CVE Archives • Daily CyberSecurity

Weekly Threat Intelligence: June 1 to June 7, 2026 Weekly Threat Intelligence Vulnerability Management Report

Weekly Threat Intelligence: June 1 to June 7, 2026

Do Son June 8, 2026

Welcome to your latest weekly threat intelligence briefing. The global cybersecurity landscape remains highly volatile as we...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

The Q1 2026 Exploit Surge: AI Discovers the Flaws, APTs Reap the Rewards

Do Son May 11, 2026

The first quarter of 2026 has set a blistering and volatile pace for the cybersecurity industry, marked...

High-Severity SSRF Flaw Uncovered in Angular’s Server-Side Rendering Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

High-Severity SSRF Flaw Uncovered in Angular’s Server-Side Rendering

Do Son April 17, 2026

Angular stands as a titan, powering everything from sleek mobile apps to massive enterprise desktop platforms. However,...

Sustainable Security: NIST Abandons “Analyze Everything” Goal for NVD NIST NVD Overhaul Risk-Based Triage

Sustainable Security: NIST Abandons “Analyze Everything” Goal for NVD

Do Son April 16, 2026

In a major strategic shift, the National Institute of Standards and Technology (NIST) has announced a fundamental...

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates CVE-2023-40031 Notepad++ Update Hijacking, WinGUp Vulnerability

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates

Do Son December 11, 2025

Security researchers recently uncovered a vulnerability in the open-source text and code editor Notepad++, allowing attackers in...

Daily CyberSecurity Launches CVE Watchtower: Live Intelligence for a Faster Response

ddos-admin September 16, 2025

Daily CyberSecurity, a leading cybersecurity news and intelligence platform, is proud to announce the launch of CVE...

Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control Digiever NVR, critical vulnerabilities

Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control

Do Son September 15, 2025

The Taiwan Computer Emergency Response Team (TWCERT/CC) has issued a vulnerability note warning of two critical security...

Angular SSR Flaw (CVE-2025-59052) Exposes User Data: What Developers Need to Know Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular SSR Flaw (CVE-2025-59052) Exposes User Data: What Developers Need to Know

Do Son September 11, 2025

The Angular team has issued a security advisory addressing a high-severity flaw in server-side rendering (SSR) that...

CERT/CC Warns of Critical Flaws in Workhorse Municipal Accounting Software Municipal software, Vulnerability

CERT/CC Warns of Critical Flaws in Workhorse Municipal Accounting Software

Do Son August 20, 2025

The CERT Coordination Center (CERT/CC) has issued a vulnerability note warning of serious security flaws in Workhorse...

New Firmware Flaw in AMI Aptio UEFI Threatens Persistent System Compromise UEFI firmware, SMM vulnerability

New Firmware Flaw in AMI Aptio UEFI Threatens Persistent System Compromise

Do Son August 18, 2025

A new security vulnerability disclosed by CERT/CC highlights serious risks in AMI Aptio UEFI firmware, which powers...

CVE-2025-48387: Critical tar-fs Vulnerability Exposes Millions to Arbitrary File Writes tar-fs, directory traversal

CVE-2025-48387: Critical tar-fs Vulnerability Exposes Millions to Arbitrary File Writes

Do Son August 18, 2025

A newly disclosed vulnerability in the widely used tar-fs NPM package has raised alarms across the software...

PostgreSQL Issues Urgent Security Fixes for High-Severity RCE Flaws in Core Utilities PostgreSQL Vulnerabilities CVE-2026-2006 PostgreSQL, security update CVE-2023-5869 - CVE-2025-1094

PostgreSQL Vulnerabilities CVE-2026-2006 PostgreSQL, security update CVE-2023-5869 - CVE-2025-1094

PostgreSQL Issues Urgent Security Fixes for High-Severity RCE Flaws in Core Utilities

Do Son August 18, 2025

The PostgreSQL Global Development Group has announced a major security update affecting all supported versions of the...

ImageMagick Patches Multiple Flaws: High-Severity Memory Bugs Fixed ImageMagick Vulnerability CVE-2026-23876 ImageMagick TIM Overflow, Memory Disclosure Flaw ImageMagick vulnerabilities, memory corruption CVE-2023-34152

ImageMagick Patches Multiple Flaws: High-Severity Memory Bugs Fixed

Do Son August 15, 2025

The maintainers of ImageMagick have patched four security vulnerabilities that could impact applications using the popular image...

GitLab Patches High-Severity Flaws: Update Now to Prevent XSS and Account Takeover GitLab security updates Duo AI flaw fixed GitLab Runner Hijack, DoS Fix GitLab GraphQL Flaws, CVE-2025-11340 CVE-2024-9693 GitLab vulnerability, XSS

GitLab security updates Duo AI flaw fixed GitLab Runner Hijack, DoS Fix GitLab GraphQL Flaws, CVE-2025-11340 CVE-2024-9693 GitLab vulnerability, XSS

GitLab Patches High-Severity Flaws: Update Now to Prevent XSS and Account Takeover

Do Son August 13, 2025

GitLab has announced the release of versions 18.2.2, 18.1.4, and 18.0.6 for both the Community Edition (CE)...

GitLab Releases Security Updates: XSS and Authorization Bypass Flaws Patched GitLab Security Code Integrity GitLab sale GitLab, Security GitLab Stored XSS, Kubernetes Proxy Flaw

GitLab Security Code Integrity GitLab sale GitLab, Security GitLab Stored XSS, Kubernetes Proxy Flaw

GitLab Releases Security Updates: XSS and Authorization Bypass Flaws Patched

Do Son July 10, 2025

GitLab has released security updates for its Community Edition (CE) and Enterprise Edition (EE), addressing multiple vulnerabilities...

Ivanti Patches High-Severity Credential Decryption Flaws in Workspace Control Ivanti Workspace Control

Ivanti Patches High-Severity Credential Decryption Flaws in Workspace Control

Do Son June 11, 2025

Ivanti has released critical security updates addressing three high-severity vulnerabilities in Ivanti Workspace Control (IWC)—a widely-used tool...

Go Fixes Three Security Flaws: Update Your Apps Now! Go Security Update

Go Fixes Three Security Flaws: Update Your Apps Now!

Do Son June 9, 2025

The Go team has rolled out versions 1.24.4 and 1.23.10, addressing three critical security vulnerabilities affecting core...

CVSS 9.8 Alert: Critical Flaws in HPE Insight Remote Support Enable RCE & File Access HPE Security, Insight RS Vulnerabilities

CVSS 9.8 Alert: Critical Flaws in HPE Insight Remote Support Enable RCE & File Access

Do Son June 5, 2025

Hewlett Packard Enterprise (HPE) has issued a security advisory addressing multiple high-impact vulnerabilities in its Insight Remote...

MediaTek’s June 2025 Security Bulletin: High-Severity Flaw & Multiple Medium Risks Uncovered MediaTek Vulnerabilities, Chipset Security

MediaTek’s June 2025 Security Bulletin: High-Severity Flaw & Multiple Medium Risks Uncovered

Do Son June 2, 2025

MediaTek, a leading global chipset manufacturer, has published its June 2025 Product Security Bulletin, disclosing one high-severity...

Earth Lamia: China-Linked APT Targets Global Industries with Custom Backdoors

Do Son May 28, 2025

Trend Micro’s latest threat intelligence report uncovers Earth Lamia — a stealthy and evolving China-nexus advanced persistent...

Critical Alert 1 Active Exploit Detected Today