#1 · PT-2023-6605 · Apache · Apache Activemq
Yejie@Threatbook.Cn
·
Published
2023-10-27
·
Updated
2025-11-29
·
CVE-2023-46604
10
Critical
Base
AV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions
Apache ActiveMQ versions prior to 5.15.16
Apache ActiveMQ versions 5.16.x prior to 5.16.7
Apache ActiveMQ versions 5.17.x prior to 5.17.6
Apache ActiveMQ versions 5.18.x prior to 5.18.3
Bamboo Data Center versions prior to 9.2.7
Bamboo Data Center versions prior to 9.3.5
Bamboo Data Center versions prior to 9.4.1
Description
Apache ActiveMQ is susceptible to a Remote Code Ex...
MoreExploit
Fix
RCE
Deserialization of Untrusted Data
X.com
224 Posts
357Reposts
4.0 M Audience
Related posts · 295
CVE-2023-46604 hit Apache ActiveMQ. Patch dropped Nov 1, 2023. Exploit code leaked days later. A logistics firm delayed patching; attackers scanned, found the exposed server, and used the public 1-day exploit to deploy LockBit ransomware, encrypting 400 servers for €4.2M ransom.
2025-11-28 21:10:26
🚨 CVE-2023-46604
The Java OpenWire protocol marshaller is vulnerable to Remote Code
Execution. This vulnerability may allow a remote attacker with network
access to either a Java-based OpenWire broker or client to run arbitrary
shell commands by manipulating serialized class types in the OpenWire
protocol to cause either the client or the broker (respectively) to
instantiate any class on the classpath.
Users are recommended to upgrade
both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3
which fixes this issue.
🎖@cveNotify
2025-11-04 16:57:05
Kinsing Cryptominer Exploits Apache ActiveMQ RCE (CVE-2023-46604), Adds Sharpire Backdoor for Multi-Stage Intrusion
2025-11-03 06:34:55
#2 · PT-2025-35106 · Freepbx · Freepbx
Matthewljensen
·
Published
2025-08-28
·
Updated
2025-11-29
·
CVE-2025-57819
10
Critical
Base
AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Name of the Vulnerable Software and Affected Versions
FreePBX versions 15.0.0 through 15.0.65
FreePBX versions 16.0.0 through 16.0.88
FreePBX versions 17.0.0 through 17.0.2
Description
FreePBX is vulnerable to an authentication bypass due to insufficiently sanitized user-supplied data. This allows unauthenticated access to the FreePBX Administrator interface, leading to arbitrary database manipulation and remote code execution...
MoreExploit
Fix
RCE
Authentication Bypass Using an Alternate Path or Channel
SQL injection
X.com
67 Posts
248Reposts
841.7 K Audience
Related posts · 112
Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today:
-
📝 n/a
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: n/a
-
📝 Analysis: No Information available for this CVE at the moment
-
📝 CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in initialize_kerberos_keytab_file_login(). The vulnerability exists because the code directly interpolates user-controlled input into a shell command and executes it via system() without any sanitization or validation. This issue has been patched in version 1.4.2.
-
📅 Published: 23/09/2025
-
📈 CVSS: 7.3
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
-
⚠️ Priority: 2
-
📝 Analysis: Unpatched versions of CryptoLib (< 1.4.2) have a command injection vulnerability in initialize_kerberos_keytab_file_login(). This issue allows an attacker to execute commands remotely without sanitization or validation, posing a high impact on confidentiality, integrity, and availability. Although no confirmed exploits have been detected, the CVSS score is high, making this a priority 2 vulnerability.
-
📝 Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
-
📅 Published: 03/06/2025
-
📈 CVSS: 8.6
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
-
📣 Mentions: 40
-
⚠️ Priority: 2
-
📝 Analysis: A memory corruption issue in GPU micronodes enables unauthorized command execution via specific command sequences. No known exploits have been detected; however, due to a high CVSS score and low Exploitability Scoring System (EPSS) score, this is considered a priority 2 vulnerability.
-
📝 Microsoft Management Console Security Feature Bypass Vulnerability
-
📅 Published: 11/03/2025
-
📈 CVSS: 7
-
🧭 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
-
📣 Mentions: 61
-
⚠️ Priority: 2
-
📝 Analysis: A Microsoft Management Console Security Feature Bypass vulnerability has been identified (CVSS: 7), allowing remote attackers potential control over affected systems. While no in-the-wild activity has been confirmed (CISA KEV), the high severity score indicates a priority 2 concern due to the potential impact and exploitability through network access.
-
📝 FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
-
📅 Published: 28/08/2025
-
📈 CVSS: 10
-
🛡️ CISA KEV: True
-
🧭 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
-
📣 Mentions: 11
-
⚠️ Priority: 1+
-
📝 Analysis: Unauthenticated access granted due to insufficient data sanitization in FreePBX versions 15, 16, and 17 allows arbitrary database manipulation and remote code execution. This vulnerability has been patched in versions 15.0.66, 16.0.89, and 17.0.3. Given known exploitation and high CVSS score, this is a priority 1+ issue.
-
📝 VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
-
📅 Published: 25/04/2023
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: 2
-
📝 Analysis: An out-of-bounds read vulnerability exists in Bluetooth device sharing functionality for VMware Workstation and Fusion, currently with no known exploits in the wild. Given a high CVSS score and low Exploitability Potential Score (EPSS), this is a priority 2 issue.
-
📝 VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.
-
📅 Published: 20/10/2023
-
📈 CVSS: 7.1
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
-
⚠️ Priority: 2
-
📝 Analysis: Out-of-bounds read vulnerability in VMware Workstation and Fusion (versions prior to 17.5 and 13.5 respectively): A local admin on a virtual machine can potentially access hypervisor memory, impacting confidentiality. Despite no known exploits, the high CVSS score indicates a priority 2 issue due to its potential severity.
-
📝 VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
-
📅 Published: 25/04/2023
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: 2
-
📝 Analysis: A stack-based buffer-overflow vulnerability exists in sharing host Bluetooth devices with virtual machines in VMware Workstation (17.x) and Fusion (13.x). While not yet exploited in the wild, its high CVSS score and potential impact warrant attention as a priority 2 issue.
-
📝 Win32k Elevation of Privilege Vulnerability
-
📅 Published: 12/08/2025
-
📈 CVSS: 7.8
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
-
📣 Mentions: 5
-
⚠️ Priority: 2
-
📝 Analysis: A Win32k Elevation of Privilege vulnerability has been identified (CVSS: 7.8). While no exploits have been detected in the wild, the high impact on confidentiality, integrity, and availability makes it a priority 2 vulnerability due to its high CVSS score and low Exploitability Scoring System score.
10. CVE-2025-58360
-
📝 GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0.
-
📅 Published: 25/11/2025
-
📈 CVSS: 8.2
-
🧭 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
-
📣 Mentions: 1
-
⚠️ Priority: 2
-
📝 Analysis: XML External Entity (XXE) vulnerability in GeoServer versions before 2.26.2 and before 2.25.6 allows remote attackers to define external entities within XML requests. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0. Given high CVSS score but low exploitability, this is a priority 2 vulnerability.
Let us know if you're tracking any of these or if you find any issues with the provided details.
2025-11-29 11:03:27
You Already Have Our Personal Data, Take Our Phone Calls Too (FreePBX CVE-2025-57819)
https://t.co/Y1ZUsopJUs
2025-11-28 19:01:27
RCE in FreePBX Endpoint through unauthenticated SQL injection (CVE-2025-57819)
Credits @watchtowrcyber
#infosec https://t.co/uCj4Zenpdf
2025-11-28 16:01:27
#3 · PT-2025-23468 · Qualcomm · Qualcomm Snapdragon
Published
2025-01-24
·
Updated
2025-11-29
·
CVE-2025-21479
8.6
High
Base
AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions
Qualcomm chipsets (affected versions not specified)
Meta Quest 3 and 3S versions August 7, 2025 and earlier
Samsung S23 (affected versions not specified)
Description
A flaw exists in Qualcomm Adreno GPU firmware that allows unauthorized command execution in the GPU micronode. This can lead to memory corruption when a specific sequence of commands is processed. The issue has...
MoreExploit
LPE
RCE
Incorrect Authorization
X.com
42 Posts
360Reposts
26.2 M Audience
Related posts · 79
Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today:
-
📝 n/a
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: n/a
-
📝 Analysis: No Information available for this CVE at the moment
-
📝 CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in initialize_kerberos_keytab_file_login(). The vulnerability exists because the code directly interpolates user-controlled input into a shell command and executes it via system() without any sanitization or validation. This issue has been patched in version 1.4.2.
-
📅 Published: 23/09/2025
-
📈 CVSS: 7.3
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
-
⚠️ Priority: 2
-
📝 Analysis: Unpatched versions of CryptoLib (< 1.4.2) have a command injection vulnerability in initialize_kerberos_keytab_file_login(). This issue allows an attacker to execute commands remotely without sanitization or validation, posing a high impact on confidentiality, integrity, and availability. Although no confirmed exploits have been detected, the CVSS score is high, making this a priority 2 vulnerability.
-
📝 Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
-
📅 Published: 03/06/2025
-
📈 CVSS: 8.6
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
-
📣 Mentions: 40
-
⚠️ Priority: 2
-
📝 Analysis: A memory corruption issue in GPU micronodes enables unauthorized command execution via specific command sequences. No known exploits have been detected; however, due to a high CVSS score and low Exploitability Scoring System (EPSS) score, this is considered a priority 2 vulnerability.
-
📝 Microsoft Management Console Security Feature Bypass Vulnerability
-
📅 Published: 11/03/2025
-
📈 CVSS: 7
-
🧭 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
-
📣 Mentions: 61
-
⚠️ Priority: 2
-
📝 Analysis: A Microsoft Management Console Security Feature Bypass vulnerability has been identified (CVSS: 7), allowing remote attackers potential control over affected systems. While no in-the-wild activity has been confirmed (CISA KEV), the high severity score indicates a priority 2 concern due to the potential impact and exploitability through network access.
-
📝 FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
-
📅 Published: 28/08/2025
-
📈 CVSS: 10
-
🛡️ CISA KEV: True
-
🧭 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
-
📣 Mentions: 11
-
⚠️ Priority: 1+
-
📝 Analysis: Unauthenticated access granted due to insufficient data sanitization in FreePBX versions 15, 16, and 17 allows arbitrary database manipulation and remote code execution. This vulnerability has been patched in versions 15.0.66, 16.0.89, and 17.0.3. Given known exploitation and high CVSS score, this is a priority 1+ issue.
-
📝 VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
-
📅 Published: 25/04/2023
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: 2
-
📝 Analysis: An out-of-bounds read vulnerability exists in Bluetooth device sharing functionality for VMware Workstation and Fusion, currently with no known exploits in the wild. Given a high CVSS score and low Exploitability Potential Score (EPSS), this is a priority 2 issue.
-
📝 VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.
-
📅 Published: 20/10/2023
-
📈 CVSS: 7.1
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
-
⚠️ Priority: 2
-
📝 Analysis: Out-of-bounds read vulnerability in VMware Workstation and Fusion (versions prior to 17.5 and 13.5 respectively): A local admin on a virtual machine can potentially access hypervisor memory, impacting confidentiality. Despite no known exploits, the high CVSS score indicates a priority 2 issue due to its potential severity.
-
📝 VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
-
📅 Published: 25/04/2023
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: 2
-
📝 Analysis: A stack-based buffer-overflow vulnerability exists in sharing host Bluetooth devices with virtual machines in VMware Workstation (17.x) and Fusion (13.x). While not yet exploited in the wild, its high CVSS score and potential impact warrant attention as a priority 2 issue.
-
📝 Win32k Elevation of Privilege Vulnerability
-
📅 Published: 12/08/2025
-
📈 CVSS: 7.8
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
-
📣 Mentions: 5
-
⚠️ Priority: 2
-
📝 Analysis: A Win32k Elevation of Privilege vulnerability has been identified (CVSS: 7.8). While no exploits have been detected in the wild, the high impact on confidentiality, integrity, and availability makes it a priority 2 vulnerability due to its high CVSS score and low Exploitability Scoring System score.
10. CVE-2025-58360
-
📝 GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0.
-
📅 Published: 25/11/2025
-
📈 CVSS: 8.2
-
🧭 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
-
📣 Mentions: 1
-
⚠️ Priority: 2
-
📝 Analysis: XML External Entity (XXE) vulnerability in GeoServer versions before 2.26.2 and before 2.25.6 allows remote attackers to define external entities within XML requests. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0. Given high CVSS score but low exploitability, this is a priority 2 vulnerability.
Let us know if you're tracking any of these or if you find any issues with the provided details.
2025-11-29 11:03:27
Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today:
-
📝 n/a
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: n/a
-
📝 Analysis: No Information available for this CVE at the moment
-
📝 CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in initialize_kerberos_keytab_file_login(). The vulnerability exists because the code directly interpolates user-controlled input into a shell command and executes it via system() without any sanitization or validation. This issue has been patched in version 1.4.2.
-
📅 Published: 23/09/2025
-
📈 CVSS: 7.3
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
-
⚠️ Priority: 2
-
📝 Analysis: Unpatched versions of CryptoLib (< 1.4.2) have a command injection vulnerability in initialize_kerberos_keytab_file_login(). This issue allows an attacker to execute commands remotely without sanitization or validation, posing a high impact on confidentiality, integrity, and availability. Although no confirmed exploits have been detected, the CVSS score is high, making this a priority 2 vulnerability.
-
📝 Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
-
📅 Published: 03/06/2025
-
📈 CVSS: 8.6
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
-
📣 Mentions: 40
-
⚠️ Priority: 2
-
📝 Analysis: A memory corruption issue in GPU micronodes enables unauthorized command execution via specific command sequences. No known exploits have been detected; however, due to a high CVSS score and low Exploitability Scoring System (EPSS) score, this is considered a priority 2 vulnerability.
-
📝 Microsoft Management Console Security Feature Bypass Vulnerability
-
📅 Published: 11/03/2025
-
📈 CVSS: 7
-
🧭 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
-
📣 Mentions: 61
-
⚠️ Priority: 2
-
📝 Analysis: A Microsoft Management Console Security Feature Bypass vulnerability has been identified (CVSS: 7), allowing remote attackers potential control over affected systems. While no in-the-wild activity has been confirmed (CISA KEV), the high severity score indicates a priority 2 concern due to the potential impact and exploitability through network access.
-
📝 FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
-
📅 Published: 28/08/2025
-
📈 CVSS: 10
-
🛡️ CISA KEV: True
-
🧭 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
-
📣 Mentions: 11
-
⚠️ Priority: 1+
-
📝 Analysis: Unauthenticated access granted due to insufficient data sanitization in FreePBX versions 15, 16, and 17 allows arbitrary database manipulation and remote code execution. This vulnerability has been patched in versions 15.0.66, 16.0.89, and 17.0.3. Given known exploitation and high CVSS score, this is a priority 1+ issue.
-
📝 VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
-
📅 Published: 25/04/2023
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: 2
-
📝 Analysis: An out-of-bounds read vulnerability exists in Bluetooth device sharing functionality for VMware Workstation and Fusion, currently with no known exploits in the wild. Given a high CVSS score and low Exploitability Potential Score (EPSS), this is a priority 2 issue.
-
📝 VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.
-
📅 Published: 20/10/2023
-
📈 CVSS: 7.1
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
-
⚠️ Priority: 2
-
📝 Analysis: Out-of-bounds read vulnerability in VMware Workstation and Fusion (versions prior to 17.5 and 13.5 respectively): A local admin on a virtual machine can potentially access hypervisor memory, impacting confidentiality. Despite no known exploits, the high CVSS score indicates a priority 2 issue due to its potential severity.
-
📝 VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
-
📅 Published: 25/04/2023
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: 2
-
📝 Analysis: A stack-based buffer-overflow vulnerability exists in sharing host Bluetooth devices with virtual machines in VMware Workstation (17.x) and Fusion (13.x). While not yet exploited in the wild, its high CVSS score and potential impact warrant attention as a priority 2 issue.
-
📝 Win32k Elevation of Privilege Vulnerability
-
📅 Published: 12/08/2025
-
📈 CVSS: 7.8
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
-
📣 Mentions: 5
-
⚠️ Priority: 2
-
📝 Analysis: A Win32k Elevation of Privilege vulnerability has been identified (CVSS: 7.8). While no exploits have been detected in the wild, the high impact on confidentiality, integrity, and availability makes it a priority 2 vulnerability due to its high CVSS score and low Exploitability Scoring System score.
10. CVE-2025-58360
-
📝 GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0.
-
📅 Published: 25/11/2025
-
📈 CVSS: 8.2
-
🧭 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
-
📣 Mentions: 1
-
⚠️ Priority: 2
-
📝 Analysis: XML External Entity (XXE) vulnerability in GeoServer versions before 2.26.2 and before 2.25.6 allows remote attackers to define external entities within XML requests. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0. Given high CVSS score but low exploitability, this is a priority 2 vulnerability.
Let us know if you're tracking any of these or if you find any issues with the provided details.
2025-11-28 11:04:07
''Exploiting CVE-2025-21479 on a Samsung S23''
#infosec #pentest #redteam #blueteam
https://t.co/Urj7S0eMUe
2025-11-28 08:22:00
#4 · PT-2021-17153 · Microsoft · Windows
H3V0X
·
Published
2021-06-11
·
Updated
2025-11-29
·
CVE-2021-26829
5.4
Medium
Base
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions
OpenPLC ScadaBR versions through 0.9.1 on Linux
OpenPLC ScadaBR versions through 1.12.4 on Windows
Description
OpenPLC ScadaBR is susceptible to a stored cross-site scripting (XSS) issue. The issue is triggered through the
Moresystem settings.shtmExploit
Fix
XSS
X.com
6 Posts
8Reposts
6.5 K Audience
Related posts · 10
CISA Flags Actively Exploited OpenPLC Flaw (CVE-2021-26829)
2025-11-29 06:48:01
🗣️ CISA Flags Actively Exploited OpenPLC Flaw (CVE-2021-26829) https://t.co/jX9JszKk7k
2025-11-29 01:49:31
🚨CVE-2021-26829: OpenPLC ScadaBR Cross-site Scripting Vulnerability
Vendor: OpenPLC
Product: ScadaBR
CWE: CWE-79
CVSS: 5.4
This vulnerability has been added to the CISA KEV Catalog.
2025-11-28 20:33:54
#5 · PT-2024-9110 · Tp Link · Tp-Link Deco Series
Thottysploity
·
Published
2024-11-20
·
Updated
2025-11-28
·
CVE-2024-53375
8.0
High
Base
AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions
TP-Link Archer Series routers
TP-Link Deco Series routers
TP-Link Tapo Series routers
Description
An authenticated Remote Code Execution (RCE) issue affects TP-Link Archer, Deco, and Tapo series routers. The issue resides in the
Moretmp get sitesExploit
OS Command Injection
X.com
9 Posts
32Reposts
211.0 K Audience
Related posts · 15
Исследователи FortiGuard Labs из Fortinet задетектили новую вредоносную бот-сеть на базе Mirai под названием ShadowV2, нацеленную на IoT-устройства от D-Link, TP-Link и других поставщиков с использованием эксплойтов для известных уязвимостей.
Причем обнаружить активность удалось во время масштабного сбоя в работе AWS в октябре 2025 года.
Несмотря на то, что эти события никак не были связаны между собой, ShadowV2 проявил признаки жизни только во время сбоя - вероятно, тестово запускался.
На текущий момент для распространения задействуется как минимум 8 уязвимостей в:
- DD-WRT (CVE-2009-2765),
- D-Link (CVE-2020-25506, CVE-2022-37055, CVE-2024-10914, CVE-2024-10915),
- DigiEver (CVE-2023-52163), ТБК (CVE-2024-3721)
- TP-Link (CVE-2024-53375).
Среди этих уязвимостей CVE-2024-10914 - известная уязвимость внедрения команд, затрагивающая устройства EoL D-Link, которую поставщик раскрыл, но исправлять не намерен.
Другая, CVE-2024-10915 (упомянутая в отчете NetSecFish от ноября 2024 года), также останется без официальных исправлений, что подтвердил сам поставщик.
Помимо того, что D-Link обновила бюллетень и добавила в него конкретный CVE-ID, компания выпустила новый со ссылками на кампанию ShadowV2, предупреждая также в нем об устройствах с EoL.
Еще одна CVE-2024-53375 была раскрыта в ноябре 2024 года и получила исправления посредством бета-обновления прошивки.
По данным FortiGuard Labs, атаки ShadowV2 исходили из 198[.]199[.]72[.]27 и были нацелены на маршрутизаторы, устройства NAS и DVR в госсекторе, IT, производстве, MSSP, телекоме и сфере образования, затронув многие страны в Северной и Южной Америке, Европе, Африке, Азии и Австралии, включая и Россию.
Вредоносное ПО позиционируется как ShadowV2 Build v1.0.0 IoT version и имеет сходство со штаммом Mirai LZRD.
Доставляется на уязвимые устройства через начальный этап доступа с использованием загрузчика (binary.sh), который извлекает его с сервера по адресу 81[.]88[.]18[.]108.
ShadowV2 использует закодированную с помощью XOR конфигурацию для путей файловой системы, строк User-Agent, заголовков HTTP и строк в стиле Mirai.
По части функциональных возможностей он поддерживает распределенные атаки типа DDoS по протоколам UDP, TCP и HTTP, с различными типами флуда для каждого из них. Стратегия монетизации ShadowV2 пока не прослеживается.
Все технические подробности и IOCs - в отчете.
2025-11-28 15:30:03
#ParsedReport #CompletenessMedium
26-11-2025
ShadowV2 Casts a Shadow Over IoT Devices | FortiGuard Lab
Report completeness: Medium
Threats:
Shadowv2
Mirai
Udpflood_technique
Tcpflood_technique
Victims:
Iot devices, Aws ec2 instances
Industry:
Retail, Government, Entertainment, Telco, Education, Iot
Geo:
Saudi arabia, Oceania, Kazakhstan, Czechia, Croatia, Egypt, Thailand, Japan, South africa, United kingdom, Africa, Morocco, America, Canada, Greece, Belgium, Russia, Australia, Taiwan, Bolivia, Asia, Netherlands, Italy, China, Mexico, Chile, Turkey, France, Brazil, Austria, Philippines
CVEs:
CVE-2024-53375 [Vulners]
CVSS V3.1: 8.0,
Vulners: Exploitation: Unknown
X-Force: Risk: Unknown
X-Force: Patch: Unknown
CVE-2022-37055 [Vulners]
CVSS V3.1: 9.8,
Vulners: Exploitation: Unknown
X-Force: Risk: Unknown
X-Force: Patch: Unknown
Soft:
- dlink go-rt-ac750_firmware (reva_1.01b03, revb_2.00b02)
CVE-2024-10914 [Vulners]
CVSS V3.1: 9.8,
Vulners: Exploitation: True
X-Force: Risk: Unknown
X-Force: Patch: Unknown
Soft:
- dlink dns-320_firmware (*)
CVE-2024-3721 [Vulners]
CVSS V3.1: 6.3,
Vulners: Exploitation: True
X-Force: Risk: Unknown
X-Force: Patch: Unknown
CVE-2020-25506 [Vulners]
CVSS V3.1: 9.8,
Vulners: Exploitation: True
X-Force: Risk: Unknown
X-Force: Patch: Unknown
Soft:
- dlink dns-320_firmware (2.06b01)
CVE-2023-52163 [Vulners]
CVSS V3.1: 5.9,
Vulners: Exploitation: True
X-Force: Risk: Unknown
X-Force: Patch: Unknown
CVE-2024-10915 [Vulners]
CVSS V3.1: 9.8,
Vulners: Exploitation: Unknown
X-Force: Risk: Unknown
X-Force: Patch: Unknown
Soft:
- dlink dns-320_firmware (*)
CVE-2009-2765 [Vulners]
CVSS V3.1: 8.3,
Vulners: Exploitation: Unknown
X-Force: Risk: Unknown
X-Force: Patch: Unknown
Soft:
- dd-wrt (le24)
TTPs:
Tactics: 1
Technics: 0
ChatGPT TTPs:
do not use without manual check
T1105, T1190, T1204.002, T1584.004, T1587.001
IOCs:
IP: 2
Domain: 1
Hash: 13
Soft:
DigiEver, Mac OS
Algorithms:
xor
Win Services:
InfoPath
Platforms:
x64, intel, amd64
2025-11-28 12:46:35
CVE-2024-53375
*
TP-Link Archer AXE75 Authenticated Command Injection
*
Exploit
2024-12-19 11:32:41
#6 · PT-2024-7982 · D Link · D-Link Dns-325
Netsecfish
·
Published
2024-11-06
·
Updated
2025-11-28
·
CVE-2024-10915
10
High
Base
AV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions
D-Link DNS-320, DNS-320LW, DNS-325, and DNS-340L versions up to 20241028
Description
A critical issue exists in the
Morecgi user add/cgi-bin/account mgr.cgi?cmd=cgi user addExploit
Fix
Improper Neutralization
Special Elements Injection
OS Command Injection
X.com
6 Posts
0Reposts
59.7 K Audience
Related posts · 11
Исследователи FortiGuard Labs из Fortinet задетектили новую вредоносную бот-сеть на базе Mirai под названием ShadowV2, нацеленную на IoT-устройства от D-Link, TP-Link и других поставщиков с использованием эксплойтов для известных уязвимостей.
Причем обнаружить активность удалось во время масштабного сбоя в работе AWS в октябре 2025 года.
Несмотря на то, что эти события никак не были связаны между собой, ShadowV2 проявил признаки жизни только во время сбоя - вероятно, тестово запускался.
На текущий момент для распространения задействуется как минимум 8 уязвимостей в:
- DD-WRT (CVE-2009-2765),
- D-Link (CVE-2020-25506, CVE-2022-37055, CVE-2024-10914, CVE-2024-10915),
- DigiEver (CVE-2023-52163), ТБК (CVE-2024-3721)
- TP-Link (CVE-2024-53375).
Среди этих уязвимостей CVE-2024-10914 - известная уязвимость внедрения команд, затрагивающая устройства EoL D-Link, которую поставщик раскрыл, но исправлять не намерен.
Другая, CVE-2024-10915 (упомянутая в отчете NetSecFish от ноября 2024 года), также останется без официальных исправлений, что подтвердил сам поставщик.
Помимо того, что D-Link обновила бюллетень и добавила в него конкретный CVE-ID, компания выпустила новый со ссылками на кампанию ShadowV2, предупреждая также в нем об устройствах с EoL.
Еще одна CVE-2024-53375 была раскрыта в ноябре 2024 года и получила исправления посредством бета-обновления прошивки.
По данным FortiGuard Labs, атаки ShadowV2 исходили из 198[.]199[.]72[.]27 и были нацелены на маршрутизаторы, устройства NAS и DVR в госсекторе, IT, производстве, MSSP, телекоме и сфере образования, затронув многие страны в Северной и Южной Америке, Европе, Африке, Азии и Австралии, включая и Россию.
Вредоносное ПО позиционируется как ShadowV2 Build v1.0.0 IoT version и имеет сходство со штаммом Mirai LZRD.
Доставляется на уязвимые устройства через начальный этап доступа с использованием загрузчика (binary.sh), который извлекает его с сервера по адресу 81[.]88[.]18[.]108.
ShadowV2 использует закодированную с помощью XOR конфигурацию для путей файловой системы, строк User-Agent, заголовков HTTP и строк в стиле Mirai.
По части функциональных возможностей он поддерживает распределенные атаки типа DDoS по протоколам UDP, TCP и HTTP, с различными типами флуда для каждого из них. Стратегия монетизации ShadowV2 пока не прослеживается.
Все технические подробности и IOCs - в отчете.
2025-11-28 15:30:03
#ParsedReport #CompletenessMedium
26-11-2025
ShadowV2 Casts a Shadow Over IoT Devices | FortiGuard Lab
Report completeness: Medium
Threats:
Shadowv2
Mirai
Udpflood_technique
Tcpflood_technique
Victims:
Iot devices, Aws ec2 instances
Industry:
Retail, Government, Entertainment, Telco, Education, Iot
Geo:
Saudi arabia, Oceania, Kazakhstan, Czechia, Croatia, Egypt, Thailand, Japan, South africa, United kingdom, Africa, Morocco, America, Canada, Greece, Belgium, Russia, Australia, Taiwan, Bolivia, Asia, Netherlands, Italy, China, Mexico, Chile, Turkey, France, Brazil, Austria, Philippines
CVEs:
CVE-2024-53375 [Vulners]
CVSS V3.1: 8.0,
Vulners: Exploitation: Unknown
X-Force: Risk: Unknown
X-Force: Patch: Unknown
CVE-2022-37055 [Vulners]
CVSS V3.1: 9.8,
Vulners: Exploitation: Unknown
X-Force: Risk: Unknown
X-Force: Patch: Unknown
Soft:
- dlink go-rt-ac750_firmware (reva_1.01b03, revb_2.00b02)
CVE-2024-10914 [Vulners]
CVSS V3.1: 9.8,
Vulners: Exploitation: True
X-Force: Risk: Unknown
X-Force: Patch: Unknown
Soft:
- dlink dns-320_firmware (*)
CVE-2024-3721 [Vulners]
CVSS V3.1: 6.3,
Vulners: Exploitation: True
X-Force: Risk: Unknown
X-Force: Patch: Unknown
CVE-2020-25506 [Vulners]
CVSS V3.1: 9.8,
Vulners: Exploitation: True
X-Force: Risk: Unknown
X-Force: Patch: Unknown
Soft:
- dlink dns-320_firmware (2.06b01)
CVE-2023-52163 [Vulners]
CVSS V3.1: 5.9,
Vulners: Exploitation: True
X-Force: Risk: Unknown
X-Force: Patch: Unknown
CVE-2024-10915 [Vulners]
CVSS V3.1: 9.8,
Vulners: Exploitation: Unknown
X-Force: Risk: Unknown
X-Force: Patch: Unknown
Soft:
- dlink dns-320_firmware (*)
CVE-2009-2765 [Vulners]
CVSS V3.1: 8.3,
Vulners: Exploitation: Unknown
X-Force: Risk: Unknown
X-Force: Patch: Unknown
Soft:
- dd-wrt (le24)
TTPs:
Tactics: 1
Technics: 0
ChatGPT TTPs:
do not use without manual check
T1105, T1190, T1204.002, T1584.004, T1587.001
IOCs:
IP: 2
Domain: 1
Hash: 13
Soft:
DigiEver, Mac OS
Algorithms:
xor
Win Services:
InfoPath
Platforms:
x64, intel, amd64
2025-11-28 12:46:35
🚨 CVE-2024-10915 - D-Link NAS Command Injection exploit.
Unauthenticated attackers can execute system commands.
🔗 https://t.co/RH6423fkXC
#CyberSecurity #Exploit #RCE #Pentesting
2025-07-12 11:50:32
#7 · PT-2025-48124 · Faction · Faction
Published
2025-11-26
·
Updated
2025-11-28
·
CVE-2025-66022
9.6
Critical
Base
AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions
FACTION versions prior to 1.7.1
Description
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to version 1.7.1, a flaw in the extension framework allows untrusted extension code to execute arbitrary system commands on the server when a lifecycle hook is invoked, leading to remote code execution (RCE). A missing authentication check on the `/portal/...
MoreExploit
Fix
RCE
Improper Authentication
X.com
6 Posts
3Reposts
599 Audience
Related posts · 8
Just got my first CVE, CVE-2025-66022. Check out my blog about how I discovered it!!!
2025-11-28 14:04:56
Warning: Critical vulnerability in #FACTION pentesting framework. CVE-2025-66022: 9.6. This vulnerability can lead to remote code execution by unauthenticated users. #RCE! #Patch #Patch #Patch
2025-11-26 15:14:33
CVE-2025-66022
Remote Code Execution in Faction Framework via Unauthenticated Extension Upload
2025-11-26 11:36:42
#8 · PT-2025-39207 · Cryptolib · Cryptolib
Luiginoc
·
Published
2025-09-23
·
Updated
2025-11-29
·
CVE-2025-59534
7.8
High
Base
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions
CryptoLib versions prior to 1.4.2
Description
CryptoLib is a software solution utilizing the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) for secure communications between spacecraft and ground stations. A command injection issue exists in the
Moreinitialize kerberos keytab file login()Fix
OS Command Injection
X.com
4 Posts
4Reposts
2.5 K Audience
Related posts · 8
Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today:
-
📝 n/a
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: n/a
-
📝 Analysis: No Information available for this CVE at the moment
-
📝 CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in initialize_kerberos_keytab_file_login(). The vulnerability exists because the code directly interpolates user-controlled input into a shell command and executes it via system() without any sanitization or validation. This issue has been patched in version 1.4.2.
-
📅 Published: 23/09/2025
-
📈 CVSS: 7.3
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
-
⚠️ Priority: 2
-
📝 Analysis: Unpatched versions of CryptoLib (< 1.4.2) have a command injection vulnerability in initialize_kerberos_keytab_file_login(). This issue allows an attacker to execute commands remotely without sanitization or validation, posing a high impact on confidentiality, integrity, and availability. Although no confirmed exploits have been detected, the CVSS score is high, making this a priority 2 vulnerability.
-
📝 Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
-
📅 Published: 03/06/2025
-
📈 CVSS: 8.6
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
-
📣 Mentions: 40
-
⚠️ Priority: 2
-
📝 Analysis: A memory corruption issue in GPU micronodes enables unauthorized command execution via specific command sequences. No known exploits have been detected; however, due to a high CVSS score and low Exploitability Scoring System (EPSS) score, this is considered a priority 2 vulnerability.
-
📝 Microsoft Management Console Security Feature Bypass Vulnerability
-
📅 Published: 11/03/2025
-
📈 CVSS: 7
-
🧭 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
-
📣 Mentions: 61
-
⚠️ Priority: 2
-
📝 Analysis: A Microsoft Management Console Security Feature Bypass vulnerability has been identified (CVSS: 7), allowing remote attackers potential control over affected systems. While no in-the-wild activity has been confirmed (CISA KEV), the high severity score indicates a priority 2 concern due to the potential impact and exploitability through network access.
-
📝 FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
-
📅 Published: 28/08/2025
-
📈 CVSS: 10
-
🛡️ CISA KEV: True
-
🧭 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
-
📣 Mentions: 11
-
⚠️ Priority: 1+
-
📝 Analysis: Unauthenticated access granted due to insufficient data sanitization in FreePBX versions 15, 16, and 17 allows arbitrary database manipulation and remote code execution. This vulnerability has been patched in versions 15.0.66, 16.0.89, and 17.0.3. Given known exploitation and high CVSS score, this is a priority 1+ issue.
-
📝 VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
-
📅 Published: 25/04/2023
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: 2
-
📝 Analysis: An out-of-bounds read vulnerability exists in Bluetooth device sharing functionality for VMware Workstation and Fusion, currently with no known exploits in the wild. Given a high CVSS score and low Exploitability Potential Score (EPSS), this is a priority 2 issue.
-
📝 VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.
-
📅 Published: 20/10/2023
-
📈 CVSS: 7.1
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
-
⚠️ Priority: 2
-
📝 Analysis: Out-of-bounds read vulnerability in VMware Workstation and Fusion (versions prior to 17.5 and 13.5 respectively): A local admin on a virtual machine can potentially access hypervisor memory, impacting confidentiality. Despite no known exploits, the high CVSS score indicates a priority 2 issue due to its potential severity.
-
📝 VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
-
📅 Published: 25/04/2023
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: 2
-
📝 Analysis: A stack-based buffer-overflow vulnerability exists in sharing host Bluetooth devices with virtual machines in VMware Workstation (17.x) and Fusion (13.x). While not yet exploited in the wild, its high CVSS score and potential impact warrant attention as a priority 2 issue.
-
📝 Win32k Elevation of Privilege Vulnerability
-
📅 Published: 12/08/2025
-
📈 CVSS: 7.8
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
-
📣 Mentions: 5
-
⚠️ Priority: 2
-
📝 Analysis: A Win32k Elevation of Privilege vulnerability has been identified (CVSS: 7.8). While no exploits have been detected in the wild, the high impact on confidentiality, integrity, and availability makes it a priority 2 vulnerability due to its high CVSS score and low Exploitability Scoring System score.
10. CVE-2025-58360
-
📝 GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0.
-
📅 Published: 25/11/2025
-
📈 CVSS: 8.2
-
🧭 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
-
📣 Mentions: 1
-
⚠️ Priority: 2
-
📝 Analysis: XML External Entity (XXE) vulnerability in GeoServer versions before 2.26.2 and before 2.25.6 allows remote attackers to define external entities within XML requests. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0. Given high CVSS score but low exploitability, this is a priority 2 vulnerability.
Let us know if you're tracking any of these or if you find any issues with the provided details.
2025-11-29 11:03:27
Just published a detailed writeup on CVE-2025-59534=a command-injection flaw we at @WeAreAisle uncovered in NASA's CryptoLib.
It lived unnoticed for ~3 years in code responsible for securing spacecraft comms & was ironically added in a hardening code change. It's fixed now🙏 https://t.co/aODft4tx7c
2025-11-28 18:02:51
■■■■□ Command Injection in NASA CryptoLib (CVE-2025-59534)
2025-11-28 15:27:24
#9 · PT-2025-47496 · Plex · Twonky Server
Published
2025-11-19
·
Updated
2025-11-29
·
CVE-2025-13315
9.3
Critical
Base
AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions
Twonky Server version 8.5.2
Description
An unauthenticated attacker can bypass web service API authentication controls. This allows access to a log file containing the administrator's username and encrypted password. The affected software is Twonky Server version 8.5.2 running on Linux and Windows. The API authentication bypass allows unauthorized access to sensitive informa...
MoreX.com
6 Posts
6Reposts
2.6 K Audience
Related posts · 6
GitHub - Ashwesker/Blackash-CVE-2025-13315: CVE-2025-13315 - https://t.co/8g6aFik6Xs
2025-11-29 07:18:31
🔥 ZoomEye Lifetime Membership is now available for a limited time👉https://t.co/txTL8F27IJ
🚨🚨Critical Twonky Server Vulnerabilities
CVE-2025-13315 (CVSS 9.3): Unauthenticated log access lets attackers leak admin usernames & encrypted passwords.
CVE-2025-13316 (CVSS 8.2): Hard-coded keys allow decryption of admin passwords, granting full admin access.
ZoomEye Dork👉app="Twonky Server"
Over 21.3k instances exposed.
ZoomEye Link: https://t.co/qjDC7c3KpR
Refer:
#ZoomEye #cybersecurity #infosec #OSINT
2025-11-28 12:11:59
📢 𝐍𝐞𝐰 𝐂𝐕𝐄 𝐚𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐣𝐮𝐬𝐭 𝐝𝐫𝐨𝐩𝐩𝐞𝐝!
Warning: CVE-2025-13315 and CVE-2025-13316 expose Twonky Server to complete compromise. Learn how to protect your network before it's too late.
📖 Check the detailed report → https://t.co/xHUTVyhPUq
We’d love to hear your perspective!
2025-11-27 16:01:31
#10 · PT-2025-48105 · Db Elettronica Telecomunicazioni Spa · Mozart Fm Transmitter
Abdul Mhanni
·
Published
2025-11-26
·
Updated
2025-11-28
·
CVE-2025-66253
9.9
Critical
Base
AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions
DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000
Description
An unauthenticated OS Command Injection issue exists in the
Morestart upgrade.php/var/tdf/start upgrade.php$ GET["filename"]Exploit
Fix
RCE
OS Command Injection
X.com
3 Posts
0Reposts
440 Audience
Related posts · 5
🚨 #CyberAlert: A critical vulnerability, CVE-2025-66253, in DB Electronica's Mozart FM Transmitter allows unauthenticated OS command injection via start_upgrade.php. 💻 User input isn't sanitized, leading to potential remote code execution. Patch immediately! 🔐 #Infosec #RCE
2025-11-28 10:17:11
CVE-2025-66253
Unauthenticated Remote Code Execution in DB Electronica Mozart FM Transmitter Versions
2025-11-26 06:01:02
CVE-2025-66253 - Unauthenticated OS Command Injection (start_upgrade.php)
CVE ID : CVE-2025-66253
Published : Nov. 26, 2025, 1:16 a.m. | 1 hour, 48 minutes ago
Description : Unauthenticated OS Command Injection (start_upgrade.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform User input passed directly to exec() allows remote code execution via start_upgrade.php. The
/var/tdf/start_upgrade.php$_GET["filename"]exec();|2025-11-26 03:11:48
#11 · PT-2025-47514 · Plex · Twonky Server
Published
2025-11-19
·
Updated
2025-11-28
·
CVE-2025-13316
8.2
High
Base
AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions
Twonky Server version 8.5.2
Description
Twonky Server version 8.5.2 on Linux and Windows contains a cryptographic flaw due to the use of hard-coded cryptographic keys. An attacker who knows the encrypted administrator password can decrypt it using these static keys to reveal the plain text password and obtain administrator-level access to Twonky Server.
Recommendations...
MoreX.com
4 Posts
5Reposts
2.0 K Audience
Related posts · 4
🔥 ZoomEye Lifetime Membership is now available for a limited time👉https://t.co/txTL8F27IJ
🚨🚨Critical Twonky Server Vulnerabilities
CVE-2025-13315 (CVSS 9.3): Unauthenticated log access lets attackers leak admin usernames & encrypted passwords.
CVE-2025-13316 (CVSS 8.2): Hard-coded keys allow decryption of admin passwords, granting full admin access.
ZoomEye Dork👉app="Twonky Server"
Over 21.3k instances exposed.
ZoomEye Link: https://t.co/qjDC7c3KpR
Refer:
#ZoomEye #cybersecurity #infosec #OSINT
2025-11-28 12:11:59
📢 𝐍𝐞𝐰 𝐂𝐕𝐄 𝐚𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐣𝐮𝐬𝐭 𝐝𝐫𝐨𝐩𝐩𝐞𝐝!
Warning: CVE-2025-13315 and CVE-2025-13316 expose Twonky Server to complete compromise. Learn how to protect your network before it's too late.
📖 Check the detailed report → https://t.co/xHUTVyhPUq
We’d love to hear your perspective!
2025-11-27 16:01:31
CVE-2025-13315, CVE-2025-13316: Critical Twonky Server Authentication Bypass (NOT FIXED)
Nov 20, 2025
2025-11-27 10:28:41
#12 · PT-2025-48267 · Sdmc · Sdmc Ne6037 Routers
Grzegorz Bronka
·
Published
2025-11-27
·
Updated
2025-11-28
·
CVE-2025-8890
9.3
Critical
Base
AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions
SDMC NE6037 routers versions prior to 7.1.12.2.44
Description
The network diagnostics tool in SDMC NE6037 routers is susceptible to a shell command injection attack. Exploitation requires an attacker to log in to the router's administrative portal, which is accessible via LAN ports. Successful exploitation could lead to remote code execution.
Recommendations
Versions pr...
MoreFix
RCE
OS Command Injection
X.com
5 Posts
1Reposts
597 Audience
Related posts · 6
🚨 CRITICAL: SDMC NE6037 routers pre-7.1.12.2.44 vulnerable to OS command injection (CVE-2025-8890). LAN admin access = full compromise risk! Patch ASAP & lock down access. https://t.co/gC8BgJOlB0 #OffSeq #Cybe... https://t.co/iP3em9GByA
2025-11-28 01:03:34
🚨 CVE-2025-8890
Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44 has a network diagnostics tool vulnerable to a shell command injection attacks.
In order to exploit this vulnerability, an attacker has to log in to the router's administrative portal, which by default is reachable only via LAN ports.
#CyberSec #InfoSec #CyberSecuriry
2025-11-27 16:43:52
CVE-2025-8890
Network Command Injection Vulnerability in SDMC NE6037 Router Firmware
2025-11-27 14:34:33
#13 · PT-2025-48251 · WordPress · Blubrry Powerpress
Ismailshadow
·
Published
2025-11-27
·
Updated
2025-11-29
·
CVE-2025-13536
8.8
High
Base
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions
Blubrry PowerPress versions up to and including 11.15.2
Description
The Blubrry PowerPress plugin for WordPress is susceptible to arbitrary file uploads because of inadequate file type validation. This occurs because the plugin validates file extensions but does not stop execution when validation fails within the
Morepowerpress edit postFix
RCE
Unrestricted File Upload
X.com
5 Posts
0Reposts
490 Audience
Related posts · 7
🚨🔒 Heads up, security community! CVE-2025-13536 has surfaced, affecting Blubrry PowerPress plugin for WordPress (v11.15.2 & below). 🚩 Weak file type validation allows arbitrary file uploads, risking RCE. Update ASAP! 🔧 #CyberSecurity #WordPress #CVE2025 #InfosecAlert
2025-11-29 10:14:48
[CVE-2025-13536: HIGH] WordPress plugin Blubrry PowerPress up to version 11.15.2 has a serious security flaw allowing attackers to upload remote files, potentially enabling remote code execution.#cve,CVE-2025-13536,#cybersecurity https://t.co/R6YkarvGYN https://t.co/6JlYTF53gq
2025-11-27 10:40:53
CVE-2025-13536
Authenticated Arbitrary File Upload Vulnerability in Blubrry PowerPress WordPress Plugin
2025-11-27 09:39:24
#14 · PT-2025-48268 · Wirtualna Uczelnia
Marcin Ressel
·
Published
2025-11-27
·
Updated
2025-11-27
·
CVE-2025-12140
9.3
Critical
Base
AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions
Wirtualna Uczelnia versions prior to wu#2016.1.5513#0#20251014 113353
Description
The application has an insecure 'redirectToUrl' mechanism that incorrectly processes the
MoreredirectUrlParameterFix
RCE
Eval Injection
X.com
3 Posts
1Reposts
506 Audience
Related posts · 4
Arbitrary code on your campus system? CVE-2025-12140 in Wirtualna Uczelnia lets attackers run what they want, risking unauthorized access to student and business data. Patch to the latest version and confirm your vendors did too. https://t.co/p5hcGUlw6y #CyberSecurity #PatchNow
2025-11-27 19:15:55
CVE-2025-12140 The application contains an insecure 'redirectToUrl' mechanism that incorrectly processes the value of the 'redirectUrlParameter' parameter. The application interpret… https://t.co/qTmdye5TPx
2025-11-27 14:38:36
🚨 CVE-2025-12140
The application contains an insecure 'redirectToUrl' mechanism that incorrectly processes the value of the 'redirectUrlParameter' parameter. The application interprets the entered string of characters as a Java expression, allowing an unauthenticated attacer to perform arbitrary code execution.
This issue was fixed in version wu#2016.1.5513#0#20251014_113353
🎖@cveNotify
2025-11-27 14:26:52
#15 · PT-2025-44072 · Krita · Krita
Published
2025-01-01
·
Updated
2025-11-29
·
CVE-2025-59820
6.7
Medium
Base
AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
Name of the Vulnerable Software and Affected Versions
Krita versions prior to 5.2.13
Krita versions 5.1.5+dfsg-2+deb12u1 through 5.1.5+dfsg-2+deb12u1
Krita versions 5.2.9+dfsg-1+deb13u1 through 5.2.9+dfsg-1+deb13u1
Description
A heap-based buffer overflow exists in the TGA parser of Krita, a creative application for raster images. Loading a manipulated TGA file can lead to a buffer overflow in the
Morekis tga import.cppFix
RCE
X.com
3 Posts
0Reposts
463 Audience
Related posts · 5
🔴 CVE-2025-59820 – Krita TGA Parser Buffer Overflow Enables Code Execution
Krita (open-source digital painting app) has a buffer overflow (CVE-2025-59820) in its TGA image parser that allows arbitrary code execution via crafted image files.
What's concerning: opening a malicious TGA file in Krita triggers the overflow—classic file format exploitation vector. Debian issued patches for stable releases. This matters because Krita is widely used by digital artists, making it a viable phishing target via trojanized art assets shared through portfolio reviews.
Source: Debian Security Advisory
2025-11-29 01:00:11
CVE-2025-59820 - KDE Krita TGA File Heap-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-59820
Published : Nov. 26, 2025, 6:15 a.m. | 49 minutes ago
Description : In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kis_tga_import.cpp (aka KisTgaImport). Control flow proceeds even when a number of pixels becomes negative.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
2025-11-26 07:08:04
🚨 CVE-2025-59820
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kis_tga_import.cpp (aka KisTgaImport). Control flow proceeds even when a number of pixels becomes negative.
🎖@cveNotify
2025-11-26 06:27:00
#16 · PT-2025-48353 · Fonttools · Fonttools
Published
2025-11-29
·
Updated
2025-11-29
·
CVE-2025-66034
6.3
Medium
Base
AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:L
Name of the Vulnerable Software and Affected Versions
fontTools versions 4.33.0 through 4.60.1
Description
fontTools is a Python library used for manipulating fonts. Versions from 4.33.0 up to, but not including, 4.60.2 contain a file write issue within the
MorevarLibpython3 -m fontTools.varLib.designspaceFix
RCE
X.com
2 Posts
0Reposts
202 Audience
Related posts · 2
CVE-2025-66034 fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) scri… https://t.co/Au1nLEhnlM
2025-11-29 02:49:27
CVE-2025-66034
Arbitrary File Write Vulnerability in fontTools varLib Leading to Remote Code Execution
2025-11-29 01:31:23
#17 · PT-2025-48365 · Orangehrm · Orangehrm
Published
2025-11-29
·
Updated
2025-11-29
·
CVE-2025-66224
9.0
Critical
Base
AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions
OrangeHRM versions 5.0 through 5.7
Description
OrangeHRM contains an input-neutralization flaw in its mail configuration and delivery workflow. User-controlled values are not sanitized before being used in the system’s sendmail command, allowing unintended sendmail behaviors during email processing. This can lead to the application writing files on the server, potentially en...
MoreFix
RCE
Code Injection
X.com
2 Posts
0Reposts
184 Audience
Related posts · 2
CVE-2025-66224 OrangeHRM is a comprehensive human resource management (HRM) system. From version 5.0 to 5.7, the application contains an input-neutralization flaw in its mail config… https://t.co/wHs6piCmDB
2025-11-29 03:43:36
🚨 CVE-2025-66224: OrangeHRM is Vulnerable to Code ...
Classic command injection in OrangeHRM's mail handler leads to arbitrary file write and RCE via sendmail parameter poll...
#netsec #vulnerability #CVE #sysadmin #zeroday
2025-11-29 03:25:07
#18 · PT-2025-48281 · Mattermost · Mattermost
Daw10
·
Published
2025-11-27
·
Updated
2025-11-28
·
CVE-2025-12421
9.9
Critical
Base
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions
Mattermost versions 10.5.x through 10.5.12
Mattermost versions 10.11.x through 10.11.4
Mattermost versions 10.12.x through 10.12.1
Mattermost versions 11.0.x through 11.0.2
Description
Mattermost fails to verify that the token used during the code exchange originates from the same authentication flow. This allows an authenticated user to perform account takeover by using a s...
MoreFix
X.com
8 Posts
2Reposts
1.2 K Audience
Related posts · 8
🚨 Critical Vulnerabilities exist in Mattermost (CVE-2025-12421, CVE-2025-12419) - please see the @ncsc_gov_ie advisory for further info: https://t.co/7a1MBkog4L
2025-11-28 22:40:15
Warning: Two Critical Account Takeover flaws in Mattermost! #CVE-2025-12421 and #CVE-2025-12419, CVSS 9.9. These allow an authenticated attacker to perform full account takeover! #Patch #Patch #Patch More info: https://t.co/4mDcbZmfV7
2025-11-28 12:56:23
AI plugins are the new attack surface:
AI Feeds and CIBELES AI both vulnerable to arbitrary file upload (9.8). Attackers upload webshells for persistent access.
Mattermost also got two 9.9 bugs (CVE-2025-12421, CVE-2025-12419). Versions 10.5.x through 11.0.x affected.
2025-11-27 23:02:14
#19 · PT-2025-48273 · Mattermost · Mattermost
Daw10
·
Published
2025-11-27
·
Updated
2025-11-28
·
CVE-2025-12419
9.9
Critical
Base
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions
Mattermost versions 10.5.x through 10.12.1
Mattermost versions 10.11.x through 10.11.4
Mattermost versions 11.0.x through 11.0.3
Description
Mattermost fails to properly validate OAuth state tokens during OpenID Connect authentication. This allows an authenticated attacker with team creation privileges to take over a user account by manipulating authentication data during th...
MoreFix
X.com
8 Posts
3Reposts
1.2 K Audience
Related posts · 8
🚨 Critical Vulnerabilities exist in Mattermost (CVE-2025-12421, CVE-2025-12419) - please see the @ncsc_gov_ie advisory for further info: https://t.co/7a1MBkog4L
2025-11-28 22:40:15
Warning: Two Critical Account Takeover flaws in Mattermost! #CVE-2025-12421 and #CVE-2025-12419, CVSS 9.9. These allow an authenticated attacker to perform full account takeover! #Patch #Patch #Patch More info: https://t.co/4mDcbZmfV7
2025-11-28 12:56:23
AI plugins are the new attack surface:
AI Feeds and CIBELES AI both vulnerable to arbitrary file upload (9.8). Attackers upload webshells for persistent access.
Mattermost also got two 9.9 bugs (CVE-2025-12421, CVE-2025-12419). Versions 10.5.x through 11.0.x affected.
2025-11-27 23:02:14
#20 · PT-2025-48111 · Redaxo · Redaxo
Published
2025-11-25
·
Updated
2025-11-29
·
CVE-2025-66026
6.1
Medium
Base
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions
REDAXO versions prior to 5.20.1
Description
REDAXO is a PHP-based CMS. A reflected Cross-Site Scripting (XSS) vulnerability exists in the Mediapool view where the request parameter
Moreargs[types]Exploit
Fix
XSS
X.com
1 Posts
0Reposts
64 Audience
Related posts · 7
📦 NPM - ⚠️ Si usas Node.js con npm.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 4
☣️ Altas: 2
Top Vulnerabilidades:
- 🧪 P2 - Alta: CVE-2025-66035 - @angular/common (affected: >= 21.0.0-next.0, < 21.0.1)
- 🧪 P2 - Alta: CVE-2025-66031 - node-forge (affected: < 1.3.2)
- 🌱 P? - Baja: N/A - better-auth (affected: >= 1.3.34, < 1.4.0)
🐍 PIP - ⚠️ Si usas Python con VSCode y estás usando pip.
Estadísticas:
• CVEs encontrados: 3
• Paquetes afectados: 3
💀 Críticas: 1
☣️ Altas: 1
Top Vulnerabilidades:
- 🧪 P2 - Media: CVE-2021-4472 - python-mistralclient (affected: < 4.3.0)
- 🧪 P2 - Crítica: CVE-2025-62593 - ray (affected: < 2.52.0)
- 🧪 P2 - Alta: CVE-2025-62703 - fugue (affected: <= 0.9.2)
☕ MAVEN - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 4
• Paquetes afectados: 4
💀 Críticas: 1
☣️ Altas: 3
Top Vulnerabilidades:
- 🔥 P4 - Crítica: CVE-2025-59390 - org.apache.druid:druid (affected: < 35.0.0)
- 🧪 P2 - Alta: CVE-2025-66021 - com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer (affected: = 20240325.1)
- 🧪 P2 - Alta: CVE-2025-9624 - org.opensearch:opensearch-common (affected: < 3.3.0)
🎶 COMPOSER - ⚠️ Si usas PHP con Composer.
Estadísticas:
• CVEs encontrados: 4
• Paquetes afectados: 4
Top Vulnerabilidades:
- 🔥 P4 - Baja: CVE-2025-65961 - contao/core-bundle (affected: >= 4.0.0, < 4.13.57)
- 🔥 P4 - Media: CVE-2025-64049 - redaxo/source (affected: < 5.20.1)
- 🧪 P2 - Media: CVE-2025-66026 - redaxo/source (affected: < 5.20.1)
🦀 RUST - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 3
💀 Críticas: 2
☣️ Altas: 1
Top Vulnerabilidades:
- 🧪 P2 - Alta: CVE-2025-66017 - cggmp21 (affected: <= 0.6.3)
- 🧪 P2 - Crítica: CVE-2025-66016 - cggmp21 (affected: < 0.6.3)
- 🌱 P? - Crítica: N/A - nftnl (affected: <= 0.8.0)
🐹 GO - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 2
☣️ Altas: 1
Top Vulnerabilidades:
- 🔥 P4 - Baja: CVE-2025-65942 - github.com/VictoriaMetrics/VictoriaMetrics (affected: >= 1.123.0, < 1.129.1)
- 🧪 P2 - Alta: CVE-2025-65965 - github.com/anchore/grype (affected: >= 0.68.0, < 0.104.1)
💡 Powered by www.vulnmatter.com
2025-11-29 02:49:37
📦 NPM - ⚠️ Si usas Node.js con npm.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 4
☣️ Altas: 2
Top Vulnerabilidades:
- 🧪 P2 - Alta: CVE-2025-66035 - @angular/common (affected: >= 21.0.0-next.0, < 21.0.1)
- 🧪 P2 - Alta: CVE-2025-66031 - node-forge (affected: < 1.3.2)
- 🌱 P? - Baja: N/A - better-auth (affected: >= 1.3.34, < 1.4.0)
🐍 PIP - ⚠️ Si usas Python con VSCode y estás usando pip.
Estadísticas:
• CVEs encontrados: 3
• Paquetes afectados: 3
💀 Críticas: 1
☣️ Altas: 1
Top Vulnerabilidades:
- 🧪 P2 - Media: CVE-2021-4472 - python-mistralclient (affected: < 4.3.0)
- 🧪 P2 - Crítica: CVE-2025-62593 - ray (affected: < 2.52.0)
- 🧪 P2 - Alta: CVE-2025-62703 - fugue (affected: <= 0.9.2)
☕ MAVEN - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 4
• Paquetes afectados: 4
💀 Críticas: 1
☣️ Altas: 3
Top Vulnerabilidades:
- 🔥 P4 - Crítica: CVE-2025-59390 - org.apache.druid:druid (affected: < 35.0.0)
- 🧪 P2 - Alta: CVE-2025-66021 - com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer (affected: = 20240325.1)
- 🧪 P2 - Alta: CVE-2025-9624 - org.opensearch:opensearch-common (affected: < 3.3.0)
🎶 COMPOSER - ⚠️ Si usas PHP con Composer.
Estadísticas:
• CVEs encontrados: 4
• Paquetes afectados: 4
Top Vulnerabilidades:
- 🔥 P4 - Baja: CVE-2025-65961 - contao/core-bundle (affected: >= 4.0.0, < 4.13.57)
- 🔥 P4 - Media: CVE-2025-64049 - redaxo/source (affected: < 5.20.1)
- 🧪 P2 - Media: CVE-2025-66026 - redaxo/source (affected: < 5.20.1)
🦀 RUST - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 3
💀 Críticas: 2
☣️ Altas: 1
Top Vulnerabilidades:
- 🧪 P2 - Alta: CVE-2025-66017 - cggmp21 (affected: <= 0.6.3)
- 🧪 P2 - Crítica: CVE-2025-66016 - cggmp21 (affected: < 0.6.3)
- 🌱 P? - Crítica: N/A - nftnl (affected: <= 0.8.0)
🐹 GO - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 2
☣️ Altas: 1
Top Vulnerabilidades:
- 🔥 P4 - Baja: CVE-2025-65942 - github.com/VictoriaMetrics/VictoriaMetrics (affected: >= 1.123.0, < 1.129.1)
- 🧪 P2 - Alta: CVE-2025-65965 - github.com/anchore/grype (affected: >= 0.68.0, < 0.104.1)
💡 Powered by www.vulnmatter.com
2025-11-29 00:15:21
📦 NPM - ⚠️ Si usas Node.js con npm.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 4
☣️ Altas: 2
Top Vulnerabilidades:
- 🧪 P2 - Alta: CVE-2025-66035 - @angular/common (affected: >= 21.0.0-next.0, < 21.0.1)
- 🧪 P2 - Alta: CVE-2025-66031 - node-forge (affected: < 1.3.2)
- 🌱 P? - Baja: N/A - better-auth (affected: >= 1.3.34, < 1.4.0)
🐍 PIP - ⚠️ Si usas Python con VSCode y estás usando pip.
Estadísticas:
• CVEs encontrados: 3
• Paquetes afectados: 3
💀 Críticas: 1
☣️ Altas: 1
Top Vulnerabilidades:
- 🧪 P2 - Media: CVE-2021-4472 - python-mistralclient (affected: < 4.3.0)
- 🧪 P2 - Crítica: CVE-2025-62593 - ray (affected: < 2.52.0)
- 🧪 P2 - Alta: CVE-2025-62703 - fugue (affected: <= 0.9.2)
☕ MAVEN - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 4
• Paquetes afectados: 4
💀 Críticas: 1
☣️ Altas: 3
Top Vulnerabilidades:
- 🔥 P4 - Crítica: CVE-2025-59390 - org.apache.druid:druid (affected: < 35.0.0)
- 🧪 P2 - Alta: CVE-2025-66021 - com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer (affected: = 20240325.1)
- 🧪 P2 - Alta: CVE-2025-9624 - org.opensearch:opensearch-common (affected: < 3.3.0)
🎶 COMPOSER - ⚠️ Si usas PHP con Composer.
Estadísticas:
• CVEs encontrados: 4
• Paquetes afectados: 4
Top Vulnerabilidades:
- 🔥 P4 - Baja: CVE-2025-65961 - contao/core-bundle (affected: >= 4.0.0, < 4.13.57)
- 🔥 P4 - Media: CVE-2025-64049 - redaxo/source (affected: < 5.20.1)
- 🧪 P2 - Media: CVE-2025-66026 - redaxo/source (affected: < 5.20.1)
🦀 RUST - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 3
💀 Críticas: 2
☣️ Altas: 1
Top Vulnerabilidades:
- 🧪 P2 - Alta: CVE-2025-66017 - cggmp21 (affected: <= 0.6.3)
- 🧪 P2 - Crítica: CVE-2025-66016 - cggmp21 (affected: < 0.6.3)
- 🌱 P? - Crítica: N/A - nftnl (affected: <= 0.8.0)
🐹 GO - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 2
☣️ Altas: 1
Top Vulnerabilidades:
- 🔥 P4 - Baja: CVE-2025-65942 - github.com/VictoriaMetrics/VictoriaMetrics (affected: >= 1.123.0, < 1.129.1)
- 🧪 P2 - Alta: CVE-2025-65965 - github.com/anchore/grype (affected: >= 0.68.0, < 0.104.1)
💡 Powered by www.vulnmatter.com
2025-11-27 19:59:46
#21 · PT-2025-48334 · Netskope · Netskope
Published
2025-11-28
·
Updated
2025-11-28
·
CVE-2025-11156
5.9
Medium
Base
AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions
Netskope versions (affected versions not specified)
Description
A flaw exists in the Netskope agent (NS Client) on Windows systems. A local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service, triggering a system crash (Blue-Screen-of-Death) and resulting in a Denial of Service (DoS) for the affected machine.
**Recomm...
MoreLPE
DoS
NULL Pointer Dereference
X.com
2 Posts
0Reposts
252 Audience
Related posts · 2
CVE-2025-11156
Netskope Windows Agent Privilege Escalation Leading to Kernel-Level DoS
2025-11-28 16:52:08
CVE-2025-11156 Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, a local, authenticated user with Admi… https://t.co/XE0U4VJR4x
2025-11-28 14:52:34
#22 · PT-2025-48317 · Cerebrate · Cerebrate
Published
2025-11-28
·
Updated
2025-11-28
·
CVE-2025-66385
9.4
Critical
Base
AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions
Cerebrate versions prior to 1.30
Description
An authenticated, non-privileged user can escalate their privileges, such as obtaining an administrator role, in Cerebrate. This is achieved through the
Moreuser-editrole idorganisation idUsersController::editrole idorganisation idFix
LPE
X.com
3 Posts
1Reposts
339 Audience
Related posts · 3
CVE-2025-66385
Privilege Escalation in Cerebrate before 1.30 via Authenticated User Edit Endpoint
2025-11-28 08:02:50
CVE-2025-66385 UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges (e.g., obtain a higher role such as admin) via… https://t.co/uD7lEa1Fih
2025-11-28 07:17:13
🚨 CVE-2025-66385: cerebrate-project (CVSS: 9.4)...
Trivial privilege escalation in Cerebrate <1.30 lets authenticated users become admin by modifying role_id/organisation...
#netsec #vulnerability #CVE #sysadmin #zeroday
2025-11-28 07:10:05
#23 · PT-2025-48086 · Geoserver · Geoserver
Published
2025-11-25
·
Updated
2025-11-29
·
CVE-2025-58360
8.5
High
Base
AV:N/AC:L/Au:N/C:C/I:N/A:P
Name of the Vulnerable Software and Affected Versions
GeoServer versions 2.26.0 through 2.26.1 and versions prior to 2.25.6
Description
GeoServer is an open-source server used for sharing and editing geospatial data. A flaw exists in the way the software handles XML input received through the
More/geoserver/wmsGetMapFix
XXE
X.com
7 Posts
23Reposts
23.7 K Audience
Related posts · 13
Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today:
-
📝 n/a
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: n/a
-
📝 Analysis: No Information available for this CVE at the moment
-
📝 CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in initialize_kerberos_keytab_file_login(). The vulnerability exists because the code directly interpolates user-controlled input into a shell command and executes it via system() without any sanitization or validation. This issue has been patched in version 1.4.2.
-
📅 Published: 23/09/2025
-
📈 CVSS: 7.3
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
-
⚠️ Priority: 2
-
📝 Analysis: Unpatched versions of CryptoLib (< 1.4.2) have a command injection vulnerability in initialize_kerberos_keytab_file_login(). This issue allows an attacker to execute commands remotely without sanitization or validation, posing a high impact on confidentiality, integrity, and availability. Although no confirmed exploits have been detected, the CVSS score is high, making this a priority 2 vulnerability.
-
📝 Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
-
📅 Published: 03/06/2025
-
📈 CVSS: 8.6
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
-
📣 Mentions: 40
-
⚠️ Priority: 2
-
📝 Analysis: A memory corruption issue in GPU micronodes enables unauthorized command execution via specific command sequences. No known exploits have been detected; however, due to a high CVSS score and low Exploitability Scoring System (EPSS) score, this is considered a priority 2 vulnerability.
-
📝 Microsoft Management Console Security Feature Bypass Vulnerability
-
📅 Published: 11/03/2025
-
📈 CVSS: 7
-
🧭 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
-
📣 Mentions: 61
-
⚠️ Priority: 2
-
📝 Analysis: A Microsoft Management Console Security Feature Bypass vulnerability has been identified (CVSS: 7), allowing remote attackers potential control over affected systems. While no in-the-wild activity has been confirmed (CISA KEV), the high severity score indicates a priority 2 concern due to the potential impact and exploitability through network access.
-
📝 FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
-
📅 Published: 28/08/2025
-
📈 CVSS: 10
-
🛡️ CISA KEV: True
-
🧭 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
-
📣 Mentions: 11
-
⚠️ Priority: 1+
-
📝 Analysis: Unauthenticated access granted due to insufficient data sanitization in FreePBX versions 15, 16, and 17 allows arbitrary database manipulation and remote code execution. This vulnerability has been patched in versions 15.0.66, 16.0.89, and 17.0.3. Given known exploitation and high CVSS score, this is a priority 1+ issue.
-
📝 VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
-
📅 Published: 25/04/2023
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: 2
-
📝 Analysis: An out-of-bounds read vulnerability exists in Bluetooth device sharing functionality for VMware Workstation and Fusion, currently with no known exploits in the wild. Given a high CVSS score and low Exploitability Potential Score (EPSS), this is a priority 2 issue.
-
📝 VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.
-
📅 Published: 20/10/2023
-
📈 CVSS: 7.1
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
-
⚠️ Priority: 2
-
📝 Analysis: Out-of-bounds read vulnerability in VMware Workstation and Fusion (versions prior to 17.5 and 13.5 respectively): A local admin on a virtual machine can potentially access hypervisor memory, impacting confidentiality. Despite no known exploits, the high CVSS score indicates a priority 2 issue due to its potential severity.
-
📝 VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
-
📅 Published: 25/04/2023
-
📈 CVSS: 0
-
🧭 Vector: n/a
-
⚠️ Priority: 2
-
📝 Analysis: A stack-based buffer-overflow vulnerability exists in sharing host Bluetooth devices with virtual machines in VMware Workstation (17.x) and Fusion (13.x). While not yet exploited in the wild, its high CVSS score and potential impact warrant attention as a priority 2 issue.
-
📝 Win32k Elevation of Privilege Vulnerability
-
📅 Published: 12/08/2025
-
📈 CVSS: 7.8
-
🧭 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
-
📣 Mentions: 5
-
⚠️ Priority: 2
-
📝 Analysis: A Win32k Elevation of Privilege vulnerability has been identified (CVSS: 7.8). While no exploits have been detected in the wild, the high impact on confidentiality, integrity, and availability makes it a priority 2 vulnerability due to its high CVSS score and low Exploitability Scoring System score.
10. CVE-2025-58360
-
📝 GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0.
-
📅 Published: 25/11/2025
-
📈 CVSS: 8.2
-
🧭 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
-
📣 Mentions: 1
-
⚠️ Priority: 2
-
📝 Analysis: XML External Entity (XXE) vulnerability in GeoServer versions before 2.26.2 and before 2.25.6 allows remote attackers to define external entities within XML requests. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0. Given high CVSS score but low exploitability, this is a priority 2 vulnerability.
Let us know if you're tracking any of these or if you find any issues with the provided details.
2025-11-29 11:03:27
CVE-2025-58360: GeoServer XXE Vulnerability Analysis
https://ift.tt/isbeCcH
Submitted November 28, 2025 at 08:18PM by Fit_Wing3352
via reddit https://ift.tt/PxcbinQ
2025-11-28 15:21:08
CVE-2025-58360: GeoServer XXE Vulnerability Analysis
https://www.reddit.com/r/netsec/comments/1p8wnps/cve202558360_geoserver_xxe_vulnerability_analysis/
2025-11-28 14:49:29
#24 · PT-2025-48303 · Huawei · Harmonyos
Published
2025-11-28
·
Updated
2025-11-28
·
CVE-2025-64314
9.3
Critical
Base
AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions
Huawei HarmonyOS version 5.1.0
Description
A permission control issue exists within the memory management module. Successful exploitation of this issue may lead to a compromise of confidentiality. The issue allows unprivileged local attackers to gain complete system access.
Recommendations
Restrict access to the affected system as a mitigation measure.
Fix
Type Confusion
X.com
4 Posts
0Reposts
563 Audience
Related posts · 4
🚨 Critical vulnerability in Huawei HarmonyOS 5.1.0! CVE-2025-64314 (CVSS 9.3) lets attackers bypass permission controls, risking sensitive data exposure. Patch ASAP once available & restrict access. Details: https://t.co/5Z2kwes7Rc... https://t.co/4QuBool9Hd
2025-11-28 04:02:46
CVE-2025-64314 Permission control vulnerability in the memory management module.
Impact: Successful exploitation of this vulnerability may affect confidentiality. https://t.co/Wwr5bPSsRD
2025-11-28 03:43:47
[CVE-2025-64314: CRITICAL] Permission control vulnerability in the memory management module.
Impact: Successful exploitation of this vulnerability may affect confidentiality.#cve,CVE-2025-64314,#cybersecurity https://t.co/cDRXYE3SIF https://t.co/Xuirhr9pAl
2025-11-28 03:41:57
#25 · PT-2025-48284 · Logpoint · Logpoint
Published
2025-11-27
·
Updated
2025-11-28
·
CVE-2025-66360
6.9
Medium
Base
AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions
Logpoint versions prior to 7.7.0
Description
An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to
li-adminRecommendations
Update to version 7.7.0 or later.
Fix
LPE
Incorrect Authorization
X.com
2 Posts
0Reposts
400 Audience
Related posts · 3
CVE-2025-66360
Logpoint Redis Information Disclosure Vulnerability Enabling Privilege Escalation
2025-11-28 00:35:09
🚨 CVE-2025-66360
An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.
🎖@cveNotify
2025-11-28 00:26:53
CVE-2025-66360 An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li… https://t.co/X6ahQ48RHf
2025-11-27 23:50:36
#26 · PT-2025-48344 · Lz4-Java · Lz4-Java
Jonas Konrad
+1
·
Published
2025-11-28
·
Updated
2025-11-28
·
CVE-2025-12183
8.8
High
Base
AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions
org.lz4:lz4-java versions prior to 1.8.0
Description
The software contains flaws related to memory handling. Specifically, out-of-bounds memory operations can occur when processing untrusted compressed input. This can lead to a denial of service and potential reading of adjacent memory.
Recommendations
Update to a version newer than 1.8.0.
Fix
DoS
Out of bounds Read
X.com
2 Posts
0Reposts
311 Audience
Related posts · 2
CVE-2025-12183
Out-of-Bounds Memory Read and DoS Vulnerability in LZ4 Java Library
2025-11-28 17:12:29
CVE-2025-12183 Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compres… https://t.co/BpGT6Kj05Z
2025-11-28 16:19:48
#27 · PT-2025-48350 · Pubnet · Pubnet
Published
2025-11-29
·
Updated
2025-11-29
·
CVE-2025-65112
9.4
Critical
Base
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Name of the Vulnerable Software and Affected Versions
PubNet versions prior to 1.1.3
Description
PubNet is a self-hosted Dart & Flutter package service. The
/api/storage/uploadauthor-idRecommendations
Update to version 1.1.3 or later.
Fix
Missing Authorization
Missing Authentication
X.com
5 Posts
0Reposts
303 Audience
Related posts · 5
CVE-2025-65112 PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload pack… https://t.co/TWLXISDDWu
2025-11-29 02:49:28
CVE-2025-65112
Unauthenticated Package Upload Vulnerability in PubNet Before 1.1.3
2025-11-29 02:01:54
[CVE-2025-65112: CRITICAL] Critical security update for PubNet! 🚨 Prior to version 1.1.3, unauthenticated users could exploit the /api/storage/upload endpoint to perform identity spoofing and supply chain at...#cve,CVE-2025-65112,#cybersecurity https://t.co/fTOChoZT2T https://t.co/EoAMiGMbWO
2025-11-29 01:41:35
#28 · PT-2025-48196 · Google · Angular
Published
2025-11-26
·
Updated
2025-11-29
·
CVE-2025-66035
7.7
High
Base
AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions
Angular versions prior to 19.2.16
Angular versions prior to 20.3.14
Angular versions prior to 21.0.1
Description
Angular’s HttpClient has a built-in Cross-Site Request Forgery (XSRF) protection mechanism. When handling requests with protocol-relative URLs (URLs starting with '//'), the system incorrectly treats them as same-origin requests. This results in the automatic addi...
MoreFix
X.com
5 Posts
0Reposts
685 Audience
Related posts · 11
📦 NPM - ⚠️ Si usas Node.js con npm.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 4
☣️ Altas: 2
Top Vulnerabilidades:
- 🧪 P2 - Alta: CVE-2025-66035 - @angular/common (affected: >= 21.0.0-next.0, < 21.0.1)
- 🧪 P2 - Alta: CVE-2025-66031 - node-forge (affected: < 1.3.2)
- 🌱 P? - Baja: N/A - better-auth (affected: >= 1.3.34, < 1.4.0)
🐍 PIP - ⚠️ Si usas Python con VSCode y estás usando pip.
Estadísticas:
• CVEs encontrados: 3
• Paquetes afectados: 3
💀 Críticas: 1
☣️ Altas: 1
Top Vulnerabilidades:
- 🧪 P2 - Media: CVE-2021-4472 - python-mistralclient (affected: < 4.3.0)
- 🧪 P2 - Crítica: CVE-2025-62593 - ray (affected: < 2.52.0)
- 🧪 P2 - Alta: CVE-2025-62703 - fugue (affected: <= 0.9.2)
☕ MAVEN - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 4
• Paquetes afectados: 4
💀 Críticas: 1
☣️ Altas: 3
Top Vulnerabilidades:
- 🔥 P4 - Crítica: CVE-2025-59390 - org.apache.druid:druid (affected: < 35.0.0)
- 🧪 P2 - Alta: CVE-2025-66021 - com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer (affected: = 20240325.1)
- 🧪 P2 - Alta: CVE-2025-9624 - org.opensearch:opensearch-common (affected: < 3.3.0)
🎶 COMPOSER - ⚠️ Si usas PHP con Composer.
Estadísticas:
• CVEs encontrados: 4
• Paquetes afectados: 4
Top Vulnerabilidades:
- 🔥 P4 - Baja: CVE-2025-65961 - contao/core-bundle (affected: >= 4.0.0, < 4.13.57)
- 🔥 P4 - Media: CVE-2025-64049 - redaxo/source (affected: < 5.20.1)
- 🧪 P2 - Media: CVE-2025-66026 - redaxo/source (affected: < 5.20.1)
🦀 RUST - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 3
💀 Críticas: 2
☣️ Altas: 1
Top Vulnerabilidades:
- 🧪 P2 - Alta: CVE-2025-66017 - cggmp21 (affected: <= 0.6.3)
- 🧪 P2 - Crítica: CVE-2025-66016 - cggmp21 (affected: < 0.6.3)
- 🌱 P? - Crítica: N/A - nftnl (affected: <= 0.8.0)
🐹 GO - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 2
☣️ Altas: 1
Top Vulnerabilidades:
- 🔥 P4 - Baja: CVE-2025-65942 - github.com/VictoriaMetrics/VictoriaMetrics (affected: >= 1.123.0, < 1.129.1)
- 🧪 P2 - Alta: CVE-2025-65965 - github.com/anchore/grype (affected: >= 0.68.0, < 0.104.1)
💡 Powered by www.vulnmatter.com
2025-11-29 02:49:37
📦 NPM - ⚠️ Si usas Node.js con npm.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 4
☣️ Altas: 2
Top Vulnerabilidades:
- 🧪 P2 - Alta: CVE-2025-66035 - @angular/common (affected: >= 21.0.0-next.0, < 21.0.1)
- 🧪 P2 - Alta: CVE-2025-66031 - node-forge (affected: < 1.3.2)
- 🌱 P? - Baja: N/A - better-auth (affected: >= 1.3.34, < 1.4.0)
🐍 PIP - ⚠️ Si usas Python con VSCode y estás usando pip.
Estadísticas:
• CVEs encontrados: 3
• Paquetes afectados: 3
💀 Críticas: 1
☣️ Altas: 1
Top Vulnerabilidades:
- 🧪 P2 - Media: CVE-2021-4472 - python-mistralclient (affected: < 4.3.0)
- 🧪 P2 - Crítica: CVE-2025-62593 - ray (affected: < 2.52.0)
- 🧪 P2 - Alta: CVE-2025-62703 - fugue (affected: <= 0.9.2)
☕ MAVEN - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 4
• Paquetes afectados: 4
💀 Críticas: 1
☣️ Altas: 3
Top Vulnerabilidades:
- 🔥 P4 - Crítica: CVE-2025-59390 - org.apache.druid:druid (affected: < 35.0.0)
- 🧪 P2 - Alta: CVE-2025-66021 - com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer (affected: = 20240325.1)
- 🧪 P2 - Alta: CVE-2025-9624 - org.opensearch:opensearch-common (affected: < 3.3.0)
🎶 COMPOSER - ⚠️ Si usas PHP con Composer.
Estadísticas:
• CVEs encontrados: 4
• Paquetes afectados: 4
Top Vulnerabilidades:
- 🔥 P4 - Baja: CVE-2025-65961 - contao/core-bundle (affected: >= 4.0.0, < 4.13.57)
- 🔥 P4 - Media: CVE-2025-64049 - redaxo/source (affected: < 5.20.1)
- 🧪 P2 - Media: CVE-2025-66026 - redaxo/source (affected: < 5.20.1)
🦀 RUST - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 3
💀 Críticas: 2
☣️ Altas: 1
Top Vulnerabilidades:
- 🧪 P2 - Alta: CVE-2025-66017 - cggmp21 (affected: <= 0.6.3)
- 🧪 P2 - Crítica: CVE-2025-66016 - cggmp21 (affected: < 0.6.3)
- 🌱 P? - Crítica: N/A - nftnl (affected: <= 0.8.0)
🐹 GO - ⚠️ Por favor presta atención a las siguientes vulnerabilidades de seguridad.
Estadísticas:
• CVEs encontrados: 2
• Paquetes afectados: 2
☣️ Altas: 1
Top Vulnerabilidades:
- 🔥 P4 - Baja: CVE-2025-65942 - github.com/VictoriaMetrics/VictoriaMetrics (affected: >= 1.123.0, < 1.129.1)
- 🧪 P2 - Alta: CVE-2025-65965 - github.com/anchore/grype (affected: >= 0.68.0, < 0.104.1)
💡 Powered by www.vulnmatter.com
2025-11-29 00:15:21
Warning: High severity vulnerability in #Angular. #CVE-2025-66035 CVSS: 7.7. This vulnerability allows the XSRF token to be leaked via protocol-relative URLs to an attacker-controlled domain! #Patch #Patch #Patch More info: https://t.co/W12oQzPGgI
2025-11-28 12:13:45
#29 · PT-2025-48322 · Uniong · Webitr
Published
2025-11-28
·
Updated
2025-11-28
·
CVE-2025-13771
6.5
Medium
Base
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions
WebITR (affected versions not specified)
Description
WebITR, developed by Uniong, contains an Arbitrary File Read issue stemming from Relative Path Traversal. Authenticated remote attackers can exploit this to download arbitrary system files. The issue allows attackers to read arbitrary files via path traversal.
Recommendations
At the moment, there is no information abo...
MoreRelative Path Traversal
X.com
3 Posts
0Reposts
397 Audience
Related posts · 3
🔒 HIGH severity alert: CVE-2025-13771 in Uniong WebITR enables authenticated attackers to read arbitrary files via path traversal. Protect sensitive data—review permissions & monitor access! https://t.co/lkIg0PB0iM... https://t.co/UGGpBlROo5
2025-11-28 10:02:13
CVE-2025-13771
Authenticated Relative Path Traversal in WebITR Enabling Arbitrar...
Vulnerability Alert Subscriptions: https://t.co/hrQhy5uz4x
2025-11-28 08:43:32
CVE-2025-13771 WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary … https://t.co/dFx47SnFxj
2025-11-28 08:22:37
#30 · PT-2025-48300 · Video-Related System Service Module
Published
2025-11-28
·
Updated
2025-11-28
·
CVE-2025-58316
7.3
High
Base
AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Name of the Vulnerable Software and Affected Versions
versions prior to 2025-58316
Description
A denial-of-service condition exists in the video-related system service module. Successful exploitation of this issue may affect availability.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
Race Condition
X.com
1 Posts
0Reposts
295 Audience
Related posts · 1
CVE-2025-58316 DoS vulnerability in the video-related system service module.
Impact: Successful exploitation of this vulnerability may affect availability. https://t.co/YPiJ4xWHi6
2025-11-28 03:43:47