Vulnerability Archives • Page 5 of 45 • Daily CyberSecurity

Critical Infrastructure Alert: Unauthenticated Flaw in Labkotec Ice Detectors Could Freeze Operations Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

Labkotec LID-3300IP CVE-2026-1775 ASUSTOR ADM Vulnerability CVE-2026-3179 Russian Cyberattacks - Security Operations Center

Critical Infrastructure Alert: Unauthenticated Flaw in Labkotec Ice Detectors Could Freeze Operations

Do Son March 5, 2026

Cybersecurity authorities have issued a stark warning regarding a critical vulnerability in Labkotec’s LID-3300IP, a widely deployed...

Critical RCE Vulnerability Discovered in OpenStack Vitrage Root Cause Analysis Service OpenStack Vitrage RCE CVE-2026-28370

Critical RCE Vulnerability Discovered in OpenStack Vitrage Root Cause Analysis Service

Do Son March 4, 2026

Security researcher Khalil Lemtaffah from Nokia has identified a critical remote code execution (RCE) vulnerability in OpenStack...

WordPress Security Alert: Critical Privilege Escalation Flaw in Popular Membership Plugin WordPress Privilege Escalation CVE-2026-1492 Sneeit Framework RCE, Unauthenticated Code Execution Post SMTP, Account Takeover WordPress Vulnerability, Unpatched XSS WordPress Vulnerability, PHP Object Injection WordPress AI Engine, Privilege Escalation CVE-2024-43153 & CVE-2024-43234

WordPress Privilege Escalation CVE-2026-1492 Sneeit Framework RCE, Unauthenticated Code Execution Post SMTP, Account Takeover WordPress Vulnerability, Unpatched XSS WordPress Vulnerability, PHP Object Injection WordPress AI Engine, Privilege Escalation CVE-2024-43153 & CVE-2024-43234

WordPress Security Alert: Critical Privilege Escalation Flaw in Popular Membership Plugin

Do Son March 4, 2026

A massive security hole has been discovered in the User Registration & Membership plugin for WordPress, a...

Critical 9.8 Flaw in Langflow’s AI CSV Agent Opens a Direct Path to Root Shell Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

Critical 9.8 Flaw in Langflow’s AI CSV Agent Opens a Direct Path to Root Shell

Do Son March 2, 2026

Artificial intelligence is making it easier than ever to build complex applications, but a newly discovered vulnerability...

Steering the Server: Critical 9.2 Severity SSRF Flaw in Angular SSR Allows Internal Network Probing Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Steering the Server: Critical 9.2 Severity SSRF Flaw in Angular SSR Allows Internal Network Probing

Do Son March 2, 2026

Developers relying on Angular’s Server-Side Rendering (SSR) capabilities need to double-check their security configurations. A highly critical...

Critical SQL Injection Vulnerability Found in ‘ormar’ Python Library Python asyncio Vulnerability Windows Buffer Overflow ormar SQL Injection CVE-2026-26198 CVE-2024-49768 - Waitress WSGI server

Python asyncio Vulnerability Windows Buffer Overflow ormar SQL Injection CVE-2026-26198 CVE-2024-49768 - Waitress WSGI server

Critical SQL Injection Vulnerability Found in ‘ormar’ Python Library

Do Son February 26, 2026

A major security flaw has been unearthed in ormar, a popular asynchronous mini Object-Relational Mapper (ORM) for...

Poisoned Pages: Critical Calibre Path Traversal Flaws Expose Readers to RCE Calibre Vulnerability CVE-2026-26065 Calibre RCE, FB2 File Flaw

Poisoned Pages: Critical Calibre Path Traversal Flaws Expose Readers to RCE

Do Son February 23, 2026

Calibre, the highly popular, cross-platform e-book manager utilized by readers worldwide to view, convert, edit, and catalog...

ASUS Kills “File Shredder” Feature to Fix Critical Flaw ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

ASUS Kills “File Shredder” Feature to Fix Critical Flaw

Do Son February 3, 2026

ASUS has issued a mandatory update for its commercial computer line that completely removes a core security...

One Click to Compromise: Microsoft Copilot’s “Reprompt” Flaw Exposed Microsoft Strategic Market Status investigation Dell CES 2026 AI PC marketing, Microsoft Copilot+ PC consumer apathy Microsoft AI Sales Quota Enterprise AI Demand Edge Copilot, AI browsing

Microsoft Strategic Market Status investigation Dell CES 2026 AI PC marketing, Microsoft Copilot+ PC consumer apathy Microsoft AI Sales Quota Enterprise AI Demand Edge Copilot, AI browsing

One Click to Compromise: Microsoft Copilot’s “Reprompt” Flaw Exposed

Do Son January 16, 2026

A new research report from Varonis Threat Labs has unveiled a vulnerability in Microsoft Copilot Personal that...

CVE-2025-66518: High-Severity Flaw in Apache Kyuubi Exposes Local Server Files Apache Kyuubi, CVE-2025-66518

CVE-2025-66518: High-Severity Flaw in Apache Kyuubi Exposes Local Server Files

Do Son January 6, 2026

Apache Kyuubi, the distributed gateway designed to provide secure, serverless SQL access to massive data lakes, has...

Researcher Details Stack Buffer Overflow Flaw in Net-SNMP snmptrapd with PoC Net-SNMP, CVE-2025-68615

Researcher Details Stack Buffer Overflow Flaw in Net-SNMP snmptrapd with PoC

Do Son January 6, 2026

A critical vulnerability in the widely used Net-SNMP suite has been uncovered, exposing a dangerous logic flaw...

Fragged Files: Critical Zero-Day Hits Quake III Arena Engines via Directory Traversal Quake III Arena, Zero-Day Vulnerability

Fragged Files: Critical Zero-Day Hits Quake III Arena Engines via Directory Traversal

Do Son January 5, 2026

The Quake III Arena engine, a cornerstone of FPS history open-sourced by id Software, has been hit...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

Eaton UPS Software Flaws Expose Systems to High-Risk Code Execution

Do Son January 5, 2026

Power management giant Eaton dropped a critical security advisory on Christmas Eve, warning users of its UPS...

The iOS 26.2 Trap: New WebKit Integer Overflow Discovered with PoC—Is Your iPhone at Risk? WebKit Integer Overflow, iOS 26.2 RCE CVE-2023-28206 PoC

The iOS 26.2 Trap: New WebKit Integer Overflow Discovered with PoC—Is Your iPhone at Risk?

Do Son December 29, 2025

Security researcher Joseph Goydish has identified a critical vulnerability within Apple’s WebKit engine, exposing a flaw that...

AI’s Exposed Side Door: Dify Flaw (CVE-2025-63387) Leaks System Configs to Anonymous Users Dify API Key Exposure, LLM Security Dify Information Disclosure, LLM Security

Dify API Key Exposure, LLM Security Dify Information Disclosure, LLM Security

AI’s Exposed Side Door: Dify Flaw (CVE-2025-63387) Leaks System Configs to Anonymous Users

Do Son December 22, 2025

As the race to build the next generation of AI applications accelerates, a significant security gap has...

Kubernetes Alert: Headlamp Flaw (CVE-2025-14269) Lets Unauthenticated Users Hijack Helm Clusters Headlamp Kubernetes, Helm Credential Hijack

Kubernetes Alert: Headlamp Flaw (CVE-2025-14269) Lets Unauthenticated Users Hijack Helm Clusters

Do Son December 19, 2025

A high-severity vulnerability has been discovered in Headlamp, a popular extensible web UI for Kubernetes, potentially allowing...

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates CVE-2023-40031 Notepad++ Update Hijacking, WinGUp Vulnerability

Urgent Patch: Notepad++ WinGUp Flaw Allowed Malware to Hijack Updates

Do Son December 11, 2025

Security researchers recently uncovered a vulnerability in the open-source text and code editor Notepad++, allowing attackers in...

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork lz4-java Out-of-bounds Read, Library EOL

lz4-java Out-of-bounds Read, Library EOL

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork

Do Son December 3, 2025

A high-severity vulnerability, tracked as CVE‐2025‐12183, has been disclosed in the popular lz4-java compression library, exposing applications...

HTTP.sys RCE vulnerability, Windows HTTP stack exploit, CVE-2026-47291 Netlogon RCE vulnerability Exploited in the wild Secure Boot certificate renewal 2026, Windows 11 UEFI update Community-First AI Infrastructure, Microsoft self-funding energy mandate aka.ms/aoh online portal CVE-2025-55681, Windows DWM Elevation Windows Administrator Protection, CVE-2025-60718 Microsoft AI Compute, IREN Infrastructure Microsoft Japan PPA, Renewable Energy Microsoft AI Investment, Cloud Expansion Microsoft Azure, Startup Credits Infinite Workday, AI in Work Microsoft Russia, Bankruptcy AI code generation, Microsoft AI Microsoft Layoffs, Restructuring

PoC Exploit Releases for CVE-2025-60718 – Windows Administrator Protection Elevation of Privilege Vulnerability

Do Son December 1, 2025

A significant crack has been discovered in the armor of Windows Administrator Protection, potentially allowing low-privileged attackers...

CVE-2025-59789: Critical Flaw in Apache bRPC Framework Exposes High-Performance Systems to Crash Risks Apache bRPC Vulnerability CVE-2025-60021 Apache bRPC, CVE-2025-59789 Apache bRPC, Redis Vulnerability

Apache bRPC Vulnerability CVE-2025-60021 Apache bRPC, CVE-2025-59789 Apache bRPC, Redis Vulnerability

CVE-2025-59789: Critical Flaw in Apache bRPC Framework Exposes High-Performance Systems to Crash Risks

Do Son December 1, 2025

A critical vulnerability has been unearthed in Apache bRPC, an industrial-grade RPC framework widely used to power...

Critical Alert 1 Active Exploit Detected Today