lfi Archives • Daily CyberSecurity

Zero Authentication, Total Control: Critical CVSS 10 Flaw Uncovered in Dgraph Database Dgraph Vulnerability CVSS 10.0 Dgraph Admin Leak CVE-2026-40173

Dgraph Vulnerability CVSS 10.0 Dgraph Admin Leak CVE-2026-40173

Zero Authentication, Total Control: Critical CVSS 10 Flaw Uncovered in Dgraph Database

Do Son April 5, 2026

A security vulnerability was found in Dgraph, the high-performance, horizontally scalable GraphQL database. The flaw, designated as...

CVE-2025-68428: Critical Flaw in jsPDF Library Allows Server-Side File Theft

Do Son January 6, 2026

A critical vulnerability has been discovered in jsPDF, one of the most popular JavaScript libraries for generating...

Zimbra Under Siege: High-Severity LFI Vulnerability Exposes Internal Files to Unauthenticated Attackers

Do Son December 25, 2025

Administrators of the popular Zimbra Collaboration Suite (ZCS) are being urged to patch immediately after the discovery...

Critical Zimbra Flaw Fixed: Patch Addresses Multiple Stored XSS and Unauthenticated LFI in Mail Client Zimbra Critical XSS, Unauthenticated LFI

Zimbra Critical XSS, Unauthenticated LFI

Critical Zimbra Flaw Fixed: Patch Addresses Multiple Stored XSS and Unauthenticated LFI in Mail Client

Do Son November 11, 2025

Zimbra has issued a critical security patch, Zimbra Daffodil (v10.1.13), to address a host of vulnerabilities in...

Exploited Zero-Day: Gladinet/Triofox Flaw CVE-2025-11371 Allows RCE via LFI PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

Exploited Zero-Day: Gladinet/Triofox Flaw CVE-2025-11371 Allows RCE via LFI

Do Son October 10, 2025

Huntress has sounded the alarm over active exploitation of a newly discovered Local File Inclusion (LFI) vulnerability...

CVE-2025-46619: LFI Vulnerability Affects Multiple Versions of Couchbase Server for Windows Couchbase Server, Local File Inclusion

CVE-2025-46619: LFI Vulnerability Affects Multiple Versions of Couchbase Server for Windows

Do Son May 2, 2025

Couchbase Server, a widely-used NoSQL document database engineered for high-performance, interactive applications, disclosed a serious security flaw....

Critical Alert 1 Active Exploit Detected Today

Zero Authentication, Total Control: Critical CVSS 10 Flaw Uncovered in Dgraph Database

CVE-2025-68428: Critical Flaw in jsPDF Library Allows Server-Side File Theft

Zimbra Under Siege: High-Severity LFI Vulnerability Exposes Internal Files to Unauthenticated Attackers

Critical Zimbra Flaw Fixed: Patch Addresses Multiple Stored XSS and Unauthenticated LFI in Mail Client

Exploited Zero-Day: Gladinet/Triofox Flaw CVE-2025-11371 Allows RCE via LFI

CVE-2025-46619: LFI Vulnerability Affects Multiple Versions of Couchbase Server for Windows