VULNS 41

Exploitation of React2Shell Surges Dec 8, 2025
Old tech, new vulnerabilities - NTLM abuse, ongoing exploitation in 2025 Nov 26, 2025
Weaponized file name flaw makes updating glob an urgent job Nov 23, 2025
RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet Nov 15, 2025
Siemens COMOS Nov 13, 2025
Microsoft Patch Tuesday for November 2025 — Snort rules and prominent vulnerabilities Nov 11, 2025
CISA issues ICS advisories on Schneider Electric, Vertikal Systems vulnerabilities; adds DELMIA Apriso flaws to KEV Catalog Oct 29, 2025
Chrome Zero-Day Exploitation Linked to Hacking Team Spyware Oct 27, 2025
CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw Oct 21, 2025
Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped Oct 15, 2025
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login Oct 12, 2025
Patch Now Dell UnityVSA Flaw Allows Command Execution Without Login Oct 6, 2025
Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability Oct 1, 2025
Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems Sep 25, 2025
Apple rushes out fix for active zero-day in iOS and macOS Aug 21, 2025
Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data Aug 20, 2025
Microsoft August 2025 Patch Tuesday fixes one zero-day, 107 flaws Aug 12, 2025
OWASP AIVSS targets agentic AI risk Aug 6, 2025
Critical Vulnerability Impacting Over 100K Sites Patched in Everest Forms Plugin Aug 6, 2025
ReVault! When your SoC turns against you… Aug 5, 2025
Stack Overflows, Heap Overflows, and Existential Dread (SonicWall SMA100 CVE-2025-40596, CVE-2025-40597 and CVE-2025-40598) Jul 28, 2025
Citrix NetScaler Devices Memory Leak CVE-2025-5777 Jul 25, 2025
Critical Vulnerabilities Found in Tridium Niagara Framework Jul 23, 2025
Account Takeover Vulnerability Affecting Over 400K Installations Patched in Post SMTP Plugin Jul 23, 2025
The Internet Red Button a 2016 Bug Still Lets Anyone Kill Solar Farms in 3 Clicks Jul 21, 2025
NVIDIAScape - Critical NVIDIA AI Vulnerability A Three-Line Container Escape in NVIDIA Container Toolkit (CVE-2025-23266) Jul 17, 2025
eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks Jul 14, 2025
Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) Jul 11, 2025
Wing FTP Server Remote Code Execution (CVE-2025-47812) Exploited in the Wild Jul 10, 2025
July Patch Tuesday offers 127 fixes Jul 10, 2025
Asus and Adobe vulnerabilities Jul 10, 2025
CVE-2025-5777 CitrixBleed 2 Write-Up… Maybe? Jul 7, 2025
Critical vulnerabilities in NetScaler ADC exploited in-the-wild everything you need to know Jul 6, 2025
How Much More Must We Bleed? - Citrix NetScaler Memory Disclosure (CitrixBleed 2 CVE-2025-5777) Jul 4, 2025
Cl0p cybercrime gang's data exfiltration tool found vulnerable to RCE attacks Jul 2, 2025
Critical Vulnerability in Microsens Devices Exposes Systems to Hackers Jul 1, 2025
Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User Jun 13, 2025
Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud Jun 11, 2025
Roundcube Webmail under fire critical exploit found after a decade Jun 4, 2025
Multiple CVEs in Infoblox NetMRI RCE, Auth Bypass, SQLi, and File Read Vulnerabilities Jun 4, 2025
Exploits and vulnerabilities in Q1 2025 May 30, 2025