rce Archives • Page 19 of 30 • Daily CyberSecurity

Android Security Bulletin – September 2025 Patches Actively Exploited Flaws (CVE-2025-38352 & CVE-2025-48543) and Critical RCE Android CVE-2024-23700 Zero-Interaction Exploit Candiru spyware Android vulnerability, security update

Android CVE-2024-23700 Zero-Interaction Exploit Candiru spyware Android vulnerability, security update

Android Security Bulletin – September 2025 Patches Actively Exploited Flaws (CVE-2025-38352 & CVE-2025-48543) and Critical RCE

Do Son September 3, 2025

Google has released the September 2025 Android Security Bulletin, addressing a large set of vulnerabilities across the...

Critical CVE-2025-21483 & CVE-2025-27034 in Qualcomm Modems Score CVSS 9.8 Qualcomm Security Bulletin CVE-2026-25254 RCE Qualcomm Diversification, Mobile Chip Competition CVE-2023-33025

Qualcomm Security Bulletin CVE-2026-25254 RCE Qualcomm Diversification, Mobile Chip Competition CVE-2023-33025

Critical CVE-2025-21483 & CVE-2025-27034 in Qualcomm Modems Score CVSS 9.8

Do Son September 2, 2025

Qualcomm has published its September 2025 Security Bulletin, addressing a wide range of vulnerabilities across its chipsets,...

PoC Exploit Released for Nagios XI RCE Flaw Allows Attackers to Hijack Servers Nagios XI, remote code execution

PoC Exploit Released for Nagios XI RCE Flaw Allows Attackers to Hijack Servers

Do Son September 1, 2025

Nagios XI, one of the most widely used IT infrastructure monitoring solutions, has been found vulnerable to...

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

A Critical Zero-Click WhatsApp Flaw, CVE-2025-55177, Was Exploited in Zero-Day Attacks

Do Son August 29, 2025

Meta’s WhatsApp Security Team has patched a zero-day flaw (CVE-2025-55177) in WhatsApp for iOS (prior to v2.25.21.73),...

PoC Published: A Format String Bug in ImageMagick Could Allow Remote Code Execution ImageMagick, remote code execution

PoC Published: A Format String Bug in ImageMagick Could Allow Remote Code Execution

Do Son August 29, 2025

The developers of ImageMagick, one of the most widely used open-source image processing libraries, have disclosed a...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

CRITICAL Zero-Day CVE-2025-57819 in FreePBX Is Under Active Attack (CVSS 10.0)

Do Son August 29, 2025

The Sangoma FreePBX Security Team has issued a critical advisory for a newly discovered vulnerability in its...

NVIDIA Issues Security Update for NeMo Framework: Multiple High-Severity Vulnerabilities Patched NVIDIA NeMo Framework

NVIDIA Issues Security Update for NeMo Framework: Multiple High-Severity Vulnerabilities Patched

Do Son August 28, 2025

NVIDIA has released a new software update for its NeMo Framework, addressing multiple high-severity vulnerabilities that could...

PoC Available: CrushFTP Zero-Day (CVE-2025-54309) Exploited in the Wild

Do Son August 28, 2025

watchTowr Labs has released a detailed analysis of CVE-2025-54309, a zero-day authentication bypass vulnerability in CrushFTP, the...

NVIDIA Warns of a High-Severity Flaw in NeMo AI Curator (CVE-2025-23307) NeMo Curator, NVIDIA vulnerability

NVIDIA Warns of a High-Severity Flaw in NeMo AI Curator (CVE-2025-23307)

Do Son August 27, 2025

NVIDIA has released an important security update addressing a high-severity vulnerability in its NeMo Curator tool. The...

Langflow Hit by Privilege Escalation Flaw: CVE-2025-57760 Langflow, Privilege escalation

Langflow Hit by Privilege Escalation Flaw: CVE-2025-57760

Do Son August 26, 2025

The Langflow project has issued an important security advisory regarding a newly discovered vulnerability that poses a...

Two RCE Vulnerabilities Found in Open-Source BI Tool DataEase DataEase, RCE vulnerability

Two RCE Vulnerabilities Found in Open-Source BI Tool DataEase

Do Son August 26, 2025

Security researchers have disclosed two critical vulnerabilities in DataEase, an open-source business intelligence (BI) tool designed for...

Four Critical Flaws in a Privileged Access Manager Exposed by Rapid7 Privileged access manager, Securden

Four Critical Flaws in a Privileged Access Manager Exposed by Rapid7

Do Son August 26, 2025

Security researchers at Rapid7 have uncovered four serious vulnerabilities in Securden Unified Privileged Access Manager (PAM), a...

CVE-2025-55746: Critical Directus Flaw Exposes Servers to Unauthenticated File Upload and RCE

Do Son August 22, 2025

The Directus project has disclosed a critical vulnerability tracked as CVE-2025-55746 (CVSS 9.3) that could allow unauthenticated...

CVE-2024-36401 Exploited in Stealthy Bandwidth-Monetization Campaign Passive monetization, GeoServer vulnerability

CVE-2024-36401 Exploited in Stealthy Bandwidth-Monetization Campaign

Do Son August 22, 2025

A new report from Palo Alto Networks’ Unit 42 has shed light on an unusual and stealthy...

Kudelski Security Exposes Critical CodeRabbit Vulnerability: RCE, Secret Leaks, and Access to 1M Repositories AI tool vulnerability, supply chain attack

AI tool vulnerability, supply chain attack

Kudelski Security Exposes Critical CodeRabbit Vulnerability: RCE, Secret Leaks, and Access to 1M Repositories

Do Son August 21, 2025

Kudelski Security has published a detailed write-up of a critical vulnerability discovered in CodeRabbit, the most installed...

CISA Flags Actively Exploited Trend Micro Apex One Vulnerability (CVE-2025-54948) n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA Flags Actively Exploited Trend Micro Apex One Vulnerability (CVE-2025-54948)

Do Son August 19, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Trend Micro Apex One vulnerability—CVE-2025-54948—to...

CVE-2025-48387: Critical tar-fs Vulnerability Exposes Millions to Arbitrary File Writes tar-fs, directory traversal

CVE-2025-48387: Critical tar-fs Vulnerability Exposes Millions to Arbitrary File Writes

Do Son August 18, 2025

A newly disclosed vulnerability in the widely used tar-fs NPM package has raised alarms across the software...

PostgreSQL Issues Urgent Security Fixes for High-Severity RCE Flaws in Core Utilities PostgreSQL Vulnerabilities CVE-2026-2006 PostgreSQL, security update CVE-2023-5869 - CVE-2025-1094

PostgreSQL Vulnerabilities CVE-2026-2006 PostgreSQL, security update CVE-2023-5869 - CVE-2025-1094

PostgreSQL Issues Urgent Security Fixes for High-Severity RCE Flaws in Core Utilities

Do Son August 18, 2025

The PostgreSQL Global Development Group has announced a major security update affecting all supported versions of the...

Critical RCE Flaws Found in Flowise AI Platform, Allowing Remote Code Execution Flowise vulnerabilities, RCE flaws

Critical RCE Flaws Found in Flowise AI Platform, Allowing Remote Code Execution

Do Son August 16, 2025

Security researchers at JFrog Security Research have uncovered two critical vulnerabilities in Flowise, an open-source generative AI...

Critical Cisco RCE Flaw (CVE-2025-20265, CVSS 10): Unauthenticated Attackers Can Hijack Firewalls Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Critical Cisco RCE Flaw (CVE-2025-20265, CVSS 10): Unauthenticated Attackers Can Hijack Firewalls

Do Son August 15, 2025

Cisco has disclosed a critical remote code execution vulnerability in its Secure Firewall Management Center (FMC) Software...