Vulnerability

ASUS Kills “File Shredder” Feature to Fix Critical Flaw ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

ASUS Kills “File Shredder” Feature to Fix Critical Flaw

Ddos February 3, 2026

One Click to Compromise: Microsoft Copilot’s “Reprompt” Flaw Exposed Dell CES 2026 AI PC marketing, Microsoft Copilot+ PC consumer apathy Microsoft AI Sales Quota Enterprise AI Demand Edge Copilot, AI browsing

Dell CES 2026 AI PC marketing, Microsoft Copilot+ PC consumer apathy Microsoft AI Sales Quota Enterprise AI Demand Edge Copilot, AI browsing

One Click to Compromise: Microsoft Copilot’s “Reprompt” Flaw Exposed

Ddos January 16, 2026

CVE-2025-66518: High-Severity Flaw in Apache Kyuubi Exposes Local Server Files Apache Kyuubi, CVE-2025-66518

Apache Kyuubi, CVE-2025-66518

CVE-2025-66518: High-Severity Flaw in Apache Kyuubi Exposes Local Server Files

Ddos January 6, 2026

Researcher Details Stack Buffer Overflow Flaw in Net-SNMP snmptrapd with PoC Net-SNMP, CVE-2025-68615

Net-SNMP, CVE-2025-68615

Researcher Details Stack Buffer Overflow Flaw in Net-SNMP snmptrapd with PoC

Ddos January 6, 2026

Fragged Files: Critical Zero-Day Hits Quake III Arena Engines via Directory Traversal Quake III Arena, Zero-Day Vulnerability

Quake III Arena, Zero-Day Vulnerability

Fragged Files: Critical Zero-Day Hits Quake III Arena Engines via Directory Traversal

Ddos January 5, 2026

Eaton UPS Software Flaws Expose Systems to High-Risk Code Execution

ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

Eaton UPS Software Flaws Expose Systems to High-Risk Code Execution

Ddos January 5, 2026

The iOS 26.2 Trap: New WebKit Integer Overflow Discovered with PoC—Is Your iPhone at Risk? WebKit Integer Overflow, iOS 26.2 RCE CVE-2023-28206 PoC

WebKit Integer Overflow, iOS 26.2 RCE CVE-2023-28206 PoC

The iOS 26.2 Trap: New WebKit Integer Overflow Discovered with PoC—Is Your iPhone at Risk?

Ddos December 29, 2025

AI’s Exposed Side Door: Dify Flaw (CVE-2025-63387) Leaks System Configs to Anonymous Users Dify API Key Exposure, LLM Security Dify Information Disclosure, LLM Security

Dify API Key Exposure, LLM Security Dify Information Disclosure, LLM Security

AI’s Exposed Side Door: Dify Flaw (CVE-2025-63387) Leaks System Configs to Anonymous Users

Ddos December 22, 2025

Kubernetes Alert: Headlamp Flaw (CVE-2025-14269) Lets Unauthenticated Users Hijack Helm Clusters Headlamp Kubernetes, Helm Credential Hijack

Headlamp Kubernetes, Helm Credential Hijack

Kubernetes Alert: Headlamp Flaw (CVE-2025-14269) Lets Unauthenticated Users Hijack Helm Clusters

Ddos December 19, 2025

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates CVE-2023-40031 Notepad++ Update Hijacking, WinGUp Vulnerability

CVE-2023-40031 Notepad++ Update Hijacking, WinGUp Vulnerability

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates

Ddos December 11, 2025

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork lz4-java Out-of-bounds Read, Library EOL

lz4-java Out-of-bounds Read, Library EOL

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork

Ddos December 3, 2025

PoC Exploit Releases for CVE-2025-60718 – Windows Administrator Protection Elevation of Privilege Vulnerability

Secure Boot certificate renewal 2026, Windows 11 UEFI update Community-First AI Infrastructure, Microsoft self-funding energy mandate aka.ms/aoh online portal CVE-2025-55681, Windows DWM Elevation Windows Administrator Protection, CVE-2025-60718 Microsoft AI Compute, IREN Infrastructure Microsoft Japan PPA, Renewable Energy Microsoft AI Investment, Cloud Expansion Microsoft Azure, Startup Credits Infinite Workday, AI in Work Microsoft Russia, Bankruptcy AI code generation, Microsoft AI Microsoft Layoffs, Restructuring

PoC Exploit Releases for CVE-2025-60718 – Windows Administrator Protection Elevation of Privilege Vulnerability

Ddos December 1, 2025

CVE-2025-59789: Critical Flaw in Apache bRPC Framework Exposes High-Performance Systems to Crash Risks Apache bRPC Vulnerability CVE-2025-60021 Apache bRPC, CVE-2025-59789 Apache bRPC, Redis Vulnerability

Apache bRPC Vulnerability CVE-2025-60021 Apache bRPC, CVE-2025-59789 Apache bRPC, Redis Vulnerability

CVE-2025-59789: Critical Flaw in Apache bRPC Framework Exposes High-Performance Systems to Crash Risks

Ddos December 1, 2025

High-Severity Memos Flaw (CVE-2024-21635) Allows Hackers to Stay Logged In After Password Change Memos Session Flaw, Token Invalidation

Memos Session Flaw, Token Invalidation

High-Severity Memos Flaw (CVE-2024-21635) Allows Hackers to Stay Logged In After Password Change

Ddos November 17, 2025

7-Zip Flaw (CVE-2025-11001) with Public Exploit Code Threatens Unpatched Systems CVE-2025-0411 7-Zip path traversal

CVE-2025-0411 7-Zip path traversal

7-Zip Flaw (CVE-2025-11001) with Public Exploit Code Threatens Unpatched Systems

Ddos October 21, 2025

SAP Patches Critical 10.0 Flaw in NetWeaver: Unauthenticated RCE Risk SAP Security Patch Day CVE-2025-42944, CVE-2025-42937

SAP Security Patch Day CVE-2025-42944, CVE-2025-42937

SAP Patches Critical 10.0 Flaw in NetWeaver: Unauthenticated RCE Risk

Ddos October 14, 2025

Splunk Fixes Six Flaws, Including Unauthenticated SSRF and XSS Vulnerabilities in Enterprise Platform Splunk Permission Flaw, Local Privilege Escalation Splunk Vulnerabilities CVE-2024-53247 - Splunk Secure Gateway App CVE-2025-20229 & CVE-2025-20231

Splunk Permission Flaw, Local Privilege Escalation Splunk Vulnerabilities CVE-2024-53247 - Splunk Secure Gateway App CVE-2025-20229 & CVE-2025-20231

Splunk Fixes Six Flaws, Including Unauthenticated SSRF and XSS Vulnerabilities in Enterprise Platform

Ddos October 2, 2025

NVIDIA Patches High-Severity Code Injection Flaws in Megatron-LM AI Framework NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA Patches High-Severity Code Injection Flaws in Megatron-LM AI Framework

Ddos September 26, 2025

Two WordPress Core Vulnerabilities Disclosed Without Patch: Sensitive Data Exposure and Stored XSS Sneeit Framework RCE, Unauthenticated Code Execution Post SMTP, Account Takeover WordPress Vulnerability, Unpatched XSS WordPress Vulnerability, PHP Object Injection WordPress AI Engine, Privilege Escalation CVE-2024-43153 & CVE-2024-43234

Sneeit Framework RCE, Unauthenticated Code Execution Post SMTP, Account Takeover WordPress Vulnerability, Unpatched XSS WordPress Vulnerability, PHP Object Injection WordPress AI Engine, Privilege Escalation CVE-2024-43153 & CVE-2024-43234

Two WordPress Core Vulnerabilities Disclosed Without Patch: Sensitive Data Exposure and Stored XSS

Ddos September 25, 2025

CVE-2025-41715 (CVSS 9.8): Unauthenticated Flaw Exposes WAGO Industrial Databases WAGO, vulnerability, industrial automation BlockBlasters, Steam malware Baxter Life2000 Ventilation System - CVE-2024-48966

WAGO, vulnerability, industrial automation BlockBlasters, Steam malware Baxter Life2000 Ventilation System - CVE-2024-48966

CVE-2025-41715 (CVSS 9.8): Unauthenticated Flaw Exposes WAGO Industrial Databases

Ddos September 25, 2025