Vulnerability Report Archives • Page 65 of 86 • Daily CyberSecurity

VMScape (CVE-2025-40300): A New CPU Flaw Threatens Cloud Security VMScape, CPU vulnerability CVE-2025-40300

VMScape (CVE-2025-40300): A New CPU Flaw Threatens Cloud Security

Do Son September 15, 2025

Security researchers at ETH Zurich have published a study revealing how attackers can break through virtualization boundaries...

CUPS Flaws Allow Linux Remote DoS (CVE-2025-58364) and Authentication Bypass (CVE-2025-58060) CUPS vulnerability, Linux printing

CUPS Flaws Allow Linux Remote DoS (CVE-2025-58364) and Authentication Bypass (CVE-2025-58060)

Do Son September 15, 2025

OpenPrinting has released patches addressing two significant security flaws in the Common Unix Printing System (CUPS), a...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2025-10127 (CVSS 9.8): Critical Daikin Flaw Could Give Hackers Full System Access

Do Son September 12, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory about a critical flaw in...

CVE-2025-58754: Axios Vulnerability Puts Node.js Processes at Risk of DoS Attacks Axios proxy vulnerabilities prototype pollution gadget Axios Vulnerability Cloud Hijacking Axios npm supply chain attack Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

Axios proxy vulnerabilities prototype pollution gadget Axios Vulnerability Cloud Hijacking Axios npm supply chain attack Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

CVE-2025-58754: Axios Vulnerability Puts Node.js Processes at Risk of DoS Attacks

Do Son September 12, 2025

The Axios project has released a security advisory for a newly discovered vulnerability affecting its popular promise-based...

CISA Urges Immediate Patching: Critical Dassault Systèmes Flaw (CVE-2025-5086) Actively Exploited Known Exploited Vulnerabilities CISA KEV

CISA Urges Immediate Patching: Critical Dassault Systèmes Flaw (CVE-2025-5086) Actively Exploited

Do Son September 12, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw in Dassault Systèmes DELMIA Apriso...

PyInstaller Flaw : Are Your Python Apps Vulnerable to Hijacking? PyInstaller, security CVE-2025-59042

PyInstaller Flaw : Are Your Python Apps Vulnerable to Hijacking?

Do Son September 12, 2025

The PyInstaller project has released fixes for a local privilege escalation vulnerability that affected applications packaged with...

Angular SSR Flaw (CVE-2025-59052) Exposes User Data: What Developers Need to Know Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular SSR Flaw (CVE-2025-59052) Exposes User Data: What Developers Need to Know

Do Son September 11, 2025

The Angular team has issued a security advisory addressing a high-severity flaw in server-side rendering (SSR) that...

High-Severity Flaws in Sunshine for Windows Allow Privilege Escalation Sunshine for Windows, vulnerability

High-Severity Flaws in Sunshine for Windows Allow Privilege Escalation

Do Son September 11, 2025

The CERT Coordination Center (CERT/CC) has issued a vulnerability note warning of two critical local security flaws...

CVE-2025-8696: DoS Flaw in Stork UI Allows Unauthenticated Attackers to Crash Servers CVE-2025-8696 Stork UI

CVE-2025-8696: DoS Flaw in Stork UI Allows Unauthenticated Attackers to Crash Servers

Do Son September 11, 2025

The Internet Systems Consortium (ISC) has issued a security advisory addressing a high-severity flaw in Stork UI,...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

ACSC Warns of Active Exploitation of SonicWall SSL VPN Vulnerability (CVE-2024-40766)

Do Son September 11, 2025

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an alert on the active...

CVE-2025-58063: CoreDNS Vulnerability Could Disrupt DNS Updates CoreDNS Security Encrypted DNS Vulnerabilities CoreDNS vulnerability, DNS cache poisoning

CoreDNS Security Encrypted DNS Vulnerabilities CoreDNS vulnerability, DNS cache poisoning

CVE-2025-58063: CoreDNS Vulnerability Could Disrupt DNS Updates

Do Son September 11, 2025

The CoreDNS project has disclosed a vulnerability in its etcd plugin, tracked as CVE-2025-58063 (CVSS 7.1), which...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Patches High-Severity Vulnerabilities in NVDebug Tool

Do Son September 11, 2025

NVIDIA has released a software update for its NVDebug tool, addressing three high-severity vulnerabilities (CVE-2025-23342, CVE-2025-23343, and...

GitLab Urges Immediate Update for Two High-Severity Flaws GitLab Security Update Account Impersonation GitLab Security Update CVE-2026-1090 GitLab vulnerability GitLab vulnerability, GitLab patches

GitLab Security Update Account Impersonation GitLab Security Update CVE-2026-1090 GitLab vulnerability GitLab vulnerability, GitLab patches

GitLab Urges Immediate Update for Two High-Severity Flaws

Do Son September 10, 2025

GitLab has released new versions of its Community and Enterprise Editions to address several security vulnerabilities, including...

Sophos Fixes Critical Authentication Bypass (CVE-2025-10159) in AP6 Series Wireless Access Points Sophos vulnerability CVE-2025-10159

Sophos Fixes Critical Authentication Bypass (CVE-2025-10159) in AP6 Series Wireless Access Points

Do Son September 10, 2025

Sophos has released a fix for a critical authentication bypass vulnerability (CVE-2025-10159) affecting its AP6 Series Wireless...

Patch Tuesday: Microsoft Fixes 86 Flaws, Including 9 Critical and 2 Zero-Days (CVE-2025-55234 & CVE-2024-21907) Microsoft Patch Tuesday fixes disclosed zero day vulnerabilities Windows Wormable Exploit April 2026 Patch Tuesday Microsoft Patch Tuesday Zero-Day Vulnerabilities Microsoft, Patch Tuesday CVE-2025-55234 CVE-2024-43573 and CVE-2024-43572 Microsoft Patch Tuesday Security Vulnerabilities

Microsoft Patch Tuesday fixes disclosed zero day vulnerabilities Windows Wormable Exploit April 2026 Patch Tuesday Microsoft Patch Tuesday Zero-Day Vulnerabilities Microsoft, Patch Tuesday CVE-2025-55234 CVE-2024-43573 and CVE-2024-43572 Microsoft Patch Tuesday Security Vulnerabilities

Patch Tuesday: Microsoft Fixes 86 Flaws, Including 9 Critical and 2 Zero-Days (CVE-2025-55234 & CVE-2024-21907)

Do Son September 10, 2025

Microsoft’s September 2025 Patch Tuesday addresses 86 vulnerabilities across its product ecosystem, including two zero-days and nine...

Chrome Security Update Use After Free Chrome Security Update Critical Vulnerabilities Chrome Security Update CVE-2026-3062 Chrome Security Update V8 Engine Vulnerability Chrome Security Update CVE-2026-1862 CVE-2026-0628 Chrome 143 Update Chrome Safe Browsing UAF, CVE-2025-11756 Chrome Memory Flaws, CVE-2025-11460 Google Chrome, vulnerability CVE-2025-10200, CVE-2025-10201 Big Sleep CVE-2025-9478 Chrome Update, Security Vulnerabilities

Chrome 140 Released, Patches Critical (CVE-2025-10200) and High-Severity (CVE-2025-10201) Vulnerabilities

Do Son September 10, 2025

Google has released a new update to the Stable channel of Chrome for Windows, Mac, and Linux,...

CVE-2025-40804: Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication Siemens SIVaaS CVE-2025-40804 CVE-2022-43400 & CVE-2024-41798 Siemens SINEC NMS, Critical Vulnerabilities

Siemens SIVaaS CVE-2025-40804 CVE-2022-43400 & CVE-2024-41798 Siemens SINEC NMS, Critical Vulnerabilities

CVE-2025-40804: Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication

Do Son September 10, 2025

Siemens has disclosed a critical security vulnerability (CVE-2025-40804) in its SIMATIC Virtualization as a Service (SIVaaS) platform....

Critical Flaws in Hiawatha Web Server Could Allow Authentication Bypass and RCE Hiawatha vulnerability

Critical Flaws in Hiawatha Web Server Could Allow Authentication Bypass and RCE

Do Son September 10, 2025

The CERT Coordination Center (CERT/CC) has issued a vulnerability note highlighting three serious flaws in the Hiawatha...

CVE-2025-40795 (CVSS 9.8): Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication Siemens SIMATIC Vulnerability CVE-2025-40943 CVE-2024-47901 - Siemens InterMesh system CVE-2025-40804 Siemens SIVaaS

Siemens SIMATIC Vulnerability CVE-2025-40943 CVE-2024-47901 - Siemens InterMesh system CVE-2025-40804 Siemens SIVaaS

CVE-2025-40795 (CVSS 9.8): Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication

Do Son September 9, 2025

Siemens has disclosed multiple vulnerabilities in its User Management Component (UMC), which is used in products like...

Ivanti Patches Two High-Severity RCE Flaws in Endpoint Manager Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti Patches Two High-Severity RCE Flaws in Endpoint Manager

Do Son September 9, 2025

Ivanti has released important security updates for Ivanti Endpoint Manager (EPM), addressing two high-severity vulnerabilities that could...

Critical Alert