June 27, 2026

Authentication Bypass

Sophos Fixes Critical Authentication Bypass (CVE-2025-10159) in AP6 Series Wireless Access Points Sophos vulnerability CVE-2025-10159

Sophos Fixes Critical Authentication Bypass (CVE-2025-10159) in AP6 Series Wireless Access Points

Do Son September 10, 2025 0
Sophos has released a fix for a critical authentication bypass vulnerability (CVE-2025-10159) affecting its AP6 Series Wireless...
Read More Read more about Sophos Fixes Critical Authentication Bypass (CVE-2025-10159) in AP6 Series Wireless Access Points
CVE-2025-40795 (CVSS 9.8): Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication Siemens SIMATIC Vulnerability CVE-2025-40943 CVE-2024-47901 - Siemens InterMesh system CVE-2025-40804 Siemens SIVaaS

CVE-2025-40795 (CVSS 9.8): Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication

Do Son September 9, 2025 0
Siemens has disclosed multiple vulnerabilities in its User Management Component (UMC), which is used in products like...
Read More Read more about CVE-2025-40795 (CVSS 9.8): Critical Flaw in Siemens SIVaaS Exposes Network Share Without Authentication
CISA Alert: Critical Flaw (CVE-2025-8284) in Packet Power Devices Allows Unauthenticated Remote Takeover Packet Power, CISA Alert

CISA Alert: Critical Flaw (CVE-2025-8284) in Packet Power Devices Allows Unauthenticated Remote Takeover

Do Son August 11, 2025 0
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-severity alert for a missing authentication...
Read More Read more about CISA Alert: Critical Flaw (CVE-2025-8284) in Packet Power Devices Allows Unauthenticated Remote Takeover
CVE-2025-5095 (CVSS 9.8): Critical Flaw in ARC Solo Broadcasting Devices Allows Unauthenticated Takeover ARC Solo, CISA Alert

CVE-2025-5095 (CVSS 9.8): Critical Flaw in ARC Solo Broadcasting Devices Allows Unauthenticated Takeover

Do Son August 11, 2025 0
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning about a critical authentication...
Read More Read more about CVE-2025-5095 (CVSS 9.8): Critical Flaw in ARC Solo Broadcasting Devices Allows Unauthenticated Takeover
Critical SUSE Manager Flaw (CVSS 9.8) Allows Unauthenticated Root RCE on All Clients – PoC Available! SUSE Manager, Remote Code Execution

Critical SUSE Manager Flaw (CVSS 9.8) Allows Unauthenticated Root RCE on All Clients – PoC Available!

Do Son July 31, 2025 2
SUSE has issued a high-severity security advisory for CVE-2025-46811, a critical vulnerability in SUSE Manager that allows...
Read More Read more about Critical SUSE Manager Flaw (CVSS 9.8) Allows Unauthenticated Root RCE on All Clients – PoC Available!
Critical OAuth2-Proxy Flaw (CVE-2025-54576, CVSS 9.1) Allows Authentication Bypass via Query Parameters OAuth2 Proxy Auth Bypass CVE-2026-34457 OAuth2-Proxy, Authentication Bypass

Critical OAuth2-Proxy Flaw (CVE-2025-54576, CVSS 9.1) Allows Authentication Bypass via Query Parameters

Do Son July 31, 2025 0
A critical vulnerability in the popular OAuth2-Proxy open-source authentication tool has been discovered, allowing attackers to bypass...
Read More Read more about Critical OAuth2-Proxy Flaw (CVE-2025-54576, CVSS 9.1) Allows Authentication Bypass via Query Parameters
Critical Flaw in Wix’s New AI Platform Base44 Allowed Unauthorized Access to Private Enterprise Apps Wix Base44, AI Platform Vulnerability

Critical Flaw in Wix’s New AI Platform Base44 Allowed Unauthorized Access to Private Enterprise Apps

Do Son July 30, 2025 0
In a significant finding that highlights the risks associated with emerging AI development platforms, Wiz Research has...
Read More Read more about Critical Flaw in Wix’s New AI Platform Base44 Allowed Unauthorized Access to Private Enterprise Apps
Critical Node-SAML Flaw (CVE-2025-54419, CVSS 10.0) Allows Authentication Bypass in SAML 2.0 Web Apps Node-SAML Vulnerability, Authentication Bypass

Critical Node-SAML Flaw (CVE-2025-54419, CVSS 10.0) Allows Authentication Bypass in SAML 2.0 Web Apps

Do Son July 29, 2025 0
A newly disclosed critical vulnerability in Node-SAML, a widely used SAML 2.0 authentication provider for Node.js, could...
Read More Read more about Critical Node-SAML Flaw (CVE-2025-54419, CVSS 10.0) Allows Authentication Bypass in SAML 2.0 Web Apps
Critical Cisco ISE Flaw CVE-2025-20337 (CVSS 10.0) Allows Unauthenticated Root RCE – Patch Immediately Cisco ISE, RCE Vulnerability

Critical Cisco ISE Flaw CVE-2025-20337 (CVSS 10.0) Allows Unauthenticated Root RCE – Patch Immediately

Do Son July 17, 2025 0
A critical vulnerability was found in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC. Tracked as CVE-2025-20337,...
Read More Read more about Critical Cisco ISE Flaw CVE-2025-20337 (CVSS 10.0) Allows Unauthenticated Root RCE – Patch Immediately
Ruckus Wireless Exposed: 9 Critical Vulnerabilities Leave Wi-Fi Management Systems Wide Open, No Patch! Ruckus vRIoT Vulnerability CVE-2025-69425 Ruckus Wireless, Critical Vulnerabilities

Ruckus Wireless Exposed: 9 Critical Vulnerabilities Leave Wi-Fi Management Systems Wide Open, No Patch!

Do Son July 10, 2025 0
Multiple critical vulnerabilities have been discovered in Ruckus Wireless’ Virtual SmartZone (vSZ) and Network Director (RND), posing...
Read More Read more about Ruckus Wireless Exposed: 9 Critical Vulnerabilities Leave Wi-Fi Management Systems Wide Open, No Patch!