CVSS 10.0 Archives • Daily CyberSecurity

Millions of Servers At Risk: Crucial MariaDB Flaw Carries Maximum 10.0 CVSS Score MariaDB security flaw community server releases

Millions of Servers At Risk: Crucial MariaDB Flaw Carries Maximum 10.0 CVSS Score

Do Son June 7, 2026

Three Fresh Security Defects Impact Open Source Database Deployments An urgent threat notice has been issued for...

Samba Fixes Multiple Flaws with Maximum 10.0 CVSS Scores critical Samba vulnerabilities remote code execution flaws CVE-2023-34966

Samba Fixes Multiple Flaws with Maximum 10.0 CVSS Scores

Do Son May 29, 2026

The Samba Team has released urgent security patches to address multiple network infrastructure defects. Specifically, these new...

The CVE Watchtower: Weekly Threat Intelligence Briefing (May 4 – May 10, 2026) Weekly vulnerability digest May 2026

The CVE Watchtower: Weekly Threat Intelligence Briefing (May 4 – May 10, 2026)

Do Son May 11, 2026

Welcome to your weekly vulnerability digest. If you thought the threat landscape was plateauing as we entered...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026) Vulnerability Digest AI Infrastructure Security

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026)

Do Son April 27, 2026

Welcome to your Monday morning vulnerability digest. As we close out the final full week of April,...

CVE-2026-40342: CVSS 10.0 Path Traversal to RCE in Firebird Database Firebird Database RCE CVE-2026-40342

CVE-2026-40342: CVSS 10.0 Path Traversal to RCE in Firebird Database

Do Son April 22, 2026

Researchers have disclosed a critical-severity vulnerability in Firebird, the long-standing relational database with roots dating back to...

The Dual CVSS 10.0 RCE Flaws Threatening Spinnaker Pipelines

Do Son April 21, 2026

A pair of critical remote code execution (RCE) vulnerabilities has been disclosed in Spinnaker, the heavyweight open-source...

Zero Authentication, Total Control: Critical CVSS 10 Flaw Uncovered in Dgraph Database Dgraph Vulnerability CVSS 10.0 Dgraph Admin Leak CVE-2026-40173

Dgraph Vulnerability CVSS 10.0 Dgraph Admin Leak CVE-2026-40173

Zero Authentication, Total Control: Critical CVSS 10 Flaw Uncovered in Dgraph Database

Do Son April 5, 2026

A security vulnerability was found in Dgraph, the high-performance, horizontally scalable GraphQL database. The flaw, designated as...

CVE-2026-4370 (CVSS 10): Critical Juju Flaw Grants Attackers Total Infrastructure Control

Do Son April 3, 2026

The cybersecurity community is on high alert following the discovery of a critical security flaw in Juju,...

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw

Do Son March 31, 2026

The digital ink had barely dried on the disclosure of CVE-2026-21962 before threat actors began a relentless...

Streaming Nightmare: Unpatched CVSS 10.0 Flaws Leave AVideo Servers Wide Open AVideo RCE YPTSocket Vulnerability AVideo Vulnerabilities Streaming Platform Security AVideo Vulnerabilities CVE-2026-28501

AVideo RCE YPTSocket Vulnerability AVideo Vulnerabilities Streaming Platform Security AVideo Vulnerabilities CVE-2026-28501

Streaming Nightmare: Unpatched CVSS 10.0 Flaws Leave AVideo Servers Wide Open

Do Son March 25, 2026

AVideo, a popular streaming platform used by creators and businesses to manage and monetize video content, is...

From Viewer to SYSTEM: Critical 10.0 CVSS Flaw in GeoVision ERM Allows Full Host Takeover GeoVision CVE-2026-4606 Local Privilege Escalation

From Viewer to SYSTEM: Critical 10.0 CVSS Flaw in GeoVision ERM Allows Full Host Takeover

Do Son March 25, 2026

In a major security alert for the surveillance industry, GeoVision has disclosed a critical vulnerability in its...

The Undocumented Backdoor: Critical 10.0 CVSS Flaw Hits WAGO Managed Switches

Do Son March 23, 2026

A severe vulnerability has been uncovered in several models of WAGO Managed Switches, potentially leaving industrial networks...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

The Weekly Breach: 7 Maximum CVSS Flaws and the DarkSword Exploit Unveiled

Do Son March 23, 2026

The past seven days have been an exceptionally busy period for cybersecurity defenders. Between March 16 and...

Total Takeover: Critical 10.0 CVSS Path Traversal Flaw Hits Ubiquiti UniFi Networks Ubiquiti UniFi OS Vulnerabilities UniFi OS Firmware Update 2026 UniFi Play Vulnerability Critical RCE Patch Ubiquiti UniFi Vulnerability CVE-2026-22557

Ubiquiti UniFi OS Vulnerabilities UniFi OS Firmware Update 2026 UniFi Play Vulnerability Critical RCE Patch Ubiquiti UniFi Vulnerability CVE-2026-22557

Total Takeover: Critical 10.0 CVSS Path Traversal Flaw Hits Ubiquiti UniFi Networks

Do Son March 19, 2026

Ubiquiti has issued an urgent security advisory following the discovery of two significant vulnerabilities within its UniFi...

Weekly Threat Intelligence Briefing: Chrome Zero-Days, SolarWinds RCE, and a Surge in Critical PoCs CVE-2026-3910 Chrome Zero-Day CVSS 10.0 Vulnerabilities

CVE-2026-3910 Chrome Zero-Day CVSS 10.0 Vulnerabilities

Weekly Threat Intelligence Briefing: Chrome Zero-Days, SolarWinds RCE, and a Surge in Critical PoCs

Do Son March 16, 2026

The Executive Summary Over the past seven days, our CVE Watchtower intercepted 1,388 new vulnerabilities, highlighting a...

Altium Enterprise Server Vulnerability CVE-2026-9129 Path Traversal Patreon OAuth Vulnerability Identity Collision DRC INSIGHT Vulnerability Exam Data Hijacking Horner Automation PLC Industrial Brute Force Honeywell IQ4x Vulnerability CVE-2026-3611 DJI Romo vacuum security flaw Python Cryptography Vulnerability CVE-2026-26007 Open5GS Vulnerability CVE-2026-0622 Vivotek IP7137 Vulnerabilities CVE-2025-66049 Forcepoint DLP Vulnerability CVE-2025-14026 Cellopoint Secure Email Gateway - CVE-2024-9043

The Default Danger: Maximum 10.0 CVSS Vulnerability Leaves Honeywell IQ4x Controllers Wide Open

Do Son March 11, 2026

A critical security flaw has been uncovered in the Honeywell IQ4x Building Management System (BMS) Controller family,...

Root Access for All: Critical Auth Bypass Hits Cisco Firewall Management Center Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Root Access for All: Critical Auth Bypass Hits Cisco Firewall Management Center

Do Son March 5, 2026

Cybersecurity authorities are sounding the alarm on a critical vulnerability in the Cisco Secure Firewall Management Center...

Critical 10.0 CVSS Flaw in pac4j-jwt Lets Hackers Forge Admin Tokens pac4j-jwt Vulnerability CVE-2026-29000

Critical 10.0 CVSS Flaw in pac4j-jwt Lets Hackers Forge Admin Tokens

Do Son March 5, 2026

Cybersecurity researchers have uncovered a critical vulnerability in pac4j-jwt, a popular Java-based library used to secure thousands...

Critical 10.0 CVSS Flaw in Cisco Secure FMC Hands Hackers Root Access to Enterprise Firewalls Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Critical 10.0 CVSS Flaw in Cisco Secure FMC Hands Hackers Root Access to Enterprise Firewalls

Do Son March 5, 2026

Cybersecurity researchers have identified a critical vulnerability in Cisco Secure Firewall Management Center (FMC) Software, the administrative...

CVSS 10.0 Unauthenticated Remote Code Execution in FreeScout (Public Proof-of-Concept Disclosed) FreeScout RCE CVE-2026-28289

CVSS 10.0 Unauthenticated Remote Code Execution in FreeScout (Public Proof-of-Concept Disclosed)

Do Son March 5, 2026

Security researchers have uncovered a maximum-score vulnerability in FreeScout, the popular open-source help desk and shared inbox...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

CVSS 10.0

Millions of Servers At Risk: Crucial MariaDB Flaw Carries Maximum 10.0 CVSS Score

Samba Fixes Multiple Flaws with Maximum 10.0 CVSS Scores

The CVE Watchtower: Weekly Threat Intelligence Briefing (May 4 – May 10, 2026)

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026)

CVE-2026-40342: CVSS 10.0 Path Traversal to RCE in Firebird Database

Zero Authentication, Total Control: Critical CVSS 10 Flaw Uncovered in Dgraph Database

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw

Streaming Nightmare: Unpatched CVSS 10.0 Flaws Leave AVideo Servers Wide Open

From Viewer to SYSTEM: Critical 10.0 CVSS Flaw in GeoVision ERM Allows Full Host Takeover

The Undocumented Backdoor: Critical 10.0 CVSS Flaw Hits WAGO Managed Switches

The Weekly Breach: 7 Maximum CVSS Flaws and the DarkSword Exploit Unveiled

Total Takeover: Critical 10.0 CVSS Path Traversal Flaw Hits Ubiquiti UniFi Networks

Weekly Threat Intelligence Briefing: Chrome Zero-Days, SolarWinds RCE, and a Surge in Critical PoCs

The Default Danger: Maximum 10.0 CVSS Vulnerability Leaves Honeywell IQ4x Controllers Wide Open

Root Access for All: Critical Auth Bypass Hits Cisco Firewall Management Center

Critical 10.0 CVSS Flaw in pac4j-jwt Lets Hackers Forge Admin Tokens

Critical 10.0 CVSS Flaw in Cisco Secure FMC Hands Hackers Root Access to Enterprise Firewalls

CVSS 10.0 Unauthenticated Remote Code Execution in FreeScout (Public Proof-of-Concept Disclosed)