SonicWall has issued a critical security advisory for a newly identified vulnerability—CVE-2025-40599—affecting its SMA 100 series appliances,...
Remote Code Execution
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with four...
Cisco has issued an urgent update to its security advisory, revealing that three critical remote code execution...
Sophos has issued a security advisory detailing the remediation of five vulnerabilities in Sophos Firewall, including two...
A critical remote command execution (RCE) vulnerability has been discovered in Livewire, the popular full-stack framework for...
On the evening of July 18, 2025, Eye Security identified an active, large-scale exploitation of a newly...
Microsoft has issued an urgent security advisory for on-premises SharePoint Server customers in response to active exploitation...
A critical SQL injection vulnerability in Fortinet FortiWeb, tracked as CVE-2025-25257, has been added to the CISA...
NetSPI has uncovered a critical vulnerability in Forescout SecureConnector, a security agent meant to enforce endpoint compliance....
A severe remote code execution (RCE) vulnerability has been discovered in Lighthouse Studio, a popular web-based survey...
A critical vulnerability—CVE-2025-34068—has been discovered in Samsung’s WLAN AP WEA453e access points, allowing unauthenticated remote command execution...
A newly discovered Server-Side Template Injection (SSTI) vulnerability in the widely-used LaRecipe documentation tool has been assigned...
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-47812 to its Known Exploited Vulnerabilities (KEV) Catalog...
A flaw has been discovered in ImageMagick, the widely used open-source image manipulation suite, that could lead...
A critical remote code execution (RCE) vulnerability has been discovered in the Symantec Endpoint Management suite, also...
A critical security flaw in Fortinet’s FortiWeb web application firewall has been publicly weaponized, with proof-of-concept (PoC)...
CYFIRMA has uncovered a new threat model called RenderShock — a zero-click attack strategy that turns convenience...
In a warning issued by CERT/CC, multiple high-impact vulnerabilities have been identified in Gigabyte UEFI firmware that...
Axis Communications has issued a security advisory for a critical vulnerability affecting several of its flagship software...
In a concerning development for WordPress site administrators, the Patchstack team has uncovered a targeted supply chain...
Rockwell Automation has issued a security advisory detailing two vulnerabilities affecting its Arena Simulation software. Disclosed by...
On July 1, 2025—just a day after its public disclosure—Huntress witnessed the active exploitation of a critical...