Remote Code Execution Archives • Page 11 of 24 • Daily CyberSecurity

From Simple Bug to RCE: A Flaw (CVE-2025-21692) in the Linux Kernel, PoC Published Linux Kernel vulnerability CVE-2025-21692

From Simple Bug to RCE: A Flaw (CVE-2025-21692) in the Linux Kernel, PoC Published

Ddos September 18, 2025

Security researcher Volticks has published a deep technical writeup on CVE-2025-21692, a vulnerability in the Linux kernel’s...

CVE-2025-9242: Critical WatchGuard Flaw Allows Remote Code Execution WatchGuard Agent Privilege Escalation CVE-2026-6787 WatchGuard Vulnerability CVE-2026-1498 WatchGuard Firebox VPN Flaws, Command Injection WatchGuard Vulnerability CVE-2024-6592 and CVE-2024-6593

CVE-2025-9242: Critical WatchGuard Flaw Allows Remote Code Execution

Ddos September 17, 2025

WatchGuard has issued a security advisory addressing a critical vulnerability in its Fireware OS, tracked as CVE-2025-9242...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Patches Critical RCE Flaw (CVE-2025-23316, CVSS 9.8) in Triton Inference Server

Ddos September 17, 2025

NVIDIA has released a software update addressing multiple high- and critical-severity vulnerabilities in its Triton Inference Server,...

Multiple High-Severity Vulnerabilities Found in HPE Aruba Networking EdgeConnect SD-WAN Gateways HPE Aruba Private 5G Vulnerability CVE-2026-23595 HPE Instant On Vulnerability CVE-2025-37166 CVE-2024-31466 & CVE-2024-31467 HPE Aruba Networking, vulnerability

HPE Aruba Private 5G Vulnerability CVE-2026-23595 HPE Instant On Vulnerability CVE-2025-37166 CVE-2024-31466 & CVE-2024-31467 HPE Aruba Networking, vulnerability

Multiple High-Severity Vulnerabilities Found in HPE Aruba Networking EdgeConnect SD-WAN Gateways

Ddos September 17, 2025

HPE Aruba Networking has released patches addressing multiple high- and medium-severity vulnerabilities in its EdgeConnect SD-WAN Gateways,...

Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices Samsung zero-day Samsung Galaxy S25 Edge, Sales Performance Samsung Account, Inactive Accounts One UI 7 Samsung Update

Samsung zero-day Samsung Galaxy S25 Edge, Sales Performance Samsung Account, Inactive Accounts One UI 7 Samsung Update

Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices

Ddos September 15, 2025

Samsung has released security updates to patch a critical zero-day vulnerability actively exploited against Android devices. Tracked...

Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control Digiever NVR, critical vulnerabilities

Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control

Ddos September 15, 2025

The Taiwan Computer Emergency Response Team (TWCERT/CC) has issued a vulnerability note warning of two critical security...

CISA Urges Immediate Patching: Critical Dassault Systèmes Flaw (CVE-2025-5086) Actively Exploited Known Exploited Vulnerabilities CISA KEV

CISA Urges Immediate Patching: Critical Dassault Systèmes Flaw (CVE-2025-5086) Actively Exploited

Ddos September 12, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw in Dassault Systèmes DELMIA Apriso...

NVIDIA Patches High-Severity Vulnerabilities in NVDebug Tool

Ddos September 11, 2025

NVIDIA has released a software update for its NVDebug tool, addressing three high-severity vulnerabilities (CVE-2025-23342, CVE-2025-23343, and...

Ivanti Patches Two High-Severity RCE Flaws in Endpoint Manager Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti Patches Two High-Severity RCE Flaws in Endpoint Manager

Ddos September 9, 2025

Ivanti has released important security updates for Ivanti Endpoint Manager (EPM), addressing two high-severity vulnerabilities that could...

CVE-2025-7350: Critical RCE Flaw in Rockwell Stratix Switches Scores CVSS 9.6 CVE-2024-21915 Rockwell Stratix switch CVE-2025-7350

CVE-2025-7350: Critical RCE Flaw in Rockwell Stratix Switches Scores CVSS 9.6

Ddos September 9, 2025

Rockwell Automation has issued a security advisory for a critical vulnerability in its Stratix industrial Ethernet switches,...

CVE-2025-57807: A Critical Flaw in ImageMagick Could Lead to RCE, PoC Available ImageMagick, heap out-of-bounds write

CVE-2025-57807: A Critical Flaw in ImageMagick Could Lead to RCE, PoC Available

Ddos September 8, 2025

Security researcher Lumina Mescuwa has disclosed a critical vulnerability in ImageMagick, tracked as CVE-2025-57807 (CVSS 9.8). The...

CVE-2025-58782: Apache Jackrabbit Vulnerability Exposes Systems to JNDI Injection and RCE Apache Jackrabbit, JNDI injection CVE-2023-37895 Apache Jackrabbit, XXE Vulnerability

CVE-2025-58782: Apache Jackrabbit Vulnerability Exposes Systems to JNDI Injection and RCE

Ddos September 8, 2025

The Apache Software Foundation has disclosed a new vulnerability in Apache Jackrabbit Core and JCR Commons, tracked...

CVE-2025-57052: Critical JSON Parsing Flaw in cJSON With CVSS 9.8, PoC Available cJSON vulnerability

CVE-2025-57052: Critical JSON Parsing Flaw in cJSON With CVSS 9.8, PoC Available

Ddos September 8, 2025

Security researcher Salah Chafai, an Exploit Development & Security specialist, has disclosed a critical flaw in the...

CVE-2025-53187: Critical RCE in ABB ASPECT BMS with CVSS 9.8, No Prior Authentication ABB OPTIMAX Vulnerability CVE-2025-14510 ABB Edgenius Auth Bypass, Critical RCE ABB, ASPECT BMS CVE-2024-48841, CVE-2024-48849, and CVE-2024-48852 CVE-2024-48510

CVE-2025-53187: Critical RCE in ABB ASPECT BMS with CVSS 9.8, No Prior Authentication

Ddos September 5, 2025

ABB has issued a cybersecurity advisory disclosing multiple vulnerabilities affecting its ASPECT Building Management System (BMS), including...

CVE-2025-5086 (CVSS 9.0): A Critical RCE in DELMIA Apriso with Exploit Attempts Seen in the Wild DELMIA Apriso, deserialization flaw

CVE-2025-5086 (CVSS 9.0): A Critical RCE in DELMIA Apriso with Exploit Attempts Seen in the Wild

Ddos September 4, 2025

Manufacturing operations are increasingly threatened not just by IoT weaknesses, but also by vulnerabilities in the complex...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

CVSS 10.0 RCE in Popular Python Library (36M+ Monthly Downloads), PoC Available

Ddos September 4, 2025

The widely used Python library DeepDiff, downloaded over 36 million times per month, has been found vulnerable...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

CVE-2025-53690: Mandiant and Sitecore Warn of Active Exploitation in ASP.NET Machine Key Configurations

Ddos September 4, 2025

A coordinated disclosure by Mandiant and Sitecore has revealed the active exploitation of a critical configuration vulnerability...

CISA Warns: Actively Exploited TP-Link Router Flaws Added to KEV Catalog TP-Link, CISA CVE-2023-32315 CISA KEV Catalog Active Exploitation

CISA Warns: Actively Exploited TP-Link Router Flaws Added to KEV Catalog

Ddos September 4, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added two TP-Link router vulnerabilities to its Known Exploited...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Frostbyte10: The Critical Flaws Threatening Global Supply Chains

Ddos September 4, 2025

Researchers at Armis Labs have uncovered a set of ten severe vulnerabilities in Copeland E2 and E3...

A Single Click Can Hijack Your PC: CVE-2025-58176 RCE Flaw Found in Dive Desktop App Dive desktop app, remote code execution

A Single Click Can Hijack Your PC: CVE-2025-58176 RCE Flaw Found in Dive Desktop App

Ddos September 3, 2025

The Open Agent Platform has issued a security advisory warning of a critical vulnerability in its Dive...