| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-13915 | 9.8 | 0.31% | 4 | 0 | 2025-12-31T21:37:43.290000 | IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote at | |
| CVE-2025-15091 | 8.8 | 0.05% | 1 | 0 | 2025-12-31T21:31:35 | A vulnerability was determined in UTT 进取 512W up to 1.7.7-171114. This issue aff | |
| CVE-2025-15092 | 8.8 | 0.04% | 1 | 0 | 2025-12-31T21:31:35 | A vulnerability was identified in UTT 进取 512W up to 1.7.7-171114. Impacted is th | |
| CVE-2025-15090 | 8.8 | 0.05% | 1 | 0 | 2025-12-31T21:31:35 | A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This vulnerability | |
| CVE-2025-68120 | 5.4 | 0.07% | 1 | 0 | 2025-12-31T20:43:25.830000 | To prevent unexpected untrusted code execution, the Visual Studio Code Go extens | |
| CVE-2025-68706 | 9.8 | 0.02% | 1 | 0 | 2025-12-31T20:43:25.830000 | A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G | |
| CVE-2025-66866 | 0 | 0.02% | 1 | 0 | 2025-12-31T20:43:25.830000 | An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils | |
| CVE-2025-66861 | 2.5 | 0.02% | 1 | 0 | 2025-12-31T20:43:25.830000 | An issue was discovered in function d_unqualified_name in file cp-demangle.c in | |
| CVE-2025-66862 | 7.5 | 0.04% | 1 | 0 | 2025-12-31T20:43:25.830000 | A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in B | |
| CVE-2025-68926 | 9.8 | 0.07% | 1 | 0 | 2025-12-31T20:42:43.210000 | RustFS is a distributed object storage system built in Rust. In versions prior t | |
| CVE-2025-15255 | 9.8 | 0.05% | 1 | 0 | 2025-12-31T20:42:43.210000 | A vulnerability was determined in Tenda W6-S 1.0.0.4(510). This impacts an unkno | |
| CVE-2025-30628 | 8.5 | 0.00% | 1 | 0 | 2025-12-31T20:42:15.637000 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2025-28949 | 8.5 | 0.00% | 1 | 0 | 2025-12-31T20:42:15.637000 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2025-15389 | 8.8 | 0.29% | 1 | 0 | 2025-12-31T20:42:15.637000 | VPN Firewall developed by QNO Technology has an OS Command Injection vulnerabili | |
| CVE-2025-15388 | 8.8 | 0.29% | 2 | 0 | 2025-12-31T20:42:15.637000 | VPN Firewall developed by QNO Technology has an OS Command Injection vulnerabili | |
| CVE-2025-67255 | 8.8 | 0.01% | 1 | 0 | 2025-12-31T18:31:26 | In NagiosXI 2026R1.0.1 build 1762361101, Dashboard parameters lack proper filter | |
| CVE-2025-67254 | 7.5 | 0.07% | 1 | 0 | 2025-12-31T18:31:26 | NagiosXI 2026R1.0.1 build 1762361101 is vulnerable to Directory Traversal in /ad | |
| CVE-2025-14847 | 7.5 | 77.17% | 59 | 23 | template | 2025-12-31T17:32:39.683000 | Mismatched length fields in Zlib compressed protocol headers may allow a read of |
| CVE-2023-53973 | 8.4 | 0.01% | 1 | 0 | 2025-12-31T17:13:37.397000 | Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability t | |
| CVE-2025-15387 | 8.8 | 0.08% | 1 | 0 | 2025-12-31T09:31:37 | VPN Firewall developed by QNO Technology has a Insufficient Entropy vulnerabilit | |
| CVE-2025-1977 | None | 0.06% | 1 | 0 | 2025-12-31T09:31:35 | The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary pr | |
| CVE-2025-2026 | None | 0.14% | 1 | 3 | 2025-12-31T09:31:35 | The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability (C | |
| CVE-2025-15192 | 6.3 | 0.15% | 1 | 0 | 2025-12-30T20:41:49.483000 | A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The | |
| CVE-2025-15189 | 8.8 | 0.07% | 1 | 0 | 2025-12-30T20:40:55.587000 | A vulnerability was identified in D-Link DWR-M920 up to 1.1.50. This issue affec | |
| CVE-2025-15047 | 9.8 | 0.09% | 1 | 0 | 2025-12-30T19:29:29.563000 | A vulnerability was found in Tenda WH450 1.0.0.18. This affects an unknown funct | |
| CVE-2025-15046 | 9.8 | 0.09% | 1 | 0 | 2025-12-30T19:29:13.577000 | A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is | |
| CVE-2025-15044 | 9.8 | 0.09% | 1 | 0 | 2025-12-30T19:22:48.150000 | A vulnerability was detected in Tenda WH450 1.0.0.18. Impacted is an unknown fun | |
| CVE-2025-15076 | 7.3 | 0.21% | 1 | 0 | 2025-12-30T19:17:13.593000 | A weakness has been identified in Tenda CH22 1.0.0.1. Impacted is an unknown fun | |
| CVE-2025-66863 | 7.5 | 0.04% | 1 | 0 | 2025-12-30T18:31:18 | An issue was discovered in function d_discriminator in file cp-demangle.c in Bin | |
| CVE-2025-66865 | 7.5 | 0.04% | 1 | 0 | 2025-12-30T18:31:17 | An issue was discovered in function d_print_comp_inner in file cp-demangle.c in | |
| CVE-2025-14175 | None | 0.01% | 1 | 1 | 2025-12-29T21:30:29 | A vulnerability in the SSH server of TP-Link TL-WR820N v2.80 allows the use of a | |
| CVE-2025-14728 | 6.8 | 0.19% | 1 | 0 | 2025-12-29T21:30:29 | Rapid7 Velociraptor versions before 0.75.6 contain a directory traversal issue o | |
| CVE-2025-66864 | None | 0.02% | 1 | 0 | 2025-12-29T18:31:02 | An issue was discovered in function d_print_comp_inner in file cp-demangle.c in | |
| CVE-2025-15194 | 9.8 | 0.11% | 1 | 0 | 2025-12-29T18:31:02 | A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vu | |
| CVE-2025-52691 | 10.0 | 0.18% | 6 | 7 | 2025-12-29T17:15:45.157000 | Successful exploitation of the vulnerability could allow an unauthenticated atta | |
| CVE-2025-33223 | 9.8 | 0.07% | 1 | 0 | 2025-12-29T15:59:13.750000 | NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause a | |
| CVE-2025-33224 | 9.8 | 0.07% | 1 | 0 | 2025-12-29T15:59:13.750000 | NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause a | |
| CVE-2025-29228 | 9.8 | 0.39% | 1 | 0 | 2025-12-29T15:59:13.750000 | Linksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClo | |
| CVE-2025-14929 | 7.8 | 0.22% | 1 | 0 | 2025-12-29T15:58:56.260000 | Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrus | |
| CVE-2025-14931 | 10.0 | 1.67% | 1 | 0 | 2025-12-29T15:58:56.260000 | Hugging Face smolagents Remote Python Executor Deserialization of Untrusted Data | |
| CVE-2025-14922 | 7.8 | 0.22% | 1 | 0 | 2025-12-29T15:58:56.260000 | Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Ex | |
| CVE-2025-14924 | 7.8 | 0.22% | 1 | 0 | 2025-12-29T15:58:56.260000 | Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote | |
| CVE-2025-57403 | 7.5 | 0.36% | 1 | 0 | 2025-12-29T15:57:37.560000 | Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a | |
| CVE-2025-15081 | 6.3 | 1.41% | 1 | 0 | 2025-12-29T15:57:37.560000 | A vulnerability has been found in JD Cloud BE6500 4.4.1.r4308. This issue affect | |
| CVE-2025-15082 | 5.3 | 0.04% | 1 | 0 | 2025-12-29T15:57:37.560000 | A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown f | |
| CVE-2025-68937 | 0 | 0.07% | 1 | 0 | 2025-12-29T15:57:37.560000 | Forgejo before 13.0.2 allows attackers to write to unintended files, and possibl | |
| CVE-2025-15193 | 8.8 | 0.07% | 1 | 0 | 2025-12-29T15:30:28 | A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the f | |
| CVE-2025-15191 | 6.3 | 0.15% | 1 | 0 | 2025-12-29T15:30:28 | A weakness has been identified in D-Link DWR-M920 up to 1.1.50. The affected ele | |
| CVE-2025-15190 | 8.8 | 0.07% | 1 | 0 | 2025-12-29T15:30:28 | A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. Impacted is | |
| CVE-2025-13158 | None | 0.19% | 1 | 0 | 2025-12-26T19:50:18 | Prototype pollution vulnerability in apidoc-core versions 0.2.0 and all subseque | |
| CVE-2025-68945 | 5.8 | 0.03% | 1 | 0 | 2025-12-26T19:36:14 | In Gitea before 1.21.2, an anonymous user can visit a private user's project. | |
| CVE-2025-67015 | 7.5 | 0.03% | 1 | 0 | 2025-12-26T18:30:32 | Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellit | |
| CVE-2023-53974 | 7.5 | 0.07% | 1 | 0 | 2025-12-26T16:14:34.590000 | D-Link DSL-124 ME_1.00 contains a configuration file disclosure vulnerability th | |
| CVE-2025-12771 | 7.8 | 0.01% | 1 | 0 | 2025-12-26T15:30:23 | IBM Concert 1.0.0 through 2.1.0 is vulnerable to a stack-based buffer overflow, | |
| CVE-2025-68664 | 9.3 | 0.07% | 11 | 1 | 2025-12-24T01:08:11 | ## Summary A serialization injection vulnerability exists in LangChain's `dumps | |
| CVE-2025-15048 | 7.3 | 0.57% | 1 | 0 | 2025-12-24T00:30:28 | A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown | |
| CVE-2025-14926 | 7.8 | 0.08% | 1 | 0 | 2025-12-23T21:30:41 | Hugging Face Transformers SEW convert_config Code Injection Remote Code Executio | |
| CVE-2025-14920 | 7.8 | 0.22% | 1 | 0 | 2025-12-23T21:30:41 | Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remo | |
| CVE-2025-14927 | 7.8 | 0.08% | 1 | 0 | 2025-12-23T21:30:41 | Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execut | |
| CVE-2025-14930 | 7.8 | 0.22% | 1 | 0 | 2025-12-23T21:30:41 | Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Exe | |
| CVE-2025-15045 | 9.8 | 0.09% | 1 | 0 | 2025-12-23T21:30:41 | A flaw has been found in Tenda WH450 1.0.0.18. The affected element is an unknow | |
| CVE-2025-14921 | 7.8 | 0.22% | 1 | 0 | 2025-12-23T21:30:40 | Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data | |
| CVE-2025-14928 | 7.8 | 0.08% | 1 | 0 | 2025-12-23T21:30:40 | Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execu | |
| CVE-2025-14925 | 7.8 | 0.22% | 1 | 1 | 2025-12-23T21:30:40 | Hugging Face Accelerate Deserialization of Untrusted Data Remote Code Execution | |
| CVE-2025-33222 | 9.8 | 0.07% | 1 | 0 | 2025-12-23T18:30:35 | NVIDIA Isaac Launchable contains a vulnerability where an attacker could exploit | |
| CVE-2025-45493 | 6.5 | 4.33% | 1 | 0 | 2025-12-23T18:30:35 | Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface param | |
| CVE-2025-50526 | 9.8 | 0.40% | 1 | 0 | 2025-12-23T18:30:35 | Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerab | |
| CVE-2025-68475 | 7.5 | 0.11% | 1 | 0 | 2025-12-23T16:01:13 | Hi Fedify team! 👋 Thank you for your work on Fedify—it's a fantastic library fo | |
| CVE-2025-68613 | 9.9 | 3.55% | 3 | 25 | template | 2025-12-23T14:51:52.650000 | n8n is an open source workflow automation platform. Versions starting with 0.211 |
| CVE-2025-65857 | 7.5 | 0.04% | 1 | 1 | 2025-12-23T14:51:52.650000 | An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.00080 | |
| CVE-2025-8065 | 0 | 0.03% | 1 | 0 | 2025-12-23T14:51:52.650000 | A buffer overflow vulnerability exists in the ONVIF XML parser of Tapo C200 V3. | |
| CVE-2025-14300 | 0 | 0.05% | 1 | 0 | 2025-12-23T14:51:52.650000 | The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper a | |
| CVE-2023-52163 | 5.9 | 15.05% | 3 | 0 | 2025-12-23T12:31:24 | Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injectio | |
| CVE-2025-37164 | 10.0 | 73.34% | 2 | 2 | template | 2025-12-23T12:30:17 | A remote code execution issue exists in HPE OneView. |
| CVE-2025-14882 | None | 0.04% | 1 | 0 | 2025-12-20T17:41:17 | An API endpoint allowed access to sensitive files from other users by knowing th | |
| CVE-2025-14881 | None | 0.04% | 1 | 0 | 2025-12-20T17:39:03 | Multiple API endpoints allowed access to sensitive files from other users by kno | |
| CVE-2025-14299 | None | 0.07% | 1 | 0 | 2025-12-20T03:31:40 | The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length h | |
| CVE-2025-14964 | 9.8 | 0.27% | 1 | 0 | 2025-12-19T21:30:26 | A vulnerability has been found in TOTOLINK T10 4.1.8cu.5083_B20200521. This affe | |
| CVE-2025-14733 | 9.8 | 36.33% | 4 | 2 | 2025-12-19T21:30:19 | An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remot | |
| CVE-2025-66909 | 7.5 | 0.10% | 1 | 0 | 2025-12-19T18:32:24 | Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an image decompres | |
| CVE-2025-66908 | 5.3 | 0.05% | 1 | 0 | 2025-12-19T18:00:18.330000 | Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an improper file t | |
| CVE-2025-1927 | 7.1 | 0.01% | 1 | 0 | 2025-12-19T18:00:18.330000 | Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technolo | |
| CVE-2025-1885 | 5.4 | 0.03% | 1 | 0 | 2025-12-19T18:00:18.330000 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Restajet In | |
| CVE-2025-1928 | 9.1 | 0.06% | 1 | 0 | 2025-12-19T15:31:25 | Improper Restriction of Excessive Authentication Attempts vulnerability in Resta | |
| CVE-2025-13008 | None | 0.05% | 1 | 0 | 2025-12-19T09:30:27 | An information disclosure vulnerability in M-Files Server before versions 25.12. | |
| CVE-2025-59374 | 9.8 | 35.96% | 2 | 0 | 2025-12-18T18:31:33 | "UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were | |
| CVE-2025-20393 | 10.0 | 6.77% | 3 | 4 | 2025-12-18T15:41:16.840000 | Cisco is aware of a potential vulnerability. Cisco is currently investigat | |
| CVE-2025-68260 | 0 | 0.02% | 1 | 0 | 2025-12-18T15:08:06.237000 | In the Linux kernel, the following vulnerability has been resolved: rust_binder | |
| CVE-2025-55753 | 7.5 | 0.08% | 1 | 0 | 2025-12-10T16:39:14.227000 | An integer overflow in the case of failed ACME certificate renewal leads, after | |
| CVE-2025-55182 | 10.0 | 48.71% | 3 | 100 | template | 2025-12-10T02:00:02.557000 | A pre-authentication remote code execution vulnerability exists in React Server |
| CVE-2025-37899 | 7.8 | 0.01% | 1 | 2 | 2025-12-07T00:30:55 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix | |
| CVE-2025-63666 | 9.8 | 0.09% | 1 | 1 | 2025-11-17T18:59:20.080000 | Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the | |
| CVE-2025-1974 | 9.8 | 90.65% | 2 | 26 | template | 2025-11-15T02:13:06 | A security issue was discovered in Kubernetes where under certain conditions, an |
| CVE-2025-11953 | 9.8 | 0.61% | 1 | 3 | 2025-11-13T16:25:27 | The Metro Development Server, which is opened by the React Native CLI, binds to | |
| CVE-2025-47812 | 10.0 | 92.40% | 2 | 10 | template | 2025-11-05T19:26:31.650000 | In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0 |
| CVE-2025-24514 | 8.8 | 44.99% | 2 | 5 | template | 2025-11-04T00:32:21 | A security issue was discovered in [ingress-nginx](https://github.com/kubernetes |
| CVE-2025-24513 | 4.8 | 0.04% | 2 | 0 | 2025-11-04T00:32:21 | A security issue was discovered in [ingress-nginx](https://github.com/kubernetes | |
| CVE-2025-1097 | 8.8 | 13.42% | 2 | 4 | template | 2025-11-03T21:33:14 | A security issue was discovered in [ingress-nginx](https://github.com/kubernetes |
| CVE-2025-1098 | 8.8 | 60.57% | 2 | 3 | template | 2025-11-03T21:18:52.230000 | A security issue was discovered in ingress-nginx https://github.com/kubernetes/ |
| CVE-2025-31324 | 10.0 | 40.17% | 1 | 19 | template | 2025-10-31T21:56:14.103000 | SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper a |
| CVE-2022-47986 | 9.8 | 94.30% | 1 | 3 | template | 2025-10-27T14:14:45.293000 | IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker |
| CVE-2024-23897 | 9.8 | 94.47% | 1 | 46 | template | 2025-10-24T14:49:09.100000 | Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of |
| CVE-2025-8088 | 8.8 | 3.40% | 1 | 28 | 2025-10-22T00:34:26 | A path traversal vulnerability affecting the Windows version of WinRAR allows th | |
| CVE-2024-55591 | 9.8 | 94.14% | 1 | 10 | template | 2025-10-22T00:34:16 | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-2 |
| CVE-2024-53704 | 9.8 | 93.82% | 1 | 1 | template | 2025-10-22T00:34:16 | An Improper Authentication vulnerability in the SSLVPN authentication mechanism |
| CVE-2020-12812 | 9.8 | 50.29% | 2 | 0 | 2025-10-22T00:32:58 | An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6 | |
| CVE-2025-4609 | 9.7 | 0.12% | 1 | 0 | 2025-08-25T15:33:03 | Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome | |
| CVE-2025-50165 | 9.8 | 3.84% | 1 | 1 | 2025-08-12T18:31:39 | Untrusted pointer dereference in Microsoft Graphics Component allows an unauthor | |
| CVE-2025-53786 | 8.0 | 0.16% | 1 | 1 | 2025-08-06T20:23:37.600000 | On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hyb | |
| CVE-2025-24294 | 5.3 | 0.06% | 1 | 0 | 2025-07-15T22:56:20 | A denial of service vulnerability has been discovered in the resolv gem bundled | |
| CVE-2025-30023 | 9.0 | 1.92% | 1 | 0 | 2025-07-15T13:14:49.980000 | The communication protocol used between client and server had a flaw that could | |
| CVE-2025-30026 | None | 0.03% | 1 | 0 | 2025-07-11T06:30:36 | The AXIS Camera Station Server had a flaw that allowed to bypass authentication | |
| CVE-2025-6514 | 9.7 | 0.73% | 1 | 2 | 2025-07-09T18:08:46 | mcp-remote is exposed to OS command injection when connecting to untrusted MCP s | |
| CVE-2025-3699 | 9.8 | 0.17% | 1 | 0 | 2025-06-27T12:32:20 | Missing Authentication for Critical Function vulnerability in Mitsubishi Electri | |
| CVE-2025-5499 | 7.3 | 0.11% | 1 | 0 | 2025-06-03T15:31:27 | A vulnerability classified as critical has been found in slackero phpwcms up to | |
| CVE-2025-5378 | 4.3 | 0.03% | 1 | 1 | 2025-06-02T17:32:17.397000 | A vulnerability classified as problematic has been found in Astun Technology iSh | |
| CVE-2025-1484 | 6.5 | 0.04% | 1 | 17 | 2025-05-30T15:30:39 | A vulnerability exists in the media upload component of the Asset Suite version | |
| CVE-2025-2039 | 4.7 | 0.11% | 1 | 3 | 2025-05-13T20:57:18.117000 | A vulnerability classified as critical has been found in code-projects Blood Ban | |
| CVE-2025-29970 | 7.8 | 0.07% | 1 | 0 | 2025-05-13T18:31:00 | Use after free in Microsoft Brokering File System allows an authorized attacker | |
| CVE-2017-5123 | 8.8 | 1.71% | 1 | 8 | 2024-11-21T03:27:06.200000 | Insufficient data validation in waitid allowed an user to escape sandboxes on Li | |
| CVE-2024-44067 | 8.4 | 0.04% | 1 | 0 | 2024-08-20T20:35:34.497000 | The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C920 CPU in | |
| CVE-1973-0001 | 0 | 0.00% | 2 | 0 | N/A | ||
| CVE-2025-14346 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2025-9615 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2025-68615 | 0 | 0.03% | 1 | 1 | N/A | ||
| CVE-2025-3716 | 0 | 0.00% | 1 | 2 | N/A | ||
| CVE-2026-00001 | 0 | 0.00% | 1 | 1 | N/A | ||
| CVE-2025-66209 | 0 | 0.76% | 1 | 1 | N/A | ||
| CVE-2025-14269 | 0 | 0.00% | 1 | 1 | N/A | ||
| CVE-2025-14282 | 0 | 0.00% | 1 | 0 | N/A |
updated 2025-12-31T21:37:43.290000
4 posts
IBM API Connect Auth Bypass Alert Sends Shockwaves Across Critical Infrastructure
A Sudden Security Alarm From the Enterprise Core A fresh cybersecurity alert circulating across social platforms claims that IBM has warned users about a critical authentication bypass vulnerability affecting API Connect, one of its most widely deployed enterprise API management platforms. The reported flaw, tracked as CVE-2025-13915, carries a CVSS severity score of 9.8, placing it among…
##IBM patches critical authentication bypass flaw in API Connect
IBM released urgent fixes for a critical authentication bypass vulnerability (CVE-2025-13915) in API Connect that allows remote attackers to gain full system access without credentials.
**If you are using API Connect, this is an urgent and important patch. Patch the system ASAP. Until you can patch, disable the self-service sign-up feature to block attackers from skipping the login. If possible, isolate the API Connect service from the public internet and make it accessible via trusted networks.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/ibm-patches-critical-authentication-bypass-in-api-connect-f-h-k-3-f/gD2P6Ple2L
IBM patches critical authentication bypass flaw in API Connect
IBM released urgent fixes for a critical authentication bypass vulnerability (CVE-2025-13915) in API Connect that allows remote attackers to gain full system access without credentials.
**If you are using API Connect, this is an urgent and important patch. Patch the system ASAP. Until you can patch, disable the self-service sign-up feature to block attackers from skipping the login. If possible, isolate the API Connect service from the public internet and make it accessible via trusted networks.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/ibm-patches-critical-authentication-bypass-in-api-connect-f-h-k-3-f/gD2P6Ple2L
sev:CRIT auth bypass in IBM API Connect.
updated 2025-12-31T21:31:35
1 posts
Tenda
https://www.cve.org/CVERecord?id=CVE-2025-15076
UTT
https://www.cve.org/CVERecord?id=CVE-2025-15090
https://www.cve.org/CVERecord?id=CVE-2025-15091
https://www.cve.org/CVERecord?id=CVE-2025-15092
TOZED
https://www.cve.org/CVERecord?id=CVE-2025-15082
JD Cloud
https://www.cve.org/CVERecord?id=CVE-2025-15081
cc: @Dio9sys @da_667
##updated 2025-12-31T21:31:35
1 posts
Tenda
https://www.cve.org/CVERecord?id=CVE-2025-15076
UTT
https://www.cve.org/CVERecord?id=CVE-2025-15090
https://www.cve.org/CVERecord?id=CVE-2025-15091
https://www.cve.org/CVERecord?id=CVE-2025-15092
TOZED
https://www.cve.org/CVERecord?id=CVE-2025-15082
JD Cloud
https://www.cve.org/CVERecord?id=CVE-2025-15081
cc: @Dio9sys @da_667
##updated 2025-12-31T21:31:35
1 posts
Tenda
https://www.cve.org/CVERecord?id=CVE-2025-15076
UTT
https://www.cve.org/CVERecord?id=CVE-2025-15090
https://www.cve.org/CVERecord?id=CVE-2025-15091
https://www.cve.org/CVERecord?id=CVE-2025-15092
TOZED
https://www.cve.org/CVERecord?id=CVE-2025-15082
JD Cloud
https://www.cve.org/CVERecord?id=CVE-2025-15081
cc: @Dio9sys @da_667
##updated 2025-12-31T20:43:25.830000
1 posts
LMAO.
https://www.cve.org/CVERecord?id=CVE-2025-68120
##To prevent unexpected untrusted code execution, the Visual Studio Code Go extension is now disabled in Restricted Mode.
updated 2025-12-31T20:43:25.830000
1 posts
updated 2025-12-31T20:43:25.830000
1 posts
Six DoS PoCs in binutils.
CVE-2025-66861, CVE-2025-66862, CVE-2025-66863, CVE-2025-66864, CVE-2025-66865, CVE-2025-66866
##updated 2025-12-31T20:43:25.830000
1 posts
Six DoS PoCs in binutils.
CVE-2025-66861, CVE-2025-66862, CVE-2025-66863, CVE-2025-66864, CVE-2025-66865, CVE-2025-66866
##updated 2025-12-31T20:43:25.830000
1 posts
Six DoS PoCs in binutils.
CVE-2025-66861, CVE-2025-66862, CVE-2025-66863, CVE-2025-66864, CVE-2025-66865, CVE-2025-66866
##updated 2025-12-31T20:42:43.210000
1 posts
👀 https://nvd.nist.gov/vuln/detail/CVE-2025-68926
I'm starting to think RustFS is not that good. You should never hardcode access keys... :picardfacepalm:
updated 2025-12-31T20:42:43.210000
1 posts
🔴 CVE-2025-15255 - Critical (9.8)
A vulnerability was determined in Tenda W6-S 1.0.0.4(510). This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing manipulation of the argument Cookie can lead to stack-based buffer overflow. The ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15255/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
##updated 2025-12-31T20:42:15.637000
1 posts
🟠 CVE-2025-30628 - High (8.5)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) allows SQL Injection.This issue affects Amazon Affiliates Ad...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-30628/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
##updated 2025-12-31T20:42:15.637000
1 posts
🟠 CVE-2025-28949 - High (8.5)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codedraft Mediabay - WordPress Media Library Folders allows Blind SQL Injection.This issue affects Mediabay - WordPress Media Library Folders: fr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-28949/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
##updated 2025-12-31T20:42:15.637000
1 posts
🟠 CVE-2025-15389 - High (8.8)
VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15389/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
##updated 2025-12-31T20:42:15.637000
2 posts
🟠 CVE-2025-15388 - High (8.8)
VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15388/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
##🟠 CVE-2025-15388 - High (8.8)
VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15388/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
##updated 2025-12-31T18:31:26
1 posts
updated 2025-12-31T18:31:26
1 posts
updated 2025-12-31T17:32:39.683000
59 posts
23 repos
https://github.com/onewinner/CVE-2025-14847
https://github.com/14mb1v45h/CYBERDUDEBIVASH-MONGODB-DETECTOR-v2026
https://github.com/joshuavanderpoll/CVE-2025-14847
https://github.com/cybertechajju/CVE-2025-14847_Expolit
https://github.com/franksec42/mongobleed-exploit-CVE-2025-14847
https://github.com/FurkanKAYAPINAR/CVE-2025-14847-MongoBleed-Exploit
https://github.com/Ashwesker/Ashwesker-CVE-2025-14847
https://github.com/Black1hp/mongobleed-scanner
https://github.com/ProbiusOfficial/CVE-2025-14847
https://github.com/KingHacker353/CVE-2025-14847_Expolit
https://github.com/JemHadar/MongoBleed-DFIR-Triage-Script-CVE-2025-14847
https://github.com/vfa-tuannt/CVE-2025-14847
https://github.com/Rishi-kaul/CVE-2025-14847-MongoBleed
https://github.com/NoNameError/MongoBLEED---CVE-2025-14847-POC-
https://github.com/kuyrathdaro/cve-2025-14847
https://github.com/nma-io/mongobleed
https://github.com/j0lt-github/mongobleedburp
https://github.com/tunahantekeoglu/MongoDeepDive
https://github.com/chinaxploiter/CVE-2025-14847-PoC
https://github.com/ob1sec/mongobleeder
https://github.com/Security-Phoenix-demo/mongobleed-exploit-CVE-2025-14847
⚪ New MongoDB Zero‑Day Vulnerability Actively Exploited in Attacks
🗨️ The RCE vulnerability CVE-2025-14847 fixed last week, also dubbed MongoBleed, is already being exploited by hackers. Security experts warn that more than 87,000 vulnerable servers are still accessible on the internet.
##🚀 MongoDB has disclosed a high-severity vulnerability (CVE-2025-14847) with a CVSS score of 8.7. This flaw allows unauthenticated remote attackers to read uninitialized heap memory due to improper handling of length parameter inconsistencies in compressed protocol headers. The vulnerability impacts specific releases in the 7.0, 8.0, and 8.2 series, necessitating immediate patching.
#Cybersecurity #InfoSec #Hacking #Privacy #TechSafety
👉 Full Story: https://www.nexaspecs.com/2025/12/mongodb-cve-2025-14847-security-fix.html
##🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.
Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.
Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.
Deets and detection here: 👉 https://pentest-tools.com/vulnerabilities-exploits/mongodb-server-information-disclosure-mongobleed_28455
##Massive Data Exposure as Attackers Exploit MongoBleed Vulnerability
Attackers are actively exploiting CVE-2025-14847 vulnerability in MongoDB dubbed MongoBleed to steal credentials. Over 75,000 internet-exposed databases are reported in security scans.
**Make sure all database servers are isolated from the internet and accessible from trusted networks only. Then patch ASAP! If you can't update your MongoDB instance immediately, disable zlib compression.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/massive-data-exposure-as-attackers-exploit-mongobleed-vulnerability-c-f-s-5-u/gD2P6Ple2L
CVE-2025-14847 “MongoBleed” Vulnerability Exposes MongoDB Servers Worldwide + Video
🎯 Introduction Just days after Christmas, the cybersecurity community received an unwelcome surprise. A critical vulnerability labeled CVE-2025-14847, widely referred to as MongoBleed, surfaced with serious implications for MongoDB deployments across the globe. The flaw targets MongoDB Server instances that rely on zlib network compression, opening the door to remote memory exposure…
##⚪ New MongoDB Zero‑Day Vulnerability Actively Exploited in Attacks
🗨️ The RCE vulnerability CVE-2025-14847 fixed last week, also dubbed MongoBleed, is already being exploited by hackers. Security experts warn that more than 87,000 vulnerable servers are still accessible on the internet.
##🫤 We know the *last* thing you want to deal with on Dec 31st is a new vulnerability. But #MongoBleed (CVE-2025-14847) isn't waiting for the ball to drop.
Our team already updated the Pentest-Tools.com Network Scanner to detect this information disclosure flaw that's currently letting unauthenticated attackers leak MongoDB server info.
Whether you’re on-call or just checking in, we’ve made it fast to see if your servers are at risk. 🎯 Scan your IPs for CVE-2025-14847, patch it fast, and have a safe New Year.
Deets and detection here: 👉 https://pentest-tools.com/vulnerabilities-exploits/mongodb-server-information-disclosure-mongobleed_28455
##Massive Data Exposure as Attackers Exploit MongoBleed Vulnerability
Attackers are actively exploiting CVE-2025-14847 vulnerability in MongoDB dubbed MongoBleed to steal credentials. Over 75,000 internet-exposed databases are reported in security scans.
**Make sure all database servers are isolated from the internet and accessible from trusted networks only. Then patch ASAP! If you can't update your MongoDB instance immediately, disable zlib compression.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/massive-data-exposure-as-attackers-exploit-mongobleed-vulnerability-c-f-s-5-u/gD2P6Ple2L
Tenable, from yesterday: CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild https://www.tenable.com/blog/cve-2025-14847-mongobleed-mongodb-memory-leak-vulnerability-exploited-in-the-wild @tenable #infosec #MongoDB #vulnerability #threatresearch
##Okay, so CISA added this yesterday, confirming active exploitation.
CVE-2025-14847: MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-14847
https://www.cisa.gov/news-events/alerts/2025/12/29/cisa-adds-one-known-exploited-vulnerability-catalog #CISA #infosec #MongoDB
##🚨 CVE-2025-14847: MongoDB Unauthenticated Attacker Sensitive Memory Leak (MongoBleed)
CVSS-B: 8.7
FOFA Link: https://en.fofa.info/result?qbase64=YXBwPSJNb25nb0RCIg%3D%3D
FOFA Query: app="MongoDB"
FOFA Results: 1,310,459
PoC: https://github.com/joe-desimone/mongobleed
Writeup: https://www.ox.security/blog/attackers-could-exploit-zlib-to-exfiltrate-data-cve-2025-14847/
##CVE ID: CVE-2025-14847
Vendor: MongoDB
Product: MongoDB and MongoDB Server
Date Added: 2025-12-29
Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://jira.mongodb.org/browse/SERVER-115508 ; https://nvd.nist.gov/vuln/detail/CVE-2025-14847
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-14847
@mttaggart It's interesting that there's very little out there about any active exploitation of MongoDB. There's speculation that the Ubisoft breach is tied to MongoBleed, so that might have something to do with the exploitation narrative.
Ubisoft global status: https://www.ubisoft.com/en-us/game/rainbow-six/siege/status
More about the Ubisoft incident: https://www.engadget.com/gaming/rainbow-six-siege-servers-are-back-online-after-shutting-down-in-response-to-marketplace-hacks-191049079.html
Ox security first noted on December 24 that MongoDB was under active exploitation worldwide, but yesterday's Wiz story is also being circulated https://www.ox.security/blog/attackers-could-exploit-zlib-to-exfiltrate-data-cve-2025-14847/#technical_analysis
##MongoDB “MongoBleed” flaw (CVE-2025-14847) enables unauthenticated memory access.
Attackers can extract credentials and cloud secrets from server memory.
Immediate patching strongly advised.
##MongoBleed : cette faille de sécurité expose les secrets de 87 000 serveurs MongoDB https://www.it-connect.fr/mongobleed-faille-cve-2025-14847-mongodb/ #ActuCybersécurité #Cybersécurité #Vulnérabilité
##Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed
A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited in the wild, with over...
🔗️ [Bleepingcomputer] https://link.is.it/mrJ8fh
##@mttaggart Well, it's also Sunday, so we might see more stuff tomorrow.
Meanwhile, the latest on MongoBleed was posted four hours ago: https://github.com/joe-desimone/mongobleed/tree/main
From yesterday:
Critical MongoDB Vulnerability: CVE-2025-14847 - MongoBleed https://www.abstract.security/blog/critical-mongodb-vulnerability-cve-2025-14847-mongobleed
Ycombinator: https://news.ycombinator.com/item?id=46394620
##New.
Wiz: MongoBleed (CVE-2025-14847) exploited in the wild: everything you need to know https://www.wiz.io/blog/mongobleed-cve-2025-14847-exploited-in-the-wild-mongodb @wiz #infosec #MongoBleed
##A high-severity flaw known as MongoBleed (CVE-2025-14847) is currently being exploited in the wild.
The scale is significant:
🔍 Wiz researchers have confirmed active exploitation.
📊 Data from Shodan and Censys reveals between 87,000 and 100,000 potentially vulnerable MongoDB instances.
Read More: https://www.security.land/mongobleed-alert-cve-2025-14847-exploited-in-the-wild/
#SecurityLand #CyberSecurity #InfoSec #MongoDB #MongoBleed #DatabaseSecurity #Wiz #Shodan #Censys #CloudSecurity
##🚨 CVE-2025-14847: MongoDB Unauthenticated Memory Leak Exploit
GitHub: https://github.com/joe-desimone/mongobleed
A proof-of-concept exploit for the MongoDB zlib decompression vulnerability that allows unauthenticated attackers to leak sensitive server memory.
##SANS Stormcast Sunday, December 28th, 2025: MongoDB Unauthenticated Memory Leak CVE-2025-14847
https://isc.sans.edu/podcastdetail/9750
Mongobleed - CVE-2025-14847 https://doublepulsar.com/merry-christmas-day-have-a-mongodb-security-incident-9537f54289eb
##[VULN] ⚠️ MongoDB alerte sur une faille à haute gravité et urge de patcher
L'éditeur met en garde contre une vulnérabilité de lecture de mémoire de gravité élevée, qui pourrait être exploitée à distance par des attaquants non authentifiés.
⬇️
🔗 Source originale : https://www.bleepingcomputer.com/news/security/mongodb-warns-admins-to-patch-severe-rce-flaw-immediately/
PoC disponible (vecteur simple, peu de prérequis techniques,
surface d’attaque large, exploitation reproductible) 👀 : mongobleed
⬇️
• Impact observé: fuite de fragments de mémoire pouvant contenir des éléments sensibles tels que des journaux internes MongoDB, l’état du serveur, des paramètres WiredTiger, des données de /proc (ex. meminfo, statistiques réseau), des chemins Docker, des UUID de connexion et des IP clients. Le PoC montre des exemples de fuites (p. ex. MemAvailable, compteurs réseau) et indique la quantité totale de données exfiltrées ainsi que le nombre de fragments uniques. ⚠️
( https://cyberveille.ch/posts/2025-12-26-cve-2025-14847-mongobleed-fuite-de-memoire-non-authentifiee-dans-mongodb-correctifs-disponibles/ )
[Advisory officiel]
👇
https://jira.mongodb.org/browse/SERVER-115508
typiquement, si vous avez un contrôleur #UniFi exposé veut mieux verifier les règles firewall pour bloquer...
👇
https://community.ui.com/questions/MongoDB-warns-admins-to-patch-severe-RCE-flaw-immediately/6d64c7a3-0f22-496a-9bd2-023c02fcd126#answer/20ec3b97-d0c6-4f63-b2f5-d4953be27ad3
💬
⬇️
https://infosec.pub/post/39604416
#CyberVeille #mongoDB #CVE_2025_14847
*edit 27.12 enlevé attribution incorrecte de RCE"
##There’s a great blog on detecting MongoBleed exploitation via Velociraptor https://blog.ecapuano.com/p/hunting-mongobleed-cve-2025-14847
##Merry Christmas to everybody, except that dude who works for Elastic, who decided to drop an unauthenticated exploit for MongoDB on Christmas Day, that leaks memory and automates harvesting secrets (e.g. database passwords)
CVE-2025-14847 aka MongoBleed
Exp: https://github.com/joe-desimone/mongobleed/blob/main/mongobleed.py
This one is incredibly widely internet facing and will very likely see mass exploitation and impactful incidents
Impacts every MongoDB version going back a decade.
Shodan dork: product:"MongoDB"
##Oh. yay.
"mongobleed" — https://github.com/joe-desimone/mongobleed/blob/main/mongobleed.py
CVE-2025-14847
"Exploits zlib decompression bug to leak server memory via BSON field names.”
"Technique: Craft BSON with inflated doc_len, server reads field names from leaked memory until null byte.”
##MongoDB high severity flaw allows unauthenticated memory access via Zlib compression flaw
MongoDB reports a high severity flaw CVE-2025-14847 that allows unauthenticated remote attackers to read uninitialized heap memory, potentially exposing credentials, encryption keys, and other sensitive data by exploiting improper validation of Zlib compressed protocol headers through a simple TCP connection. The flaw affects MongoDB versions 3.6 through 8.2.2.
**If you're running MongoDB servers, first check if they are exposed to the internet. If yes this is urgent. Upgrade to the patched versions (8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32, or 4.4.30). Alternatively, isolate from the intenet, disable zlib compression and plan a patch cycle.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/mongodb-high-severity-flaw-allows-unauthenticated-memory-access-via-zlib-compression-flaw-7-p-x-6-z/gD2P6Ple2L
🚨 CVE-2025-14847: Critical Unauthenticated MongoDB RCE Heap Memory Leak Exposes Sensitive Data
CVSS: 8.7
Vulnerable versions include:
▪️MongoDB 3.6.x
▪️MongoDB 4.0.x
▪️MongoDB 4.2.x
▪️MongoDB 4.4.x ≤ 4.4.29
▪️MongoDB 5.0.x ≤ 5.0.31
▪️MongoDB 6.0.x ≤ 6.0.26
▪️MongoDB 7.0.x ≤ 7.0.26
▪️MongoDB 8.0.x ≤ 8.0.16
▪️MongoDB 8.2.x ≤ 8.2.2
Fixed versions:
▪️4.4.30
▪️5.0.32
▪️6.0.27
▪️7.0.28
▪️8.0.17
▪️8.2.3
https://www.upwind.io/feed/cve-2025-14847-mongodb-zlib-memory-disclosure
##updated 2025-12-31T17:13:37.397000
1 posts
🟠 CVE-2023-53973 - High (8.4)
Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2023-53973/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
##updated 2025-12-31T09:31:37
1 posts
🟠 CVE-2025-15387 - High (8.8)
VPN Firewall developed by QNO Technology has a Insufficient Entropy vulnerability, allowing unauthenticated remote attackers to obtain any logged-in user session through brute-force attacks and subsequently log into the system.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15387/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
##updated 2025-12-31T09:31:35
1 posts
🚨 EUVD-2025-205902
📊 Score: 7.7/10 (CVSS v3.1)
📦 Product: NPort 6100-G2/6200-G2 Series, NPort 6100-G2/6200-G2 Series
🏢 Vendor: Moxa
📅 Updated: 2025-12-31
📝 The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability (CVE-2025-1977) that allows an authenticated user with read-only access to perform unauthorized configura...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-205902
##updated 2025-12-31T09:31:35
1 posts
3 repos
https://github.com/keyuraghao/CVE-2025-20260
🚨 EUVD-2025-205901
📊 Score: 7.1/10 (CVSS v3.1)
📦 Product: NPort 6100-G2/6200-G2 Series, NPort 6100-G2/6200-G2 Series
🏢 Vendor: Moxa
📅 Updated: 2025-12-31
📝 The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulnerability (CVE-2025-2026) that allows remote attackers to execute a null byte injection through the device’s web API. This may lead to an un...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-205901
##updated 2025-12-30T20:41:49.483000
1 posts
updated 2025-12-30T20:40:55.587000
1 posts
updated 2025-12-30T19:29:29.563000
1 posts
updated 2025-12-30T19:29:13.577000
1 posts
updated 2025-12-30T19:22:48.150000
1 posts
updated 2025-12-30T19:17:13.593000
1 posts
Tenda
https://www.cve.org/CVERecord?id=CVE-2025-15076
UTT
https://www.cve.org/CVERecord?id=CVE-2025-15090
https://www.cve.org/CVERecord?id=CVE-2025-15091
https://www.cve.org/CVERecord?id=CVE-2025-15092
TOZED
https://www.cve.org/CVERecord?id=CVE-2025-15082
JD Cloud
https://www.cve.org/CVERecord?id=CVE-2025-15081
cc: @Dio9sys @da_667
##updated 2025-12-30T18:31:18
1 posts
Six DoS PoCs in binutils.
CVE-2025-66861, CVE-2025-66862, CVE-2025-66863, CVE-2025-66864, CVE-2025-66865, CVE-2025-66866
##updated 2025-12-30T18:31:17
1 posts
Six DoS PoCs in binutils.
CVE-2025-66861, CVE-2025-66862, CVE-2025-66863, CVE-2025-66864, CVE-2025-66865, CVE-2025-66866
##updated 2025-12-29T21:30:29
1 posts
1 repos
https://github.com/CyberVinner/TP-Link-TL-WR820N-CVE-2025-14175
updated 2025-12-29T21:30:29
1 posts
../ in Velociraptor Server on Linux.
https://docs.velociraptor.app/announcements/advisories/cve-2025-14728/
##Rapid7 Velociraptor versions before 0.75.6 contain a directory traversal issue on Linux servers that allows a rogue client to upload a file which is written outside the datastore directory. Velociraptor is normally only allowed to write in the datastore directory. The issue occurs due to insufficient sanitization of directory names which end with a \".\", only encoding the final \".\" AS \"%2E\".\n\n\nAlthough files can be written to incorrect locations, the containing directory must end with \"%2E\". This limits the impact of this vulnerability, and prevents it from overwriting critical files.
updated 2025-12-29T18:31:02
1 posts
Six DoS PoCs in binutils.
CVE-2025-66861, CVE-2025-66862, CVE-2025-66863, CVE-2025-66864, CVE-2025-66865, CVE-2025-66866
##updated 2025-12-29T18:31:02
1 posts
updated 2025-12-29T17:15:45.157000
6 posts
7 repos
https://github.com/hilwa24/CVE-2025-52691
https://github.com/DeathShotXD/CVE-2025-52691-APT-PoC
https://github.com/sajjadsiam/CVE-2025-52691-poc
https://github.com/yt2w/CVE-2025-52691
https://github.com/Ashwesker/Ashwesker-CVE-2025-52691
CSA has published guidance on CVE-2025-52691, a critical SmarterMail vulnerability enabling potential unauthenticated remote code execution through arbitrary file uploads.
Although exploitation has not been observed, the advisory highlights the continued exposure of mail server infrastructure and the importance of timely upgrades to fixed builds.
Engage in the discussion and follow TechNadu for sober, research-driven security reporting.
#InfoSec #VulnerabilityResearch #EmailInfrastructure #RCE #PatchManagement #CyberDefense #TechNadu
##Critical SmarterMail Vulnerability CVE-2025-52691 Poses Remote Code Execution Risk, CSA Warns
Singapore’s Cyber Security Agency (CSA) has issued a high-priority alert regarding a critical vulnerability in SmarterMail, a popular mail server software. Identified as CVE-2025-52691, this flaw affects versions Build 9406 and earlier, allowing attackers to execute code remotely without authentication through arbitrary file uploads. Users and organizations running affected…
##CSA has published guidance on CVE-2025-52691, a critical SmarterMail vulnerability enabling potential unauthenticated remote code execution through arbitrary file uploads.
Although exploitation has not been observed, the advisory highlights the continued exposure of mail server infrastructure and the importance of timely upgrades to fixed builds.
Engage in the discussion and follow TechNadu for sober, research-driven security reporting.
#InfoSec #VulnerabilityResearch #EmailInfrastructure #RCE #PatchManagement #CyberDefense #TechNadu
##Critical SmarterMail flaw allows unauthenticated remote code execution
SmarterTools released a critical update for SmarterMail to fix CVE-2025-52691 that allows unauthenticated remote code execution. Attackers can exploit this flaw to upload malicious files and gain full control over email servers.
**If you are using SmarterMail update ASAP. There is a trivial flaw to upload files and take over your system. You can't hide this behind a firewall, it's designed to be exposed to the internet. After patching, check your server logs for any new or strange files that appeared before you patched.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-smartermail-flaw-allows-unauthenticated-remote-code-execution-h-6-z-p-1/gD2P6Ple2L
🚨 CVE-2025-52691 (CVSS 10) in SmarterMail allows unauthenticated arbitrary file upload leading to RCE.
Affects Build ≤9406. Update to 9413+.
Detection script: github.com/rxerium/CVE-2025-52691
CSA Alert:
https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-124/
Critical unauthenticated arbitrary file upload vulnerability in SmarterMail server
##CVE-2025-52691 in SmarterMail server allows an unauthenticated attacker to upload files to arbitrary locations on the mail server, which can be used to place malicious content outside of expected directories and facilitate remote code execution.
updated 2025-12-29T15:59:13.750000
1 posts
NVIDIA patches critical vulnerabilities in Isaac Launchable Platform
NVIDIA patched three critical vulnerabilities (CVE-2025-33222, CVE-2025-33223, CVE-2025-33224) in its Isaac Launchable robotics platform that allow unauthenticated attackers to execute code, escalate privileges, and tamper with data.
**If you use NVIDIA Isaac Launchable, plan a very quick update to version 1.11.1 or later from the official GitHub repository. There are three critical flaws that allow unauthenticated attackers to completely compromise your system.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/nvidia-patches-critical-vulnerabilities-in-isaac-launchable-platform-o-e-9-j-9/gD2P6Ple2L
updated 2025-12-29T15:59:13.750000
1 posts
NVIDIA patches critical vulnerabilities in Isaac Launchable Platform
NVIDIA patched three critical vulnerabilities (CVE-2025-33222, CVE-2025-33223, CVE-2025-33224) in its Isaac Launchable robotics platform that allow unauthenticated attackers to execute code, escalate privileges, and tamper with data.
**If you use NVIDIA Isaac Launchable, plan a very quick update to version 1.11.1 or later from the official GitHub repository. There are three critical flaws that allow unauthenticated attackers to completely compromise your system.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/nvidia-patches-critical-vulnerabilities-in-isaac-launchable-platform-o-e-9-j-9/gD2P6Ple2L
updated 2025-12-29T15:59:13.750000
1 posts
updated 2025-12-29T15:58:56.260000
1 posts
Go hack more AI shit. 🥳
https://www.cve.org/CVERecord?id=CVE-2025-14920
https://www.cve.org/CVERecord?id=CVE-2025-14921
https://www.cve.org/CVERecord?id=CVE-2025-14922
https://www.cve.org/CVERecord?id=CVE-2025-14924
https://www.cve.org/CVERecord?id=CVE-2025-14925
https://www.cve.org/CVERecord?id=CVE-2025-14926
https://www.cve.org/CVERecord?id=CVE-2025-14927
https://www.cve.org/CVERecord?id=CVE-2025-14928
https://www.cve.org/CVERecord?id=CVE-2025-14929
##updated 2025-12-29T15:58:56.260000
1 posts
Go hack more AI shit. 🥳
https://www.cve.org/CVERecord?id=CVE-2025-14920
https://www.cve.org/CVERecord?id=CVE-2025-14921
https://www.cve.org/CVERecord?id=CVE-2025-14922
https://www.cve.org/CVERecord?id=CVE-2025-14924
https://www.cve.org/CVERecord?id=CVE-2025-14925
https://www.cve.org/CVERecord?id=CVE-2025-14926
https://www.cve.org/CVERecord?id=CVE-2025-14927
https://www.cve.org/CVERecord?id=CVE-2025-14928
https://www.cve.org/CVERecord?id=CVE-2025-14929
##updated 2025-12-29T15:58:56.260000
1 posts
Go hack more AI shit. 🥳
https://www.cve.org/CVERecord?id=CVE-2025-14920
https://www.cve.org/CVERecord?id=CVE-2025-14921
https://www.cve.org/CVERecord?id=CVE-2025-14922
https://www.cve.org/CVERecord?id=CVE-2025-14924
https://www.cve.org/CVERecord?id=CVE-2025-14925
https://www.cve.org/CVERecord?id=CVE-2025-14926
https://www.cve.org/CVERecord?id=CVE-2025-14927
https://www.cve.org/CVERecord?id=CVE-2025-14928
https://www.cve.org/CVERecord?id=CVE-2025-14929
##updated 2025-12-29T15:58:56.260000
1 posts
Go hack more AI shit. 🥳
https://www.cve.org/CVERecord?id=CVE-2025-14920
https://www.cve.org/CVERecord?id=CVE-2025-14921
https://www.cve.org/CVERecord?id=CVE-2025-14922
https://www.cve.org/CVERecord?id=CVE-2025-14924
https://www.cve.org/CVERecord?id=CVE-2025-14925
https://www.cve.org/CVERecord?id=CVE-2025-14926
https://www.cve.org/CVERecord?id=CVE-2025-14927
https://www.cve.org/CVERecord?id=CVE-2025-14928
https://www.cve.org/CVERecord?id=CVE-2025-14929
##updated 2025-12-29T15:57:37.560000
1 posts
../ and DNS?! It really is the season of magic.
https://www.cve.org/CVERecord?id=CVE-2025-57403
##Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL (or a portion of it) directly with a base path using
os.path.join. This bypass allows directory traversal or absolute path injection, leading to the potential exposure of sensitive information.
updated 2025-12-29T15:57:37.560000
1 posts
Tenda
https://www.cve.org/CVERecord?id=CVE-2025-15076
UTT
https://www.cve.org/CVERecord?id=CVE-2025-15090
https://www.cve.org/CVERecord?id=CVE-2025-15091
https://www.cve.org/CVERecord?id=CVE-2025-15092
TOZED
https://www.cve.org/CVERecord?id=CVE-2025-15082
JD Cloud
https://www.cve.org/CVERecord?id=CVE-2025-15081
cc: @Dio9sys @da_667
##updated 2025-12-29T15:57:37.560000
1 posts
Tenda
https://www.cve.org/CVERecord?id=CVE-2025-15076
UTT
https://www.cve.org/CVERecord?id=CVE-2025-15090
https://www.cve.org/CVERecord?id=CVE-2025-15091
https://www.cve.org/CVERecord?id=CVE-2025-15092
TOZED
https://www.cve.org/CVERecord?id=CVE-2025-15082
JD Cloud
https://www.cve.org/CVERecord?id=CVE-2025-15081
cc: @Dio9sys @da_667
##updated 2025-12-29T15:57:37.560000
1 posts
Forgejo whoopsie.
https://www.cve.org/CVERecord?id=CVE-2025-68937
##Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template repositories. This is also fixed for 11 LTS in 11.0.7 and later.
updated 2025-12-29T15:30:28
1 posts
updated 2025-12-29T15:30:28
1 posts
updated 2025-12-29T15:30:28
1 posts
updated 2025-12-26T19:50:18
1 posts
sev:CRIT prototype pollution in apidoc-core. But worse is the word wrapping without hyphens in the summary.
updated 2025-12-26T19:36:14
1 posts
That doesn't seem right.
https://www.cve.org/CVERecord?id=CVE-2025-68945
##In Gitea before 1.21.2, an anonymous user can visit a private user's project.
updated 2025-12-26T18:30:32
1 posts
I don't know about this specific device, but these types of devices tend to be used a lot in remote OT systems, often with the management interface exposed, and almost no monitoring. Other similar modems have been successfully exploited ITW for some interesting incidents.
https://www.cve.org/CVERecord?id=CVE-2025-67015
##Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1 allows attackers to change the Administrator password and escalate privileges via sending a crafted POST request to
/Forms/admin_access_1.
updated 2025-12-26T16:14:34.590000
1 posts
updated 2025-12-26T15:30:23
1 posts
Post-auth BoF in IBM Concert.
##updated 2025-12-24T01:08:11
11 posts
1 repos
LangGrinch: Kritische Lücke in LangChain-Core bedroht KI-Agenten
https://t3n.de/news/langgrinch-langchain-core-sicherheitsluecke-cve-2025-68664-1723178/?utm_source=flipboard&utm_medium=activitypub
Gepostet in Software & Entwicklung | t3n @software-entwicklung-t3n-t3n
##LangGrinch: A Bug in the Library, A Lesson for the Architecture https://amlalabs.com/blog/langgrinch-cve-2025-68664/
##All I Want for Christmas Is Your Secrets: LangGrinch hits LangChain Core https://cyata.ai/blog/langgrinch-langchain-core-cve-2025-68664/
##Critical LangChain serialization flaw enables secret extraction and arbitrary code execution
LangChain has patched a critical deserialization vulnerability (CVE-2025-68664) in its core library that allowed attackers to extract environment variables and potentially execute arbitrary code through improper escaping of the 'lc' key structure in serialization functions.
**If you're using LangChain, immediately update langchain-core to version 1.2.5 or 0.3.81, check your invoked methods for the risky ones and treat all LLM outputs as untrusted data. Make sure your langchain-community dependencies are also updated.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-langchain-serialization-flaw-enables-secret-extraction-and-arbitrary-code-execution-d-2-d-d-q/gD2P6Ple2L
Critical vulnerability in LangChain – CVE-2025-68664
Link: https://cyata.ai/blog/langgrinch-langchain-core-cve-2025-68664/
Discussion: https://news.ycombinator.com/item?id=46386009
All I Want for Christmas Is Your Secrets: LangGrinch hits LangChain Core
Link: https://cyata.ai/blog/langgrinch-langchain-core-cve-2025-68664/
Discussion: https://news.ycombinator.com/item?id=46386009
All I Want for Christmas Is Your Secrets: LangGrinch hits LangChain Core
https://cyata.ai/blog/langgrinch-langchain-core-cve-2025-68664/
#ycombinator
All I Want for Xmas Is Your Secrets: LangGrinch Hits LangChain (CVE-2025-68664)
https://cyata.ai/blog/langgrinch-langchain-core-cve-2025-68664/
#HackerNews #LangGrinch #LangChain #CVE2025 #cybersecurity #secrets
##All I Want for Xmas Is Your Secrets: LangGrinch Hits LangChain (CVE-2025-68664)
https://cyata.ai/blog/langgrinch-langchain-core-cve-2025-68664/
#ycombinator
Critical vulnerability in LangChain – CVE-2025-68664
https://cyata.ai/blog/langgrinch-langchain-core-cve-2025-68664/
##updated 2025-12-24T00:30:28
1 posts
updated 2025-12-23T21:30:41
1 posts
Go hack more AI shit. 🥳
https://www.cve.org/CVERecord?id=CVE-2025-14920
https://www.cve.org/CVERecord?id=CVE-2025-14921
https://www.cve.org/CVERecord?id=CVE-2025-14922
https://www.cve.org/CVERecord?id=CVE-2025-14924
https://www.cve.org/CVERecord?id=CVE-2025-14925
https://www.cve.org/CVERecord?id=CVE-2025-14926
https://www.cve.org/CVERecord?id=CVE-2025-14927
https://www.cve.org/CVERecord?id=CVE-2025-14928
https://www.cve.org/CVERecord?id=CVE-2025-14929
##updated 2025-12-23T21:30:41
1 posts
Go hack more AI shit. 🥳
https://www.cve.org/CVERecord?id=CVE-2025-14920
https://www.cve.org/CVERecord?id=CVE-2025-14921
https://www.cve.org/CVERecord?id=CVE-2025-14922
https://www.cve.org/CVERecord?id=CVE-2025-14924
https://www.cve.org/CVERecord?id=CVE-2025-14925
https://www.cve.org/CVERecord?id=CVE-2025-14926
https://www.cve.org/CVERecord?id=CVE-2025-14927
https://www.cve.org/CVERecord?id=CVE-2025-14928
https://www.cve.org/CVERecord?id=CVE-2025-14929
##updated 2025-12-23T21:30:41
1 posts
Go hack more AI shit. 🥳
https://www.cve.org/CVERecord?id=CVE-2025-14920
https://www.cve.org/CVERecord?id=CVE-2025-14921
https://www.cve.org/CVERecord?id=CVE-2025-14922
https://www.cve.org/CVERecord?id=CVE-2025-14924
https://www.cve.org/CVERecord?id=CVE-2025-14925
https://www.cve.org/CVERecord?id=CVE-2025-14926
https://www.cve.org/CVERecord?id=CVE-2025-14927
https://www.cve.org/CVERecord?id=CVE-2025-14928
https://www.cve.org/CVERecord?id=CVE-2025-14929
##updated 2025-12-23T21:30:41
1 posts
Go hack more AI shit. 🥳
https://www.cve.org/CVERecord?id=CVE-2025-14920
https://www.cve.org/CVERecord?id=CVE-2025-14921
https://www.cve.org/CVERecord?id=CVE-2025-14922
https://www.cve.org/CVERecord?id=CVE-2025-14924
https://www.cve.org/CVERecord?id=CVE-2025-14925
https://www.cve.org/CVERecord?id=CVE-2025-14926
https://www.cve.org/CVERecord?id=CVE-2025-14927
https://www.cve.org/CVERecord?id=CVE-2025-14928
https://www.cve.org/CVERecord?id=CVE-2025-14929
##updated 2025-12-23T21:30:41
1 posts
updated 2025-12-23T21:30:40
1 posts
Go hack more AI shit. 🥳
https://www.cve.org/CVERecord?id=CVE-2025-14920
https://www.cve.org/CVERecord?id=CVE-2025-14921
https://www.cve.org/CVERecord?id=CVE-2025-14922
https://www.cve.org/CVERecord?id=CVE-2025-14924
https://www.cve.org/CVERecord?id=CVE-2025-14925
https://www.cve.org/CVERecord?id=CVE-2025-14926
https://www.cve.org/CVERecord?id=CVE-2025-14927
https://www.cve.org/CVERecord?id=CVE-2025-14928
https://www.cve.org/CVERecord?id=CVE-2025-14929
##updated 2025-12-23T21:30:40
1 posts
Go hack more AI shit. 🥳
https://www.cve.org/CVERecord?id=CVE-2025-14920
https://www.cve.org/CVERecord?id=CVE-2025-14921
https://www.cve.org/CVERecord?id=CVE-2025-14922
https://www.cve.org/CVERecord?id=CVE-2025-14924
https://www.cve.org/CVERecord?id=CVE-2025-14925
https://www.cve.org/CVERecord?id=CVE-2025-14926
https://www.cve.org/CVERecord?id=CVE-2025-14927
https://www.cve.org/CVERecord?id=CVE-2025-14928
https://www.cve.org/CVERecord?id=CVE-2025-14929
##updated 2025-12-23T21:30:40
1 posts
1 repos
Go hack more AI shit. 🥳
https://www.cve.org/CVERecord?id=CVE-2025-14920
https://www.cve.org/CVERecord?id=CVE-2025-14921
https://www.cve.org/CVERecord?id=CVE-2025-14922
https://www.cve.org/CVERecord?id=CVE-2025-14924
https://www.cve.org/CVERecord?id=CVE-2025-14925
https://www.cve.org/CVERecord?id=CVE-2025-14926
https://www.cve.org/CVERecord?id=CVE-2025-14927
https://www.cve.org/CVERecord?id=CVE-2025-14928
https://www.cve.org/CVERecord?id=CVE-2025-14929
##updated 2025-12-23T18:30:35
1 posts
NVIDIA patches critical vulnerabilities in Isaac Launchable Platform
NVIDIA patched three critical vulnerabilities (CVE-2025-33222, CVE-2025-33223, CVE-2025-33224) in its Isaac Launchable robotics platform that allow unauthenticated attackers to execute code, escalate privileges, and tamper with data.
**If you use NVIDIA Isaac Launchable, plan a very quick update to version 1.11.1 or later from the official GitHub repository. There are three critical flaws that allow unauthenticated attackers to completely compromise your system.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/nvidia-patches-critical-vulnerabilities-in-isaac-launchable-platform-o-e-9-j-9/gD2P6Ple2L
updated 2025-12-23T18:30:35
1 posts
updated 2025-12-23T18:30:35
1 posts
updated 2025-12-23T16:01:13
1 posts
updated 2025-12-23T14:51:52.650000
3 posts
25 repos
https://github.com/Khin-96/n8n-cve-2025-68613-thm
https://github.com/secjoker/CVE-2025-68613
https://github.com/wioui/n8n-CVE-2025-68613-exploit
https://github.com/cv-sai-kamesh/n8n-CVE-2025-68613
https://github.com/LingerANR/n8n-CVE-2025-68613
https://github.com/gagaltotal/n8n-cve-2025-68613
https://github.com/manyaigdtuw/CVE-2025-68613_Scanner
https://github.com/AbdulRKB/n8n-RCE
https://github.com/hackersatyamrastogi/n8n-exploit-CVE-2025-68613-n8n-God-Mode-Ultimate
https://github.com/rxerium/CVE-2025-68613
https://github.com/intelligent-ears/CVE-2025-68613
https://github.com/TheStingR/CVE-2025-68613-POC
https://github.com/nehkark/CVE-2025-68613
https://github.com/J4ck3LSyN-Gen2/n8n-CVE-2025-68613-TryHackMe
https://github.com/releaseown/analysis-and-poc-n8n-CVE-2025-68613
https://github.com/Dlanang/homelab-CVE-2025-68613
https://github.com/Ashwesker/Ashwesker-CVE-2025-68613
https://github.com/reem-012/poc_CVE-2025-68613
https://github.com/GnuTLam/POC-CVE-2025-68613
https://github.com/JohannesLks/CVE-2025-68613-Python-Exploit
https://github.com/ali-py3/Exploit-CVE-2025-68613
https://github.com/r4j3sh-com/CVE-2025-68613-n8n-lab
https://github.com/mbanyamer/n8n-Authenticated-Expression-Injection-RCE-CVE-2025-68613
si vous utilisez n8n… ⚠️
Une vulnérabilité critique ( CVE-2025-68613 ) permet à un utilisateur connecté de détourner un workflow pour exécuter des commandes sur le serveur qui héberge n8n.
Concrètement, une automatisation mal conçue (ou malveillante) peut sortir du cadre prévu et donner accès au système :
données manipulées par les workflows
modification ou suppression des automatisations
et potentiellement contrôle complet du serveur
La faille touche de nombreuses versions (depuis 0.211.0) et est très sévère, surtout si n8n est exposé à Internet ou utilisé par plusieurs personnes.
✅ Solution : mettre à jour rapidement vers les versions corrigées (≥ 1.120.4 / 1.121.1 / 1.122.0).
En attendant, restreignez au maximum les droits de création/édition des workflows
👉 Si n8n est critique dans votre infra, c’est une priorité de sécurité.
"Remote Code Execution via Expression Injection "
👇
https://github.com/n8n-io/n8n/security/advisories/GHSA-v98v-ff95-f3cp
🔍
⬇️
https://github.com/rxerium/CVE-2025-68613
🔍
⬇️
"n8n CVE-2025-68613 RCE Exploitation: A Detailed Guide"
👇
https://blog.securelayer7.net/cve-2025-68613-n8n-rce-exploitation/
@cR0w well there WAS this... https://nvd.nist.gov/vuln/detail/CVE-2025-68613
##Critical remote code execution flaw reported in n8n workflow automation platform
n8n's workflow automation platform reports a critical vulnerability (CVE-2025-68613, CVSS 10.0) allowing authenticated attackers to execute arbitrary code with full system privileges, potentially exposing sensitive workflows, API credentials, and corporate networks.
**If you're running self-hosted n8n, plan a quick upgrade to version 1.120.4, 1.121.1, or 1.122.0 to patch CVE-2025-68613. Until you upgrade, restrict workflow editing permissions to fully trusted users only.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-remote-code-execution-flaw-reported-in-n8n-workflow-automation-platform-m-b-x-5-d/gD2P6Ple2L
updated 2025-12-23T14:51:52.650000
1 posts
1 repos
updated 2025-12-23T14:51:52.650000
1 posts
updated 2025-12-23T14:51:52.650000
1 posts
updated 2025-12-23T12:31:24
3 posts
CISA reports actively exploted flaw in Digiever Network Video Recorder
CISA warns of active exploitation of CVE-2023-52163, a missing authorization vulnerability in Digiever DS-2105 Pro network video recorders that allows authenticated attackers to execute arbitrary commands and is being weaponized by Mirai-style botnets targeting IoT devices.
**If you have Digiever DS-2105 Pro network video recorders, make sure they are isolated from the internet and ensure they're only accessible from trusted internal networks. Since this device is end-of-life, there are no security patches for this flaw and is being actively exploited, plan to replace it as soon as possible. Until it's replaced keep it completely isolated behind strict network segmentation.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/cisa-reports-actively-exploted-flaw-in-digiever-network-video-recorder-p-u-l-4-1/gD2P6Ple2L
🚨 CISA has added on vulnerability to the KEV Catalog
CVE-2023-52163: Digiever DS-2105 Pro Missing Authorization Vulnerability
CVSS: 5.9
https://darkwebinformer.com/cisa-kev-catalog/
Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
##CVE ID: CVE-2023-52163
Vendor: Digiever
Product: DS-2105 Pro
Date Added: 2025-12-22
Notes: https://www.digiever.com/tw/support/faq-content.php?FAQ=217 ; https://nvd.nist.gov/vuln/detail/CVE-2023-52163
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2023-52163
updated 2025-12-23T12:30:17
2 posts
2 repos
⚪ Critical RCE Bug Patched in HPE OneView
🗨️ Hewlett Packard Enterprise (HPE) developers have released patches for a critical remote code execution vulnerability discovered in the OneView IT infrastructure management software. The issue is tracked as CVE-2025-37164 (a maximum score of 10.0 on the CVSS scale) and can be exploited without authen…
##updated 2025-12-20T17:41:17
1 posts
CVE-2025-14882 - Insecure direct object reference https://cvefeed.io/vuln/detail/CVE-2025-14882
##updated 2025-12-20T17:39:03
1 posts
CVE-2025-14881 - Insecure direct object reference https://cvefeed.io/vuln/detail/CVE-2025-14881
##updated 2025-12-20T03:31:40
1 posts
updated 2025-12-19T21:30:26
1 posts
updated 2025-12-19T21:30:19
4 posts
2 repos
🚨 CISA has added 1 vulnerability to the KEV Catalog
CVE-2025-14733: WatchGuard Firebox Out of Bounds Write Vulnerability
CVSS: 9.3
##CVE ID: CVE-2025-14733
Vendor: WatchGuard
Product: Firebox
Date Added: 2025-12-19
Notes: Check for signs of potential compromise on all internet accessible instances after applying mitigations. For more information please see: https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027 ; https://nvd.nist.gov/vuln/detail/CVE-2025-14733
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-14733
Critical actively exploited flaw in WatchGuard Fireware OS enables remote code execution through VPN service
WatchGuard patched a critical vulnerability (CVE-2025-14733) in Fireware OS that allows remote unauthenticated attackers to execute arbitrary code on devices with IKEv2 VPN configurations. The flaw is actively being exploited in the wild.
**If you have WatchGuard Firebox firewalls, you are under attack. Make a very quick update to the latest security updates from WatchGuard. After patching, change all passwords and security keys stored on the device, especially if you've ever used IKEv2 VPN configurations (even if now deleted). Old settings can still leave your firewall vulnerable.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/critical-flaw-in-watchguard-fireware-os-enables-remote-code-execution-through-vpn-service-n-s-w-d-7/gD2P6Ple2L
Analysis of CVE-2025-14733, a critical WatchGuard Firebox security vulnerability. Learn why unauthenticated RCE persists even after deleting vulnerable VPN configurations.
#SecurityLand #CyberWatch #ZeroDay #Watchguard #SecurityVulnerability #Firewall #CVE
Read More: https://www.security.land/watchguard-cve-2025-14733-critical-vulnerability-analysis/
##updated 2025-12-19T18:32:24
1 posts
updated 2025-12-19T18:00:18.330000
1 posts
updated 2025-12-19T18:00:18.330000
1 posts
CVE-2025-1927 - CSRF in Restajet's Online Food Delivery System https://cvefeed.io/vuln/detail/CVE-2025-1927
##updated 2025-12-19T18:00:18.330000
1 posts
CVE-2025-1885 - Open Redirect in Restajet's Online Food Delivery System https://cvefeed.io/vuln/detail/CVE-2025-1885
##updated 2025-12-19T15:31:25
1 posts
CVE-2025-1928 - Improper Authentication in Restajet's Online Food Delivery System https://cvefeed.io/vuln/detail/CVE-2025-1928
##updated 2025-12-19T09:30:27
1 posts
M-Files has released patches for CVE-2025-13008, an information disclosure vulnerability involving session token exposure between authenticated users.
The issue affects several release branches and could allow impersonation within M-Files Web under specific conditions.
No exploitation has been observed publicly, but the potential impact on document confidentiality is notable.
This reinforces the need for:
• Strong session controls
• Log review for unusual user behavior
• Prompt patch deployment
Follow @technadu for unbiased, technically grounded security updates.
Source : https://cybersecuritynews.com/m-files-vulnerability/
#InfoSec #VulnerabilityResearch #SessionManagement #EnterpriseSecurity #TechNadu
##updated 2025-12-18T18:31:33
2 posts
CISA flags ASUS Live Update CVE, but the attack is years old
An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying recent or...
🔗️ [Bleepingcomputer] https://link.is.it/NcIC9d
##Not all CISA-linked alerts are urgent: ASUS Live Update CVE-2025-59374
An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying recent or...
🔗️ [Bleepingcomputer] https://link.is.it/Yiue33
##updated 2025-12-18T15:41:16.840000
3 posts
4 repos
https://github.com/KingHacker353/CVE-2025-20393
https://github.com/Ashwesker/Ashwesker-CVE-2025-20393
Thanks to CVE-2025-20393 my Cisco alert already has been triggered.
In consequence, I received the following alert email.
##⚪ Cisco warns of an unpatched zero‑day vulnerability in AsyncOS
🗨️ Cisco has warned its customers about an unpatched zero-day vulnerability in Cisco AsyncOS that is already being actively exploited to attack Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) devices.
##updated 2025-12-18T15:08:06.237000
1 posts
3. Rust joined the Linux kernel mainline last week and immediately checked off a rite of passage: its first CVE.
https://lore.kernel.org/linux-cve-announce/2025121614-CVE-2025-68260-558d@gregkh/T/#u
updated 2025-12-10T16:39:14.227000
1 posts
updated 2025-12-10T02:00:02.557000
3 posts
100 repos
https://github.com/aliclub0x00/CVE-2025-55182-POC-NEXTJS
https://github.com/CirqueiraDev/MassExploit-CVE-2025-55182
https://github.com/xiaopeng-ye/react2shell-detector
https://github.com/shyambhanushali/React2Shell
https://github.com/Ashwesker/Ashwesker-CVE-2025-55182
https://github.com/hidden-investigations/react2shell-scanner
https://github.com/GelukCrab/React-Server-Components-RCE
https://github.com/RuoJi6/CVE-2025-55182-RCE-shell
https://github.com/cybertechajju/R2C-CVE-2025-55182-66478
https://github.com/BeichenDream/CVE-2025-55182-GodzillaMemoryShell
https://github.com/c0rydoras/CVE-2025-55182
https://github.com/jf0x3a/CVE-2025-55182-exploit
https://github.com/websecuritylabs/React2Shell-Library
https://github.com/SainiONHacks/CVE-2025-55182-Scanner
https://github.com/nehkark/CVE-2025-55182
https://github.com/zack0x01/vuln-app-CVE-2025-55182
https://github.com/sudo-Yangziran/CVE-2025-55182POC
https://github.com/EynaExp/CVE-2025-55182-POC
https://github.com/M4xSec/CVE-2025-55182-React2Shell-RCE-Shell
https://github.com/MrR0b0t19/CVE-2025-55182-shellinteractive
https://github.com/xalgord/React2Shell
https://github.com/SoICT-BKSEC/CVE-2025-55182-docker-lab
https://github.com/onlylovetx/CVE-2025-55182-CVE-2025-66478-Exploit-GUI
https://github.com/sho-luv/React2Shell
https://github.com/anuththara2007-W/CVE-2025-55182-Exploit-extension
https://github.com/tobiasGuta/Next.js-RSC-RCE-Scanner-Burp-Suite-Extension
https://github.com/shamo0/react2shell-PoC
https://github.com/acheong08/CVE-2025-55182-poc
https://github.com/zzhorc/CVE-2025-55182
https://github.com/ThemeHackers/CVE-2025-55182
https://github.com/zr0n/react2shell
https://github.com/songsanggggg/CVE-2025-55182
https://github.com/gensecaihq/react2shell-scanner
https://github.com/hoosin/CVE-2025-55182
https://github.com/Syrins/CVE-2025-55182-React2Shell-RCE
https://github.com/dwisiswant0/CVE-2025-55182
https://github.com/StealthMoud/CVE-2025-55182-Scanner
https://github.com/XiaomingX/CVE-2025-55182-poc
https://github.com/Rsatan/Next.js-Exploit-Tool
https://github.com/l4rm4nd/CVE-2025-55182
https://github.com/zack0x01/CVE-2025-55182-advanced-scanner-
https://github.com/vijay-shirhatti/RSC-Detect-CVE-2025-55182
https://github.com/VeilVulp/RscScan-cve-2025-55182
https://github.com/timsonner/React2Shell-CVE-2025-55182
https://github.com/MoLeft/React2Shell-Toolbox
https://github.com/freeqaz/react2shell
https://github.com/yz9yt/React2Shell-CTF
https://github.com/ejpir/CVE-2025-55182-bypass
https://github.com/sumanrox/rschunter
https://github.com/BankkRoll/Quickcheck-CVE-2025-55182-React-and-CVE-2025-66478-Next.js
https://github.com/chrahman/react2shell-CVE-2025-55182-full-rce-script
https://github.com/fatguru/CVE-2025-55182-scanner
https://github.com/surajhacx/react2shellpoc
https://github.com/yanoshercohen/React2Shell_CVE-2025-55182
https://github.com/hualy13/CVE-2025-55182
https://github.com/AliHzSec/CVE-2025-55182
https://github.com/heiheishushu/rsc_detect_CVE-2025-55182
https://github.com/alfazhossain/CVE-2025-55182-Exploiter
https://github.com/pyroxenites/Nextjs_RCE_Exploit_Tool
https://github.com/Chocapikk/CVE-2025-55182
https://github.com/hackersatyamrastogi/react2shell-ultimate
https://github.com/ynsmroztas/NextRce
https://github.com/im-ezboy/CVE-2025-55182-zoomeye
https://github.com/ZihxS/check-react-rce-cve-2025-55182
https://github.com/Dh4v4l8/CVE-2025-55182-poc-tool
https://github.com/CymulateResearch/React2Shell-Scanner
https://github.com/lachlan2k/React2Shell-CVE-2025-55182-original-poc
https://github.com/kavienanj/CVE-2025-55182
https://github.com/AggressiveUser/React2Hell
https://github.com/assetnote/react2shell-scanner
https://github.com/logesh-GIT001/CVE-2025-55182
https://github.com/Cr4at0r/Next.js-RCE-Scanner-BurpSuite-Extension-
https://github.com/subhdotsol/CVE-2025-55182
https://github.com/f0xyx/CVE-2025-55182-Scanner
https://github.com/kOaDT/poc-cve-2025-55182
https://github.com/santihabib/CVE-2025-55182-analysis
https://github.com/whiteov3rflow/CVE-2025-55182-poc
https://github.com/rix4uni/CVE-2025-55182
https://github.com/LemonTeatw1/CVE-2025-55182-exploit
https://github.com/pax-k/react2shell-CVE-2025-55182-full-rce-script
https://github.com/sickwell/CVE-2025-55182
https://github.com/raivenLockdown/RCE_React2Shell_ButCooler-SomeUselessUsefulThingsLMAO-
https://github.com/techgaun/cve-2025-55182-scanner
https://github.com/mrknow001/RSC_Detector
https://github.com/ejpir/CVE-2025-55182-research
https://github.com/alsaut1/react2shell-lab
https://github.com/Spritualkb/CVE-2025-55182-exp
https://github.com/xkillbit/cve-2025-55182-scanner
https://github.com/emredavut/CVE-2025-55182
https://github.com/fullhunt/react2shell-test-server
https://github.com/TrixSec/CVE-2025-55182-Scanner
https://github.com/theori-io/reactguard
https://github.com/keklick1337/CVE-2025-55182-golang-PoC
https://github.com/xcanwin/CVE-2025-55182-React-RCE
https://github.com/Pizz33/CVE-2025-55182-burpscanner
https://github.com/msanft/CVE-2025-55182
RondoDox botnet exploits React2Shell flaw to breach Next.js servers
The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware...
🔗️ [Bleepingcomputer] https://link.is.it/MFqNDQ
##RondoDox botnet exploits React2Shell flaw to breach Next.js servers
The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware...
🔗️ [Bleepingcomputer] https://link.is.it/MFqNDQ
##This is legit a Christmas miracle b/c I rly did not want to spend the break tending to #React2Shell
##updated 2025-12-07T00:30:55
1 posts
2 repos
Very good question! I hope you’ll forgive me for a long response, it is something I have a lot of thoughts on.
I used to think newer is better, but after plenty of distro-hopping (I had a real good time on Arch), I realized that Debian’s version of "stability" is actually its greatest feature. Here is how I’ve come to see it, using your Fedora experience as a comparison:
Fist, with Debian, stable means unchanging. Fedora is a fast-moving target. It was an early adopter for Wayland and Pipewire. That is exciting, but it can feel like a version of whiplash. Debian is the opposite. Once a version is released, the APIs, file locations, and package behaviors are locked in. Its predictability means my system feels the same on Day 1 as it does on Day 300.
Debian prioritizes reliability over cutting-edge performance. While Fedora pushes the new thing, Debian’s conservative defaults ensure maximum compatibility. It is the "just works" philosophy. It is not just that it doesn't crash, it is that it doesn't surprise you.
I also find APT to be incredibly satisfying compared to DNF. The sheer size of the repositories is massive, but APT Pinning is THE feature for me. Being able to set numeric priorities in /etc/apt/preferences allows me to do things like pull a specific package from Backports while keeping the rest of the system on the Stable branch. It gives you control over dependency resolution that is hard to match.
Regarding your question on security, Debian is unique because it is a 100% community-led project. Unlike Fedora (Red Hat) or Ubuntu (Canonical), there is no corporate entity at the top. This is one of the most important traits to me. If Red Hat wanted to, Fedora could start showing ads in the application menu with the next update. I don’t think that will happen with Fedora, but who knows, Canonical is now showing ads in the cli. Enough is enough.
I also appreciate Debian’s focus on inclusion. It is one of the most inclusive projects in tech. As a member of the queer community, it is important to me to use tools that are created and supported by those who do not hate me for being different. To quote their Diversity Statement: “No matter how you identify yourself or how others perceive you: we welcome you. We welcome contributions from everyone as long as they interact constructively with our community.” They forbid discrimination against any person or group. Because it is a global meritocracy, you have contributors from every corner of the world. This diversity is actually a security feature because with so many different eyes on the code, it is much harder for a backdoor or a bias to slip through unnoticed.
For your "backdoor-proof" concern, Debian’s Social Contract and strict adherence to free software guidelines mean every line of code is scrutinized by volunteers around the world. It is transparent by design. While no distro/OS is unhackable, Debian’s slow and steady release cycle means security patches are thoroughly vetted before they hit your machine, reducing the risk of zero day regressions. Fedora has been vulnerable to zero day attacks in the past and will probably continue to be in the future. For instance, because Fedora is always on the latest versions, Fedora Users are often vulnerable to new attack. Earlier in 2025, the latest kernel which Fedora had pushed to users had a zero day vulnerability. Debian stable users did not have that vulnerability because they would not see that update for quite some time.
Sources:
Ubuntu Showing Ads in Terminal - https://linuxiac.com/ubuntu-once-again-angered-users-by-placing-ads/
Debian Social Contract - https://www.debian.org/social_contract
Debian Diversity Statement - https://www.debian.org/intro/diversity
Zero day vulnerability mentioned -https://www.cve.org/CVERecord?id=CVE-2025-37899
##updated 2025-11-17T18:59:20.080000
1 posts
1 repos
IDK if I shared this dumb Tenda one already or not:
https://github.com/Remenis/CVE-2025-63666
I know this sort of thing used to be fairly common but it's weird seeing it in a 2025 CVE.
##updated 2025-11-15T02:13:06
2 posts
26 repos
https://github.com/zulloper/CVE-2025-1974
https://github.com/BiiTts/POC-IngressNightmare-CVE-2025-1974
https://github.com/iteride/CVE-2025-1974
https://github.com/chhhd/CVE-2025-1974
https://github.com/yoshino-s/CVE-2025-1974
https://github.com/yanmarques/CVE-2025-1974
https://github.com/Armand2002/Exploit-CVE-2025-1974-Lab
https://github.com/gunyakit/CVE-2025-1974-PoC-exploit
https://github.com/tuladhar/ingress-nightmare
https://github.com/0xBingo/CVE-2025-1974
https://github.com/abrewer251/CVE-2025-1974_IngressNightmare_PoC
https://github.com/salt318/CVE-2025-1974
https://github.com/hi-unc1e/CVE-2025-1974-poc
https://github.com/Ashwesker/Ashwesker-CVE-2025-1974
https://github.com/Rubby2001/CVE-2025-1974-go
https://github.com/m-q-t/ingressnightmare-detection-poc
https://github.com/zwxxb/CVE-2025-1974
https://github.com/hakaioffsec/IngressNightmare-PoC
https://github.com/I3r1h0n/IngressNightterror
https://github.com/dttuss/IngressNightmare-RCE-POC
https://github.com/Rickerd12/exploit-cve-2025-1974
https://github.com/sandumjacob/IngressNightmare-POCs
https://github.com/lufeirider/IngressNightmare-PoC
https://github.com/gian2dchris/ingress-nightmare-poc
https://github.com/Esonhugh/ingressNightmare-CVE-2025-1974-exps
https://github.com/rjhaikal/POC-IngressNightmare-CVE-2025-1974
updated 2025-11-13T16:25:27
1 posts
3 repos
https://github.com/N3k0t-dev/PoC-CVE-collection
https://github.com/Ashwesker/Ashwesker-CVE-2025-11953
https://github.com/SaidBenaissa/cve-2025-11953-vulnerability-demo
🚨 Active exploitation confirmed: CVE-2025-11953
VulnCheck is reporting active exploitation attempts in the wild against the React Native Metro server.
The issue? It binds to 0.0.0.0 by default, exposing a "local" dev tool to the internet.
⚠️ Crucial Detail: While the exposure is general, the current RCE exploit specifically targets Windows environments.
We’ve updated Pentest-Tools.com to help you validate this:
Network Scanner: Detects exposed Metro servers.
Sniper Auto-Exploiter: Safely executes a PoC (on Windows) to confirm RCE.
Fix: Update @react-native-community/cli-server-api to v20.0.0+ or bind to 127.0.0.1.
Validate your risk.
#InfoSec #AppSec #RedTeam #VulnerabilityManagement #ReactNative #CVE202511953
##updated 2025-11-05T19:26:31.650000
2 posts
10 repos
https://github.com/4m3rr0r/CVE-2025-47812-poc
https://github.com/ill-deed/WingFTP-CVE-2025-47812-illdeed
https://github.com/r0otk3r/CVE-2025-47812
https://github.com/CTY-Research-1/CVE-2025-47812_Lab_environment
https://github.com/Ashwesker/Ashwesker-CVE-2025-47812
https://github.com/pevinkumar10/CVE-2025-47812
https://github.com/blindma1den/CVE-2025-47812
https://github.com/rxerium/CVE-2025-47812
Stubborn AI honeypots give me grey hair.
Attacker sends payload:
"username=anonymous%00]]%0dlocal+h+%3d+io.popen("this is vulnerable to CVE-2025-47812")%0dlocal+r+%3d+h%3aread("*a")%0dh%3aclose()%0dprint(r)%0d--&password=
"
And the AI responsible for handling the response sends the following back to the attacker:
"This system is not affected by CVE-2025-47812.
"
*sigh*
##Stubborn AI honeypots give me grey hair.
Attacker sends payload:
"username=anonymous%00]]%0dlocal+h+%3d+io.popen("this is vulnerable to CVE-2025-47812")%0dlocal+r+%3d+h%3aread("*a")%0dh%3aclose()%0dprint(r)%0d--&password=
"
And the AI responsible for handling the response sends the following back to the attacker:
"This system is not affected by CVE-2025-47812.
"
*sigh*
##updated 2025-11-04T00:32:21
2 posts
5 repos
https://github.com/ProgrammerRayyan/auth-cn
https://github.com/lufeirider/IngressNightmare-PoC
https://github.com/Esonhugh/ingressNightmare-CVE-2025-1974-exps
updated 2025-11-04T00:32:21
2 posts
updated 2025-11-03T21:33:14
2 posts
4 repos
https://github.com/hakaioffsec/IngressNightmare-PoC
https://github.com/lufeirider/IngressNightmare-PoC
https://github.com/ProgrammerRayyan/auth-cn
https://github.com/Esonhugh/ingressNightmare-CVE-2025-1974-exps
updated 2025-11-03T21:18:52.230000
2 posts
3 repos
https://github.com/hakaioffsec/IngressNightmare-PoC
https://github.com/lufeirider/IngressNightmare-PoC
https://github.com/Esonhugh/ingressNightmare-CVE-2025-1974-exps
updated 2025-10-31T21:56:14.103000
1 posts
19 repos
https://github.com/BlueOWL-overlord/Burp_CVE-2025-31324
https://github.com/ODST-Forge/CVE-2025-31324_PoC
https://github.com/respondiq/jsp-webshell-scanner
https://github.com/abrewer251/CVE-2025-31324_PoC_SAP
https://github.com/rxerium/CVE-2025-31324
https://github.com/Onapsis/Onapsis-Mandiant-CVE-2025-31324-Vuln-Compromise-Assessment
https://github.com/NULLTRACE0X/CVE-2025-31324
https://github.com/nairuzabulhul/nuclei-template-cve-2025-31324-check
https://github.com/rf-peixoto/sap_netweaver_cve-2025-31324-
https://github.com/harshitvarma05/CVE-2025-31324-Exploits
https://github.com/JonathanStross/CVE-2025-31324
https://github.com/Alizngnc/SAP-CVE-2025-31324
https://github.com/moften/CVE-2025-31324-NUCLEI
https://github.com/Onapsis/Onapsis_CVE-2025-31324_Scanner_Tools
https://github.com/sug4r-wr41th/CVE-2025-31324
https://github.com/antichainalysis/sap-netweaver-0day-CVE-2025-31324
https://github.com/redrays-io/CVE-2025-31324
⚪ Vulnerability in SAP NetWeaver Exploited to Deploy Auto-Color Linux Malware
🗨️ Experts at Darktrace warned that hackers exploited a critical vulnerability in SAP NetWeaver (CVE-2025-31324) to deploy Linux malware Auto-Color into the network of an unnamed American chemical company.
##updated 2025-10-27T14:14:45.293000
1 posts
3 repos
https://github.com/dhina016/CVE-2022-47986
IBM Aspera Faspex có lỗ hổng thực thi mã từ xa nghiêm trọng (CVE-2022-47986) do lỗi giải trình tự YAML, cho phép kẻ tấn công chiếm quyền điều khiển hệ thống. Người dùng cần cập nhật bản vá từ IBM ngay.
#AnNinhMạng #Vulnerability #IBM #RemoteCodeExecution #CyberSecurity #LỗHổngBảoMật #CVE202247986 #BảoMật
https://dev.to/freedom-coder/cve-2022-47986-ibm-aspera-faspex-code-execution-vulnerability-32c0
##updated 2025-10-24T14:49:09.100000
1 posts
46 repos
https://github.com/P4x1s/CVE-2024-23897
https://github.com/harekrishnarai/CVE-2024-23897-test-windows
https://github.com/mil4ne/CVE-2024-23897-Jenkins-4.441
https://github.com/Nebian/CVE-2024-23897
https://github.com/ShieldAuth-PHP/PBL05-CVE-Analsys
https://github.com/pulentoski/CVE-2024-23897-Arbitrary-file-read
https://github.com/binganao/CVE-2024-23897
https://github.com/xaitax/CVE-2024-23897
https://github.com/tvasari/CVE-2024-23897
https://github.com/jenkinsci-cert/SECURITY-3314-3315
https://github.com/gobysec/GobyVuls
https://github.com/JAthulya/CVE-2024-23897
https://github.com/Surko888/Surko-Exploit-Jenkins-CVE-2024-23897
https://github.com/AbraXa5/Jenkins-CVE-2024-23897
https://github.com/viszsec/CVE-2024-23897
https://github.com/ThatNotEasy/CVE-2024-23897
https://github.com/Anekant-Singhai/Exploits
https://github.com/brandonhjh/Jenkins-CVE-2024-23897-Exploit-Demo
https://github.com/slytechroot/CVE-2024-23897
https://github.com/vmtyan/poc-cve-2024-23897
https://github.com/murataydemir/CVE-2024-23897
https://github.com/WLXQqwer/Jenkins-CVE-2024-23897-
https://github.com/OWASP/www-project-eks-goat
https://github.com/B4CK4TT4CK/CVE-2024-23897
https://github.com/ifconfig-me/CVE-2024-23897
https://github.com/r0xDB/CVE-2024-23897
https://github.com/aadi0258/Exploit-CVE-2024-23897
https://github.com/10T4/PoC-Fix-jenkins-rce_CVE-2024-23897
https://github.com/Vozec/CVE-2024-23897
https://github.com/Marouane133/jenkins-lfi
https://github.com/Maalfer/CVE-2024-23897
https://github.com/cc3305/CVE-2024-23897
https://github.com/godylockz/CVE-2024-23897
https://github.com/D1se0/CVE-2024-23897-Vulnerabilidad-Jenkins
https://github.com/wjlin0/CVE-2024-23897
https://github.com/verylazytech/CVE-2024-23897
https://github.com/jopraveen/CVE-2024-23897
https://github.com/Praison001/CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability
https://github.com/amalpvatayam67/day03-jenkins-23897
https://github.com/yoryio/CVE-2024-23897
https://github.com/hybinn/CVE-2024-23897
https://github.com/gobysec/Goby
https://github.com/Fineken/Jenkins-CVE-2024-23897-Lab
https://github.com/tamatee/test_cve_2024_23897
updated 2025-10-22T00:34:26
1 posts
28 repos
https://github.com/papcaii2004/CVE-2025-8088-WinRAR-builder
https://github.com/pescada-dev/-CVE-2025-8088
https://github.com/AdityaBhatt3010/CVE-2025-8088-WinRAR-Zero-Day-Path-Traversal
https://github.com/hbesljx/CVE-2025-8088-EXP
https://github.com/knight0x07/WinRAR-CVE-2025-8088-PoC-RAR
https://github.com/walidpyh/CVE-2025-8088
https://github.com/pentestfunctions/best-CVE-2025-8088
https://github.com/hexsecteam/CVE-2025-8088-Winrar-Tool
https://github.com/ghostn4444/CVE-2025-8088
https://github.com/0xAbolfazl/CVE-2025-8088-WinRAR-PathTraversal-PoC
https://github.com/nuky-alt/CVE-2025-8088
https://github.com/pexlexity/WinRAR-CVE-2025-8088-Path-Traversal-PoC
https://github.com/pentestfunctions/CVE-2025-8088-Multi-Document
https://github.com/4daysday/cve-2025-8088
https://github.com/kitsuneshade/WinRAR-Exploit-Tool---Rust-Edition
https://github.com/Shinkirou789/Cve-2025-8088-WinRar-vulnerability
https://github.com/travisbgreen/cve-2025-8088
https://github.com/Markusino488/cve-2025-8088
https://github.com/Syrins/CVE-2025-8088-Winrar-Tool-Gui
https://github.com/techcorp/CVE-2025-8088-Exploit
https://github.com/jordan922/CVE-2025-8088
https://github.com/xi0onamdev/WinRAR-CVE-2025-8088-Exploitation-Toolkit
https://github.com/Ashwesker/Ashwesker-CVE-2025-8088
https://github.com/nhattanhh/CVE-2025-8088
https://github.com/sxyrxyy/CVE-2025-8088-WinRAR-Proof-of-Concept-PoC-Exploit-
https://github.com/lucyna77/winrar-exploit
https://github.com/onlytoxi/CVE-2025-8088-Winrar-Tool
https://github.com/DeepBlue-dot/CVE-2025-8088-WinRAR-Startup-PoC
⚪ 0-day WinRAR vulnerability used in phishing attacks
🗨️ ESET specialists reported that a recently patched vulnerability in WinRAR (CVE-2025-8088) was used as a 0-day in phishing attacks and was leveraged to install RomCom malware.
##updated 2025-10-22T00:34:16
1 posts
10 repos
https://github.com/rawtips/CVE-2024-55591
https://github.com/sysirq/fortios-auth-bypass-exploit-CVE-2024-55591
https://github.com/exfil0/CVE-2024-55591-POC
https://github.com/UMChacker/CVE-2024-55591-POC
https://github.com/binarywarm/exp-cmd-add-admin-vpn-CVE-2024-55591
https://github.com/virus-or-not/CVE-2024-55591
https://github.com/watchtowrlabs/fortios-auth-bypass-poc-CVE-2024-55591
https://github.com/0x7556/CVE-2024-55591
https://github.com/watchtowrlabs/fortios-auth-bypass-check-CVE-2024-55591
https://github.com/sysirq/fortios-auth-bypass-poc-CVE-2024-55591
⚪ Fortress assault: Bypassing authentication in FortiOS and FortiProxy
🗨️ This article narrates my searches for the CVE-2024-55591 vulnerability in FortiOS and FortiProxy disclosed by Fortinet. This security hole makes it possible to bypass authentication using an alternate path or channel (CWE-288) and enables a remote attacker to gain…
##updated 2025-10-22T00:34:16
1 posts
1 repos
CVE-2024-53704 in SonicWall SSLVPN has been added to the KEV Catalog.
##updated 2025-10-22T00:32:58
2 posts
Fortinet confirms active exploitation of CVE-2020-12812.
A long-standing FortiOS SSL VPN flaw can bypass 2FA due to username case-sensitivity mismatches - especially in legacy deployments.
https://www.technadu.com/fortinet-warns-july-disclosed-ssl-vpn-flaw-is-being-used-to-bypass/616801/
Thoughts on mitigating MFA bypass risks?
##Fortinet warns of active exploitation of 2FA Bypass flaw in FortiGate devices
Fortinet is warning of active exploitation of CVE-2020-12812, a critical 5-year-old authentication bypass vulnerability (CVSS 9.8) affecting FortiGate devices with LDAP authentication. The flaw allows attackers to bypass two-factor authentication by exploiting case sensitivity mismatches between FortiGate and LDAP username handling.
**If you are using FortiGate devices, check whether you are using LDAP authentication and whether the devices are patched. If you are using LDAP authentication and have not patched since 2020, immediately configure `username-sensitivity disable`. Then check your logs for suspicious logins with username case variations (like 'JSmith' vs 'jsmith'). Finally, patch your devices.**
#cybersecurity #infosec #attack #activeattack
https://beyondmachines.net/event_details/fortinet-warns-of-active-exploitation-of-2fa-bypass-flaw-in-fortigate-devices-5-l-e-z-a/gD2P6Ple2L
updated 2025-08-25T15:33:03
1 posts
⚪ Security researcher awarded $250,000 for Chrome sandbox escape vulnerability
🗨️ A security researcher going by the handle Micky received a record payout from Google. The specialist discovered a bug in Chrome that allows bypassing the browser’s sandbox and earned $250,000…
##updated 2025-08-12T18:31:39
1 posts
1 repos
Revisiting CVE‑2025‑50165: A critical flaw in Windows Imaging Component https://www.welivesecurity.com/en/eset-research/revisiting-cve-2025-50165-critical-flaw-windows-imaging-component/
##updated 2025-08-06T20:23:37.600000
1 posts
1 repos
⚪ More than 29,000 Exchange servers are vulnerable to a serious bug
🗨️ 29,000 Exchange servers are vulnerable to CVE-2025-53786, which allows attackers to move within Microsoft cloud environments, potentially leading to full domain compromise.
##updated 2025-07-15T22:56:20
1 posts
updated 2025-07-15T13:14:49.980000
1 posts
Critical vulnerabilities reported in Axis Communications Camera management systems
Axis Communications patched four security vulnerabilities (CVE-2025-30023 through CVE-2025-30026) in its camera management software, including a critical remote code execution flaw and authentication bypass issues affecting surveillance systems in government facilities and critical infrastructure.
**If you have Axis Communications camera management systems (AXIS Camera Station Pro, AXIS Camera Station, or AXIS Device Manager), make sure they are isolated from the internet and only accessible from trusted internal networks. Then plan an update to the latest patched versions (Camera Station Pro 6.9+, Camera Station 5.58+, Device Manager 5.32+).**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-vulnerabilities-reported-in-axis-communications-camera-management-systems-a-w-f-7-b/gD2P6Ple2L
updated 2025-07-11T06:30:36
1 posts
Critical vulnerabilities reported in Axis Communications Camera management systems
Axis Communications patched four security vulnerabilities (CVE-2025-30023 through CVE-2025-30026) in its camera management software, including a critical remote code execution flaw and authentication bypass issues affecting surveillance systems in government facilities and critical infrastructure.
**If you have Axis Communications camera management systems (AXIS Camera Station Pro, AXIS Camera Station, or AXIS Device Manager), make sure they are isolated from the internet and only accessible from trusted internal networks. Then plan an update to the latest patched versions (Camera Station Pro 6.9+, Camera Station 5.58+, Device Manager 5.32+).**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-vulnerabilities-reported-in-axis-communications-camera-management-systems-a-w-f-7-b/gD2P6Ple2L
updated 2025-07-09T18:08:46
1 posts
2 repos
When OAuth Becomes a Weapon: Lessons from CVE-2025-6514 https://amlalabs.com/blog/oauth-cve-2025-6514/
##updated 2025-06-27T12:32:20
1 posts
Critical authentication bypass flaw reported in Mitsubishi Electric air conditioning systems
Mitsubishi Electric disclosed a critical authentication bypass vulnerability (CVE-2025-3699) affecting multiple commercial air conditioning system models, allowing remote attackers to gain unauthorized control, manipulate operations, and potentially disrupt critical facilities like data centers and hospitals.
**If you have Mitsubishi Electric air conditioning systems review this advisory in detail to check if your system is affected. Make sure that the isolate the HVAC from the internet and ensure they're only accessible from trusted internal networks or through VPN. Since most models won't receive security fixes, network isolation is your primary protection.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-flaw-reported-in-mitsubishi-electric-air-conditioning-systems-g-j-c-h-u/gD2P6Ple2L
updated 2025-06-03T15:31:27
1 posts
updated 2025-06-02T17:32:17.397000
1 posts
1 repos
⚪ More than 29,000 Exchange servers are vulnerable to a serious bug
🗨️ 29,000 Exchange servers are vulnerable to CVE-2025-53786, which allows attackers to move within Microsoft cloud environments, potentially leading to full domain compromise.
##updated 2025-05-30T15:30:39
1 posts
17 repos
https://github.com/ProbiusOfficial/CVE-2025-14847
https://github.com/onewinner/CVE-2025-14847
https://github.com/KingHacker353/CVE-2025-14847_Expolit
https://github.com/Security-Phoenix-demo/mongobleed-exploit-CVE-2025-14847
https://github.com/JemHadar/MongoBleed-DFIR-Triage-Script-CVE-2025-14847
https://github.com/vfa-tuannt/CVE-2025-14847
https://github.com/chinaxploiter/CVE-2025-14847-PoC
https://github.com/Rishi-kaul/CVE-2025-14847-MongoBleed
https://github.com/joshuavanderpoll/CVE-2025-14847
https://github.com/cybertechajju/CVE-2025-14847_Expolit
https://github.com/franksec42/mongobleed-exploit-CVE-2025-14847
https://github.com/FurkanKAYAPINAR/CVE-2025-14847-MongoBleed-Exploit
https://github.com/NoNameError/MongoBLEED---CVE-2025-14847-POC-
https://github.com/saereya/CVE-2025-14847---MongoBleed
https://github.com/kuyrathdaro/cve-2025-14847
Tenable, from yesterday: CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild https://www.tenable.com/blog/cve-2025-14847-mongobleed-mongodb-memory-leak-vulnerability-exploited-in-the-wild @tenable #infosec #MongoDB #vulnerability #threatresearch
##updated 2025-05-13T20:57:18.117000
1 posts
3 repos
https://github.com/Ashwesker/Ashwesker-CVE-2025-20393
⚪ Cisco warns of an unpatched zero‑day vulnerability in AsyncOS
🗨️ Cisco has warned its customers about an unpatched zero-day vulnerability in Cisco AsyncOS that is already being actively exploited to attack Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) devices.
##updated 2025-05-13T18:31:00
1 posts
Microsoft Brokering File System Elevation of Privilege Vulnerability (CVE--2025-29970) https://www.pixiepointsecurity.com/blog/nday-cve-2025-29970/
##updated 2024-11-21T03:27:06.200000
1 posts
8 repos
https://github.com/h1bAna/CVE-2017-5123
https://github.com/Synacktiv-contrib/exploiting-cve-2017-5123
https://github.com/0x5068656e6f6c/CVE-2017-5123
https://github.com/FloatingGuy/CVE-2017-5123
https://github.com/teawater/CVE-2017-5123
https://github.com/c3r34lk1ll3r/CVE-2017-5123
#Christmas hardening for #sydbox which features a SMAP implementation using seccomp(2). Syd loads a per-arch filter at startup to terminate processes passing kernel pointers to syscalls and the overhead is ~%0.02. This is enabled by default with the option trace/allow_unsafe_kptr:1 to disable. See CVE-2017-5123 for one example of SMAP bypass: https://man.exherbo.org/syd.7.html#Hardening_against_kernel_pointer_misuse #exherbo #linux #security
##updated 2024-08-20T20:35:34.497000
1 posts
somehow nfs feels faster too. Kinda sad about CVE-2024-44067 on this board but i don't really care because i just want more architectures
##@rw CVE-1973-0001 ? ;)
##@rw CVE-1973-0001 ? ;)
##WHILL electric wheelchairs vulnerable to remote bluetooth hijacking
WHILL Inc. reported a critical vulnerability (CVE-2025-14346) in its electric wheelchairs that allows attackers within Bluetooth range to take control of the device. The flaw enables unauthorized movement and configuration changes because the system does not require authentication for pairing.
**If you are using WHILL wheelchairs, they may be vulnerable to hijacking. Review the advisory and contact WHILL Inc. to confirm your wheelchair has the December 29, 2025 firmware update installed.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/whill-electric-wheelchairs-vulnerable-to-remote-bluetooth-hijacking-f-4-r-9-y/gD2P6Ple2L
Unstable stream updates: 27th December 2025
Declarative moss system-model export and import tech preview features
Moss now has the ability to use a declarative `/etc/moss/system-model.kdl` to define installed packages and repositories.
In addition, for users who prefer the classic "imperative" moss experience, it is now possible to `moss state --export` a `system-model.kdl` file of the current system to share with others.
In turn, it is also possible to one-shot `moss sync --import` an existing `system-model.kdl` file.
These features are delivered as a tech preview.
Boulder package recipe version string requirements
The Boulder packaging tool now checks for a valid recipe version string (= anything starting with an integer) and errors out if the version string is not valid.
This is necessary because our `ent` package update checking tool compares version strings to determine whether packages need an update, and will give false positives if we have a version string that looks like e.g. `v0.1.2` (note the `v`).
Highlights
- KDE Frameworks 6.21.0
- KMSCon 9.2.1 (currently not enabled by default)
- NVIDIA graphics driver 590.48.01
- discord 0.0.119
- gamescope 3.16.18
- gstreamer 1.26.10
- linux 6.17.13
- mesa 25.3.2
- sudo-rs 0.2.11
- uutils-coreutils 0.5.0
- vlc 3.22
- vscode-bin 1.107.0
- vscodium 1.107.18627
- wine 11.0-rc3
- zed 0.217.3
Other updates
Other updates include, but are not limited to:
- fastfetch
- inetutils
- inputplumber
- libdrm
- libva
- ryzenadj
- solaar
- tzdata
- wireplumber
Fixes
- Disabled LTO for the build of our recipe version checking tool `ent`, which makes `ent check updates` actually work.
- Fixed a sudo issue where using Super+T to open a cosmic-terminal in a Cosmic sesion would make sudo unable to find any commands
- Made cosmic-greeter fall back to branded background
Security Fixes:
- Patches to networkmanager and networkmanager-openvpn for CVE-2025-9615
New packages
- font-awesome-ttf 6.7.2
- lsd 1.2.0 (next gen ls command)
- swayidle 1.9.0
- yazi 25.5.31 (terminal file manager)
- yubikey-manager 5.8.0
Critical buffer overflow flaw reported in Net-SNMP
A critical buffer overflow vulnerability (CVE-2025-68615) in Net-SNMP's snmptrapd daemon allows remote attackers to crash services or potentially execute arbitrary code by sending malformed SNMP trap packets. All Net-SNMP versions prior to 5.9.5 (Community/Enterprise editions) and 5.10.pre2 (development) are affected. Internet-accessible instances on UDP port 162 are most vulnerable.
**If you are running Net-SNMP, make sure the system is isolated from the internet and only accessible from trusted networks. Immediately update to version 5.9.5 or later.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-buffer-overflow-flaw-reported-in-net-snmp-z-k-j-d-7/gD2P6Ple2L
⚪ Critical RCE Bug Patched in HPE OneView
🗨️ Hewlett Packard Enterprise (HPE) developers have released patches for a critical remote code execution vulnerability discovered in the OneView IT infrastructure management software. The issue is tracked as CVE-2025-37164 (a maximum score of 10.0 on the CVSS scale) and can be exploited without authen…
##@gayint cve-2026-00001 - you use windows
##Hey @pft here's another one for your rule:
https://github.com/0xrakan/coolify-cve-2025-66209-66213
Per the write-up, it's five perfect 10s in Coolify. 🥳
##[Security Advisory] CVE-2025-14269: Credential caching in Headlamp with Helm enabled #devopsish https://groups.google.com/a/kubernetes.io/g/dev/c/5XH9BGiefH0/m/bGd9hkofCgAJ?utm_medium=email&utm_source=footer
##