local file inclusion Archives • Daily CyberSecurity

CVE-2025-68428: Critical Flaw in jsPDF Library Allows Server-Side File Theft

Ddos January 6, 2026

A critical vulnerability has been discovered in jsPDF, one of the most popular JavaScript libraries for generating...

Zimbra Under Siege: High-Severity LFI Vulnerability Exposes Internal Files to Unauthenticated Attackers

Ddos December 25, 2025

Administrators of the popular Zimbra Collaboration Suite (ZCS) are being urged to patch immediately after the discovery...

CISA KEV Alert: Two Critical Flaws Under Active Exploitation, Including Gladinet LFI/RCE and CWP Admin Takeover n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA KEV Alert: Two Critical Flaws Under Active Exploitation, Including Gladinet LFI/RCE and CWP Admin Takeover

Ddos November 5, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities—CVE-2025-11371 in Gladinet CentreStack and...

Critical WooCommerce Plugin Flaw (CVE-2025-12493, CVSS 9.8) Allows Unauthenticated RCE, 100,000+ Sites Affect ShopLentor LFI RCE, WooCommerce Plugin Flaw

ShopLentor LFI RCE, WooCommerce Plugin Flaw

Critical WooCommerce Plugin Flaw (CVE-2025-12493, CVSS 9.8) Allows Unauthenticated RCE, 100,000+ Sites Affect

Ddos November 5, 2025

A critical-severity Local File Inclusion (LFI) flaw in the popular WordPress plugin ShopLentor – WooCommerce Builder for...

Exploited Zero-Day: Gladinet/Triofox Flaw CVE-2025-11371 Allows RCE via LFI PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

Exploited Zero-Day: Gladinet/Triofox Flaw CVE-2025-11371 Allows RCE via LFI

Ddos October 10, 2025

Huntress has sounded the alarm over active exploitation of a newly discovered Local File Inclusion (LFI) vulnerability...

CVE-2025-46619: LFI Vulnerability Affects Multiple Versions of Couchbase Server for Windows Couchbase Server, Local File Inclusion

CVE-2025-46619: LFI Vulnerability Affects Multiple Versions of Couchbase Server for Windows

Ddos May 2, 2025

Couchbase Server, a widely-used NoSQL document database engineered for high-performance, interactive applications, disclosed a serious security flaw....

InstaWP Connect Plugin Exposes WordPress Sites to Critical File Inclusion Vulnerability InstaWP Connect Vulnerability WordPress Plugin Security

InstaWP Connect Vulnerability WordPress Plugin Security

InstaWP Connect Plugin Exposes WordPress Sites to Critical File Inclusion Vulnerability

Ddos April 11, 2025

A severe security vulnerability has been identified in the InstaWP Connect WordPress plugin, posing a significant risk...

CVE-2024-33533 to 33536: Zimbra Users at Risk of XSS and LFI Attacks

Ddos August 15, 2024

Zimbra Collaboration, a widely adopted email and collaboration platform disclosed three new security vulnerabilities. These flaws, identified...

Critical Alert 1 Active Exploit Detected Today