Vulnerability Archives • Page 12 of 45 • Daily CyberSecurity

PoC Available: CrushFTP Zero-Day (CVE-2025-54309) Exploited in the Wild

Do Son August 28, 2025

watchTowr Labs has released a detailed analysis of CVE-2025-54309, a zero-day authentication bypass vulnerability in CrushFTP, the...

NVIDIA Warns of a High-Severity Flaw in NeMo AI Curator (CVE-2025-23307) NeMo Curator, NVIDIA vulnerability

NVIDIA Warns of a High-Severity Flaw in NeMo AI Curator (CVE-2025-23307)

Do Son August 27, 2025

NVIDIA has released an important security update addressing a high-severity vulnerability in its NeMo Curator tool. The...

PoC Available: D-Link Router Flaw with CVSS 9.8 and No Patch D-Link EOL RCE, Unauthenticated Command Injection D-Link Command Injection CVE-2025-57105

D-Link EOL RCE, Unauthenticated Command Injection D-Link Command Injection CVE-2025-57105

PoC Available: D-Link Router Flaw with CVSS 9.8 and No Patch

Do Son August 27, 2025

D-Link has issued an important security bulletin concerning its legacy DI-7400G+ router series, warning users of a...

Chrome Security Update Use After Free Chrome Security Update Critical Vulnerabilities Chrome Security Update CVE-2026-3062 Chrome Security Update V8 Engine Vulnerability Chrome Security Update CVE-2026-1862 CVE-2026-0628 Chrome 143 Update Chrome Safe Browsing UAF, CVE-2025-11756 Chrome Memory Flaws, CVE-2025-11460 Google Chrome, vulnerability CVE-2025-10200, CVE-2025-10201 Big Sleep CVE-2025-9478 Chrome Update, Security Vulnerabilities

Google Chrome Patches Critical ANGLE Vulnerability (CVE-2025-9478) Discovered by AI Agent Big Sleep

Do Son August 27, 2025

Google has released a critical security update for the Stable channel of Chrome, addressing a use-after-free vulnerability...

CVE-2025-41702 (CVSS 9.8): Critical Flaw in Welotec egOS Puts Industrial Systems at Risk Welotec Vulnerability CVE-2025-41702

CVE-2025-41702 (CVSS 9.8): Critical Flaw in Welotec egOS Puts Industrial Systems at Risk

Do Son August 27, 2025

A critical flaw has been identified in the Welotec egOS WebGUI backend, tracked as CVE-2025-41702, which could...

URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack NetScaler, CVE-2025-7775

URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack

Do Son August 26, 2025

The Cloud Software Group (CSG) has released urgent security updates to address three high-severity vulnerabilities affecting NetScaler...

PoC Code Available for Critical SQLite Vulnerability (CVE-2025-6965) SQLite vulnerability CVE-2025-6965 PoC

PoC Code Available for Critical SQLite Vulnerability (CVE-2025-6965)

Do Son August 26, 2025

Google revealed that its large language model (LLM)-assisted vulnerability discovery framework detected and reported a critical flaw...

Langflow Hit by Privilege Escalation Flaw: CVE-2025-57760 Langflow, Privilege escalation

Langflow Hit by Privilege Escalation Flaw: CVE-2025-57760

Do Son August 26, 2025

The Langflow project has issued an important security advisory regarding a newly discovered vulnerability that poses a...

CVE-2025-54370: SSRF Vulnerability Discovered in PhpSpreadsheet Library CVE-2026-45034 exploit PhpSpreadsheet RCE vulnerability PhpSpreadsheet CVE-2025-54370

CVE-2026-45034 exploit PhpSpreadsheet RCE vulnerability PhpSpreadsheet CVE-2025-54370

CVE-2025-54370: SSRF Vulnerability Discovered in PhpSpreadsheet Library

Do Son August 26, 2025

A newly disclosed security flaw, tracked as CVE-2025-54370, has been identified in PhpSpreadsheet, a PHP-based library that...

Two RCE Vulnerabilities Found in Open-Source BI Tool DataEase DataEase, RCE vulnerability

Two RCE Vulnerabilities Found in Open-Source BI Tool DataEase

Do Son August 26, 2025

Security researchers have disclosed two critical vulnerabilities in DataEase, an open-source business intelligence (BI) tool designed for...

CISA Adds Citrix and Git Flaws to Known Exploited Vulnerabilities Catalog n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA Adds Citrix and Git Flaws to Known Exploited Vulnerabilities Catalog

Do Son August 26, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities...

TP-Link Issues Urgent Patch for KP303 Smart Plug Vulnerability (CVE-2025-8627)

Do Son August 26, 2025

TP-Link has issued a security advisory addressing a high-severity vulnerability (CVE-2025-8627) affecting its KP303 Smart Plug, warning...

Four Critical Flaws in a Privileged Access Manager Exposed by Rapid7 Privileged access manager, Securden

Four Critical Flaws in a Privileged Access Manager Exposed by Rapid7

Do Son August 26, 2025

Security researchers at Rapid7 have uncovered four serious vulnerabilities in Securden Unified Privileged Access Manager (PAM), a...

Chrome Zero-Day: Exploit in the Wild and PoC Released Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome Zero-Day: Exploit in the Wild and PoC Released

Do Son August 25, 2025

A high-severity zero-day vulnerability in Google Chrome’s V8 JavaScript engine, tracked as CVE-2025-5419, has been exposed, with...

CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks Tableau Vulnerability CVE-2025-26496

CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks

Do Son August 25, 2025

Salesforce Security has announced the resolution of multiple vulnerabilities in Tableau Server, identified during a proactive security...

IBM Issues Critical Patch for Jazz Team Server Vulnerability (CVE-2025-36157) IBM Vulnerability CVE-2025-36157

IBM Issues Critical Patch for Jazz Team Server Vulnerability (CVE-2025-36157)

Do Son August 25, 2025

IBM has released a security bulletin addressing a severe vulnerability in its Jazz Team Server, a Java-based...

CVE-2025-34158 (CVSS 10): Plex Media Server Users Warned to Patch Critical Vulnerability Now Plex vulnerability, CVE-2025-34158

CVE-2025-34158 (CVSS 10): Plex Media Server Users Warned to Patch Critical Vulnerability Now

Do Son August 22, 2025

Plex Media Server (PMS) users are being urged to update their systems immediately after the discovery of...

CVE-2025-55746: Critical Directus Flaw Exposes Servers to Unauthenticated File Upload and RCE

Do Son August 22, 2025

The Directus project has disclosed a critical vulnerability tracked as CVE-2025-55746 (CVSS 9.3) that could allow unauthenticated...

CVE-2024-36401 Exploited in Stealthy Bandwidth-Monetization Campaign Passive monetization, GeoServer vulnerability

CVE-2024-36401 Exploited in Stealthy Bandwidth-Monetization Campaign

Do Son August 22, 2025

A new report from Palo Alto Networks’ Unit 42 has shed light on an unusual and stealthy...

CVE-2025-9288: Critical Flaw in Popular JavaScript Library Threatens Global Web Security CVE-2025-9288 Cryptography Vulnerability

CVE-2025-9288: Critical Flaw in Popular JavaScript Library Threatens Global Web Security

Do Son August 22, 2025

A critical security vulnerability has been disclosed in sha.js, a widely used JavaScript library that implements the...

Critical Alert 1 Active Exploit Detected Today