligning AppSec Strategies with Real-World Threats

The disconnect between traditional AppSec approaches and attack methodologies emphasizes the need for security strategies to better align with real-world threats and attack techniques.

October 1, 2024
Attack Path Analysis
Runtime Intelligence

Vulnerability Alert: Critical CUPS Vulnerability Affecting Major Linux Distributions

A group of critical vulnerabilities in the Common UNIX Printing System (CUPS) has emerged, affecting the majority of major Linux distributions.

September 27, 2024
Vulnerabilities
Application Security

The State of AI Security: Insights from the Top 5 Open-Source AI Frameworks 

This report evaluates the security posture of the top five open-source AI libraries on GitHub examining reachability, exploitability, fixability, and initial access potential i

September 17, 2024
Vulnerabilities

Powerful CI and SCM Policy Updates Now Available

Powerful CI and SCM Policy Updates Ensure the Security of Builds and PRs with Remediation Guidance for Transitive Dependencies

September 12, 2024
Application Security
Kodem News

Introducing Kodem Monorepo Support

Kodem’s Monorepo Support helps manage dependencies while ensuring consistent security and pinpointing vulnerabilities.

August 29, 2024
Application Security
Kodem News
Kodem Kernels - Product Updates

Addressing Scala Security Vulnerabilities: Best Practices for Fortifying your Code

Discover the key security issues in Scala, explore critical CVEs, and learn best practices to secure your Scala applications against vulnerabilities.

August 26, 2024
Application Security
Vulnerabilities