Vulnerability Archives • Page 4 of 45 • Daily CyberSecurity

Industrial Alert: Critical Stored XSS Vulnerability Discovered in Siemens SIMATIC S7-1500 Siemens SIMATIC Vulnerability CVE-2025-40943 CVE-2024-47901 - Siemens InterMesh system CVE-2025-40804 Siemens SIVaaS

Siemens SIMATIC Vulnerability CVE-2025-40943 CVE-2024-47901 - Siemens InterMesh system CVE-2025-40804 Siemens SIVaaS

Industrial Alert: Critical Stored XSS Vulnerability Discovered in Siemens SIMATIC S7-1500

Do Son March 11, 2026

A high-severity security flaw has been uncovered in the Siemens SIMATIC S7-1500 CPU family, a cornerstone of...

Critical Alert: SAP’s Latest Security Update Fixes 9.8 CVSS RCE and Deserialization Flaws SAP Security Patches CVE-2026-27685 SAP Security Update CVE-2026-0488 CVE-2024-47578 - CVE-2025-0070 and CVE-2025-0066

SAP Security Patches CVE-2026-27685 SAP Security Update CVE-2026-0488 CVE-2024-47578 - CVE-2025-0070 and CVE-2025-0066

Critical Alert: SAP’s Latest Security Update Fixes 9.8 CVSS RCE and Deserialization Flaws

Do Son March 10, 2026

Today, 2026, SAP released its monthly security patch update, addressing 15 new security notes across its product...

Total Platform Compromise: Critical 9.6 CVSS Flaws in Budibase Expose Production Secrets Budibase RCE SSRF Vulnerability Budibase Vulnerabilities Authentication Bypass

Budibase RCE SSRF Vulnerability Budibase Vulnerabilities Authentication Bypass

Total Platform Compromise: Critical 9.6 CVSS Flaws in Budibase Expose Production Secrets

Do Son March 10, 2026

Budibase, the popular open-source low-code platform designed for building internal business applications, has released critical security patches...

Under Active Attack: Critical 9.8 CVSS Tutor LMS Pro Flaw Exploited in the Wild for Full Site Takeover CVE-2024-11972 - Hunk Companion

Under Active Attack: Critical 9.8 CVSS Tutor LMS Pro Flaw Exploited in the Wild for Full Site Takeover

Do Son March 10, 2026

A high-severity vulnerability has been uncovered in Tutor LMS Pro, a popular WordPress plugin used by over...

Home Network Alert: TP-Link Patches RCE Vulnerability in Archer AXE75 Routers

Do Son March 10, 2026

TP-Link has issued an urgent security advisory for users of its high-performance Archer AXE75 routers. A newly...

Kubernetes Security Alert: “Ingress-Nginx” Injection Flaw Risks Cluster-Wide Secret Exposure ingress-nginx Vulnerability CVE-2026-3288

Kubernetes Security Alert: “Ingress-Nginx” Injection Flaw Risks Cluster-Wide Secret Exposure

Do Son March 10, 2026

A critical security vulnerability has been identified in ingress-nginx, the widely used Ingress controller for Kubernetes. Tracked...

“Coruna” Exploit Kit: Mass iOS Attacks Pivot from Crypto Scams to Iran-Themed Lures Coruna Exploit Kit iOS Malware

“Coruna” Exploit Kit: Mass iOS Attacks Pivot from Crypto Scams to Iran-Themed Lures

Do Son March 10, 2026

New research from Validin shed light on the rapid evolution and expansion of “Coruna,” a sophisticated iOS...

Critical 9.8 CVSS Flaws Expose SICK Lector Scanners to Hijacking SICK Lector Vulnerability CVE-2026-2331 CVE-2022-0778 and CVE-2025-0867

Critical 9.8 CVSS Flaws Expose SICK Lector Scanners to Hijacking

Do Son March 10, 2026

In a significant update for the industrial automation sector, SICK PSIRT has issued a high-priority security advisory...

Critical 9.3 CVSS Flaw in Gogs Turns Repositories into Malware Delivery Vectors Gogs LFS Vulnerability CVE-2026-25921

Critical 9.3 CVSS Flaw in Gogs Turns Repositories into Malware Delivery Vectors

Do Son March 10, 2026

The Gogs project, a popular self-hosted Git service prized for its simplicity and painless setup, has been...

Critical 9.4 CVSS Zephyr RTOS Flaw Exposes Millions of IoT Devices to RCE Zephyr RTOS Vulnerability CVE-2026-1678

Critical 9.4 CVSS Zephyr RTOS Flaw Exposes Millions of IoT Devices to RCE

Do Son March 9, 2026

Security researchers have disclosed a critical memory-safety vulnerability in the Zephyr Project, a high-profile, scalable real-time operating...

Critical 9.3 CVSS Flaw in SiYuan Lets Hackers Steal Private Notes via SVG Injection SiYuan XSS Vulnerability CVE-2026-29183

Critical 9.3 CVSS Flaw in SiYuan Lets Hackers Steal Private Notes via SVG Injection

Do Son March 9, 2026

Security researchers have disclosed a high-severity vulnerability in SiYuan, the popular privacy-first personal knowledge management system. The...

1-Click to Compromise: Critical 9.3 CVSS Flaw in ZITADEL Exposes Accounts to Full Takeover ZITADEL Vulnerability CVE-2026-29191 CVE-2025-27507 ZITADEL SSRF, Login UI Hijack

ZITADEL Vulnerability CVE-2026-29191 CVE-2025-27507 ZITADEL SSRF, Login UI Hijack

1-Click to Compromise: Critical 9.3 CVSS Flaw in ZITADEL Exposes Accounts to Full Takeover

Do Son March 9, 2026

Security researchers have disclosed a high-severity vulnerability in ZITADEL, the popular open-source identity and access management (IAM)...

Unauthenticated Nginx UI Flaw Leaks Decryption Keys and Server Secrets Nginx UI Vulnerability CVE-2026-27944

Unauthenticated Nginx UI Flaw Leaks Decryption Keys and Server Secrets

Do Son March 8, 2026

Security researchers have uncovered a critical vulnerabilities in Nginx UI, a popular web-based interface used to manage...

Stream Hijacked: Critical Zero-Click Command Injection Flaw Exposed in AVideo-Encoder AVideo-Encoder Vulnerability CVE-2026-29058

Stream Hijacked: Critical Zero-Click Command Injection Flaw Exposed in AVideo-Encoder

Do Son March 6, 2026

Security researchers have uncovered a critical vulnerability in AVideo-Encoder, a key component of the open-source AVideo Platform...

Motorola Smart Feed redirect Anthropic Amazon 5GW partnership Amazon Perplexity lawsuit AWS-LC Vulnerabilities Cryptographic Bypass AWS Middle East drone strikes Amazon layoffs 2026, Amazon AI restructuring Amazon Kindle DRM Policy, Publisher Control EPUB AWS Nova Forge AI Model Customization AWS Trainium3 EC2 Trn3 UltraServer Route 53 Accelerated Recovery AWS DNS Resilience AI Browser War, Amazon Comet Amazon layoffs, cost reduction AWS outage, DynamoDB DNS AWS outage, cloud dependency AWS VPN Client, Root Privilege Escalation WSA shutdown, Amazon Appstore Amazon Wondery, Podcast Restructuring Amazon Q2 2025 Generative AI AWS Client VPN, Privilege Escalation Amazon AI, Wearable AI

Cracking the Cloud’s Crypto: Unauthenticated Bypass Flaws Found in Amazon’s AWS-LC Library

Do Son March 6, 2026

Cybersecurity researchers have identified three significant vulnerabilities in AWS-LC, Amazon’s open-source cryptographic library used extensively across its...

Integer Overflow Flaw in Apache ActiveMQ Exposes MQTT Brokers to DoS ActiveMQ security flaws Jolokia web console exploit ActiveMQ RCE Jolokia Spring Vulnerability ActiveMQ MQTT Vulnerability CVE-2025-66168 Apache Artemis Vulnerability CVE-2026-27446

ActiveMQ security flaws Jolokia web console exploit ActiveMQ RCE Jolokia Spring Vulnerability ActiveMQ MQTT Vulnerability CVE-2025-66168 Apache Artemis Vulnerability CVE-2026-27446

Integer Overflow Flaw in Apache ActiveMQ Exposes MQTT Brokers to DoS

Do Son March 5, 2026

The Apache Software Foundation has released a security update for Apache ActiveMQ, addressing a significant integer overflow...

Root Access for All: Critical Auth Bypass Hits Cisco Firewall Management Center Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Cisco Secure FMC CVE-2026-20079 Cisco RCE, Firewall Vulnerability Cisco Nexus, vulnerability CVE-2024-20412 - Cisco data breach

Root Access for All: Critical Auth Bypass Hits Cisco Firewall Management Center

Do Son March 5, 2026

Cybersecurity authorities are sounding the alarm on a critical vulnerability in the Cisco Secure Firewall Management Center...

Critical 10.0 CVSS Flaw in pac4j-jwt Lets Hackers Forge Admin Tokens pac4j-jwt Vulnerability CVE-2026-29000

Critical 10.0 CVSS Flaw in pac4j-jwt Lets Hackers Forge Admin Tokens

Do Son March 5, 2026

Cybersecurity researchers have uncovered a critical vulnerability in pac4j-jwt, a popular Java-based library used to secure thousands...

Critical 10.0 CVSS Flaw in Cisco Secure FMC Hands Hackers Root Access to Enterprise Firewalls Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center