Tag: cve
-
TARmageddon Security Flaw in Rust Library Could Lead to Config Tampering and RCE
The Edera security team has discovered a critical vulnerability in the async-tar Rust library and its descendants, including the widely-used tokio-tar. Dubbed TARmageddon and assigned CVE-2025-62518, this flaw carries a CVSS score of 8.1 (High) and enables attackers to execute remote code by overwriting configuration files and hijacking critical build systems. Field Details CVE ID CVE-2025-62518 Vulnerability…
-
Critical Argument Injection Flaw in AI Agents Enables Remote Code Execution
AI-powered agents are increasingly relied upon to execute tasks like code analysis, file management, and automating workflows. However, a newly highlighted vulnerability argument injection shows how attackers can use these very capabilities to achieve remote code execution (RCE), even when certain safeguards are in place. CVE ID Product Vulnerability CVE-2025-54795 Claude Code Command injection in…
-
Critical Argument Injection Flaw in AI Agents Enables Remote Code Execution
AI-powered agents are increasingly relied upon to execute tasks like code analysis, file management, and automating workflows. However, a newly highlighted vulnerability argument injection shows how attackers can use these very capabilities to achieve remote code execution (RCE), even when certain safeguards are in place. CVE ID Product Vulnerability CVE-2025-54795 Claude Code Command injection in…
-
Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw
E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Commerce and Magento Open Source platforms, with more than 250 attack attempts recorded against multiple stores over the past 24 hours.The vulnerability in question is CVE-2025-54236 (CVSS score: 9.1), a critical improper input validation flaw…
-
Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms
Tags: cisa, cve, cyberattack, cybersecurity, endpoint, exploit, flaw, infrastructure, kev, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Motex Lanscope Endpoint Manager to its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild.The vulnerability, CVE-2025-61932 (CVSS v4 score: 9.3), impacts on-premises versions of Lanscope Endpoint Manager, specifically Client First seen on thehackernews.com…
-
CVE-2025-6515 Prompt Hijacking bedroht MCP-Workflows in oatpp-mcp
Die Sicherheitsforscher von JFrog haben in der Oat++-Implementierung des Model Context Protocol (MCP) eine Schwachstelle (CVE-2025-6515) identifiziert, die Angreifer für sogenannte Prompt-Hijacking-Angriffe nutzen können. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cve-2025-6515-prompt-hijacking
-
CVE-2025-6515 Prompt Hijacking bedroht MCP-Workflows in oatpp-mcp
Die Sicherheitsforscher von JFrog haben in der Oat++-Implementierung des Model Context Protocol (MCP) eine Schwachstelle (CVE-2025-6515) identifiziert, die Angreifer für sogenannte Prompt-Hijacking-Angriffe nutzen können. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cve-2025-6515-prompt-hijacking
-
CVE-2025-6515 Prompt Hijacking bedroht MCP-Workflows in oatpp-mcp
Die Sicherheitsforscher von JFrog haben in der Oat++-Implementierung des Model Context Protocol (MCP) eine Schwachstelle (CVE-2025-6515) identifiziert, die Angreifer für sogenannte Prompt-Hijacking-Angriffe nutzen können. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cve-2025-6515-prompt-hijacking
-
Cache poisoning vulnerabilities found in 2 DNS resolving apps
At least one CVE could weaken defenses put in place following 2008 disclosure. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/
-
Prompt hijacking puts MCP-based AI workflows at risk
oatpp-mcp, the MCP implementation for Oat++ (oatpp), a popular framework for developing web applications in C++. Tracked as CVE-2025-6515, the flaw stems from the fact that oatpp-mcp generates guessable session IDs for use in its communication with MCP clients, an issue that other MCP servers might have as well. The Model Context Protocol was developed…
-
TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files
CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera. Edera team disclosed a vulnerability tracked as CVE-2025-62518 (CVSS score: 8.1), dubbed TARmageddon, in the Rust async-tar library and forks like tokio-tar. A remote attacker can exploit the flaw to achieve code execution. >>astral-tokio-tar is a tar archive…
-
TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution
Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution under certain conditions.The vulnerability, tracked as CVE-2025-62518 (CVSS score: 8.1), has been codenamed TARmageddon by Edera, which discovered the issue in late August 2025. It impacts several First…
-
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability (CVE-2025-59287) Notice
Overview Recently, NSFOCUS CERT detected that Microsoft released a security update that fixed the Windows Server Update Service (WSUS) remote code execution vulnerability (CVE-2025-59287); Because WSUS’s GetCookie does not perform type verification when processing objects, an unauthenticated attacker can achieve remote code execution by deserializing malicious data to control the target server. The CVSS score…The…
-
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability (CVE-2025-59287) Notice
Overview Recently, NSFOCUS CERT detected that Microsoft released a security update that fixed the Windows Server Update Service (WSUS) remote code execution vulnerability (CVE-2025-59287); Because WSUS’s GetCookie does not perform type verification when processing objects, an unauthenticated attacker can achieve remote code execution by deserializing malicious data to control the target server. The CVSS score…The…
-
Oracle October 2025 Critical Patch Update Addresses 170 CVEs
Oracle addresses 170 CVEs in its final quarterly update of 2025 with 374 patches, including 40 critical updates. Background On October 21, Oracle released its Critical Patch Update (CPU) for October 2025, the fourth and final quarterly update of the year. This CPU contains fixes for 170 unique CVEs in 374 security updates across 29…
-
TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution
TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs that could result in arbitrary code execution.The vulnerabilities in question are listed below -CVE-2025-6541 (CVSS score: 8.6) – An operating system command injection vulnerability that could be exploited by an attacker who can log in to the…
-
Active Exploitation of Critical Windows SMB Flaw CVE-2025-33073 Spotted
A flaw rooted in the Server Message Block (SMB) protocol of Windows enables attackers to escalate privileges to SYSTEM level on vulnerable Windows devices, potentially granting full control over affected systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/windows-smb-flaw-cve-2025-33073-alert/
-
U.S. CISA adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog
Tags: apple, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, oracle, update, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities (KEV) catalog. Oracle recently released an emergency patch to address an information disclosure flaw, tracked as CVE-2025-61884 (CVSS…
-
CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073)
CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/21/cisa-warns-of-windows-smb-flaw-under-active-exploitation-cve-2025-33073/
-
Envoy Air (American Airlines) Confirms Oracle EBS 0-Day Breach Linked to Cl0p
Envoy Air (American Airlines) confirms a breach by CL0P after they exploited the critical CVE-2025-61882 zero-day flaw in Oracle E-Business Suite. First seen on hackread.com Jump to article: hackread.com/envoy-air-american-airlines-oracle-ebs-0-day-breach-cl0p/
-
Envoy Air (American Airlines) Confirms Oracle EBS 0-Day Breach Linked to Cl0p
Envoy Air (American Airlines) confirms a breach by CL0P after they exploited the critical CVE-2025-61882 zero-day flaw in Oracle E-Business Suite. First seen on hackread.com Jump to article: hackread.com/envoy-air-american-airlines-oracle-ebs-0-day-breach-cl0p/
-
Apache Syncope Groovy Flaw Allows Remote Code Injection
Apache Syncope, has disclosed a critical security vulnerability that allows authenticated administrators to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-57738, impacts all Apache Syncope versions 3.x before 3.0.14 and 4.x before 4.0.2, exposing organisations to potential system compromise through malicious Groovy code injection.”‹ Vulnerability Details and Attack Mechanism The vulnerability exists…
-
Apache Syncope Groovy Flaw Allows Remote Code Injection
Apache Syncope, has disclosed a critical security vulnerability that allows authenticated administrators to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-57738, impacts all Apache Syncope versions 3.x before 3.0.14 and 4.x before 4.0.2, exposing organisations to potential system compromise through malicious Groovy code injection.”‹ Vulnerability Details and Attack Mechanism The vulnerability exists…
-
CISA Warns of Actively Exploited Windows SMB Vulnerability
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, threat, vulnerability, windowsThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting the security flaw in the wild. The vulnerability, tracked as CVE-2025-33073, affects the Windows SMB Client and could allow attackers to escalate privileges on…
-
CISA Warns of Actively Exploited Windows SMB Vulnerability
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, threat, vulnerability, windowsThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Microsoft Windows Server Message Block (SMB) vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting the security flaw in the wild. The vulnerability, tracked as CVE-2025-33073, affects the Windows SMB Client and could allow attackers to escalate privileges on…
-
LANSCOPE Endpoint Manager Flaw Allows Remote Code Execution
A critical security flaw has been found in the on-premise edition of LANSCOPE Endpoint Manager that could let attackers run malicious code on vulnerable machines. The issue, tracked as CVE-2025-61932, involves a remote code execution vulnerability in two core components: the Client Program (MR) and the Detection Agent (DA). Customers have already seen attempts to…
-
LANSCOPE Endpoint Manager Flaw Allows Remote Code Execution
A critical security flaw has been found in the on-premise edition of LANSCOPE Endpoint Manager that could let attackers run malicious code on vulnerable machines. The issue, tracked as CVE-2025-61932, involves a remote code execution vulnerability in two core components: the Client Program (MR) and the Detection Agent (DA). Customers have already seen attempts to…
-
CISA Warns of Active Exploitation of Critical Windows SMB Flaw CVE-2025-33073
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a high-severity Windows vulnerability, tracked as CVE-2025-33073. This flaw, rooted in the Server Message Block (SMB) protocol, enables attackers to escalate privileges to SYSTEM level on vulnerable Windows devices, potentially granting full control over affected systems. First seen…
-
CISA Warns of Active Exploitation of Critical Windows SMB Flaw CVE-2025-33073
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a high-severity Windows vulnerability, tracked as CVE-2025-33073. This flaw, rooted in the Server Message Block (SMB) protocol, enables attackers to escalate privileges to SYSTEM level on vulnerable Windows devices, potentially granting full control over affected systems. First seen…
-
CISA Warns of Oracle E-Business Suite SSRF Vulnerability Actively Exploited in Attacks
Tags: attack, business, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, oracle, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle E-Business Suite vulnerability to its Known Exploited Vulnerabilities catalog after detecting active exploitation in the wild. The security flaw, tracked as CVE-2025-61884, poses significant risks to organizations running the widely-deployed enterprise resource planning software. Critical SSRF Flaw Requires Immediate Action CVE-2025-61884 is a…