Critical Alert

CVE-2026-50751 - Critical Check Point VPN Exploit Discovered Active in the Wild. View Threat Details →
Powered by CVE WATCHTOWER
×
June 10, 2026

Vulnerability Report

ISC Patches Multiple High-Severity BIND Vulnerabilities Enabling Cache Poisoning and Denial of Service Attacks BIND 9 Vulnerability CVE-2025-13878 BIND Cache Poisoning, DNS RCE BIND Vulnerabilities, DNS Security BIND 9 vulnerabilities BIND vulnerability, DNS server crash

ISC Patches Multiple High-Severity BIND Vulnerabilities Enabling Cache Poisoning and Denial of Service Attacks

Do Son October 23, 2025 0
The Internet Systems Consortium (ISC) has issued patches for three high-severity vulnerabilities impacting the BIND 9 DNS...
Read More Read more about ISC Patches Multiple High-Severity BIND Vulnerabilities Enabling Cache Poisoning and Denial of Service Attacks
Critical WSUS Flaw (CVE-2025-59287, CVSS 9.8) Allows Unauthenticated RCE via Unsafe Cookie Deserialization, PoC Available WSUS Deserialization RCE, CVE-2025-59287

Critical WSUS Flaw (CVE-2025-59287, CVSS 9.8) Allows Unauthenticated RCE via Unsafe Cookie Deserialization, PoC Available

Do Son October 23, 2025 0
Security researcher Batuhan Er from HawkTrace has detailed a critical remote code execution (RCE) vulnerability in Microsoft...
Read More Read more about Critical WSUS Flaw (CVE-2025-59287, CVSS 9.8) Allows Unauthenticated RCE via Unsafe Cookie Deserialization, PoC Available
Critical NeuVector RCE Flaw (CVE-2025-54469, CVSS 10.0) Allows Command Injection via Unsanitized Environment Variables NeuVector Critical RCE, Command Injection

Critical NeuVector RCE Flaw (CVE-2025-54469, CVSS 10.0) Allows Command Injection via Unsanitized Environment Variables

Do Son October 23, 2025 0
The SUSE Rancher Security team has issued a critical advisory addressing a command injection and buffer overflow...
Read More Read more about Critical NeuVector RCE Flaw (CVE-2025-54469, CVSS 10.0) Allows Command Injection via Unsanitized Environment Variables
CISA Warns: Critical Raisecom Router Flaw (CVE-2025-11534, CVSS 9.8) Allows Unauthenticated Root SSH Access Raisecom Critical Auth Bypass, EoL Router

CISA Warns: Critical Raisecom Router Flaw (CVE-2025-11534, CVSS 9.8) Allows Unauthenticated Root SSH Access

Do Son October 23, 2025 0
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding a critical authentication bypass vulnerability...
Read More Read more about CISA Warns: Critical Raisecom Router Flaw (CVE-2025-11534, CVSS 9.8) Allows Unauthenticated Root SSH Access
Two Critical Oracle Marketing Flaws (CVE-2025-53072, CVE-2025-62481) β€” Patch Immediately or Risk Full Takeover IRGC Oracle Cloud Dubai strike Oracle global layoffs 2026 Oracle Fusion Middleware Vulnerability CVE-2026-21992 Oracle Edge Cloud Vulnerability CVE-2026-21994 Oracle Critical RCE, EBS Marketing Flaws CVE-2024-21182 PoC Exploit Oracle EBS Auth Bypass, CVE-2025-61884

Two Critical Oracle Marketing Flaws (CVE-2025-53072, CVE-2025-62481) β€” Patch Immediately or Risk Full Takeover

Do Son October 22, 2025 0
Oracle has released its October 2025 Critical Patch Update (CPU), fixing a massive 374 security vulnerabilities and...
Read More Read more about Two Critical Oracle Marketing Flaws (CVE-2025-53072, CVE-2025-62481) β€” Patch Immediately or Risk Full Takeover
Critical Sauter AG Flaw (CVE-2025-41723, CVSS 9.8) Allows Unauthenticated File Upload via SOAP Interface Sauter Critical Directory Traversal, Hard-Coded Certificate

Critical Sauter AG Flaw (CVE-2025-41723, CVSS 9.8) Allows Unauthenticated File Upload via SOAP Interface

Do Son October 22, 2025 0
Swiss building automation manufacturer Sauter AG has disclosed six vulnerabilities in the embedded firmware of its modulo...
Read More Read more about Critical Sauter AG Flaw (CVE-2025-41723, CVSS 9.8) Allows Unauthenticated File Upload via SOAP Interface
Critical ABB Flaw (CVE-2025-9574, CVSS 9.9) Exposes EoL Load Controllers to Unauthenticated Admin Access ABB Missing Authentication, EoL ICS

Critical ABB Flaw (CVE-2025-9574, CVSS 9.9) Exposes EoL Load Controllers to Unauthenticated Admin Access

Do Son October 22, 2025 0
Industrial automation giant ABB has disclosed a critical missing authentication vulnerability (CVE-2025-9574) affecting its ALS-mini-S4/S8 IP intelligent...
Read More Read more about Critical ABB Flaw (CVE-2025-9574, CVSS 9.9) Exposes EoL Load Controllers to Unauthenticated Admin Access
WSO2 Fixes Two Critical Access Control Vulnerabilities (CVE-2025-9804, CVE-2025-10611) Affecting API Manager and Identity Server WSO2 Access Control, Critical API Flaws

WSO2 Fixes Two Critical Access Control Vulnerabilities (CVE-2025-9804, CVE-2025-10611) Affecting API Manager and Identity Server

Do Son October 22, 2025 0
The WSO2 project has released urgent security advisories addressing two critical access control vulnerabilitiesβ€”CVE-2025-9804 and CVE-2025-10611β€”that affect...
Read More Read more about WSO2 Fixes Two Critical Access Control Vulnerabilities (CVE-2025-9804, CVE-2025-10611) Affecting API Manager and Identity Server
Urgent Patch: Critical Lanscope Endpoint Manager RCE (CVE-2025-61932, CVSS 9.8) Under Active Exploitation Lanscope RCE, CVE-2025-61932

Urgent Patch: Critical Lanscope Endpoint Manager RCE (CVE-2025-61932, CVSS 9.8) Under Active Exploitation

Do Son October 21, 2025 0
JPCERT/CC and the developer MOTEX Inc. have issued an urgent advisory for a critical remote code execution...
Read More Read more about Urgent Patch: Critical Lanscope Endpoint Manager RCE (CVE-2025-61932, CVSS 9.8) Under Active Exploitation
Critical TP-Link Omada Gateway Flaw (CVE-2025-6542, CVSS 9.3) Allows Unauthenticated Remote Command Execution Archer MR600 command injection WireGuard client configuration Tapo smart device vulnerability unencrypted Bluetooth transmission TP-Link router vulnerability CVE-2026-5509 patch Archer AX53 Vulnerability TP-Link Router Security Tapo C520WS Vulnerability TP-Link Security Patch TP-Link Archer NX Router Vulnerability TP-Link Archer Vulnerability CVE-2025-15568 TP-Link Archer BE230 Vulnerability Command Injection TP-Link Omada Vulnerability CVE-2025-9520 TP-Link Archer MR600 Vulnerability CVE-2025-14756 CVE-2026-0629 TP-Link Omada RCE, CVE-2025-6542 TP-Link, Smart plug vulnerability TP-Link Archer C50, Hardcoded DES Key TP-Link NVR, Command Injection TP-Link Routers cybersecurity

Critical TP-Link Omada Gateway Flaw (CVE-2025-6542, CVSS 9.3) Allows Unauthenticated Remote Command Execution

Do Son October 21, 2025 0
TP-Link Systems has released a new firmware update addressing four high- and critical-severity vulnerabilities in its popular...
Read More Read more about Critical TP-Link Omada Gateway Flaw (CVE-2025-6542, CVSS 9.3) Allows Unauthenticated Remote Command Execution
Critical Squid Proxy Flaw (CVE-2025-62168, CVSS 10.0) Leaks HTTP Credentials and Security Tokens via Error Handling Squid Credentials Leak, HTTP Authentication Redaction CVE-2024-25111

Critical Squid Proxy Flaw (CVE-2025-62168, CVSS 10.0) Leaks HTTP Credentials and Security Tokens via Error Handling

Do Son October 20, 2025 0
The developers of Squid, the widely used open-source caching proxy for web traffic acceleration, have disclosed and...
Read More Read more about Critical Squid Proxy Flaw (CVE-2025-62168, CVSS 10.0) Leaks HTTP Credentials and Security Tokens via Error Handling
Critical Moxa Flaw (CVE-2025-6950, CVSS 9.9) Allows Unauthenticated Admin Takeover via Hard-Coded JWT Secret Moxa Hard-Coded Credentials, Critical JWT Bypass CVE-2024-9137 and CVE-2024-9139 - CVE-2024-12297 CVE-2024-7695 CVE-2024-9404 CVE-2024-12297 CVE-2025-0415

Critical Moxa Flaw (CVE-2025-6950, CVSS 9.9) Allows Unauthenticated Admin Takeover via Hard-Coded JWT Secret

Do Son October 20, 2025 0
Moxa, a leading manufacturer of industrial networking and security appliances, has released an urgent security advisory addressing...
Read More Read more about Critical Moxa Flaw (CVE-2025-6950, CVSS 9.9) Allows Unauthenticated Admin Takeover via Hard-Coded JWT Secret