Vulnerability Report Archives • Page 44 of 87 • Daily CyberSecurity

CVE-2025-68637: Critical Apache Uniffle Flaw Exposes Clusters to Eavesdropping Apache Uniffle Vulnerability CVE-2025-68637

CVE-2025-68637: Critical Apache Uniffle Flaw Exposes Clusters to Eavesdropping

Do Son January 12, 2026

A high-severity vulnerability has been unearthed in Apache Uniffle, the remote shuffle service that powers data movement...

CVE-2026-22184 (CVSS 9.3): Critical zlib Flaw Opens Door to Global Buffer Overflow zlib Vulnerability CVE-2026-22184

CVE-2026-22184 (CVSS 9.3): Critical zlib Flaw Opens Door to Global Buffer Overflow

Do Son January 12, 2026

A critical vulnerability has been discovered in zlib, the lossless data-compression engine used on “virtually any computer...

Altium Enterprise Server Vulnerability CVE-2026-9129 Path Traversal Patreon OAuth Vulnerability Identity Collision DRC INSIGHT Vulnerability Exam Data Hijacking Horner Automation PLC Industrial Brute Force Honeywell IQ4x Vulnerability CVE-2026-3611 DJI Romo vacuum security flaw Python Cryptography Vulnerability CVE-2026-26007 Open5GS Vulnerability CVE-2026-0622 Vivotek IP7137 Vulnerabilities CVE-2025-66049 Forcepoint DLP Vulnerability CVE-2025-14026 Cellopoint Secure Email Gateway - CVE-2024-9043

Unpatched & Exposed: Legacy Vivotek Cameras Broadcast Live Video to All

Do Son January 12, 2026

Owners of legacy Vivotek IP7137 surveillance cameras have been dealt a harsh reality check: their devices are...

Game Over? Critical InputPlumber Flaws Expose Linux Gamers to Hijacking InputPlumber Vulnerability CVE-2025-66005

Game Over? Critical InputPlumber Flaws Expose Linux Gamers to Hijacking

Do Son January 12, 2026

A utility designed to enhance the Linux gaming experience has been found to harbor critical security vulnerabilities...

Public Exploit Released: Critical Trend Micro Flaw Grants SYSTEM Access libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

Public Exploit Released: Critical Trend Micro Flaw Grants SYSTEM Access

Do Son January 9, 2026

Trend Micro has issued a critical security alert for users of Apex Central (on-premise), patching a dangerous...

Bluetooth Broken? Apache NimBLE Flaws Enable Spoofing & Eavesdropping Apache NimBLE Vulnerabilities Bluetooth Spoofing

Bluetooth Broken? Apache NimBLE Flaws Enable Spoofing & Eavesdropping

Do Son January 9, 2026

The Apache Software Foundation has issued urgent patches for Apache NimBLE, the open-source Bluetooth 5.4 stack used...

The 9.6 Crack in Java’s Foundation: Critical Undertow Flaw CVE-2025-12543 Undertow Vulnerability CVE-2025-12543 CVE-2025-0107: PoC Exploit Code Undersea Cable Security, China Tech Ban

Undertow Vulnerability CVE-2025-12543 CVE-2025-0107: PoC Exploit Code Undersea Cable Security, China Tech Ban

The 9.6 Crack in Java’s Foundation: Critical Undertow Flaw CVE-2025-12543

Do Son January 9, 2026

A foundational crack has been discovered in the bedrock of the Java web ecosystem. Undertow, the high-performance...

Wide Open Firewall: Critical Foomuuri Flaws Let Local Users Take Control Foomuuri Vulnerability CVE-2025-67603 bypass WAF protections

Wide Open Firewall: Critical Foomuuri Flaws Let Local Users Take Control

Do Son January 9, 2026

The SUSE Security Team has released a detailed report exposing multiple vulnerabilities in Foomuuri, a popular nftables-based...

CISA KEV Alert: HPE’s Maximum CVSS Score Flaw and a Zombie PowerPoint Bug CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA KEV Alert: HPE’s Maximum CVSS Score Flaw and a Zombie PowerPoint Bug

Do Son January 8, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with two...

Public Exploit Released: Critical n8n Flaw CVE-2026-21858 Exposes 100k Servers n8n Vulnerability CVE-2026-21858

Public Exploit Released: Critical n8n Flaw CVE-2026-21858 Exposes 100k Servers

Do Son January 8, 2026

The “central nervous system” of automation for thousands of companies has a critical weakness. A new report...

“VM Isolation is Not Absolute”: Researchers Unmask Sophisticated ESXi “Maestro” Exploit GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

“VM Isolation is Not Absolute”: Researchers Unmask Sophisticated ESXi “Maestro” Exploit

Do Son January 8, 2026

In a new report, the Huntress Tactical Response Team details a sophisticated intrusion discovered in December 2025...

CVE-2025-67859: Critical Auth Bypass Discovered in Popular Linux Battery Utility TLP Vulnerability CVE-2025-67859 Linux Kernel 6.9 Linux Kernel, End-of-Life

TLP Vulnerability CVE-2025-67859 Linux Kernel 6.9 Linux Kernel, End-of-Life

CVE-2025-67859: Critical Auth Bypass Discovered in Popular Linux Battery Utility

Do Son January 8, 2026

A critical security flaw has been unearthed in TLP, the widely used power management utility for Linux...

GitLab Patch: High-Severity XSS & AI Flaws Expose User Data GitLab AI Gateway Vulnerability CVE-2026-1868 CVE-2025-0314 GitLab Security Update CVE-2025-9222

GitLab Patch: High-Severity XSS & AI Flaws Expose User Data

Do Son January 8, 2026

GitLab has issued a critical security release for its Community Edition (CE) and Enterprise Edition (EE) platforms,...

One Request to Rule Them All: Critical Trendnet Flaw (CVE-2025-15471) Allows Total Takeover Trendnet TEW-713RE Vulnerability CVE-2025-15471

One Request to Rule Them All: Critical Trendnet Flaw (CVE-2025-15471) Allows Total Takeover

Do Son January 8, 2026

A critical pre-authentication command injection vulnerability has been uncovered in the Trendnet TEW-713RE Wi-Fi extender, allowing remote...

CVE-2025-60262: Critical Misconfiguration in H3C Wireless Gear Hands Control to Hackers WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

CVE-2025-60262: Critical Misconfiguration in H3C Wireless Gear Hands Control to Hackers

Do Son January 8, 2026

A glaring configuration oversight in select H3C wireless controllers and access points has opened the door for...

Self-Hosters Beware: 3 Critical Coolify Flaws Grant Root Access Coolify Vulnerabilities CVE-2025-64419 CVE-2025-22612, CVE-2025-22611, and CVE-2025-22609

Coolify Vulnerabilities CVE-2025-64419 CVE-2025-22612, CVE-2025-22611, and CVE-2025-22609

Self-Hosters Beware: 3 Critical Coolify Flaws Grant Root Access

Do Son January 7, 2026

The self-hosting community is on high alert following the disclosure of three critical vulnerabilities in Coolify, the...

CVSS 10.0 Alert: Critical n8n Flaw CVE-2026-21877 Grants Total Control n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

CVSS 10.0 Alert: Critical n8n Flaw CVE-2026-21877 Grants Total Control

Do Son January 7, 2026

n8n, the “fair-code” workflow automation platform beloved by technical teams for blending low-code speed with coding flexibility,...

CVE-2025-65606: TOTOLINK EX200 Error Opens Root Telnet Door TOTOLINK EX200 Vulnerability CVE-2025-65606 TOTOLINK Auth Bypass, Unauthenticated Telnet

TOTOLINK EX200 Vulnerability CVE-2025-65606 TOTOLINK Auth Bypass, Unauthenticated Telnet

CVE-2025-65606: TOTOLINK EX200 Error Opens Root Telnet Door

Do Son January 7, 2026

A peculiar and dangerous vulnerability has been uncovered in the TOTOLINK EX200 Wi-Fi extender, one that turns...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

CVE-2026-0625: Critical Actively Exploited RCE Hits Unpatchable D-Link Routers

Do Son January 7, 2026

Security researchers warn that a critical remote code execution (RCE) vulnerability in legacy D-Link DSL routers is...

Veeam Patches Critical RCE Flaws in Latest Backup & Replication Release CVE-2024-29212 - CVE-2025-23082 Veeam Backup & Replication CVE-2025-59470

Veeam Patches Critical RCE Flaws in Latest Backup & Replication Release

Do Son January 7, 2026

Veeam has rolled out urgent security updates for its flagship Backup & Replication software, addressing a cluster...

Critical Alert