Vulnerability Report Archives • Page 62 of 86 • Daily CyberSecurity

Critical Flaw CVE-2025-52906 (CVSS 9.3) Allows Unauthenticated RCE on TOTOLINK X6000R Routers CVE-2024-1468 TOTOLINK RCE, Router Vulnerability

Critical Flaw CVE-2025-52906 (CVSS 9.3) Allows Unauthenticated RCE on TOTOLINK X6000R Routers

Do Son October 2, 2025

Researchers from Unit 42, Palo Alto Networks’ threat intelligence team, have disclosed three newly discovered vulnerabilities in...

Splunk Fixes Six Flaws, Including Unauthenticated SSRF and XSS Vulnerabilities in Enterprise Platform Splunk Enterprise Vulnerabilities CVE-2026-20240 Splunk RCE CVE-2026-20204 Splunk RCE Vulnerability CVE-2026-20163 Splunk Enterprise Vulnerabilities CVE-2026-20140 Splunk Permission Flaw, Local Privilege Escalation Splunk Vulnerabilities CVE-2024-53247 - Splunk Secure Gateway App CVE-2025-20229 & CVE-2025-20231

Splunk Fixes Six Flaws, Including Unauthenticated SSRF and XSS Vulnerabilities in Enterprise Platform

Do Son October 2, 2025

Splunk has released a series of security advisories addressing six vulnerabilities in Splunk Enterprise and Splunk Cloud...

Django Security Alert: High-Severity SQL Injection Flaw (CVE-2025-59681) Fixed in Latest Updates Django vulnerability - CVE-2024-42005 Django SQL Injection, CVE-2025-59681

Django vulnerability - CVE-2024-42005 Django SQL Injection, CVE-2025-59681

Django Security Alert: High-Severity SQL Injection Flaw (CVE-2025-59681) Fixed in Latest Updates

Do Son October 2, 2025

The Django team has issued new security releases for the popular Python web framework, addressing two vulnerabilities...

DoS Flaws in Argo CD: Unauthenticated Attackers Can Crash Kubernetes Server with Single Request Argo CD Secret Leak CVE-2026-42880 CVE-2024-28175 Argo CD DoS, Webhook Flaws

Argo CD Secret Leak CVE-2026-42880 CVE-2024-28175 Argo CD DoS, Webhook Flaws

DoS Flaws in Argo CD: Unauthenticated Attackers Can Crash Kubernetes Server with Single Request

Do Son October 2, 2025

The Argo CD project has released patches addressing several denial-of-service (DoS) vulnerabilities that could allow attackers to...

CISA Warns of Critical RCE Flaw (CVE-2025-10659, CVSS 9.8) in Megasys Telenium Online Web Application WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

CISA Warns of Critical RCE Flaw (CVE-2025-10659, CVSS 9.8) in Megasys Telenium Online Web Application

Do Son October 2, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning of a critical...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

CVE-2025-10725 (CVSS 9.9): Red Hat OpenShift AI Privilege Escalation Flaw Could Lead to Full Cluster Compromise

Do Son October 1, 2025

The Red Hat Security team has disclosed a serious vulnerability in Red Hat OpenShift AI, a platform...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Patches Multi Flaws in Delegated License Service, Allows Unauthenticated Access and DoS

Do Son October 1, 2025

NVIDIA has issued a security bulletin addressing multiple vulnerabilities across the NVIDIA App for Windows and the...

Apache Kylin Flaw: Authentication Bypass and SSRF Vulnerabilities Found in Big Data Platform CVE-2022-43396 Apache Kylin, Authentication Bypass

CVE-2022-43396 Apache Kylin, Authentication Bypass

Apache Kylin Flaw: Authentication Bypass and SSRF Vulnerabilities Found in Big Data Platform

Do Son October 1, 2025

The Apache Software Foundation has published a new security advisory disclosing three vulnerabilities in Apache Kylin, a...

CVE-2025-7493: Critical Flaw in FreeIPA Allows Host Users to Escalate to Domain Administrator

Do Son October 1, 2025

The FreeIPA Team has released a security advisory addressing a critical privilege escalation vulnerability (CVE-2025-7493) that could...

OpenSSL Patches Three Flaws: Timing Side-Channel RCE Risk and Memory Corruption Affect All Versions OpenSSL Vulnerability RSA Memory Leak OpenSSL Vulnerability CVE-2025-15467 CVE-2022-2274 OpenSSL Vulnerabilities, Timing Side-Channel

OpenSSL Vulnerability RSA Memory Leak OpenSSL Vulnerability CVE-2025-15467 CVE-2022-2274 OpenSSL Vulnerabilities, Timing Side-Channel

OpenSSL Patches Three Flaws: Timing Side-Channel RCE Risk and Memory Corruption Affect All Versions

Do Son October 1, 2025

The OpenSSL Project has released a new security advisory addressing three vulnerabilities affecting multiple versions of the...

CVE-2025-30247: Critical Command Injection Flaw in Western Digital My Cloud NAS Devices AI Storage Shortage QLC SSD Demand CVE-2022-29841 WD My Cloud, RCE Vulnerability

AI Storage Shortage QLC SSD Demand CVE-2022-29841 WD My Cloud, RCE Vulnerability

CVE-2025-30247: Critical Command Injection Flaw in Western Digital My Cloud NAS Devices

Do Son September 30, 2025

Western Digital (WD) has patched a critical vulnerability in its My Cloud NAS platforms that could allow...

Broadcom Fixes Multiple VMware vCenter and NSX Vulnerabilities VMware Telco Cloud Platform 9 Tesco, Broadcom, VMware Walmart Broadcom Jericho4, Distributed AI Infrastructure Broadcom VMware, Perpetual Licenses AI Data Centers, Network Switch Unix automation security, Broadcom vulnerability

Broadcom Fixes Multiple VMware vCenter and NSX Vulnerabilities

Do Son September 30, 2025

Broadcom has released patches for three vulnerabilities affecting VMware vCenter Server and VMware NSX, with severities rated...

Critical RCE Flaw in Apache Fory’s Python Module (CVE-2025-61622) Apache Fory, RCE vulnerability

Critical RCE Flaw in Apache Fory’s Python Module (CVE-2025-61622)

Do Son September 30, 2025

The Apache Fory project, a high-performance multi-language serialization framework, has disclosed a critical vulnerability (CVE-2025-61622) that could...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2025-58384 (CVSS 10): Critical RCE Flaw Found in Watchdoc Print Management Software

Do Son September 30, 2025

Doxense has issued an urgent security advisory addressing a critical remote code execution (RCE) vulnerability in its...

Broadcom Patches VMware Flaws: Privilege Escalation and Info Disclosure Vulnerabilities Affect VMware Tools and Aria Operations VMware Fusion Privilege Escalation CVE-2026-41702 TOCTOU VMware Vulnerabilities, Broadcom Security CVE-2024-38814 - VMware HCX CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226

VMware Fusion Privilege Escalation CVE-2026-41702 TOCTOU VMware Vulnerabilities, Broadcom Security CVE-2024-38814 - VMware HCX CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226

Broadcom Patches VMware Flaws: Privilege Escalation and Info Disclosure Vulnerabilities Affect VMware Tools and Aria Operations

Do Son September 30, 2025

Broadcom has released patches addressing three vulnerabilities in VMware Aria Operations and VMware Tools, with severities ranging...

SUSE Rancher Security Team Patches Three Vulnerabilities in Rancher Manager Rancher security flaws cluster privilege escalation Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

Rancher security flaws cluster privilege escalation Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

SUSE Rancher Security Team Patches Three Vulnerabilities in Rancher Manager

Do Son September 29, 2025

The SUSE Rancher Security Team has issued fixes for three vulnerabilities affecting Rancher Manager, with severities ranging...

CVE-2025-59934: Critical Flaw in Formbricks Allows Unauthorized Password Resets via Forged JWT Tokens Formbricks Auth Bypass, CVE-2025-59934

CVE-2025-59934: Critical Flaw in Formbricks Allows Unauthorized Password Resets via Forged JWT Tokens

Do Son September 27, 2025

The Formbricks project, an open-source platform for building in-app and website surveys, has released an urgent patch...

Rack Security Update: High-Severity Flaw Bypasses Parameter Limit, Exposing Apps to DoS Attacks Rack DoS Bypass, CVE-2025-59830

Rack Security Update: High-Severity Flaw Bypasses Parameter Limit, Exposing Apps to DoS Attacks

Do Son September 26, 2025

The Rack project, a key Ruby library providing a minimal and modular interface for web application development,...

CRITICAL Cisco Zero-Day (CVE-2025-20333, CVSS 9.9) Under Active Attack: VPN Flaw Allows Root RCE Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

CRITICAL Cisco Zero-Day (CVE-2025-20333, CVSS 9.9) Under Active Attack: VPN Flaw Allows Root RCE

Do Son September 26, 2025

Cisco has disclosed a zero-day vulnerability affecting its Secure Firewall Adaptive Security Appliance (ASA) Software and Secure...

Cisco Warns of Critical RCE Flaw (CVE-2025-20363) Affecting Firewall and Router Software Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Cisco Warns of Critical RCE Flaw (CVE-2025-20363) Affecting Firewall and Router Software

Do Son September 26, 2025

Cisco has disclosed a critical vulnerability affecting multiple product lines, including Secure Firewall ASA, Secure Firewall Threat...

Critical Alert