patch Archives • Daily CyberSecurity

Google Chrome Emergency Update: High-Severity Memory Corruption Flaws Fixed in WebGPU and V8

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Google Chrome Emergency Update: High-Severity Memory Corruption Flaws Fixed in WebGPU and V8

Do Son December 17, 2025

Google has rolled out an important security update for the Stable desktop channel, patching two high-severity vulnerabilities...

SonicWall Warns of New SonicOS SSLVPN Pre-Auth Buffer Overflow Vulnerability (CVE-2025-40601) SonicWall SMA 1000 MFA Bypass SonicWall SSLVPN Flaw CVE-2025-40601 SonicOS vulnerability - CVE-2024-53704

SonicWall SMA 1000 MFA Bypass SonicWall SSLVPN Flaw CVE-2025-40601 SonicOS vulnerability - CVE-2024-53704

SonicWall Warns of New SonicOS SSLVPN Pre-Auth Buffer Overflow Vulnerability (CVE-2025-40601)

Do Son November 21, 2025

SonicWall has issued a security advisory for a newly identified pre-authentication stack-based buffer overflow vulnerability in its...

Google Patches Actively Exploited Chrome Zero-Day Flaw (CVE-2025-13223) in Emergency Update Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Google Patches Actively Exploited Chrome Zero-Day Flaw (CVE-2025-13223) in Emergency Update

Do Son November 17, 2025

Google has issued an urgent, out-of-band security update for the Chrome Stable channel, addressing two separate Type...

Two WordPress Core Vulnerabilities Disclosed Without Patch: Sensitive Data Exposure and Stored XSS WordPress Privilege Escalation CVE-2026-1492 Sneeit Framework RCE, Unauthenticated Code Execution Post SMTP, Account Takeover WordPress Vulnerability, Unpatched XSS WordPress Vulnerability, PHP Object Injection WordPress AI Engine, Privilege Escalation CVE-2024-43153 & CVE-2024-43234

WordPress Privilege Escalation CVE-2026-1492 Sneeit Framework RCE, Unauthenticated Code Execution Post SMTP, Account Takeover WordPress Vulnerability, Unpatched XSS WordPress Vulnerability, PHP Object Injection WordPress AI Engine, Privilege Escalation CVE-2024-43153 & CVE-2024-43234

Two WordPress Core Vulnerabilities Disclosed Without Patch: Sensitive Data Exposure and Stored XSS

Do Son September 25, 2025

Two vulnerabilities were found in WordPress Core, affecting all versions up to and including 6.8.2. Both flaws...

Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices Samsung zero-day Samsung Galaxy S25 Edge, Sales Performance Samsung Account, Inactive Accounts One UI 7 Samsung Update

Samsung zero-day Samsung Galaxy S25 Edge, Sales Performance Samsung Account, Inactive Accounts One UI 7 Samsung Update

Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices

Do Son September 15, 2025

Samsung has released security updates to patch a critical zero-day vulnerability actively exploited against Android devices. Tracked...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

ACSC Warns of Active Exploitation of SonicWall SSL VPN Vulnerability (CVE-2024-40766)

Do Son September 11, 2025

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an alert on the active...

GitLab Urges Immediate Update for Two High-Severity Flaws GitLab Security Update Account Impersonation GitLab Security Update CVE-2026-1090 GitLab vulnerability GitLab vulnerability, GitLab patches

GitLab Security Update Account Impersonation GitLab Security Update CVE-2026-1090 GitLab vulnerability GitLab vulnerability, GitLab patches

GitLab Urges Immediate Update for Two High-Severity Flaws

Do Son September 10, 2025

GitLab has released new versions of its Community and Enterprise Editions to address several security vulnerabilities, including...

URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack NetScaler, CVE-2025-7775

URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack

Do Son August 26, 2025

The Cloud Software Group (CSG) has released urgent security updates to address three high-severity vulnerabilities affecting NetScaler...

PoC Code Available for Critical SQLite Vulnerability (CVE-2025-6965) SQLite vulnerability CVE-2025-6965 PoC

PoC Code Available for Critical SQLite Vulnerability (CVE-2025-6965)

Do Son August 26, 2025

Google revealed that its large language model (LLM)-assisted vulnerability discovery framework detected and reported a critical flaw...

CISA Adds Citrix and Git Flaws to Known Exploited Vulnerabilities Catalog n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA Adds Citrix and Git Flaws to Known Exploited Vulnerabilities Catalog

Do Son August 26, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities...

CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks Tableau Vulnerability CVE-2025-26496

CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks

Do Son August 25, 2025

Salesforce Security has announced the resolution of multiple vulnerabilities in Tableau Server, identified during a proactive security...

IBM Issues Critical Patch for Jazz Team Server Vulnerability (CVE-2025-36157) IBM Vulnerability CVE-2025-36157

IBM Issues Critical Patch for Jazz Team Server Vulnerability (CVE-2025-36157)

Do Son August 25, 2025

IBM has released a security bulletin addressing a severe vulnerability in its Jazz Team Server, a Java-based...

ImageMagick Patches Multiple Flaws: High-Severity Memory Bugs Fixed ImageMagick Vulnerability CVE-2026-23876 ImageMagick TIM Overflow, Memory Disclosure Flaw ImageMagick vulnerabilities, memory corruption CVE-2023-34152

ImageMagick Patches Multiple Flaws: High-Severity Memory Bugs Fixed

Do Son August 15, 2025

The maintainers of ImageMagick have patched four security vulnerabilities that could impact applications using the popular image...

Urgent Xerox FreeFlow Core Patch: Critical Flaws (CVSS 9.8) Allow RCE and SSRF Xerox RCE, FreeFlow Core Vulnerabilities

Urgent Xerox FreeFlow Core Patch: Critical Flaws (CVSS 9.8) Allow RCE and SSRF

Do Son August 11, 2025

Xerox has released a security update for FreeFlow Core, addressing two high-impact vulnerabilities that could allow attackers...

Elastic APM Server & Beats Have Local Privilege Escalation Flaws Elastic Security Update CVE-2026-0532 Elastic Defend Arbitrary Delete, SYSTEM Privilege Escalation ECE Readonly EoP, Improper Authorization Elastic XSS, Kibana Vulnerabilities Elastic LPE, Observability Tools Vulnerabilities

Elastic APM Server & Beats Have Local Privilege Escalation Flaws

Do Son July 30, 2025

Elastic has issued patches for two local privilege escalation (LPE) vulnerabilities affecting its popular observability tools—APM Server...

GitLab Update: High-Severity XSS & Data Exposure Flaws Patched GitLab Security Update CVE-2025-7659 CVE-2024-5655 GitLab Vulnerabilities, XSS & Data Exposure

GitLab Security Update CVE-2025-7659 CVE-2024-5655 GitLab Vulnerabilities, XSS & Data Exposure

GitLab Update: High-Severity XSS & Data Exposure Flaws Patched

Do Son July 23, 2025

GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing multiple vulnerabilities—including high-severity...

Critical Arbitrary File Upload Vulnerability in SonicWall SMA 100 Series Devices SonicWall ES RCE, Code Integrity Bypass SonicWall SMA, Arbitrary File Upload SonicWall SMA100 - CVE-2024-40764

SonicWall ES RCE, Code Integrity Bypass SonicWall SMA, Arbitrary File Upload SonicWall SMA100 - CVE-2024-40764

Critical Arbitrary File Upload Vulnerability in SonicWall SMA 100 Series Devices

Do Son July 23, 2025

SonicWall has issued a critical security advisory for a newly identified vulnerability—CVE-2025-40599—affecting its SMA 100 series appliances,...

Three High-Severity Privilege Escalation Flaws Patched in Sophos Intercept X for Windows Sophos Intercept X, Privilege Escalation

Three High-Severity Privilege Escalation Flaws Patched in Sophos Intercept X for Windows

Do Son July 21, 2025

Sophos has patched three separate high-severity local privilege escalation (LPE) vulnerabilities in its widely used Intercept X...

CVE-2025-54309: CrushFTP Targeted in Active Exploits Due to Unpatched Zero-Day Vulnerability CrushFTP Zero-Day, File Transfer Security

CVE-2025-54309: CrushFTP Targeted in Active Exploits Due to Unpatched Zero-Day Vulnerability

Do Son July 19, 2025

CrushFTP, a widely used secure file transfer server, has issued an urgent advisory regarding a critical zero-day...

Apache CXF Vulnerability: DoS and Data Leak Risks Exposed (CVE-2025-48795) Apache CXF, DoS Vulnerability

Apache CXF Vulnerability: DoS and Data Leak Risks Exposed (CVE-2025-48795)

Do Son July 15, 2025

The Apache Software Foundation has disclosed a vulnerability—CVE-2025-48795—affecting multiple versions of Apache CXF, an open-source web services...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

patch

Google Chrome Emergency Update: High-Severity Memory Corruption Flaws Fixed in WebGPU and V8

SonicWall Warns of New SonicOS SSLVPN Pre-Auth Buffer Overflow Vulnerability (CVE-2025-40601)

Google Patches Actively Exploited Chrome Zero-Day Flaw (CVE-2025-13223) in Emergency Update

Two WordPress Core Vulnerabilities Disclosed Without Patch: Sensitive Data Exposure and Stored XSS

Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices

ACSC Warns of Active Exploitation of SonicWall SSL VPN Vulnerability (CVE-2024-40766)

GitLab Urges Immediate Update for Two High-Severity Flaws

URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack

PoC Code Available for Critical SQLite Vulnerability (CVE-2025-6965)

CISA Adds Citrix and Git Flaws to Known Exploited Vulnerabilities Catalog

CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks

IBM Issues Critical Patch for Jazz Team Server Vulnerability (CVE-2025-36157)

ImageMagick Patches Multiple Flaws: High-Severity Memory Bugs Fixed

Urgent Xerox FreeFlow Core Patch: Critical Flaws (CVSS 9.8) Allow RCE and SSRF

Elastic APM Server & Beats Have Local Privilege Escalation Flaws

GitLab Update: High-Severity XSS & Data Exposure Flaws Patched

Critical Arbitrary File Upload Vulnerability in SonicWall SMA 100 Series Devices

Three High-Severity Privilege Escalation Flaws Patched in Sophos Intercept X for Windows

CVE-2025-54309: CrushFTP Targeted in Active Exploits Due to Unpatched Zero-Day Vulnerability

Apache CXF Vulnerability: DoS and Data Leak Risks Exposed (CVE-2025-48795)