Vulnerability Archives • Page 24 of 45 • Daily CyberSecurity

CVE-2025-36004: IBM i Vulnerability Allows Privilege Escalation IBM i, Privilege Escalation

CVE-2025-36004: IBM i Vulnerability Allows Privilege Escalation

Do Son June 26, 2025

IBM has issued a security advisory addressing a high-severity vulnerability in IBM i, its integrated operating system...

CISA Warns of Critical Flaws in ControlID iDSecure Vehicle Control Software ControlID iDSecure, Access Control Vulnerabilities

CISA Warns of Critical Flaws in ControlID iDSecure Vehicle Control Software

Do Son June 26, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a risk advisory on three newly discovered vulnerabilities...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

Quest Patches Critical KACE SMA Flaws, Including CVSS 10 Authentication Bypass

Do Son June 26, 2025

Quest Software has released urgent security hotfixes addressing four newly discovered vulnerabilities in its KACE Systems Management...

Critical Kaleris Navis N4 Flaw (CVE-2025-2566, CVSS 9.8): Supply Chain Infrastructure at Risk! Kaleris Navis N4, Terminal OS Vulnerabilities

Critical Kaleris Navis N4 Flaw (CVE-2025-2566, CVSS 9.8): Supply Chain Infrastructure at Risk!

Do Son June 25, 2025

Two newly disclosed vulnerabilities in the Kaleris Navis N4 terminal operating system could allow attackers to remotely...

Pre-Auth Command Execution in CentOS Web Panel Exposes Over 200,000 Servers, PoC Publishes CentOS Web Panel, Remote Code Execution

Pre-Auth Command Execution in CentOS Web Panel Exposes Over 200,000 Servers, PoC Publishes

Do Son June 25, 2025

A critical vulnerability discovered in CentOS Web Panel (CWP), a widely-used open-source server management platform. Tracked as...

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched Kibana Vulnerabilities, Code Execution

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Do Son June 25, 2025

Elastic has published a security advisory addressing two significant vulnerabilities in Kibana, the visualization and dashboarding layer...

TeamViewer Remote Management Bug (CVE-2025-36537) Enables Privilege Escalation TeamViewer Vulnerability, Privilege Escalation

TeamViewer Remote Management Bug (CVE-2025-36537) Enables Privilege Escalation

Do Son June 25, 2025

TeamViewer, a widely used remote access and management platform, has disclosed a new vulnerability that impacts its...

Double Injection Risk in NVIDIA Megatron-LM: Code Execution Flaws Patched in v0.12.1 NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

Double Injection Risk in NVIDIA Megatron-LM: Code Execution Flaws Patched in v0.12.1

Do Son June 25, 2025

NVIDIA has released a security bulletin addressing two newly discovered vulnerabilities—CVE-2025-23264 and CVE-2025-23265—affecting Megatron-LM, its open-source large...

Flaws Found in Hitachi Energy’s MicroSCADA X SYS600: CVEs Could Enable File Tampering, DoS, and MITM Attacks

Do Son June 25, 2025

Hitachi Energy has released a cybersecurity advisory (8DBD000218) disclosing five newly discovered vulnerabilities affecting its MicroSCADA X...

Critical Flaws in ELECOM Routers: JPCERT/CC Issues Warning Over Command Injection and XSS Risks ELECOM Router, Critical Vulnerabilities

Critical Flaws in ELECOM Routers: JPCERT/CC Issues Warning Over Command Injection and XSS Risks

Do Son June 25, 2025

In its latest vulnerability disclosure, JPCERT/CC has sounded the alarm on multiple critical security flaws affecting a...

Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases Advantech ICS, Critical Vulnerabilities

Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases

Do Son June 25, 2025

The Phantom The Cyber Security Agency (CSA) of Singapore has issued an urgent security advisory highlighting multiple...

Behind the Commit: CVSS 10.0 Bug Lets Attackers Hijack Gogs Servers Gogs RCE, XSS Vulnerability

Behind the Commit: CVSS 10.0 Bug Lets Attackers Hijack Gogs Servers

Do Son June 24, 2025

The open-source Git service Gogs, known for its simplicity and ease of deployment, disclosures two severe security...

Critical Linksys Router Flaw (CVE-2025-34037, CVSS 10.0) Actively Exploited by TheMoon Worm Linksys Router, TheMoon Worm

Critical Linksys Router Flaw (CVE-2025-34037, CVSS 10.0) Actively Exploited by TheMoon Worm

Do Son June 24, 2025

A critical vulnerability in multiple Linksys E-Series routers is being actively exploited in the wild by a...

CVE-2025-6218: WinRAR Directory Traversal Bug Opens the Door to Remote Code Execution WinRAR RCE, Directory Traversal

CVE-2025-6218: WinRAR Directory Traversal Bug Opens the Door to Remote Code Execution

Do Son June 24, 2025

A newly disclosed vulnerability in RARLAB’s WinRAR, the long-standing compression utility for Windows, has exposed millions of...

Critical Key Derivation Flaws in pbkdf2 Affect Millions of JavaScript Projects, PoC Available pbkdf2 npm, Cryptographic Flaws

Critical Key Derivation Flaws in pbkdf2 Affect Millions of JavaScript Projects, PoC Available

Do Son June 24, 2025

Two high-impact security advisories have been released for the pbkdf2 npm package—an essential utility in the JavaScript...

Critical Convoy Flaw (CVE-2025-52562, CVSS 10.0): Unauthenticated Remote Code Execution on KVM Servers! Convoy RCE, Unauthenticated

Critical Convoy Flaw (CVE-2025-52562, CVSS 10.0): Unauthenticated Remote Code Execution on KVM Servers!

Do Son June 24, 2025

A newly disclosed vulnerability in Convoy, a modern KVM server management panel built for hosting providers, has...

Critical Python Tarfile Flaw (CVE-2025-4517, CVSS 9.4): Arbitrary File Write, PoC Available Python Tarfile, Path Traversal

Critical Python Tarfile Flaw (CVE-2025-4517, CVSS 9.4): Arbitrary File Write, PoC Available

Do Son June 23, 2025

A newly disclosed vulnerability in Python’s tarfile module—CVE-2025-4517—has exposed a critical security risk that allows attackers to...

Critical Meshtastic Flaw: Key Duplication Allows Message Decryption & Node Hijacking Meshtastic, Cryptographic Flaw

Critical Meshtastic Flaw: Key Duplication Allows Message Decryption & Node Hijacking

Do Son June 23, 2025

The developers behind Meshtastic, the popular open-source LoRa mesh networking project, have issued a critical security advisory...

Critical ANPR Camera Flaw (CVE-2025-34022, CVSS 9.3) Exposes Selea TARGA Devices, PoC Available, No Vendor Response ANPR Camera, Path Traversal

Critical ANPR Camera Flaw (CVE-2025-34022, CVSS 9.3) Exposes Selea TARGA Devices, PoC Available, No Vendor Response

Do Son June 22, 2025

Gjoko Krstic of Zero Science Lab has uncovered a critical path traversal vulnerability in Selea’s TARGA series...

Critical Mattermost Flaw (CVE-2025-4981, CVSS 9.9) Allows RCE Via Path Traversal Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Critical Mattermost Flaw (CVE-2025-4981, CVSS 9.9) Allows RCE Via Path Traversal

Do Son June 21, 2025

Open-source collaboration platform Mattermost is exposed to a severe vulnerability that threatens the integrity of its deployments...

Critical Alert 1 Active Exploit Detected Today