Vulnerabilities
Safeguard articles tagged "Vulnerabilities" — guides, analysis, and best practices for software supply chain and application security.
27 articles
How to Audit npm Dependencies for Vulnerabilities
Go beyond npm audit's noisy output — resolve your dependency tree, prioritize by reachability, and fix both direct and transitive vulnerabilities in a Node.js project the right way.
How to Prioritize Vulnerabilities
A scan gave you a hundred findings and you can't fix them all today. This beginner guide teaches a simple, sensible order for deciding what to fix first.
The Best Dependency Scanning Tools in 2026
Dependency scanning is crowded and the tools differ more than the marketing suggests. This balanced guide compares Dependabot, Snyk, Mend, Trivy, Socket, and Safeguard on accuracy, prioritization, and remediation.
How to Update Dependencies Safely
Updating a library can fix a vulnerability or break your app. This beginner guide shows you how to update dependencies safely, one careful step at a time.
How to Find Vulnerabilities in Your Code
A beginner-friendly guide to finding security vulnerabilities in both your own code and the open-source libraries you depend on, using free and open tools.
How to Scan a Container Image for Vulnerabilities
Scan any Docker or OCI image for OS-package and application-layer vulnerabilities, understand the results, and gate risky images before they reach your registry — with copy-paste commands.
How to Read a CVE: A Beginner's Guide
A plain-language walkthrough of what a CVE record contains and how to read one — the ID, description, CVSS score, CWE, affected versions, and whether a fix exists.
How to Run Your First Security Scan
New to security? This beginner walkthrough shows you how to run your first vulnerability scan on a real project, read the results, and know exactly what to do next.
Container Breakout Class Vulnerabilities 2024-2025
A look at the container breakout vulnerabilities disclosed in 2024 and 2025, what they actually required to exploit, and what that pattern tells us about the defense model.
OpenJDK Vulnerabilities: Tracking and Patching
OpenJDK vulnerabilities are disclosed and patched through Oracle's quarterly Critical Patch Update cycle, but tracking them well means watching your specific JDK distribution and version line, not just assuming a generic update covers you.
BOLA: Broken Object Level Authorization, Explained
A bola vulnerability lets one authenticated user reach another user's data just by changing an ID in a request — no exploit code required, which is exactly why scanners miss it so often.
Audio Processing Library Vulnerabilities: The Sound of Exploitation
Audio libraries parse complex binary formats in C code. They share the same vulnerability patterns as image and video codecs, with less security scrutiny.