Vulnerability Archives • Page 29 of 45 • Daily CyberSecurity

CVE-2025-41646: Critical Authentication Bypass in RevPi Webstatus Threatens Industrial Systems RevPi Webstatus, Authentication Bypass

CVE-2025-41646: Critical Authentication Bypass in RevPi Webstatus Threatens Industrial Systems

Do Son June 10, 2025

KUNBUS has issued a critical security advisory for its RevPi Webstatus application following the discovery of an...

Critical Wazuh RCE (CVE-2025-24016) Actively Exploited by Mirai Botnets Wazuh RCE, Mirai Botnets

Critical Wazuh RCE (CVE-2025-24016) Actively Exploited by Mirai Botnets

Do Son June 9, 2025

Akamai’s Security Intelligence and Response Team (SIRT) has uncovered active exploitation of CVE-2025-24016, a critical remote code...

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered! CVE-2025-3835, Exchange Reporter Plus

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered!

Do Son June 9, 2025

ManageEngine’s Exchange Reporter Plus, a widely-used web-based monitoring and reporting tool for Microsoft Exchange, has been found...

Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover! PayU CommercePro, Account Takeover

Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover!

Do Son June 9, 2025

A severe vulnerability in the PayU CommercePro plugin for WordPress, which has over 5,000 active installations, allows...

Microsoft BFS Flaws Expose Windows to Privilege Escalation – PoC Code Released Race Condition Exploit

Microsoft BFS Flaws Expose Windows to Privilege Escalation – PoC Code Released

Do Son June 9, 2025

Security researchers at ht3labs published the technical details and proof-of-concept exploit code for a trio of critical...

QNAP Fixes SQL Injection and Certificate Validation Flaws in Qsync Central and File Station 5 QNAP Vulnerabilities CVE-2025-52856

QNAP Fixes SQL Injection and Certificate Validation Flaws in Qsync Central and File Station 5

Do Son June 9, 2025

QNAP Systems, Inc. has released patches addressing multiple high-severity vulnerabilities in its Qsync Central and File Station...

Legacy vBulletin 4.x Patch Backfires: RCE via Signed Base64 Payloads and a Full PoC vBulletin RCE

Legacy vBulletin 4.x Patch Backfires: RCE via Signed Base64 Payloads and a Full PoC

Do Son June 7, 2025

Security researcher Egidio Romano (EgiX) uncovers a fascinating PHP Object Injection (POI) vulnerability in legacy versions of...

Nintendo Switch 2 Hacked? Early Exploit Uncovered! Nintendo tariff lawsuit 2026 Nintendo Switch 2, MIG Tool Nintendo Switch 2, USB-C Restrictions Nintendo Switch 2, Vulnerability

Nintendo tariff lawsuit 2026 Nintendo Switch 2, MIG Tool Nintendo Switch 2, USB-C Restrictions Nintendo Switch 2, Vulnerability

Nintendo Switch 2 Hacked? Early Exploit Uncovered!

Do Son June 7, 2025

Nintendo’s recently launched Switch 2 console has already had a vulnerability discovered by enthusiasts. Security researcher David...

Unpatched XSS Vulnerability in Jenkins Gatling Plugin Puts Users at Risk (CVE-2025-5806) Jenkins Security Vulnerability

Unpatched XSS Vulnerability in Jenkins Gatling Plugin Puts Users at Risk (CVE-2025-5806)

Do Son June 7, 2025

The Jenkins community has issued a high-severity security advisory for a newly disclosed vulnerability in the Gatling...

CISA Alert: Critical Vulnerabilities Found in CyberData SIP Emergency Intercom Devices CyberData Vulnerabilities, SIP Intercom Security

CISA Alert: Critical Vulnerabilities Found in CyberData SIP Emergency Intercom Devices

Do Son June 7, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning of multiple high-impact...

Critical CVSS 9.8 Flaw Hits Popular LlamaIndex Framework Used by Millions LlamaIndex Vulnerability, SQL Injection

Critical CVSS 9.8 Flaw Hits Popular LlamaIndex Framework Used by Millions

Do Son June 6, 2025

LlamaIndex, a widely adopted framework for building LLM-powered applications with over 3.9 million monthly downloads, has been...

Amazon Alerts: High-Severity FreeRTOS-Plus-TCP Flaw Needs Immediate Patch! FreeRTOS Vulnerability, Embedded Security

Amazon Alerts: High-Severity FreeRTOS-Plus-TCP Flaw Needs Immediate Patch!

Do Son June 6, 2025

Amazon has issued a security advisory for a memory corruption vulnerability in the widely used FreeRTOS-Plus-TCP stack....

High-Severity Flaw in MIM Medical Imaging Software Allows Code Execution! MIM Software, Medical Imaging Security

High-Severity Flaw in MIM Medical Imaging Software Allows Code Execution!

Do Son June 6, 2025

In a recent security advisory, MIM Software Inc. disclosed a high-severity vulnerability, CVE-2025-1701, affecting the MIM Admin...

CVSS 9.8 Alert: Critical Flaws in HPE Insight Remote Support Enable RCE & File Access HPE Security, Insight RS Vulnerabilities

CVSS 9.8 Alert: Critical Flaws in HPE Insight Remote Support Enable RCE & File Access

Do Son June 5, 2025

Hewlett Packard Enterprise (HPE) has issued a security advisory addressing multiple high-impact vulnerabilities in its Insight Remote...

CRITICAL (CVSS 9.4) Python ‘tarfile’ Vulnerability: Arbitrary Filesystem Writes Possible! CPython Vulnerabilities, Python Tarfile CVE-2025-4517

CRITICAL (CVSS 9.4) Python ‘tarfile’ Vulnerability: Arbitrary Filesystem Writes Possible!

Do Son June 5, 2025

The CPython project has issued a security advisory addressing five vulnerabilities—including one CRITICAL and three HIGH-severity flaws—affecting...

Critical Dell Bug (CVSS 9.8) Lets Unauthenticated Attackers Fully Compromise the System Dell AI PC marketing pivot, XPS 2026 brand revival, NPU, Tech Industry News CVE-2023-32484 PowerScale OneFS, CVE-2024-53298

Critical Dell Bug (CVSS 9.8) Lets Unauthenticated Attackers Fully Compromise the System

Do Son June 5, 2025

Dell Technologies has issued urgent patches for multiple vulnerabilities impacting PowerScale OneFS, a core component of Dell’s...

CVE-2025-48951: Critical Deserialization Flaw in Auth0 PHP SDK Threatens Millions of Applications Auth0 PHP SDK, Critical Vulnerability

CVE-2025-48951: Critical Deserialization Flaw in Auth0 PHP SDK Threatens Millions of Applications

Do Son June 5, 2025

A newly disclosed vulnerability in the Auth0 PHP SDK—a widely-used authentication toolkit with over 16 million downloads—poses...

Cisco Warns of High-Severity SSH Security Flaws in UCS IMC and NDFC Systems Cisco Vulnerabilities, Privilege Escalation

Cisco Warns of High-Severity SSH Security Flaws in UCS IMC and NDFC Systems

Do Son June 5, 2025

Cisco has issued security advisories for two high-severity vulnerabilities—one in the Cisco Integrated Management Controller (IMC) and...

CVE-2025-48947: Session Cookies at Risk in Auth0 Next.js SDK Auth0, Next.js SDK

CVE-2025-48947: Session Cookies at Risk in Auth0 Next.js SDK

Do Son June 5, 2025

A serious vulnerability has been uncovered in the widely-used Auth0 Next.js SDK—a library that helps developers implement...

Critical ABB EIBPORT Flaw: Update Now to Prevent Building Automation Hijacks! ABB Security, EIBPORT Vulnerability

Critical ABB EIBPORT Flaw: Update Now to Prevent Building Automation Hijacks!

Do Son June 5, 2025

ABB has issued a Cyber Security Advisory addressing a critical session management vulnerability affecting its EIBPORT V3...

Critical Alert 1 Active Exploit Detected Today