Safeguard
Tag

patch-management

Safeguard articles tagged "patch-management" — guides, analysis, and best practices for software supply chain and application security.

53 articles

Vulnerability Response

CVE-2025-9086 in cURL: Patch Posture & SBOM Response

Heap out-of-bounds read in libcurl's cookie path comparison affects nearly every Linux distro. Defender SBOM playbook below.

Sep 12, 20257 min read
Vulnerability Response

CVE-2025-55190 in Argo CD: Patch Posture & SBOM Response

Argo CD project details API leaks repository credentials, scored CVSS 9.9. GitOps platforms are now top-tier credential targets. Defender playbook below.

Sep 8, 20257 min read
Vulnerability Response

CVE-2025-7775 in Citrix NetScaler: Patch Posture & SBOM Response

NetScaler ADC and Gateway memory overflow scored CVSS 9.2 and landed on CISA KEV with a 48-hour patch deadline. Here is the defender playbook.

Aug 27, 20256 min read
Vulnerability Response

CVE-2025-9074 in Docker Desktop: Patch Posture & SBOM Response

Docker Desktop container-to-host escape scored CVSS 9.3. Affected Windows and macOS developer fleets need a fast patch rollout. Defender playbook below.

Aug 21, 20256 min read
Open Source Security

The Real Cost of Delayed Patching in Open Source Components

Patches for open source flaws often exist for months before teams apply them. Here is what that patch lag actually costs in breaches, cleanup, and trust.

Aug 13, 20258 min read
Vulnerabilities

Nginx Vulnerabilities: Tracking and Patching at Scale

Nginx vulnerabilities are rare compared to application-layer bugs but high-impact when they land — here's how to track disclosures and patch fleets without breaking uptime.

Aug 6, 20255 min read
Industry Analysis

Benchmarking Mean Time to Remediate Across Company Size a...

MTTR benchmarks vary 2-5x by company size and industry. See how financial services, healthcare, and mid-sized firms compare — and what a realistic 2026 target looks like.

Jul 23, 20258 min read
Vulnerability Response

CVE-2025-53770 in SharePoint (ToolShell): Patch Posture & SBOM Response

On-prem SharePoint deserialization flaw scored CVSS 9.8 and entered CISA KEV the day after public exploitation. Defender playbook below.

Jul 21, 20256 min read
Vulnerability Response

CVE-2025-49794 in libxml2: Patch Posture & SBOM Response

libxml2 use-after-free during XPath schematron parsing scored CVSS 9.1. Defender SBOM playbook for one of the most-embedded libraries on the planet.

Jul 15, 20256 min read
Vulnerability Response

CVE-2025-23121 in Veeam Backup & Replication: Patch Posture & SBOM Response

Veeam B&R authenticated RCE on the backup server scored CVSS 9.9. Backup infrastructure cannot be a soft underbelly. Here is the defender playbook.

Jun 18, 20257 min read
Vulnerability Response

CVE-2025-47884 in Jenkins OpenID Connect Provider: Patch Posture & SBOM Response

Jenkins OIDC Provider plugin token impersonation scored CVSS 9.1. Defender playbook for CI/CD identity infrastructure.

May 16, 20256 min read
Vulnerability Response

CVE-2025-22462 in Ivanti Neurons for ITSM: Patch Posture & SBOM Response

Ivanti Neurons for ITSM auth bypass scored CVSS 9.8 and grants full admin access. Defender playbook for the ITSM patching emergency.

May 15, 20256 min read
patch-management (Page 4) — Safeguard Blog