Vulnerability Report Archives • Page 45 of 87 • Daily CyberSecurity

CVE-2025-14026: Forcepoint DLP Flaw Lets Attackers Unchain Restricted Python

Altium Enterprise Server Vulnerability CVE-2026-9129 Path Traversal Patreon OAuth Vulnerability Identity Collision DRC INSIGHT Vulnerability Exam Data Hijacking Horner Automation PLC Industrial Brute Force Honeywell IQ4x Vulnerability CVE-2026-3611 DJI Romo vacuum security flaw Python Cryptography Vulnerability CVE-2026-26007 Open5GS Vulnerability CVE-2026-0622 Vivotek IP7137 Vulnerabilities CVE-2025-66049 Forcepoint DLP Vulnerability CVE-2025-14026 Cellopoint Secure Email Gateway - CVE-2024-9043

CVE-2025-14026: Forcepoint DLP Flaw Lets Attackers Unchain Restricted Python

Do Son January 7, 2026

A high-severity vulnerability in the Forcepoint One DLP Client has been disclosed, revealing a method for attackers...

Chrome Security Update Use After Free Chrome Security Update Critical Vulnerabilities Chrome Security Update CVE-2026-3062 Chrome Security Update V8 Engine Vulnerability Chrome Security Update CVE-2026-1862 CVE-2026-0628 Chrome 143 Update Chrome Safe Browsing UAF, CVE-2025-11756 Chrome Memory Flaws, CVE-2025-11460 Google Chrome, vulnerability CVE-2025-10200, CVE-2025-10201 Big Sleep CVE-2025-9478 Chrome Update, Security Vulnerabilities

Google Patches High-Severity “WebView” Flaw in Chrome 143

Do Son January 7, 2026

Google has announced an important security update for the Stable channel of its Chrome browser, rolling out...

Zero-Day Chronomaly Exploit Grants Root Access to Vulnerable Linux Kernels CVE-2025-38352 Chronomaly exploit, Linux kernel privilege escalation 2026

CVE-2025-38352 Chronomaly exploit, Linux kernel privilege escalation 2026

Zero-Day Chronomaly Exploit Grants Root Access to Vulnerable Linux Kernels

Do Son January 7, 2026

Cybersecurity researcher farazsth98 has presented new findings related to an exploited security issue in Linux kernel flaw...

CVE-2025-67732: Dify Patch Fixes High-Severity Plaintext API Key Exposure Dify API Key Exposure, LLM Security Dify Information Disclosure, LLM Security

Dify API Key Exposure, LLM Security Dify Information Disclosure, LLM Security

CVE-2025-67732: Dify Patch Fixes High-Severity Plaintext API Key Exposure

Do Son January 7, 2026

Dify, the popular open-source platform used by developers to build Large Language Model (LLM) applications and RAG...

n8n Sandbox Escape: How CVE-2025-68668 Turns Workflows into Weapons n8n Vulnerability CVE-2025-68668

n8n Sandbox Escape: How CVE-2025-68668 Turns Workflows into Weapons

Do Son January 6, 2026

A critical vulnerability in the popular workflow automation platform n8n has been dissected in a new analysis...

CVE-2025-68428: Critical Flaw in jsPDF Library Allows Server-Side File Theft

Do Son January 6, 2026

A critical vulnerability has been discovered in jsPDF, one of the most popular JavaScript libraries for generating...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Aiohttp Patches Seven Vulnerabilities Including High-Severity DoS Risks

Do Son January 6, 2026

Maintainers of aiohttp, the popular asynchronous HTTP client/server framework for Python, have released a sweeping security update...

Apache SIS Patch Blocks XML Attack That Leaks Server Files Apache SIS, CVE-2025-68280

Apache SIS Patch Blocks XML Attack That Leaks Server Files

Do Son January 6, 2026

The Apache Software Foundation has issued a security advisory for the Apache Spatial Information System (SIS), a...

CVE-2025-66518: High-Severity Flaw in Apache Kyuubi Exposes Local Server Files Apache Kyuubi, CVE-2025-66518

CVE-2025-66518: High-Severity Flaw in Apache Kyuubi Exposes Local Server Files

Do Son January 6, 2026

Apache Kyuubi, the distributed gateway designed to provide secure, serverless SQL access to massive data lakes, has...

Attacking from Within: How Adobe ColdFusion Admins Can Weaponize Remote Shares ColdFusion Archive (CAR), UNC Path Exploitation

Attacking from Within: How Adobe ColdFusion Admins Can Weaponize Remote Shares

Do Son January 6, 2026

Adobe has issued critical updates for its ColdFusion platform after security researcher Brian Reilly uncovered a clever...

MediaTek Kicks Off 2026 with Major Security Overhaul for Mobile Chipsets MediaTek Modem Vulnerabilities, January 2026 Security Bulletin MediaTek Vulnerabilities, Chipset Security CVE-2024-20103 & CVE-2024-20100 - CVE-2024-20154 - February 2025 Product Security Bulletin

MediaTek Kicks Off 2026 with Major Security Overhaul for Mobile Chipsets

Do Son January 6, 2026

MediaTek has kicked off the new year with a critical security bulletin, releasing patches for a slew...

New TCC Bypass (CVE-2025-43530) Exposes macOS to Unchecked Automation macOS TCC Bypass, CVE-2025-43530

New TCC Bypass (CVE-2025-43530) Exposes macOS to Unchecked Automation

Do Son January 6, 2026

Apple’s privacy fortress, the Transparency, Consent, and Control (TCC) framework, has been breached once again. Security researcher...

CVE-2026-21440: New AdonisJS 9.2 Critical Flaw Allows Arbitrary File Writes and RCE AdonisJS RCE, CVE-2026-21440

CVE-2026-21440: New AdonisJS 9.2 Critical Flaw Allows Arbitrary File Writes and RCE

Do Son January 5, 2026

A critical security vulnerability has been discovered in AdonisJS, a popular full-stack Node.js web framework known for...

“Sliver” in the Stack: Exposed Logs Reveal Targeted FortiWeb Exploitation Campaign Sliver C2, React2Shell (CVE-2025-55182)

“Sliver” in the Stack: Exposed Logs Reveal Targeted FortiWeb Exploitation Campaign

Do Son January 5, 2026

A sophisticated threat actor has been caught leveraging exposed logs and databases to orchestrate a targeted campaign...

CVE-2025-66848: Critical Flaw in JD Cloud Routers Grants Hackers Root Access

Do Son January 5, 2026

A security vulnerability has been uncovered in a popular line of NAS routers from JD Cloud, potentially...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

Eaton UPS Software Flaws Expose Systems to High-Risk Code Execution

Do Son January 5, 2026

Power management giant Eaton dropped a critical security advisory on Christmas Eve, warning users of its UPS...

QNAP Patches High-Severity SQL Injection and Path Traversal Flaws QNAP Security Patches, NAS Vulnerabilities ASP.NET, QNAP CVE-2023-39296 PoC - CVE-2024-50394

QNAP Security Patches, NAS Vulnerabilities ASP.NET, QNAP CVE-2023-39296 PoC - CVE-2024-50394

QNAP Patches High-Severity SQL Injection and Path Traversal Flaws

Do Son January 5, 2026

Network-attached storage giant QNAP has issued a sweeping set of security advisories, patching critical vulnerabilities that could...

Critical Wget2 Flaws Expose Users to Arbitrary File Overwrites and Memory Crashes GNU Wget2, Path Traversal

Critical Wget2 Flaws Expose Users to Arbitrary File Overwrites and Memory Crashes

Do Son January 2, 2026

GNU Wget2, the modern successor to the ubiquitous command-line download tool, has been hit with a double...

CVE-2025-68926: Critical Hardcoded Credential Flaw Exposes RustFS Storage Clusters RustFS, Hardcoded Token (CVE-2025-68926)

CVE-2025-68926: Critical Hardcoded Credential Flaw Exposes RustFS Storage Clusters

Do Son January 2, 2026

RustFS, a distributed object storage system celebrated for leveraging the memory safety and performance of the Rust...

Apache NuttX RTOS Patches Two Filesystem Flaws Apache NuttX, CVE-2025-48769

Apache NuttX RTOS Patches Two Filesystem Flaws

Do Son January 1, 2026

The Apache Software Foundation has released updates for Apache NuttX, a real-time operating system (RTOS) widely used...

Critical Alert