Vulnerability Archives • Page 11 of 45 • Daily CyberSecurity

CVE-2025-57803: Critical Flaw in ImageMagick Could Lead to Remote Code Execution ImageMagick, remote code execution

CVE-2025-57803: Critical Flaw in ImageMagick Could Lead to Remote Code Execution

Do Son September 1, 2025

The ImageMagick team has disclosed a critical vulnerability in its BMP encoder, tracked as CVE-2025-57803, which can...

CVE-2025-8077 (CVSS 9.8): CRITICAL Flaw in NeuVector Exposes Kubernetes Clusters to Full Takeover NeuVector, Kubernetes vulnerability CVE-2025-8077

NeuVector, Kubernetes vulnerability CVE-2025-8077

CVE-2025-8077 (CVSS 9.8): CRITICAL Flaw in NeuVector Exposes Kubernetes Clusters to Full Takeover

Do Son September 1, 2025

The SUSE Rancher Security Team has issued a critical security advisory for NeuVector, an open-source container security...

CVE-2024-58259: DoS Flaw in Rancher Manager Allows Unauthenticated Attackers to Crash Servers Rancher security flaws cluster privilege escalation Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

Rancher security flaws cluster privilege escalation Rancher Path Traversal CVE-2026-25705 Rancher Vulnerabilities, SAML Phishing CVE-2024-22036 Rancher, vulnerability

CVE-2024-58259: DoS Flaw in Rancher Manager Allows Unauthenticated Attackers to Crash Servers

Do Son September 1, 2025

The SUSE Rancher Security Team has issued a security advisory addressing a high-severity vulnerability in Rancher Manager,...

PoC Exploit Released for Nagios XI RCE Flaw Allows Attackers to Hijack Servers Nagios XI, remote code execution

PoC Exploit Released for Nagios XI RCE Flaw Allows Attackers to Hijack Servers

Do Son September 1, 2025

Nagios XI, one of the most widely used IT infrastructure monitoring solutions, has been found vulnerable to...

CVE-2025-8067: Linux Privilege Escalation Flaw Found in UDisks Daemon, PoC Releases UDisks daemon, Linux vulnerability

CVE-2025-8067: Linux Privilege Escalation Flaw Found in UDisks Daemon, PoC Releases

Do Son September 1, 2025

A security researcher has disclosed a serious flaw in the UDisks daemon, a widely used component for...

IBM watsonx Orchestrate Vulnerability (CVE-2025-0165) Exposes Systems to SQL Injection Attacks IBM CCA Vulnerability CVE-2025-13375 IBM Anthropic Partnership, AI Software Development watsonx Orchestrate, SQL injection CVE-2024-49803 - CVE-2024-41787 IBM Completes Acquisition HashiCorp

IBM CCA Vulnerability CVE-2025-13375 IBM Anthropic Partnership, AI Software Development watsonx Orchestrate, SQL injection CVE-2024-49803 - CVE-2024-41787 IBM Completes Acquisition HashiCorp

IBM watsonx Orchestrate Vulnerability (CVE-2025-0165) Exposes Systems to SQL Injection Attacks

Do Son August 31, 2025

IBM has released a security advisory warning of a SQL injection vulnerability affecting its watsonx Orchestrate Cartridge...

A Single URL Can Crash Your Website: Critical DoS Flaw (CVE-2025-58047) Found in Volto CMS Volto, vulnerability

A Single URL Can Crash Your Website: Critical DoS Flaw (CVE-2025-58047) Found in Volto CMS

Do Son August 31, 2025

The Plone Zope Security Team has released an advisory addressing a denial-of-service (DoS) vulnerability in Volto, the...

BadSuccessor (CVE-2025-53779) Technique Persists Despite Microsoft Patch BadSuccessor, Active Directory

BadSuccessor (CVE-2025-53779) Technique Persists Despite Microsoft Patch

Do Son August 30, 2025

At DEF CON 2025, Akamai security researcher Yuval Gordon revealed the story of BadSuccessor (CVE-2025-53779), an Active...

QNAP Patches Critical Flaw (CVE-2025-52856) with CVSS 9.3 QNAP Vulnerabilities CVE-2025-52856

QNAP Patches Critical Flaw (CVE-2025-52856) with CVSS 9.3

Do Son August 29, 2025

QNAP has released a security advisory addressing multiple vulnerabilities affecting the QVR firmware on legacy VioStor NVR...

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

A Critical Zero-Click WhatsApp Flaw, CVE-2025-55177, Was Exploited in Zero-Day Attacks

Do Son August 29, 2025

Meta’s WhatsApp Security Team has patched a zero-day flaw (CVE-2025-55177) in WhatsApp for iOS (prior to v2.25.21.73),...

Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247) Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247)

Do Son August 29, 2025

The Hikvision Security Response Center (HSRC) has released a new advisory detailing three vulnerabilities affecting different versions...

PoC Published: A Format String Bug in ImageMagick Could Allow Remote Code Execution ImageMagick, remote code execution

PoC Published: A Format String Bug in ImageMagick Could Allow Remote Code Execution

Do Son August 29, 2025

The developers of ImageMagick, one of the most widely used open-source image processing libraries, have disclosed a...

PoC Published: Critical Unauthenticated Command Injection Flaw in D-Link Routers (CVSS 9.8), No Patch! D-Link, command injection

PoC Published: Critical Unauthenticated Command Injection Flaw in D-Link Routers (CVSS 9.8), No Patch!

Do Son August 29, 2025

D-Link has issued a Security Announcement regarding multiple critical vulnerabilities discovered in its legacy DIR-series routers. These...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

CRITICAL Zero-Day CVE-2025-57819 in FreePBX Is Under Active Attack (CVSS 10.0)

Do Son August 29, 2025

The Sangoma FreePBX Security Team has issued a critical advisory for a newly discovered vulnerability in its...

CVE-2025-50979: SQL Injection Flaw in NodeBB Forum Software, PoC Available NodeBB, SQL injection

CVE-2025-50979: SQL Injection Flaw in NodeBB Forum Software, PoC Available

Do Son August 29, 2025

The developers of NodeBB, a popular open-source forum platform, have disclosed a critical vulnerability affecting version v4.3.0....

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Kaspersky Report: Vulnerabilities Are Exploding, and Attackers Are Adapting

Do Son August 29, 2025

Kaspersky Labs has published its Q2 2025 vulnerability analysis, revealing an alarming rise in both the number...

Cisco Warns of High-Severity DoS Flaw (CVE-2025-20241) in Nexus Switches Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Cisco Warns of High-Severity DoS Flaw (CVE-2025-20241) in Nexus Switches

Do Son August 28, 2025

Cisco Systems has published a security advisory detailing a high-severity denial-of-service (DoS) vulnerability affecting Cisco Nexus 3000...

A CVSS 9.6 Remote Flaw Allows Unauthenticated Attackers to Bypass Dell ThinOS Dell ThinOS, remote access

A CVSS 9.6 Remote Flaw Allows Unauthenticated Attackers to Bypass Dell ThinOS

Do Son August 28, 2025

Dell Technologies has issued a security advisory addressing several high-severity vulnerabilities in its ThinOS 10 platform, widely...

A Single Packet Can Crash a DHCP Server: High-Severity Flaw CVE-2025-40779 Found in Kea critical BIND 9 flaws Kea DHCP Vulnerability CVE-2026-3608 CVE-2022-1183 CVE-2025-40779 Kea DHCP, vulnerability