Vulnerability Archives • Page 5 of 190 • Daily CyberSecurity

Linux Kernel TLS UAF Flaw Allows Local RCE via Async Decrypt – PoC Available Linux TLS UAF, CVE-2024-26582

Linux Kernel TLS UAF Flaw Allows Local RCE via Async Decrypt – PoC Available

Do Son October 10, 2025

Security researcher Chino Kafuu details a flaw buried deep within the Transport Layer Security (TLS) subsystem of...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Critical CVSS 10.0 SQL Injection Vulnerability Patched in Esri ArcGIS Server

Do Son October 9, 2025

Esri has released a critical security patch addressing a SQL injection vulnerability (CVE-2025-57870) in ArcGIS Server, a...

PoC Released for Linux Kernel Escalates Privileges Flaw Linux kernel exploit - SLUBStick - Cross-Cache Attacks

PoC Released for Linux Kernel Escalates Privileges Flaw

Do Son October 7, 2025

A detailed exploit analysis of CVE-2023-4921 (CVSS 7.8) reveals how a subtle use-after-free flaw in the Linux...

Critical Denial-of-Service Vulnerability Discovered in HAProxy

Do Son October 6, 2025

A newly discovered vulnerability in HAProxy, the widely used open-source reverse proxy and load balancer, could allow...

PoC Released: Linux Kernel Flaw Allows User to Gain Root Privileges CrackArmor AppArmor Vulnerabilities Linux Kernel UAF, Privilege Escalation PoC CVE-2024-27397 PoC

CrackArmor AppArmor Vulnerabilities Linux Kernel UAF, Privilege Escalation PoC CVE-2024-27397 PoC

PoC Released: Linux Kernel Flaw Allows User to Gain Root Privileges

Do Son October 2, 2025

Security researcher Huyinhao has published a deep-dive analysis of CVE-2025-21701, a newly disclosed Linux kernel vulnerability rated...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

Zero-Day PoC Published: Privilege Escalation Flaw in VMware Tools Used by Chinese APT

Do Son September 30, 2025

A newly disclosed local privilege escalation vulnerability, CVE-2025-41244, has been exploited as a zero-day in the wild,...

Under the Hood of a Kernel Crash: PoC Exposes Race Condition in Qualcomm’s Driver Qualcomm Samsung 2nm foundry deal, Snapdragon 8 Elite 2nm refresh Qualcomm Ventana Acquisition, RISC-V Strategy Qualcomm Autotalks, China Antitrust Qualcomm Antitrust, Which? Lawsuit Qualcomm GPU driver, CVE-2024-38399 Qualcomm's March 2025 Security Bulletin

Qualcomm Samsung 2nm foundry deal, Snapdragon 8 Elite 2nm refresh Qualcomm Ventana Acquisition, RISC-V Strategy Qualcomm Autotalks, China Antitrust Qualcomm Antitrust, Which? Lawsuit Qualcomm GPU driver, CVE-2024-38399 Qualcomm's March 2025 Security Bulletin

Under the Hood of a Kernel Crash: PoC Exposes Race Condition in Qualcomm’s Driver

Do Son September 30, 2025

Independent researcher Strey Paws has published an in-depth analysis of CVE-2024-38399, a race condition in Qualcomm’s KGSL...

PoC Exploit Details for Actively Exploited iOS Zero-Day Flaw Now Public Coruna Exploit Kit iOS Security Update Apple Zero-Day CVE-2026-20700 Apple Data Privacy Day 2026, iPhone privacy features guide iOS Privilege Escalation, CVE-2025-24085 PoC Apple Manufacturing Academy, US Investment CVE-2024-44258 - symlink vulnerability

Coruna Exploit Kit iOS Security Update Apple Zero-Day CVE-2026-20700 Apple Data Privacy Day 2026, iPhone privacy features guide iOS Privilege Escalation, CVE-2025-24085 PoC Apple Manufacturing Academy, US Investment CVE-2024-44258 - symlink vulnerability

PoC Exploit Details for Actively Exploited iOS Zero-Day Flaw Now Public

Do Son September 29, 2025

Proof-of-concept exploit code is now publicly available online for a zero-day flaw in iOS/iPadOS, macOS, tvOS, watchOS,...

Two Linux Kernel Vulnerabilities Expose HID Subsystem to Exploitation, PoC Published Linux HID PoC, USB Memory Leak

Two Linux Kernel Vulnerabilities Expose HID Subsystem to Exploitation, PoC Published

Do Son September 26, 2025

The Linux community is patching two new vulnerabilities in the HID (Human Interface Device) core subsystem, tracked...

PoC Released for CVE-2025-41243 – A Spring Cloud Gateway Flaw with CVSS 10.0

Do Son September 22, 2025

Security researcher Ezzer17 published a clear, methodical write-up that walks through the root cause, the partial fixes,...

Stack-Based Buffer Overflow in Squid Could Let Hackers Execute Arbitrary Code CVE-2024-25617 CVE-2025-59362 Squid Proxy ICP Vulnerability

Stack-Based Buffer Overflow in Squid Could Let Hackers Execute Arbitrary Code

Do Son September 15, 2025

Squid, the widely deployed caching proxy supporting HTTP, HTTPS, FTP, and more, has patched a critical security...

PoC Released: Django SQL Injection Flaw with Technical Details poc-avai

PoC Released: Django SQL Injection Flaw with Technical Details

Do Son September 10, 2025

The Django Software Foundation has patched a high-severity SQL injection vulnerability in Django’s FilteredRelation feature. Tracked as...

CVSS 9.8 Flaw in macOS Allows Apps to Access Protected User Data, PoC Available macOS vulnerability, file copy APIs

CVSS 9.8 Flaw in macOS Allows Apps to Access Protected User Data, PoC Available

Do Son September 9, 2025

Security researcher Mickey Jin (@patch1t) has uncovered a critical vulnerability in Apple’s file copy APIs that could...

PgAdmin Flaw Exposes Accounts to OAuth Hijacking Attacks CVE-2024-2044 pgAdmin, OAuth vulnerability

PgAdmin Flaw Exposes Accounts to OAuth Hijacking Attacks

Do Son September 8, 2025

The developers of pgAdmin, the most widely used open-source administration and development platform for PostgreSQL, have patched...

PoC Available: macOS Sequoia Flaw Allows Keychain Dump and TCC Bypass (CVSS 9.8) macOS Sequoia, gcore vulnerability

PoC Available: macOS Sequoia Flaw Allows Keychain Dump and TCC Bypass (CVSS 9.8)

Do Son September 5, 2025

Apple has patched a critical security vulnerability in macOS Sequoia, tracked as CVE-2025-24204 (CVSS 9.8), that could...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

CVSS 10.0 RCE in Popular Python Library (36M+ Monthly Downloads), PoC Available

Do Son September 4, 2025

The widely used Python library DeepDiff, downloaded over 36 million times per month, has been found vulnerable...

GNU Guix Issues Advisory for a Critical Privilege Escalation Flaw GNU Guix, privilege escalation guix-daemon vulnerability

GNU Guix Issues Advisory for a Critical Privilege Escalation Flaw

Do Son September 4, 2025

The GNU Guix team has issued a critical security advisory warning users to immediately update their systems...

PoC Published for Remote Code Execution Flaw in Microsoft IIS Web Deploy Remote code execution, IIS Web Deploy

PoC Published for Remote Code Execution Flaw in Microsoft IIS Web Deploy

Do Son September 3, 2025

Security researcher Batuhan Er of HawkTrace has been credited by Microsoft for uncovering CVE-2025-53772, a critical remote...

Linux Kernel 7.1 release Linux Kernel update, AMD ZEN 6 support, Linux driver fixes Linux Kernel 7.1 i486 support Linux 7.0 HIPPI support removal, legacy networking protocol retirement Linus Torvalds AI slop Linux kernel, Lorenzo Stoakes AI tool debate Linux Kernel Rust CVE-2025-68260, Android Binder Rust Race Condition TSEM Security Module Controversy, Linus Torvalds LSM Dispute Kernel Panic, PoC released Linux Kernel 6.16, File System Fixes CVE-2023-42753 - Linux Kernel Developers

Linux Kernel Panic Triggered by Race Condition, PoC Released

Do Son September 2, 2025

A new Linux kernel vulnerability, tracked as CVE-2025-38617, has been analyzed by security researcher Pumpkin (@u1f383) from...

PoC Exploit Released for Nagios XI RCE Flaw Allows Attackers to Hijack Servers Nagios XI, remote code execution

PoC Exploit Released for Nagios XI RCE Flaw Allows Attackers to Hijack Servers

Do Son September 1, 2025

Nagios XI, one of the most widely used IT infrastructure monitoring solutions, has been found vulnerable to...

Critical Alert 4 Active Exploits Detected Today