firmware update Archives • Daily CyberSecurity

MBS Universal Gateway Flaws Threaten Building Automation Networks Haskell TLS vulnerability CVE-2026-9648, X.509 NameConstraints, crypton-x509-validation MBS Universal Gateway flaws stack buffer overflow bugs SystemLink authentication bypass privilege escalation bug Cache Warmer RCE flaw Magento PHP object injection

Haskell TLS vulnerability CVE-2026-9648, X.509 NameConstraints, crypton-x509-validation MBS Universal Gateway flaws stack buffer overflow bugs SystemLink authentication bypass privilege escalation bug Cache Warmer RCE flaw Magento PHP object injection

MBS Universal Gateway Flaws Threaten Building Automation Networks

Do Son June 10, 2026

Multiple Software Vulnerabilities Discovered in Underlying Web GUI Firmware MBS GmbH has issued an urgent security notice...

Critical TP-Link Patches Critical Archer MR600 Command Injection Flaw

Do Son June 9, 2026

Security Update Solves WireGuard Vulnerability in Router Interface TP-Link issued a critical security warning for wireless router...

10.0 Dual CVSS 10.0 Bugs Fixed in Emergency Acer Router Patch Acer router flaw critical authentication bypass Acer router security flaws critical firmware bugs

Acer router flaw critical authentication bypass Acer router security flaws critical firmware bugs

10.0 Dual CVSS 10.0 Bugs Fixed in Emergency Acer Router Patch

Do Son June 4, 2026

Critical Security Vulnerabilities Threaten Connect W6x Devices Acer has deployed an urgent firmware modification for its consumer...

InHand Router Flaws: Command Injection Patches Released Yarbo robot vulnerability hard-coded MQTT credentials, CVE-2026-10557, CVE-2026-7368 command injection vulnerabilities InHand router flaws

Yarbo robot vulnerability hard-coded MQTT credentials, CVE-2026-10557, CVE-2026-7368 command injection vulnerabilities InHand router flaws

InHand Router Flaws: Command Injection Patches Released

Do Son June 3, 2026

Security teams must act quickly to address newly discovered edge network vulnerabilities. Specifically, a series of critical...

Critical Critical KMW CCTV Vulnerability Exposes Live Surveillance Feeds KMW CCTV vulnerability unauthenticated password reset Xiongmai IP Camera Vulnerability CVE-2025-65856 CVE-2024-8956 (CVSS 9.1): PTZOptics Cameras

KMW CCTV vulnerability unauthenticated password reset Xiongmai IP Camera Vulnerability CVE-2025-65856 CVE-2024-8956 (CVSS 9.1): PTZOptics Cameras

Critical Critical KMW CCTV Vulnerability Exposes Live Surveillance Feeds

Do Son June 2, 2026

A severe security bug has put smart surveillance devices at risk this week. Specifically, a critical KMW...

10.0 Triple CVSS 10.0 Warning: Critical Ubiquiti UniFi OS Flaws Allow Unauthenticated Remote Takeovers UniFi OS vulnerabilities, Ubiquiti security flaws, CVE-2026-47367, CVE-2026-47369, CVE-2026-47370 Ubiquiti UniFi OS Vulnerabilities UniFi OS Firmware Update 2026 UniFi Play Vulnerability Critical RCE Patch Ubiquiti UniFi Vulnerability CVE-2026-22557

UniFi OS vulnerabilities, Ubiquiti security flaws, CVE-2026-47367, CVE-2026-47369, CVE-2026-47370 Ubiquiti UniFi OS Vulnerabilities UniFi OS Firmware Update 2026 UniFi Play Vulnerability Critical RCE Patch Ubiquiti UniFi Vulnerability CVE-2026-22557

10.0 Triple CVSS 10.0 Warning: Critical Ubiquiti UniFi OS Flaws Allow Unauthenticated Remote Takeovers

Do Son May 22, 2026

Ubiquiti has issued a major security advisory addressing five distinct vulnerabilities across its UniFi OS ecosystem. Three...

9.1 Critical ZKTeco CCTV Flaw (CVE-2026-8598) Leaks Admin Credentials Without Authentication ZKTeco CCTV Vulnerability CVE-2026-8598 Patch

9.1 Critical ZKTeco CCTV Flaw (CVE-2026-8598) Leaks Admin Credentials Without Authentication

Do Son May 20, 2026

A newly disclosed, critical vulnerability in ZKTeco CCTV cameras is serving as a reminder that the devices...

Label Leak: Hardcoded Credentials in Snap One WattBox Devices Open Door to Root Access WattBox Vulnerability Root Access Exploit

Label Leak: Hardcoded Credentials in Snap One WattBox Devices Open Door to Root Access

Do Son April 29, 2026

A critical vulnerability has been identified in the Snap One WattBox 800 and 820 series power controllers....

Critical Hijacking the Soundboard: Critical 9.8 RCE Flaws Hit Ubiquiti UniFi Play Audio UniFi OS vulnerabilities, Ubiquiti security flaws, CVE-2026-47367, CVE-2026-47369, CVE-2026-47370 Ubiquiti UniFi OS Vulnerabilities UniFi OS Firmware Update 2026 UniFi Play Vulnerability Critical RCE Patch Ubiquiti UniFi Vulnerability CVE-2026-22557

Critical Hijacking the Soundboard: Critical 9.8 RCE Flaws Hit Ubiquiti UniFi Play Audio

Do Son April 14, 2026

Ubiquiti has issued an urgent security advisory for its UniFi Play audio lineup, addressing a suite of...

High TP-Link Archer AX53 Hit by Multiple High-Severity Vulnerabilities

Do Son April 10, 2026

TP-Link has issued an urgent security advisory regarding its Archer AX53 v1.0 router, detailing five distinct vulnerabilities...

Critical Critical RCE and SQLi Flaws Shatter mbCONNECT24 Industrial Security mbCONNECT24 Vulnerabilities Industrial RCE

Critical Critical RCE and SQLi Flaws Shatter mbCONNECT24 Industrial Security

Do Son April 6, 2026

In a significant alert for the industrial automation sector, CERT@VDE has disclosed a series of high-severity vulnerabilities...

Critical Smart Home Alert: Critical Flaws Exposed in TP-Link Tapo Security Cameras

Do Son April 3, 2026

A security advisory from TP-Link have exposured a series of high-severity vulnerabilities—ranging from CVE-2026-34118 to CVE-2026-34124—affecting the...

9.8 Cisco Issues Urgent Patch for Critical IMC Auth Bypass: A CVSS 9.8 Wake-Up Call Cisco IMC Vulnerability CVE-2026-20093 CVE-2024-20401 Cisco IOS XE Privilege Escalation

Cisco IMC Vulnerability CVE-2026-20093 CVE-2024-20401 Cisco IOS XE Privilege Escalation

9.8 Cisco Issues Urgent Patch for Critical IMC Auth Bypass: A CVSS 9.8 Wake-Up Call

Do Son April 2, 2026

A newly discovered vulnerability has turned the Cisco Integrated Management Controller (IMC) into a potential backdoor. Tracked...

ASUS Issues Security Patch for Router Vulnerability CVE-2023-39238 ASUS Router Update CVE-2025-15101

ASUS Issues Security Patch for Router Vulnerability

Do Son April 1, 2026

In a move to fortify home and office networks, ASUS has released a security update for several...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Critical Critical 9.8 CVSS Flaw in Pharos Mosaic Controllers Grants Root Access to Unauthenticated Attackers

Do Son March 27, 2026

A security advisory has been issued by CISA regarding a critical vulnerability discovered in Pharos Controls’ Mosaic...

Master Keys and Open Backdoors: TP-Link Issues Urgent Patch for Archer NX-Series Routers

Do Son March 24, 2026

In a major security alert, TP-Link has released a series of critical firmware updates to patch several...

Critical Critical RCE Vulnerabilities Uncovered in Janitza and Weidmueller Energy Meters Energy Meter RCE CVE-2025-41709 ICS Exposure, Power Grid Security CVE-2025-1393 & CVE-2024-23943

Energy Meter RCE CVE-2025-41709 ICS Exposure, Power Grid Security CVE-2025-1393 & CVE-2024-23943

Critical Critical RCE Vulnerabilities Uncovered in Janitza and Weidmueller Energy Meters

Do Son March 11, 2026

Energy management systems are under the microscope following a security advisory from CERT@VDE, which reveals multiple critical...

9.8 Total Takeover: Critical Zyxel Flaw (CVSS 9.8) Exposes Routers to Remote Command Injection CVE-2022-43389 - CVE-2024-12398 Zyxel UPnP Vulnerability CVE-2025-13942

CVE-2022-43389 - CVE-2024-12398 Zyxel UPnP Vulnerability CVE-2025-13942

9.8 Total Takeover: Critical Zyxel Flaw (CVSS 9.8) Exposes Routers to Remote Command Injection

Do Son February 25, 2026

Networking giant Zyxel has rolled out a wave of urgent security patches addressing multiple vulnerabilities across its...

9.8 Critical Honeywell CCTV Flaw (CVSS 9.8) Allows Unauthenticated Takeover Honeywell CCTV Vulnerability CVE-2026-1670 EagleMsgSpy Spyware Tool ResidentBat Spyware, Belarusian KGB Surveillance

Honeywell CCTV Vulnerability CVE-2026-1670 EagleMsgSpy Spyware Tool ResidentBat Spyware, Belarusian KGB Surveillance

9.8 Critical Honeywell CCTV Flaw (CVSS 9.8) Allows Unauthenticated Takeover

Do Son February 18, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a critical vulnerability in Honeywell...

9.3 Critical RCE Flaws (CVSS 9.3) Exposed in Lexmark Printers

Do Son February 9, 2026

Lexmark has issued urgent security updates for its printer fleet after researchers uncovered two dangerous vulnerabilities in...