security advisory Archives • Page 2 of 5 • Daily CyberSecurity

Apache Kylin Flaw: Authentication Bypass and SSRF Vulnerabilities Found in Big Data Platform CVE-2022-43396 Apache Kylin, Authentication Bypass

CVE-2022-43396 Apache Kylin, Authentication Bypass

Apache Kylin Flaw: Authentication Bypass and SSRF Vulnerabilities Found in Big Data Platform

Do Son October 1, 2025

The Apache Software Foundation has published a new security advisory disclosing three vulnerabilities in Apache Kylin, a...

OpenSSL Patches Three Flaws: Timing Side-Channel RCE Risk and Memory Corruption Affect All Versions OpenSSL Vulnerability RSA Memory Leak OpenSSL Vulnerability CVE-2025-15467 CVE-2022-2274 OpenSSL Vulnerabilities, Timing Side-Channel

OpenSSL Vulnerability RSA Memory Leak OpenSSL Vulnerability CVE-2025-15467 CVE-2022-2274 OpenSSL Vulnerabilities, Timing Side-Channel

OpenSSL Patches Three Flaws: Timing Side-Channel RCE Risk and Memory Corruption Affect All Versions

Do Son October 1, 2025

The OpenSSL Project has released a new security advisory addressing three vulnerabilities affecting multiple versions of the...

Cisco SNMP Flaw (CVE-2025-20352) Actively Exploited: Patch Now to Stop Root Access! Cisco Phone DoS, CVE-2025-20350 Cisco SNMP Flaw CVE-2025-20352 CVE-2024-20398 & CVE-2024-20381 CVE-2025-20206

Cisco Phone DoS, CVE-2025-20350 Cisco SNMP Flaw CVE-2025-20352 CVE-2024-20398 & CVE-2024-20381 CVE-2025-20206

Cisco SNMP Flaw (CVE-2025-20352) Actively Exploited: Patch Now to Stop Root Access!

Do Son September 25, 2025

Cisco has issued a security advisory warning of a critical flaw in its IOS and IOS XE...

SolarWinds Issues Advisory on Salesforce Data Breach Linked to Salesloft Drift Serv-U RCE, Authenticated RCE CVE-2024-0692 Salesforce breach

SolarWinds Issues Advisory on Salesforce Data Breach Linked to Salesloft Drift

Do Son September 18, 2025

SolarWinds has issued a security advisory regarding a major Salesforce data breach that exposed sensitive information from...

Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control Digiever NVR, critical vulnerabilities

Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control

Do Son September 15, 2025

The Taiwan Computer Emergency Response Team (TWCERT/CC) has issued a vulnerability note warning of two critical security...

Angular SSR Flaw (CVE-2025-59052) Exposes User Data: What Developers Need to Know Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular SSR Flaw (CVE-2025-59052) Exposes User Data: What Developers Need to Know

Do Son September 11, 2025

The Angular team has issued a security advisory addressing a high-severity flaw in server-side rendering (SSR) that...

Two New High-Severity Flaws in FreePBX Puts Admins and APIs at Risk WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

Two New High-Severity Flaws in FreePBX Puts Admins and APIs at Risk

Do Son September 6, 2025

The FreePBX project has issued an important security advisory addressing two vulnerabilities that pose significant risks to...

GNU Guix Issues Advisory for a Critical Privilege Escalation Flaw GNU Guix, privilege escalation guix-daemon vulnerability

GNU Guix Issues Advisory for a Critical Privilege Escalation Flaw

Do Son September 4, 2025

The GNU Guix team has issued a critical security advisory warning users to immediately update their systems...

URGENT: Sangoma FreePBX Warns of Exploit, Urges Immediate Administrator Lockdown FreePBX, security advisory

URGENT: Sangoma FreePBX Warns of Exploit, Urges Immediate Administrator Lockdown

Do Son August 28, 2025

The Sangoma FreePBX Security Team has issued an urgent security advisory after discovering a potential exploit targeting...

Langflow Hit by Privilege Escalation Flaw: CVE-2025-57760 Langflow, Privilege escalation

Langflow Hit by Privilege Escalation Flaw: CVE-2025-57760

Do Son August 26, 2025

The Langflow project has issued an important security advisory regarding a newly discovered vulnerability that poses a...

Critical Arbitrary File Upload Vulnerability in SonicWall SMA 100 Series Devices SonicWall ES RCE, Code Integrity Bypass SonicWall SMA, Arbitrary File Upload SonicWall SMA100 - CVE-2024-40764

SonicWall ES RCE, Code Integrity Bypass SonicWall SMA, Arbitrary File Upload SonicWall SMA100 - CVE-2024-40764

Critical Arbitrary File Upload Vulnerability in SonicWall SMA 100 Series Devices

Do Son July 23, 2025

SonicWall has issued a critical security advisory for a newly identified vulnerability—CVE-2025-40599—affecting its SMA 100 series appliances,...

SharePoint Server Under Active Zero-Day Attack (CVE-2025-53770, CVSS 9.8), No Patch Yet! SharePoint RCE, Zero-Day Exploitation CVE-2025-53770

SharePoint Server Under Active Zero-Day Attack (CVE-2025-53770, CVSS 9.8), No Patch Yet!

Do Son July 20, 2025

Microsoft has issued an urgent security advisory for on-premises SharePoint Server customers in response to active exploitation...

CVE-2025-54309: CrushFTP Targeted in Active Exploits Due to Unpatched Zero-Day Vulnerability CrushFTP Zero-Day, File Transfer Security

CVE-2025-54309: CrushFTP Targeted in Active Exploits Due to Unpatched Zero-Day Vulnerability

Do Son July 19, 2025

CrushFTP, a widely used secure file transfer server, has issued an urgent advisory regarding a critical zero-day...

Apache CXF Vulnerability: DoS and Data Leak Risks Exposed (CVE-2025-48795) Apache CXF, DoS Vulnerability

Apache CXF Vulnerability: DoS and Data Leak Risks Exposed (CVE-2025-48795)

Do Son July 15, 2025

The Apache Software Foundation has disclosed a vulnerability—CVE-2025-48795—affecting multiple versions of Apache CXF, an open-source web services...

CVE-2025-20271: Cisco Meraki VPN Bug Exposes MX and Z Series Devices to Remote DoS Attacks Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

CVE-2025-20271: Cisco Meraki VPN Bug Exposes MX and Z Series Devices to Remote DoS Attacks

Do Son June 19, 2025

Cisco has disclosed a vulnerability in its Meraki MX and Z Series devices, affecting the Cisco AnyConnect...

Mitel OpenScape Flaw (CVE-2025-23092): High-Severity Path Traversal Allows Admin RCE Mitel OpenScape, Path Traversal

Mitel OpenScape Flaw (CVE-2025-23092): High-Severity Path Traversal Allows Admin RCE

Do Son June 14, 2025

A newly disclosed vulnerability in Mitel’s OpenScape Accounting Management platform has been assigned CVE-2025-23092 and rated High...

Critical Path Traversal Vulnerability (CVSS 9.8) Exposes Mitel MiCollab Servers to Unauthorized Access Mitel MiCollab, Critical Vulnerability

Critical Path Traversal Vulnerability (CVSS 9.8) Exposes Mitel MiCollab Servers to Unauthorized Access

Do Son June 13, 2025

Mitel has issued a critical security advisory warning of a newly discovered path traversal vulnerability affecting its...

Urgent Bosch Alert: Critical RCE Flaw (CVSS 10.0) Exposes Dispatch & Matrix Software to Attack Bosch RCE, Critical Vulnerability

Urgent Bosch Alert: Critical RCE Flaw (CVSS 10.0) Exposes Dispatch & Matrix Software to Attack

Do Son June 13, 2025

Bosch has issued a critical security advisory addressing a severe remote code execution (RCE) vulnerability affecting its...

CVE-2025-41234: Spring Framework Vulnerability Enables Reflected File Download Attacks Spring Framework, RFD Vulnerability

CVE-2025-41234: Spring Framework Vulnerability Enables Reflected File Download Attacks

Do Son June 12, 2025

The Spring project has released a security advisory disclosing a vulnerability in the popular Spring Framework, which...

Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9 Vulnerability Demands Urgent Fix Avaya CMS, Remote Command Execution

Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9 Vulnerability Demands Urgent Fix

Do Son June 10, 2025

Avaya has issued a critical security advisory for its widely deployed Call Management System (CMS), warning customers...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

security advisory

Apache Kylin Flaw: Authentication Bypass and SSRF Vulnerabilities Found in Big Data Platform

OpenSSL Patches Three Flaws: Timing Side-Channel RCE Risk and Memory Corruption Affect All Versions

Cisco SNMP Flaw (CVE-2025-20352) Actively Exploited: Patch Now to Stop Root Access!

SolarWinds Issues Advisory on Salesforce Data Breach Linked to Salesloft Drift

Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control

Angular SSR Flaw (CVE-2025-59052) Exposes User Data: What Developers Need to Know

Two New High-Severity Flaws in FreePBX Puts Admins and APIs at Risk

GNU Guix Issues Advisory for a Critical Privilege Escalation Flaw

URGENT: Sangoma FreePBX Warns of Exploit, Urges Immediate Administrator Lockdown

Langflow Hit by Privilege Escalation Flaw: CVE-2025-57760

Critical Arbitrary File Upload Vulnerability in SonicWall SMA 100 Series Devices

SharePoint Server Under Active Zero-Day Attack (CVE-2025-53770, CVSS 9.8), No Patch Yet!

CVE-2025-54309: CrushFTP Targeted in Active Exploits Due to Unpatched Zero-Day Vulnerability

Apache CXF Vulnerability: DoS and Data Leak Risks Exposed (CVE-2025-48795)

CVE-2025-20271: Cisco Meraki VPN Bug Exposes MX and Z Series Devices to Remote DoS Attacks

Mitel OpenScape Flaw (CVE-2025-23092): High-Severity Path Traversal Allows Admin RCE

Critical Path Traversal Vulnerability (CVSS 9.8) Exposes Mitel MiCollab Servers to Unauthorized Access

Urgent Bosch Alert: Critical RCE Flaw (CVSS 10.0) Exposes Dispatch & Matrix Software to Attack

CVE-2025-41234: Spring Framework Vulnerability Enables Reflected File Download Attacks

Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9 Vulnerability Demands Urgent Fix