Tag: cve
-
Apache ActiveMQ Flaw Enables DoS Attacks via Malformed Network Packets
Security researchers have uncovered a significant vulnerability in Apache ActiveMQ, a popular open-source message broker used by enterprises to route data between applications. Tracked as CVE-2025-66168, this security flaw allows malicious actors to trigger unexpected broker behavior and potential denial-of-service (DoS) conditions by sending specifically crafted, malformed network packets. A successful attack against a message…
-
U.S. CISA adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2023-43000 is a use-after-free issue in the WebKit component. Apple…
-
Zero-day exploits hit enterprises faster and harder
Tags: access, apple, attack, backdoor, business, china, cisco, cve, data, detection, endpoint, espionage, exploit, firewall, flaw, fortinet, google, group, hacker, infrastructure, ivanti, least-privilege, mobile, network, oracle, radius, ransomware, risk, router, russia, service, software, technology, threat, update, vpn, vulnerability, zero-dayEnterprise environments under siege: Chinese threat actors continued to display a preference for targets that are difficult to monitor and allow persistent access to strategic networks. Notable examples include the groups that GTIG tracks as UNC5221, which exploited a flaw in Ivanti Connect Secure (CVE-2025-0282) and UNC3886, which exploited a vulnerability in Juniper routers (CVE-2025-21590).Another…
-
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
Tags: authentication, automation, cisa, cve, cvss, cybersecurity, exploit, flaw, infrastructure, kev, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The critical-severity vulnerabilities are listed below -CVE-2017-7921 (CVSS score: 9.8) – An improper authentication vulnerability affecting First seen on thehackernews.com Jump to article: thehackernews.com/2026/03/hikvision-and-rockwell-automation-cvss.html
-
WordPress Membership Plugin Flaw Lets Attackers Create Admin Accounts
A critical security vulnerability in the popular WordPress User Registration & Membership plugin allows unauthenticated attackers to easily create administrator accounts. The severe flaw, officially tracked as CVE-2026-1492, currently affects all plugin versions up to and including 5.1.2. Because it requires no prior authentication or user interaction to exploit, the vulnerability carries a maximum critical…
-
Europa im Visier von Cyber-Identitätsdieben
Deutsche Unternehmen müssen sich warm anziehen: Sowohl staatliche als auch ‘private” Akteure haben es auf sie abgesehen.ShutterstockWie die Experten von Darktrace in ihrem aktuellen Threat Report 2026 darstellen, bleiben Cloud- und E-Mail-Konten das Einfallstor Nummer Eins in Europa. Dem Bericht zufolge begannen im vergangenen Jahr in Europa 58 Prozent der Attacken mit kompromittierten Cloud-Accounts oder…
-
Patch, track, repeat: The 2025 CVE retrospective
Thor analyzes CVE data from 2025 and provides recommendations for where and how organizations should strengthen their defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/patch-track-repeat-the-2025-cve-retrospective/
-
Cisco issues emergency patches for critical firewall vulnerabilities
root access to the device.”And CVE-2026-20131 is described thusly: “An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root.”There are no workarounds for either…
-
Cisco issues emergency patches for critical firewall vulnerabilities
root access to the device.”And CVE-2026-20131 is described thusly: “An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root.”There are no workarounds for either…
-
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under active exploitation in the wild.The vulnerabilities in question are listed below -CVE-2026-20122 (CVSS score: 7.1) – An arbitrary file overwrite vulnerability that could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. First…
-
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under active exploitation in the wild.The vulnerabilities in question are listed below -CVE-2026-20122 (CVSS score: 7.1) – An arbitrary file overwrite vulnerability that could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. First…
-
Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities
Cisco has confirmed that two Catalyst SD-WAN Manager vulnerabilities (CVE-2026-20128 and CVE-2026-20122) patched in late February 2025 are being exploited by attackers. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/cisco-cve-2026-20128-cve-2026-20122-exploited/
-
New MongoDB Vulnerability Allows Attackers to Crash Servers, Exposing Critical Data
Cato CTRL’s senior security researcher, Vitaly Simonovich, has uncovered a high-severity dos vulnerability in MongoDB, tracked as CVE-2026-25611, that lets unauthenticated attackers crash any exposed MongoDB server.”‹ CVE-2026-25611 is rooted in MongoDB’sOP_COMPRESSED wire protocol, a compression feature introduced in version 3.4 and enabled by default since version 3.6. The flaw is classified underCWE-405 (Asymmetric Resource Consumption),…
-
PoC Exploit for Cisco SD-WAN 0-Day Vulnerability Now Released, Actively Exploited in the Wild
A critical zero-day vulnerability in Cisco Catalyst SD-WAN infrastructure, tracked as CVE-2026-20127, is currently under active exploitation by highly sophisticated threat actors. The situation has grown considerably more severe following the public release of a working Proof-of-Concept (PoC) exploit, which significantly lowers the barrier to entry for cybercriminals. Critical infrastructure sectors must act immediately to…
-
Critical pac4j-jwt Authentication Bypass Vulnerability Allows Attackers to Impersonate Any User
A critical security flaw in the popular Java authentication library pac4j-jwt allows attackers to completely bypass authentication and impersonate any user, including administrators. Tracked as CVE-2026-29000, this vulnerability carries a maximum CVSS score of 10.0 and requires nothing more than the server’s public RSA key to successfully exploit.”‹ Their automated tools and security engineers found…
-
Cisco Secure Firewall Management Flaw Allows Remote Code Execution
Cisco recently disclosed a critical security vulnerability affecting its Secure Firewall Management Centre (FMC) software. This severe flaw carries a maximum severity score of 10.0 and allows unauthenticated, remote attackers to execute arbitrary code with root privileges. CVE ID CVSS Score Vulnerability Type CWE CVE-2026-20131 10.0 (Critical) Remote Code Execution CWE-502 The root cause of…
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
NDSS 2025 Detecting Server-Induced Client Vulnerabilities In Windows Remote IPC
Tags: china, computing, conference, cve, data, detection, Internet, network, technology, tool, vulnerability, windowsSession 14C: Vulnerability Detection Authors, Creators & Presenters: (Except Where Noted – The Following Authors Are From The Institute of Information Engineering, Chinese Academy Of Sciences) Fangming Gu, Qingli Guo, Jie Lu (Institute of Computing Technology, Chinese Academy of Sciences), Qinghe Xie , Beibei Zhao, Kangjie Lu (University of Minnesota), Hong Li, Xiaorui Gong PAPER…
-
CISA Warns of VMware Aria Operations Vulnerability Actively Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, vmware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog. This flaw, identified as CVE-2026-22719, is currently being exploited in the wild, prompting urgent calls for organizations to apply necessary mitigations. VMware Aria Operations, formerly known as vRealize Operations (vROps),…
-
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, vmware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild.The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an First seen…
-
CISA flags VMware Aria Operations RCE flaw as exploited in attacks
Tags: attack, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vmware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-vmware-aria-operations-rce-flaw-as-exploited-in-attacks/
-
Qualcomm Zero-Day Exploited in Targeted Android Attacks
The exploitation activity against CVE-2026-21385, a high-severity memory corruption flaw, could be tied to commercial spyware or nation-state threat groups. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/qualcomm-zero-day-exploited-targeted-android-attacks
-
NDSS 2025 Be Careful Of What You Embed: Demystifying OLE Vulnerabilities
Tags: conference, cve, data, detection, exploit, Internet, malicious, microsoft, network, office, remote-code-execution, risk, tool, vulnerability, windowsSession 14C: Vulnerability Detection Authors, Creators & Presenters: Yunpeng Tian (Huazhong University of Science and Technology), Feng Dong (Huazhong University of Science and Technology), Haoyi Liu (Huazhong University of Science and Technology), Meng Xu (University of Waterloo), Zhiniang Peng (Huazhong University of Science and Technology; Sangfor Technologies Inc.), Zesen Ye (Sangfor Technologies Inc.), Shenghui Li…
-
The Top Exposure Assessment Platforms (EAPs) to Watch in 2026
Exposure management has replaced old”‘school “scan”‘and”‘patch” techniques. Now, the money is in unified visibility, context, and mobilization; not siloed CVEs that don’t reflect the priorities of the business. Teams need to see attack paths, not single vulnerabilities. They need to understand what matters to the whole, not what has a higher score. And they need to know…
-
Zerobot Malware Exploits Tenda Command Injection Vulnerabilities to Deploy Malicious Payloads
An active Zerobot campaign abusing two critical vulnerabilities CVE-2025-7544 in Tenda AC1206 routers and CVE-2025-68613 in the n8n workflow automation platform to deploy a Mirai-based payload dubbed Zerobotv9. The campaign uses common download tools and multi-architecture binaries to rapidly enroll compromised systems into a botnet that can be leveraged for denial-of-service attack and further intrusion…
-
HPE AutoPass Vulnerability Allows Remote Attackers to Bypass Authentication
Hewlett Packard Enterprise (HPE) has disclosed a remote authentication-bypass vulnerability in HPE AutoPass License Server (APLS) that could let unauthenticated attackers bypass login controls over the network. The issue is tracked as CVE-2026-23600 and is fixed in APLS 9.19 and later.”‹ Item Details Vendor bulletin HPESBGN05003 rev.1 (Security Bulletin), initial release 27 Feb 2026; last…
-
Android devices hit by exploited Qualcomm flaw CVE-2026-21385
Google confirms that the Qualcomm Android vulnerability CVE-2026-21385 was exploited in real-world attacks. Google has confirmed that CVE-2026-21385 (CVSS score of 7.8), a high-severity vulnerability affecting an open-source Qualcomm component used in Android devices, has been actively exploited. >>There are indications that CVE-2026-21385 may be under limited, targeted exploitation.<< reads Google's advisory. The flaw is…
-
Chrome security flaw enabled spying via Gemini Live assistant
A Google Chrome vulnerability lets malicious extensions hijack Gemini Live to spy on users and steal sensitive files. Researchers at Palo Alto Networks found a Chrome vulnerability, tracked as CVE-2026-0628, that could let malicious extensions take control of the Gemini Live AI assistant. By abusing the flaw, attackers could spy on users and exfiltrate sensitive…
-
Android’s March 2026 security patch fixes over 100 flaws, one under targeted exploitation
The Android March 2026 security patch addresses vulnerabilities across dozens of components and includes one CVE confirmed under active exploitation. Devices running a patch … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/03/android-march-2026-security-patch-cve-2026-21385/