VULNERABILITY 95

Mutagen Astronomy - From Discovery to CISA Recognition—A Seven-Year Journey Feb 2, 2026
Moltbook AI Vulnerability Exposes Email Addresses, Login Tokens, and API Keys Feb 1, 2026
Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core Jan 27, 2026
Critical sandbox escape flaw found in popular vm2 NodeJS library Jan 27, 2026
Ticket to Shell - Exploiting PHP Filters and CNEXT in osTicket (CVE-2026-22200) Jan 22, 2026
Delta Electronics DIAView Vulnerability Advisory Jan 22, 2026
Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems Jan 20, 2026
New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs Jan 19, 2026
Fast Pair, loose security - Bluetooth accessories open to silent hijack Jan 17, 2026
A single click mounted a covert, multistage attack against Copilot Jan 14, 2026
CVE-2025-64155 | Fortinet FortiSIEM Jan 13, 2026
CVE-2026-22200 Jan 12, 2026
Public PoC prompts Cisco patch for ISE, ISE-PIC vulnerability Jan 8, 2026
Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers Jan 7, 2026
High-Severity Flaw in Open WebUI Affects AI Connections Jan 6, 2026
Hackers attack WatchGuard Firebox firewalls 120K IPs exposed and vulnerable Dec 22, 2025
New React Rsc Vulnerabilities Enable.Html Dec 14, 2025
CISA Warns of Windows Cloud Files Mini Filter 0-Day Vulnerability Exploited in Attacks Dec 14, 2025
Multiple India-based CCTV Cameras Dec 9, 2025
King Addons flaw lets anyone become WordPress admin Dec 3, 2025
Weaponized file name flaw makes updating glob an urgent job Nov 23, 2025
Critical Vulnerability in Azure Bastion Let Attackers Bypass Authentication and Escalate privileges Nov 23, 2025
Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update Nov 23, 2025
Fortinet’s delayed alert on actively exploited defect put defenders at a disadvantage Nov 17, 2025
U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog Nov 15, 2025
Patch now Samsung zero-day lets attackers take over your phone Nov 11, 2025
Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover Nov 5, 2025
OpenAI Atlas Browser Vulnerability Allows Malicious Code Injection into ChatGPT Oct 27, 2025
Hackers exploiting Windows updates Microsoft urges users to patch Oct 27, 2025
706,000+ BIND 9 Resolver Instances Vulnerable to Cache Poisoning Exposed Online – PoC Released Oct 26, 2025
Hackers exploiting critical vulnerability in Windows Server Update Service Oct 25, 2025
Anomali Cyber Watch - Nimbus Manticore, Spoofed IC3 Portals, a Record-Breaking DDoS Attack, and More Oct 23, 2025
PoC Exploit Released for Windows Server Update Services Remote Code Execution Vulnerability Oct 20, 2025
WatchGuard VPN Vulnerability Let Remote Attacker Execute Arbitrary Code Oct 19, 2025
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login Oct 12, 2025
The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn Oct 7, 2025
13-year-old Critical Redis RCE Vulnerability Let Attackers Gain Full Access to Host System Oct 7, 2025
Microsoft Critical GoAnywhere bug exploited in ransomware attacks Oct 6, 2025
New WireTap Attack Breaks Server SGX to Exfiltrate Sensitive Data Oct 5, 2025
Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems Sep 25, 2025
Cisco warns of IOS zero-day vulnerability exploited in attacks Sep 24, 2025
CISA Details That Hackers Gained Access to a U.S. Federal Agency Network Via GeoServer RCE Vulnerability Sep 24, 2025
Microsoft Fixed Entra ID Vulnerability Allowing Global Admin Impersonation Sep 23, 2025
Microsoft Entra ID flaw allowed hijacking any company's tenant Sep 22, 2025
Google Chrome 0-Day Vulnerability Actively Exploited in the Wild – Patch Now Sep 18, 2025
How a Plaintext File On Users’ Desktops Exposed Secrets Leads to Akira Ransomware Attacks Sep 17, 2025
IBM QRadar SIEM Vulnerability Let Attackers Perform Unauthorized Actions Sep 15, 2025
New HybridPetya Weaponizing UEFI Vulnerability to Bypass Secure Boot on Outdated Systems Sep 12, 2025
DELMIA Factory Software Vulnerability Exploited in Attacks Sep 12, 2025
Microsoft Patch Tuesday, September 2025 Edition Sep 9, 2025
Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack Sep 8, 2025
Severe Hikvision HikCentral Product Flaws What You Need to Know Sep 4, 2025
CMS Provider Sitecore Patches Exploited Critical Zero Day Sep 4, 2025
Hidden Commands in Images Exploit AI Chatbots and Steal Data Sep 1, 2025
Critical Next.js Framework Vulnerability Let Attackers Bypass Authorization Sep 1, 2025
WhatsApp patches vulnerability exploited in zero-day attacks Aug 29, 2025
Critical Docker Desktop flaw lets attackers hijack Windows hosts Aug 25, 2025
Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in Aug 19, 2025
Critical RCE Vulnerability in Cisco Firewall Management Software Under Active Exploitation Aug 15, 2025
Update WinRAR tools now RomCom and others exploiting zero-day vulnerability Aug 11, 2025
New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP Aug 10, 2025
OWASP AIVSS targets agentic AI risk Aug 6, 2025
Critical Vulnerability Impacting Over 100K Sites Patched in Everest Forms Plugin Aug 6, 2025
SonicWall investigates possible zero-day amid Akira ransomware surge Aug 5, 2025
Cursor IDE Persistent Code Execution via MCP Trust Bypass Aug 5, 2025
Critical Vulnerability in NestJS Devtools Localhost RCE via Sandbox Escape Aug 1, 2025
AI-powered Cursor IDE vulnerable to prompt-injection attacks Aug 1, 2025
Attackers Actively Exploiting Critical Vulnerability in Alone Theme Jul 29, 2025
Account Takeover Vulnerability Affecting Over 400K Installations Patched in Post SMTP Plugin Jul 23, 2025
How We Accidentally Discovered a Remote Code Execution Vulnerability in ETQ Reliance Jul 22, 2025
BIDI Swap Unmasking the Art of URL Misleading with Bidirectional Text Tricks Jul 22, 2025
The Internet Red Button a 2016 Bug Still Lets Anyone Kill Solar Farms in 3 Clicks Jul 21, 2025
Microsoft Fix Targets Attacks on SharePoint Zero-Day Jul 21, 2025
Flaw in Signal App Clone Could Leak Passwords — GreyNoise Identifies Active Reconnaissance and Exploit Attempts Jul 17, 2025
Zyxel security advisory for path traversal vulnerability in APs Jul 15, 2025
eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks Jul 14, 2025
Critical RCE Vulnerability in mcp-remote CVE-2025-6514 Threatens LLM Clients Jul 9, 2025
Count(er) Strike – Data Inference Vulnerability in ServiceNow Jul 9, 2025
Critical Sudo bugs expose major Linux distros to local Root exploits Jul 4, 2025
Cl0p cybercrime gang's data exfiltration tool found vulnerable to RCE attacks Jul 2, 2025
Critical Vulnerability in Microsens Devices Exposes Systems to Hackers Jul 1, 2025
Zero-day Bluetooth gap turns millions of headphones into listening stations Jun 26, 2025
Gogs Remote Command Execution Vulnerability (CVE-2024-56731) Jun 26, 2025
Cisco ISE Vulnerability Allows Remote Attackers to Execute Malicious Commands Jun 26, 2025
Realtek Bluetooth Flaw Allows Attackers to Launch DoS Attacks During Pairing Jun 25, 2025
Why a Classic MCP Server Vulnerability Can Undermine Your Entire AI Agent Jun 24, 2025
Don't panic, but it's only a matter of time before critical 'CitrixBleed 2' is under attack Jun 24, 2025
Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User Jun 13, 2025
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction Jun 12, 2025
EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data Jun 12, 2025
Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited Jun 11, 2025
NTLM reflection is dead, long live NTLM reflection! – An in-depth analysis of CVE-2025-33073 Jun 11, 2025
iMessage Zero-Click Attacks Suspected in Targeting of High-Value Individuals Jun 9, 2025
Qualcomm fixes three Adreno GPU zero-days exploited in attacks Jun 2, 2025
Bypassing MTE with CVE-2025-0072 May 23, 2025