Patch Now Archives • Daily CyberSecurity

9.8 Critical Alert: One-Byte Heap Corruption in Exim Exposes Global Mail Servers to Takeover Exim RCE Vulnerability CVE-2026-45185 GnuTLS

9.8 Critical Alert: One-Byte Heap Corruption in Exim Exposes Global Mail Servers to Takeover

Do Son May 13, 2026

A “highest-caliber” vulnerability was found in Exim, one of the internet’s most widely used Mail Transfer Agents...

CVE-2025-13915: Critical 9.8 Flaw in IBM API Connect Lets Attackers Bypass Login IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

CVE-2025-13915: Critical 9.8 Flaw in IBM API Connect Lets Attackers Bypass Login

Do Son December 30, 2025

IBM has issued an urgent security alert for users of its API Connect platform after internal testing...

Symfony Patches PATH_INFO Parsing Flaw Leading to Authorization Bypass (CVE-2025-64500) Symfony Path Info Flaw, Authorization Bypass

Symfony Patches PATH_INFO Parsing Flaw Leading to Authorization Bypass (CVE-2025-64500)

Do Son November 15, 2025

The Symfony project has released security updates to address a newly disclosed vulnerability affecting its widely used...

CRITICAL Cisco Zero-Day (CVE-2025-20333, CVSS 9.9) Under Active Attack: VPN Flaw Allows Root RCE Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

CRITICAL Cisco Zero-Day (CVE-2025-20333, CVSS 9.9) Under Active Attack: VPN Flaw Allows Root RCE

Do Son September 26, 2025

Cisco has disclosed a zero-day vulnerability affecting its Secure Firewall Adaptive Security Appliance (ASA) Software and Secure...

GitLab Fixes High-Severity DoS Flaws: Unauthenticated Attackers Could Crash Instances GitLab Security Update May 2026 GitLab XSS and DoS Vulnerabilities GitLab Security Session Hijacking GitLab Security Update, CI/CD Vulnerability GitLab DoS, Security Update bypassing SAML - CVE-2024-8312 and CVE-2024-6826

GitLab Security Update May 2026 GitLab XSS and DoS Vulnerabilities GitLab Security Session Hijacking GitLab Security Update, CI/CD Vulnerability GitLab DoS, Security Update bypassing SAML - CVE-2024-8312 and CVE-2024-6826

GitLab Fixes High-Severity DoS Flaws: Unauthenticated Attackers Could Crash Instances

Do Son September 26, 2025

GitLab has released security updates for versions 18.4.1, 18.3.3, and 18.2.7 of its Community Edition (CE) and...

Critical Cisco ISE Flaw CVE-2025-20337 (CVSS 10.0) Allows Unauthenticated Root RCE – Patch Immediately Cisco ISE, RCE Vulnerability

Critical Cisco ISE Flaw CVE-2025-20337 (CVSS 10.0) Allows Unauthenticated Root RCE – Patch Immediately

Do Son July 17, 2025

A critical vulnerability was found in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC. Tracked as CVE-2025-20337,...

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

Do Son June 20, 2025

Last month, a critical vulnerability was reported to Wordfence that now threatens more than 22,000 WordPress websites...

Critical Path Traversal Vulnerability (CVSS 9.8) Exposes Mitel MiCollab Servers to Unauthorized Access Mitel MiCollab, Critical Vulnerability

Critical Path Traversal Vulnerability (CVSS 9.8) Exposes Mitel MiCollab Servers to Unauthorized Access

Do Son June 13, 2025

Mitel has issued a critical security advisory warning of a newly discovered path traversal vulnerability affecting its...

HPE Aruba Networking Patches Sensitive Data Exposure Vulnerability in Private 5G Core Platform HPE Aruba, 5G Security

HPE Aruba Networking Patches Sensitive Data Exposure Vulnerability in Private 5G Core Platform

Do Son June 11, 2025

HPE Aruba Networking has released a security update addressing a high-severity vulnerability in its Private 5G Core...

CISA Alert: Critical Vulnerabilities Found in CyberData SIP Emergency Intercom Devices CyberData Vulnerabilities, SIP Intercom Security

CISA Alert: Critical Vulnerabilities Found in CyberData SIP Emergency Intercom Devices

Do Son June 7, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning of multiple high-impact...

Security Alert: Multi Flaws in Kea DHCP Server Disclosed Kea DHCP vulnerability Privilege escalation

Security Alert: Multi Flaws in Kea DHCP Server Disclosed

Do Son May 30, 2025

The Internet Systems Consortium (ISC) has issued an urgent advisory affecting its modern Kea DHCP server, disclosing...

URGENT Chrome Update: High-Risk CVE-2025-4664 Flaw Actively Exploited In The Wild – Patch Immediately! Screenshot_20250515-082049

URGENT Chrome Update: High-Risk CVE-2025-4664 Flaw Actively Exploited In The Wild – Patch Immediately!

Do Son May 15, 2025

Google has released a critical Stable Channel Update for Chrome Desktop, bumping the version to 136.0.7103.113/.114 for...

Node.js Alerts: High-Severity Flaw (CVE-2025-23166) Risks Remote System Crashes! Update Immediately! CVE-2025-23083 - Node.js EOL

Node.js Alerts: High-Severity Flaw (CVE-2025-23166) Risks Remote System Crashes! Update Immediately!

Do Son May 15, 2025

In an important security announcement released recently, the Node.js team has rolled out vital updates for its...

Critical Alert 1 Active Exploit Detected Today