Tag: cve
-
CVE-2025-6515 Prompt Hijacking bedroht MCP-Workflows in oatpp-mcp
Die Sicherheitsforscher von JFrog haben in der Oat++-Implementierung des Model Context Protocol (MCP) eine Schwachstelle (CVE-2025-6515) identifiziert, die Angreifer für sogenannte Prompt-Hijacking-Angriffe nutzen können. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cve-2025-6515-prompt-hijacking
-
CVE-2025-6515 Prompt Hijacking bedroht MCP-Workflows in oatpp-mcp
Die Sicherheitsforscher von JFrog haben in der Oat++-Implementierung des Model Context Protocol (MCP) eine Schwachstelle (CVE-2025-6515) identifiziert, die Angreifer für sogenannte Prompt-Hijacking-Angriffe nutzen können. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cve-2025-6515-prompt-hijacking
-
Cache poisoning vulnerabilities found in 2 DNS resolving apps
At least one CVE could weaken defenses put in place following 2008 disclosure. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/
-
Prompt hijacking puts MCP-based AI workflows at risk
oatpp-mcp, the MCP implementation for Oat++ (oatpp), a popular framework for developing web applications in C++. Tracked as CVE-2025-6515, the flaw stems from the fact that oatpp-mcp generates guessable session IDs for use in its communication with MCP clients, an issue that other MCP servers might have as well. The Model Context Protocol was developed…
-
TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files
CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera. Edera team disclosed a vulnerability tracked as CVE-2025-62518 (CVSS score: 8.1), dubbed TARmageddon, in the Rust async-tar library and forks like tokio-tar. A remote attacker can exploit the flaw to achieve code execution. >>astral-tokio-tar is a tar archive…
-
TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution
Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution under certain conditions.The vulnerability, tracked as CVE-2025-62518 (CVSS score: 8.1), has been codenamed TARmageddon by Edera, which discovered the issue in late August 2025. It impacts several First…
-
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability (CVE-2025-59287) Notice
Overview Recently, NSFOCUS CERT detected that Microsoft released a security update that fixed the Windows Server Update Service (WSUS) remote code execution vulnerability (CVE-2025-59287); Because WSUS’s GetCookie does not perform type verification when processing objects, an unauthenticated attacker can achieve remote code execution by deserializing malicious data to control the target server. The CVSS score…The…
-
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability (CVE-2025-59287) Notice
Overview Recently, NSFOCUS CERT detected that Microsoft released a security update that fixed the Windows Server Update Service (WSUS) remote code execution vulnerability (CVE-2025-59287); Because WSUS’s GetCookie does not perform type verification when processing objects, an unauthenticated attacker can achieve remote code execution by deserializing malicious data to control the target server. The CVSS score…The…
-
Oracle October 2025 Critical Patch Update Addresses 170 CVEs
Oracle addresses 170 CVEs in its final quarterly update of 2025 with 374 patches, including 40 critical updates. Background On October 21, Oracle released its Critical Patch Update (CPU) for October 2025, the fourth and final quarterly update of the year. This CPU contains fixes for 170 unique CVEs in 374 security updates across 29…
-
TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution
TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs that could result in arbitrary code execution.The vulnerabilities in question are listed below -CVE-2025-6541 (CVSS score: 8.6) – An operating system command injection vulnerability that could be exploited by an attacker who can log in to the…
-
Active Exploitation of Critical Windows SMB Flaw CVE-2025-33073 Spotted
A flaw rooted in the Server Message Block (SMB) protocol of Windows enables attackers to escalate privileges to SYSTEM level on vulnerable Windows devices, potentially granting full control over affected systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/windows-smb-flaw-cve-2025-33073-alert/
-
U.S. CISA adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog
Tags: apple, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, oracle, update, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities (KEV) catalog. Oracle recently released an emergency patch to address an information disclosure flaw, tracked as CVE-2025-61884 (CVSS…
-
CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073)
CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/21/cisa-warns-of-windows-smb-flaw-under-active-exploitation-cve-2025-33073/
-
Envoy Air (American Airlines) Confirms Oracle EBS 0-Day Breach Linked to Cl0p
Envoy Air (American Airlines) confirms a breach by CL0P after they exploited the critical CVE-2025-61882 zero-day flaw in Oracle E-Business Suite. First seen on hackread.com Jump to article: hackread.com/envoy-air-american-airlines-oracle-ebs-0-day-breach-cl0p/
-
Envoy Air (American Airlines) Confirms Oracle EBS 0-Day Breach Linked to Cl0p
Envoy Air (American Airlines) confirms a breach by CL0P after they exploited the critical CVE-2025-61882 zero-day flaw in Oracle E-Business Suite. First seen on hackread.com Jump to article: hackread.com/envoy-air-american-airlines-oracle-ebs-0-day-breach-cl0p/
-
Apache Syncope Groovy Flaw Allows Remote Code Injection
Apache Syncope, has disclosed a critical security vulnerability that allows authenticated administrators to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-57738, impacts all Apache Syncope versions 3.x before 3.0.14 and 4.x before 4.0.2, exposing organisations to potential system compromise through malicious Groovy code injection.”‹ Vulnerability Details and Attack Mechanism The vulnerability exists…
-
Apache Syncope Groovy Flaw Allows Remote Code Injection
Apache Syncope, has disclosed a critical security vulnerability that allows authenticated administrators to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-57738, impacts all Apache Syncope versions 3.x before 3.0.14 and 4.x before 4.0.2, exposing organisations to potential system compromise through malicious Groovy code injection.”‹ Vulnerability Details and Attack Mechanism The vulnerability exists…
-
CISA Warns of Active Exploitation of Critical Windows SMB Flaw CVE-2025-33073
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a high-severity Windows vulnerability, tracked as CVE-2025-33073. This flaw, rooted in the Server Message Block (SMB) protocol, enables attackers to escalate privileges to SYSTEM level on vulnerable Windows devices, potentially granting full control over affected systems. First seen…
-
CISA Warns of Oracle E-Business Suite SSRF Vulnerability Actively Exploited in Attacks
Tags: attack, business, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, oracle, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle E-Business Suite vulnerability to its Known Exploited Vulnerabilities catalog after detecting active exploitation in the wild. The security flaw, tracked as CVE-2025-61884, poses significant risks to organizations running the widely-deployed enterprise resource planning software. Critical SSRF Flaw Requires Immediate Action CVE-2025-61884 is a…
-
CISA Warns of Actively Exploited Windows SMB Vulnerability
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, threat, vulnerability, windowsThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting the security flaw in the wild. The vulnerability, tracked as CVE-2025-33073, affects the Windows SMB Client and could allow attackers to escalate privileges on…
-
CISA Warns of Actively Exploited Windows SMB Vulnerability
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, threat, vulnerability, windowsThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting the security flaw in the wild. The vulnerability, tracked as CVE-2025-33073, affects the Windows SMB Client and could allow attackers to escalate privileges on…
-
LANSCOPE Endpoint Manager Flaw Allows Remote Code Execution
A critical security flaw has been found in the on-premise edition of LANSCOPE Endpoint Manager that could let attackers run malicious code on vulnerable machines. The issue, tracked as CVE-2025-61932, involves a remote code execution vulnerability in two core components: the Client Program (MR) and the Detection Agent (DA). Customers have already seen attempts to…
-
LANSCOPE Endpoint Manager Flaw Allows Remote Code Execution
A critical security flaw has been found in the on-premise edition of LANSCOPE Endpoint Manager that could let attackers run malicious code on vulnerable machines. The issue, tracked as CVE-2025-61932, involves a remote code execution vulnerability in two core components: the Client Program (MR) and the Detection Agent (DA). Customers have already seen attempts to…
-
CISA Warns of Active Exploitation of Critical Windows SMB Flaw CVE-2025-33073
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a high-severity Windows vulnerability, tracked as CVE-2025-33073. This flaw, rooted in the Server Message Block (SMB) protocol, enables attackers to escalate privileges to SYSTEM level on vulnerable Windows devices, potentially granting full control over affected systems. First seen…
-
Five New Exploited Bugs Land in CISA’s Catalog, Oracle and Microsoft Among Targets
Tags: business, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, oracle, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, officially confirming a recently disclosed vulnerability impacting Oracle E-Business Suite (EBS) has been weaponized in real-world attacks.The security defect in question is CVE-2025-61884 (CVSS score: 7.5), which has been described as a First seen…
-
Behind the struggle for control of the CVE program
Following a funding scare that nearly shuttered the CVE program, outside experts and CISA are positioning to take charge of the 25-year-old system before the next funding crisis hits. First seen on cyberscoop.com Jump to article: cyberscoop.com/cve-program-funding-crisis-nvd-cisa-alternatives/
-
PoC Released for Linux-PAM Vulnerability Enabling Local Root Privilege Escalation
A new proof-of-concept (PoC) has been released for a serious vulnerability tracked as CVE-2025-8941, affecting the Pluggable Authentication Modules (PAM) used across Linux distributions. The flaw, rated 7.8 (High) on the CVSS scale, allows local attackers to elevate privileges to root through a sophisticated race condition and symbolic link (symlink) manipulation. Discovered in the pam_namespace…
-
Network security devices endanger orgs with ’90s era flaws
Tags: access, application-security, apt, authentication, breach, cisa, cisco, citrix, cloud, control, cve, cyber, cybersecurity, dos, email, endpoint, exploit, finance, firewall, firmware, flaw, government, group, incident response, infrastructure, injection, ivanti, jobs, linux, mitigation, mobile, network, open-source, penetration-testing, programming, regulation, remote-code-execution, reverse-engineering, risk, risk-management, router, service, software, threat, tool, vpn, vulnerability, zero-day2024 networking and security device zero-day flaws Product CVE Flaw type CVSS Check Point Quantum Security Gateways and CloudGuard Network Security CVE-2024-24919 Path traversal leading to information disclosure 8.6 (High) Cisco Adaptive Security Appliance CVE-2024-20359 Arbitrary code execution 6.6 (Medium) Cisco Adaptive Security Appliance CVE-2024-20353 Denial of service 8.6 (High) Cisco Adaptive Security Appliance …
-
Foreign hackers breached a US nuclear weapons plant via SharePoint flaws
Tags: access, attack, authentication, breach, china, control, corporate, cve, cyber, cybercrime, cybersecurity, data, defense, exploit, flaw, framework, government, group, hacker, identity, infrastructure, intelligence, Intruder, korea, microsoft, monitoring, network, ransomware, reverse-engineering, risk, russia, supply-chain, tactics, technology, theft, threat, vulnerability, zero-day, zero-trustChina or Russia? Conflicting attribution: Microsoft attributed the broader wave of SharePoint exploitations to three Chinese-linked groups: Linen Typhoon, Violet Typhoon, and a third actor it tracks as Storm-2603. The company said the attackers were preparing to deploy Warlock ransomware across affected systems.However, the source familiar with the Kansas City incident tells CSO that a…
-
Kritische Sicherheitslücke in WordPress-Theme ‘Service Finder<<
Eine schwere Sicherheitslücke im WordPress-Theme ‘Service Finder” und dem zugehörigen Plugin ‘Bookings” wird derzeit aktiv von Angreifern ausgenutzt. Die als CVE-2025-5947 katalogisierte Schwachstelle ermöglicht es Unbefugten, sich ohne gültige Zugangsdaten als Administrator anzumelden und die vollständige Kontrolle über betroffene Websites zu übernehmen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cloud-security/service-finder-sicherheitsluecke