Main Menu

CVE Vulnerability Alerts

Ivanti Urges Immediate Patch for Endpoint Manager Vulnerability
CVE Vulnerability Alerts
Ivanti Urges Immediate Patch for Endpoint Manager Vulnerability
December 11, 2025
Ivanti has issued an urgent patch for a critical vulnerability, CVE-2023-35082, in its Endpoint Manager solution. This flaw enables attackers to remotely execute code, highlighting ...
Mirai-based Broadside Botnet Exploits TBK Vision DVRs in Maritime Sector
CVE Vulnerability Alerts
Mirai-based Broadside Botnet Exploits TBK Vision DVRs in Maritime Sector
December 11, 2025
The Broadside botnet, a Mirai variant, exploits CVE-2024-3721 vulnerabilities in TBK Vision DVRs, posing a threat to maritime logistics.
Critical RSC Vulnerability Added to CISA's KEV Catalog Due to Active Exploitation
CVE Vulnerability Alerts
Critical RSC Vulnerability Added to CISA’s KEV Catalog Due to Active Exploitation
December 9, 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a serious flaw impacting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV) catalog. ...
React2Shell Vulnerability Exposes Over 77,000 IPs Worldwide
CVE Vulnerability Alerts
React2Shell Vulnerability Exposes Over 77,000 IPs Worldwide
December 8, 2025
Over 77,000 Internet-exposed IP addresses are endangered by the critical React2Shell vulnerability, CVE-2025-55182. Attackers have already compromised over 30 organizations, spanning diverse industry sectors. This ...
Apache Tika Vulnerability CVE-2025-66516 Exposes Systems to Critical Risks
CVE Vulnerability Alerts
Apache Tika Vulnerability CVE-2025-66516 Exposes Systems to Critical Risks
December 8, 2025
Apache Tika users face critical risks due to a severe vulnerability allowing XML external entity (XXE) attacks. With a CVSS score of 10.0, the flaw ...
Critical Elementor Addons Flaw CVE-2025-8489 Actively Exploited on WordPress Sites
CVE Vulnerability Alerts
Critical Elementor Addons Flaw CVE-2025-8489 Actively Exploited on WordPress Sites
December 5, 2025
A severe flaw in the WordPress plugin, King Addons for Elementor, is being actively exploited. This CVE-2025-8489 vulnerability allows privilege escalation, giving attackers administrative access. ...
React Server Components' Security Flaw Risks Unauthenticated Remote Code Execution
CVE Vulnerability Alerts
React Server Components’ Security Flaw Risks Unauthenticated Remote Code Execution
December 5, 2025
React Server Components are impacted by a critical vulnerability, CVE-2025-55182, offering a CVSS score of 10.0 for unauthenticated remote code execution.
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
CVE Vulnerability Alerts
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
December 1, 2025
CISA updates its Known Exploited Vulnerabilities (KEV) catalog with CVE-2021-26829, a security flaw impacting OpenPLC ScadaBR, used in industrial control systems.
SonicWall Urges Immediate Update for High-Severity Vulnerability in SonicOS SSLVPN
CVE Vulnerability Alerts
SonicWall Urges Immediate Update for High-Severity Vulnerability in SonicOS SSLVPN
November 24, 2025
SonicWall warns users about a critical buffer overflow vulnerability in SonicOS SSLVPN, urging immediate updates. This could crash Gen7 and Gen8 firewalls, impacting cybersecurity.
SolarWinds Fixes Critical Serv-U Vulnerabilities Enabling Remote Code Execution
Application Security
SolarWinds Fixes Critical Serv-U Vulnerabilities Enabling Remote Code Execution
November 24, 2025
SolarWinds has patched three severe vulnerabilities in its Serv-U file transfer solution, which included a path restriction bypass tracked as CVE-2025-40549. These vulnerabilities permitted attackers ...
Load More
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads
OAuth Phishing Technique ConsentFix Poses New Threat to Microsoft Accounts
Illinois Man Charged for Snapchat Phishing Scheme
Email Security’s True Challenge: Evaluating Post-access Threats
How Misconfigured Email Routing Opens the Door for Credential Theft
Phishers Pose as Booking.com to Compromise European Hotels
Phishing Campaign Targets Users with Google Cloud Application Exploitation

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.