Vulnerability Report Archives • Page 70 of 86 • Daily CyberSecurity

CVE-2025-54336 (CVSS 9.8): Critical Flaw in Plesk Obsidian Exposes Servers to Full Compromise CVE-2025-54336 Plesk Vulnerability

CVE-2025-54336 (CVSS 9.8): Critical Flaw in Plesk Obsidian Exposes Servers to Full Compromise

Do Son August 20, 2025

A newly disclosed security vulnerability in Plesk Obsidian, a widely used web hosting control panel, has been...

CERT/CC Warns of Critical Flaws in Workhorse Municipal Accounting Software Municipal software, Vulnerability

CERT/CC Warns of Critical Flaws in Workhorse Municipal Accounting Software

Do Son August 20, 2025

The CERT Coordination Center (CERT/CC) has issued a vulnerability note warning of serious security flaws in Workhorse...

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Google Chrome Issues High-Severity Fix for V8 Engine Vulnerability (CVE-2025-9132)

Do Son August 20, 2025

Google has released a Stable Channel Update for its Chrome browser, addressing a critical security issue in...

Researcher Details CVE-2025-29824 – A Windows CLFS 0-Day Exploited by Ransomware Gang Windows vulnerability, Ransomware

Researcher Details CVE-2025-29824 – A Windows CLFS 0-Day Exploited by Ransomware Gang

Do Son August 20, 2025

In April, Microsoft has patched a high-severity, zero-day vulnerability (CVE-2025-29824) in the Windows Common Log File System...

CVE-2025-55205: Critical Flaw in Capsule Kubernetes Exposes Clusters to Cross-Tenant Attacks Kubernetes security, multi-tenancy vulnerability CVE-2025-55205

Kubernetes security, multi-tenancy vulnerability CVE-2025-55205

CVE-2025-55205: Critical Flaw in Capsule Kubernetes Exposes Clusters to Cross-Tenant Attacks

Do Son August 19, 2025

A newly disclosed vulnerability in the Capsule Kubernetes multi-tenancy framework exposes organizations to privilege escalation and cross-tenant...

CISA Flags Actively Exploited Trend Micro Apex One Vulnerability (CVE-2025-54948) n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA Flags Actively Exploited Trend Micro Apex One Vulnerability (CVE-2025-54948)

Do Son August 19, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Trend Micro Apex One vulnerability—CVE-2025-54948—to...

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits Backdoor, PipeMagic CVE-2025-29824

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits

Do Son August 19, 2025

Kaspersky Labs has released a new report shedding light on the persistent threat posed by PipeMagic, a...

New Firmware Flaw in AMI Aptio UEFI Threatens Persistent System Compromise UEFI firmware, SMM vulnerability

New Firmware Flaw in AMI Aptio UEFI Threatens Persistent System Compromise

Do Son August 18, 2025

A new security vulnerability disclosed by CERT/CC highlights serious risks in AMI Aptio UEFI firmware, which powers...

CVE-2025-48387: Critical tar-fs Vulnerability Exposes Millions to Arbitrary File Writes tar-fs, directory traversal

CVE-2025-48387: Critical tar-fs Vulnerability Exposes Millions to Arbitrary File Writes

Do Son August 18, 2025

A newly disclosed vulnerability in the widely used tar-fs NPM package has raised alarms across the software...

PostgreSQL Issues Urgent Security Fixes for High-Severity RCE Flaws in Core Utilities PostgreSQL Vulnerabilities CVE-2026-2006 PostgreSQL, security update CVE-2023-5869 - CVE-2025-1094

PostgreSQL Vulnerabilities CVE-2026-2006 PostgreSQL, security update CVE-2023-5869 - CVE-2025-1094

PostgreSQL Issues Urgent Security Fixes for High-Severity RCE Flaws in Core Utilities

Do Son August 18, 2025

The PostgreSQL Global Development Group has announced a major security update affecting all supported versions of the...

CVE-2025-7353 (CVSS 9.8): Rockwell Automation Issues Urgent Warning for ControlLogix Modules

Do Son August 18, 2025

Rockwell Automation has issued a critical security advisory regarding a remote code execution (RCE) vulnerability affecting its...

Critical RCE Flaws Found in Flowise AI Platform, Allowing Remote Code Execution Flowise vulnerabilities, RCE flaws

Critical RCE Flaws Found in Flowise AI Platform, Allowing Remote Code Execution

Do Son August 16, 2025

Security researchers at JFrog Security Research have uncovered two critical vulnerabilities in Flowise, an open-source generative AI...

CVE-2025-7972: Rockwell Automation Patches Critical Security Bypass in FactoryTalk Linx

Do Son August 15, 2025

Rockwell Automation has released a security advisory addressing a critical security bypass vulnerability in its FactoryTalk Linx...

ImageMagick Patches Multiple Flaws: High-Severity Memory Bugs Fixed ImageMagick Vulnerability CVE-2026-23876 ImageMagick TIM Overflow, Memory Disclosure Flaw ImageMagick vulnerabilities, memory corruption CVE-2023-34152

ImageMagick Patches Multiple Flaws: High-Severity Memory Bugs Fixed

Do Son August 15, 2025

The maintainers of ImageMagick have patched four security vulnerabilities that could impact applications using the popular image...

Critical Cisco RCE Flaw (CVE-2025-20265, CVSS 10): Unauthenticated Attackers Can Hijack Firewalls Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Critical Cisco RCE Flaw (CVE-2025-20265, CVSS 10): Unauthenticated Attackers Can Hijack Firewalls

Do Son August 15, 2025

Cisco has disclosed a critical remote code execution vulnerability in its Secure Firewall Management Center (FMC) Software...

Patch Now: Apache Tomcat Fixes Session Fixation and ‘MadeYouReset’ Flaws CVE-2024-50379 & CVE-2024-54677 Apache Tomcat Vulnerabilities

Patch Now: Apache Tomcat Fixes Session Fixation and ‘MadeYouReset’ Flaws

Do Son August 15, 2025

The Apache Tomcat Project has issued important updates addressing two significant vulnerabilities affecting multiple supported versions of...

MadeYouReset: New HTTP/2 Flaw Threatens to Cripple Servers with DDoS Attacks MadeYouReset, HTTP/2 vulnerability FSF, AI Scraping Attacks OracleIV botnet

MadeYouReset, HTTP/2 vulnerability FSF, AI Scraping Attacks OracleIV botnet

MadeYouReset: New HTTP/2 Flaw Threatens to Cripple Servers with DDoS Attacks

Do Son August 15, 2025

CERT/CC has issued a vulnerability note warning about a newly discovered flaw in multiple HTTP/2 implementations that...

A Blast from the Past: Why a 2017 Office Flaw Still Haunts Enterprises Today Microsoft Office, CVE-2017-11882

A Blast from the Past: Why a 2017 Office Flaw Still Haunts Enterprises Today

Do Son August 15, 2025

Under normal circumstances, software developers recommend that users promptly update to the latest version after a release....

Critical WordPress Plugin Flaw (CVE-2025-7384, CVSS 9.8) Exposes 70,000+ Sites to RCE and Data Loss WordPress vulnerability, CVE-2025-7384

Critical WordPress Plugin Flaw (CVE-2025-7384, CVSS 9.8) Exposes 70,000+ Sites to RCE and Data Loss

Do Son August 14, 2025

A critical security vulnerability has been disclosed in the widely used Database for Contact Form 7, WPforms,...

CVE-2025-40746: Critical Vulnerability Found in Siemens SIMATIC RTLS Locating Manager Siemens RTLS, CVE-2025-40746 CVE-2024-22040 - SINEC Security Monitor Siemens Security Advisory SENTRON 7KT PAC1260

Siemens RTLS, CVE-2025-40746 CVE-2024-22040 - SINEC Security Monitor Siemens Security Advisory SENTRON 7KT PAC1260

CVE-2025-40746: Critical Vulnerability Found in Siemens SIMATIC RTLS Locating Manager

Do Son August 14, 2025

Siemens ProductCERT has issued a high-severity security advisory (SSA-493787) warning of a critical vulnerability in its SIMATIC...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Vulnerability Report

CVE-2025-54336 (CVSS 9.8): Critical Flaw in Plesk Obsidian Exposes Servers to Full Compromise

CERT/CC Warns of Critical Flaws in Workhorse Municipal Accounting Software

Google Chrome Issues High-Severity Fix for V8 Engine Vulnerability (CVE-2025-9132)

Researcher Details CVE-2025-29824 – A Windows CLFS 0-Day Exploited by Ransomware Gang

CISA Flags Actively Exploited Trend Micro Apex One Vulnerability (CVE-2025-54948)

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits

New Firmware Flaw in AMI Aptio UEFI Threatens Persistent System Compromise

CVE-2025-48387: Critical tar-fs Vulnerability Exposes Millions to Arbitrary File Writes

PostgreSQL Issues Urgent Security Fixes for High-Severity RCE Flaws in Core Utilities

CVE-2025-7353 (CVSS 9.8): Rockwell Automation Issues Urgent Warning for ControlLogix Modules

Critical RCE Flaws Found in Flowise AI Platform, Allowing Remote Code Execution

CVE-2025-7972: Rockwell Automation Patches Critical Security Bypass in FactoryTalk Linx

ImageMagick Patches Multiple Flaws: High-Severity Memory Bugs Fixed

Critical Cisco RCE Flaw (CVE-2025-20265, CVSS 10): Unauthenticated Attackers Can Hijack Firewalls

Patch Now: Apache Tomcat Fixes Session Fixation and ‘MadeYouReset’ Flaws

MadeYouReset: New HTTP/2 Flaw Threatens to Cripple Servers with DDoS Attacks

A Blast from the Past: Why a 2017 Office Flaw Still Haunts Enterprises Today

Critical WordPress Plugin Flaw (CVE-2025-7384, CVSS 9.8) Exposes 70,000+ Sites to RCE and Data Loss

CVE-2025-40746: Critical Vulnerability Found in Siemens SIMATIC RTLS Locating Manager