Critical Alert

CVE-2026-50751 - Critical Check Point VPN Exploit Discovered Active in the Wild. View Threat Details →
Powered by CVE WATCHTOWER
×
June 11, 2026

Vulnerability Report

Log4j’s Security Blind Spot: New TLS Flaw Lets Attackers Intercept Sensitive Logs Despite Encryption CVE-2022-23307 Log4j TLS Bypass, Socket Appender Vulnerability

Log4j’s Security Blind Spot: New TLS Flaw Lets Attackers Intercept Sensitive Logs Despite Encryption

Do Son December 19, 2025 0
The Apache Software Foundation has released a security update for its widely used Log4j logging library, addressing...
Read More Read more about Log4j’s Security Blind Spot: New TLS Flaw Lets Attackers Intercept Sensitive Logs Despite Encryption
WatchGuard Under Siege: Critical CVSS 9.3 Zero-Day Exploited in the Wild to Hijack Corporate Firewalls Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

WatchGuard Under Siege: Critical CVSS 9.3 Zero-Day Exploited in the Wild to Hijack Corporate Firewalls

Do Son December 19, 2025 0
A critical zero-day vulnerability has shattered the security perimeter of WatchGuard Firebox appliances, forcing network administrators into...
Read More Read more about WatchGuard Under Siege: Critical CVSS 9.3 Zero-Day Exploited in the Wild to Hijack Corporate Firewalls
FreeBSD Network Alert: Malicious IPv6 Packets Can Trigger Remote Code Execution via resolvconf (CVE-2025-14558) CVE-2024-41721 - FreeBSD FreeBSD RCE, IPv6 Router Advertisement

FreeBSD Network Alert: Malicious IPv6 Packets Can Trigger Remote Code Execution via resolvconf (CVE-2025-14558)

Do Son December 19, 2025 0
A high-severity vulnerability has been uncovered in the FreeBSD networking stack, allowing attackers to execute arbitrary code...
Read More Read more about FreeBSD Network Alert: Malicious IPv6 Packets Can Trigger Remote Code Execution via resolvconf (CVE-2025-14558)
CVE-2025-37164 (CVSS 10.0): Unauthenticated HPE OneView RCE Grants Total Control Over Data Centers shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2025-37164 (CVSS 10.0): Unauthenticated HPE OneView RCE Grants Total Control Over Data Centers

Do Son December 18, 2025 0
Hewlett Packard Enterprise (HPE) has sounded the alarm on a catastrophic security vulnerability in its flagship infrastructure...
Read More Read more about CVE-2025-37164 (CVSS 10.0): Unauthenticated HPE OneView RCE Grants Total Control Over Data Centers