Vulnerability Report Archives • Page 85 of 88 • Daily CyberSecurity

Insyde UEFI Flaw (CVE-2025-4275): Secure Boot Bypass Allows Rootkits & Undetectable Malware Insyde UEFI, Secure Boot Bypass CVE-2025-4275

Insyde UEFI Flaw (CVE-2025-4275): Secure Boot Bypass Allows Rootkits & Undetectable Malware

Do Son June 11, 2025

A newly disclosed vulnerability in Insyde H2O UEFI firmware, tracked as CVE-2025-4275, allows attackers to bypass Secure...

Salesforce OmniStudio Flaws Expose Encrypted Data Salesforce, OmniStudio

Salesforce OmniStudio Flaws Expose Encrypted Data

Do Son June 11, 2025

Security research partner AppOmni disclosed five critical vulnerabilities in Salesforce’s powerful OmniStudio platform that could expose encrypted...

Warning: 40,000+ Internet-Connected Cameras Are Exposed & Streaming Live Globally! Exposed Cameras, Privacy Risk

Warning: 40,000+ Internet-Connected Cameras Are Exposed & Streaming Live Globally!

Do Son June 11, 2025

In its newly released report, Bitsight reveals that more than 40,000 internet-connected security cameras across the globe...

Chrome Update Alert: Two High-Severity Flaws Patched – Update Now to Stay Safe! Chrome Security

Chrome Update Alert: Two High-Severity Flaws Patched – Update Now to Stay Safe!

Do Son June 11, 2025

Google has released a Stable Channel update for Chrome Desktop, rolling out version 137.0.7151.103/.104 for Windows and...

CVSS 9.8: Backend.AI Critical Flaw Allows Account Takeover via PoC, No Patch Available Backend.AI Vulnerability

CVSS 9.8: Backend.AI Critical Flaw Allows Account Takeover via PoC, No Patch Available

Do Son June 11, 2025

Security researchers at HiddenLayer have disclosed a critical privilege escalation vulnerability in Backend.AI, a widely used container-based...

CoreDNS DoS Flaw: Unauthenticated Attackers Can Crash Servers via DNS-over-QUIC CoreDNS Vulnerability, DoS Attack

CoreDNS DoS Flaw: Unauthenticated Attackers Can Crash Servers via DNS-over-QUIC

Do Son June 11, 2025

A critical denial-of-service (DoS) vulnerability has been identified in CoreDNS, the modular DNS server widely deployed across...

Wasp Framework Patches OAuth Flaw Allowing User Impersonation Wasp Vulnerability

Wasp Framework Patches OAuth Flaw Allowing User Impersonation

Do Son June 11, 2025

The Wasp project, a full-stack web application framework for React, Node.js, and Prisma, has patched a critical...

UEFI Secure Boot Bypass: Critical Flaw (CVE-2025-3052) Exposes Millions of Devices! vulnerable UEFI shim bootloaders, Secure Boot bypass UEFI Secure Boot, Critical Vulnerability CVE-2025-3052

vulnerable UEFI shim bootloaders, Secure Boot bypass UEFI Secure Boot, Critical Vulnerability CVE-2025-3052

UEFI Secure Boot Bypass: Critical Flaw (CVE-2025-3052) Exposes Millions of Devices!

Do Son June 10, 2025

A new high-severity vulnerability discovered by BINARLY REsearch has reignited concerns about the integrity of the UEFI...

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign Stealth Falcon CVE-2025-33053

Stealth Falcon Exploits New Zero-Day (CVE-2025-33053) in Sophisticated Cyberespionage Campaign

Do Son June 10, 2025

A new cyberespionage campaign attributed to the notorious APT group Stealth Falcon has been uncovered by Check...

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched! Patch Tuesday, Microsoft Security

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

Do Son June 10, 2025

Microsoft’s June 2025 Patch Tuesday rollout has addressed a substantial 69 vulnerabilities, including 10 critical and 57...

Google Self-Preferencing Fine Idealo Antitrust Damages Anthropic, Google TPUs Google DMA Compliance, Search Self-Preferencing Google Play Store Ruling, Epic Games Victory Google fine, ad tech Google lawsuit, privacy violation Gmail security, false alarm Google Play EU regulation Google Security, Phone Number Leak Google 2025 - Google China’s Anti-Monopoly Law Google monopoly, ad tech Pixel 7a battery, battery swelling

Google Account Flaw Exposed Phone Numbers: Brute-Force Attack Possible, Now Patched

Do Son June 10, 2025

In April, a researcher uncovered a security vulnerability within Google’s account system that allowed them to obtain...

SAP Patch Fixes Critical CVSS 9.6 Flaw in NetWeaver: Privilege Escalation and System Integrity at Risk SAP Security, Critical Vulnerabilities

SAP Patch Fixes Critical CVSS 9.6 Flaw in NetWeaver: Privilege Escalation and System Integrity at Risk

Do Son June 10, 2025

SAP’s June 2025 Security Patch Day addressed a total of 14 new vulnerabilities, including a critical issue...

CVE-2025-4601: Flaw Exposes 33,000+ RealHomes WordPress Sites to Admin Takeover WordPress Vulnerability

CVE-2025-4601: Flaw Exposes 33,000+ RealHomes WordPress Sites to Admin Takeover

Do Son June 10, 2025

A critical Privilege Escalation vulnerability has been disclosed in the RealHomes WordPress theme, a popular real estate...

CISA Flags Active Exploits in Erlang/OTP SSH and Roundcube Webmail: Critical RCE and XSS Flaws Under Attack CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA Flags Active Exploits in Erlang/OTP SSH and Roundcube Webmail: Critical RCE and XSS Flaws Under Attack

Do Son June 10, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited...

CVE-2025-48757: Lovable’s Row-Level Security Breakdown Exposes Sensitive Data Across Hundreds of Projects CVE-2025-48757, Row-Level Security, Supabase, Lovable

CVE-2025-48757, Row-Level Security, Supabase, Lovable

CVE-2025-48757: Lovable’s Row-Level Security Breakdown Exposes Sensitive Data Across Hundreds of Projects

Do Son June 10, 2025

Security researcher Matt Palmer has uncovered a critical vulnerability in the Lovable low-code platform, now tracked as...

CVE-2025-41646: Critical Authentication Bypass in RevPi Webstatus Threatens Industrial Systems RevPi Webstatus, Authentication Bypass

CVE-2025-41646: Critical Authentication Bypass in RevPi Webstatus Threatens Industrial Systems

Do Son June 10, 2025

KUNBUS has issued a critical security advisory for its RevPi Webstatus application following the discovery of an...

Critical Wazuh RCE (CVE-2025-24016) Actively Exploited by Mirai Botnets Wazuh RCE, Mirai Botnets

Critical Wazuh RCE (CVE-2025-24016) Actively Exploited by Mirai Botnets

Do Son June 9, 2025

Akamai’s Security Intelligence and Response Team (SIRT) has uncovered active exploitation of CVE-2025-24016, a critical remote code...

Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover! PayU CommercePro, Account Takeover

Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover!

Do Son June 9, 2025

A severe vulnerability in the PayU CommercePro plugin for WordPress, which has over 5,000 active installations, allows...

QNAP Fixes SQL Injection and Certificate Validation Flaws in Qsync Central and File Station 5 QNAP Vulnerabilities CVE-2025-52856

QNAP Fixes SQL Injection and Certificate Validation Flaws in Qsync Central and File Station 5

Do Son June 9, 2025

QNAP Systems, Inc. has released patches addressing multiple high-severity vulnerabilities in its Qsync Central and File Station...

Critical CVSS 10.0 Flaws in B. Braun OnlineSuite Threaten Healthcare Infrastructure Medical Devices Vulnerabilities

Critical CVSS 10.0 Flaws in B. Braun OnlineSuite Threaten Healthcare Infrastructure

Do Son June 9, 2025

B. Braun Melsungen AG has issued a high-priority security advisory warning of three severe vulnerabilities affecting its...

Critical Alert 1 Active Exploit Detected Today