VULNERABILITY 44

• Severe Hikvision HikCentral Product Flaws What You Need to Know Sep 4, 2025
• CMS Provider Sitecore Patches Exploited Critical Zero Day Sep 4, 2025
• Hidden Commands in Images Exploit AI Chatbots and Steal Data Sep 1, 2025
• Critical Next.js Framework Vulnerability Let Attackers Bypass Authorization Sep 1, 2025
• WhatsApp patches vulnerability exploited in zero-day attacks Aug 29, 2025
• Critical Docker Desktop flaw lets attackers hijack Windows hosts Aug 25, 2025
• Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in Aug 19, 2025
• Critical RCE Vulnerability in Cisco Firewall Management Software Under Active Exploitation Aug 15, 2025
• Update WinRAR tools now RomCom and others exploiting zero-day vulnerability Aug 11, 2025
• New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP Aug 10, 2025
• OWASP AIVSS targets agentic AI risk Aug 6, 2025
• Critical Vulnerability Impacting Over 100K Sites Patched in Everest Forms Plugin Aug 6, 2025
• SonicWall investigates possible zero-day amid Akira ransomware surge Aug 5, 2025
• Cursor IDE Persistent Code Execution via MCP Trust Bypass Aug 5, 2025
• Critical Vulnerability in NestJS Devtools Localhost RCE via Sandbox Escape Aug 1, 2025
• AI-powered Cursor IDE vulnerable to prompt-injection attacks Aug 1, 2025
• Attackers Actively Exploiting Critical Vulnerability in Alone Theme Jul 29, 2025
• Account Takeover Vulnerability Affecting Over 400K Installations Patched in Post SMTP Plugin Jul 23, 2025
• How We Accidentally Discovered a Remote Code Execution Vulnerability in ETQ Reliance Jul 22, 2025
• BIDI Swap Unmasking the Art of URL Misleading with Bidirectional Text Tricks Jul 22, 2025
• The Internet Red Button a 2016 Bug Still Lets Anyone Kill Solar Farms in 3 Clicks Jul 21, 2025
• Microsoft Fix Targets Attacks on SharePoint Zero-Day Jul 21, 2025
• Flaw in Signal App Clone Could Leak Passwords — GreyNoise Identifies Active Reconnaissance and Exploit Attempts Jul 17, 2025
• Zyxel security advisory for path traversal vulnerability in APs Jul 15, 2025
• eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks Jul 14, 2025
• Critical RCE Vulnerability in mcp-remote CVE-2025-6514 Threatens LLM Clients Jul 9, 2025
• Count(er) Strike – Data Inference Vulnerability in ServiceNow Jul 9, 2025
• Critical Sudo bugs expose major Linux distros to local Root exploits Jul 4, 2025
• Cl0p cybercrime gang's data exfiltration tool found vulnerable to RCE attacks Jul 2, 2025
• Critical Vulnerability in Microsens Devices Exposes Systems to Hackers Jul 1, 2025
• Zero-day Bluetooth gap turns millions of headphones into listening stations Jun 26, 2025
• Gogs Remote Command Execution Vulnerability (CVE-2024-56731) Jun 26, 2025
• Cisco ISE Vulnerability Allows Remote Attackers to Execute Malicious Commands Jun 26, 2025
• Realtek Bluetooth Flaw Allows Attackers to Launch DoS Attacks During Pairing Jun 25, 2025
• Why a Classic MCP Server Vulnerability Can Undermine Your Entire AI Agent Jun 24, 2025
• Don't panic, but it's only a matter of time before critical 'CitrixBleed 2' is under attack Jun 24, 2025
• Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User Jun 13, 2025
• Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction Jun 12, 2025
• EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data Jun 12, 2025
• Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited Jun 11, 2025
• NTLM reflection is dead, long live NTLM reflection! – An in-depth analysis of CVE-2025-33073 Jun 11, 2025
• iMessage Zero-Click Attacks Suspected in Targeting of High-Value Individuals Jun 9, 2025
• Qualcomm fixes three Adreno GPU zero-days exploited in attacks Jun 2, 2025
• Bypassing MTE with CVE-2025-0072 May 23, 2025