-
Apache StreamPipes has released an urgent security advisory addressing CVE-2025-47411, a critical privilege escalation vulnerability affecting versions 0.69.0 through 0.97.0. The flaw allows attackers with legitimate non-administrator accounts to explo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
IBM has disclosed a critical authentication bypass vulnerability affecting its API Connect platform, assigning it a maximum CVSS severity score of 9.8. The flaw, tracked as CVE-2025-13915, represents a primary authentication weakness (CWE-305) that req…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SmarterTools has issued an urgent security advisory regarding a critical vulnerability in its widely used SmarterMail software. The flaw, which carries the highest possible severity score, could allow unauthenticated attackers to completely take over a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about the active exploitation of CVE-2025-14847, a severe vulnerability affecting MongoDB and MongoDB Server. The flaw was added to CISA’s Known Exploi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over 74,000 MongoDB database servers remain vulnerable to a critical security flaw after proof-of-concept exploit code for the MongoBleed vulnerability became publicly available. The Shadowserver Foundation reports that 74,854 exposed MongoDB instances…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a massive coordinated exploitation campaign where threat actors launched over 2.5 million malicious requests against vulnerable systems during the Christmas 2025 holiday period. The campaign represents a sophisticate…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe unauthenticated remote code execution vulnerability has been discovered in XSpeeder networking devices, potentially affecting more than 70,000 publicly accessible hosts worldwide. Tracked as CVE-2025-54322, the flaw allows attackers to gain ro…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have disclosed critical vulnerabilities in Airoha-based Bluetooth headphones that enable attackers to compromise connected smartphones through chained exploits. The three vulnerabilities CVE-2025-20700, CVE-2025-20701, and CVE-2025…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ubisoft faced a coordinated security crisis today as hackers exploited the critical MongoBleed vulnerability (CVE-2025-14847) to infiltrate Rainbow Six Siege servers, causing widespread account tampering and service disruptions. In-Game Chaos Unfolds A…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have released an open-source detection tool to help organizations identify potential exploitation of MongoBleed (CVE-2025-14847), a critical memory disclosure vulnerability affecting multiple MongoDB versions. The MongoBleed Detect…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
