CVE/vulnerability – Page 24

Joomla Vulnerabilities in Novarain/Tassos Framework Expose SQL Injection Risks

Joomla site owners using extensions that bundle the Novarain/Tassos Framework are being warned after a source code review identified multiple attack primitives that can be chained together to achieve administrator takeover and reliable remote code exec…

·

CVE/vulnerability, cyber security, Cyber Security News, Vulnerabilities, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CleanTalk Plugin for WordPress Exposes Sites to Authorization Bypass via Reverse DNS

A critical vulnerability in the popular CleanTalk Spam Protection plugin for WordPress exposes websites to complete takeover. Tracked as CVE-2026-1490, this high-severity flaw allows unauthenticated attackers to bypass authorization mechanisms and inst…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability, Word press, Wordpress

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Critical Airleader Vulnerability Exposes Systems to Exploitable Remote Attacks

A critical security vulnerability in Airleader Master software has been disclosed by CISA, exposing industrial control systems across multiple critical infrastructure sectors to potential remote code execution attacks. The flaw, tracked as CVE-2026-135…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
FileZen Flaw Allows Attackers to Execute Commands Remotely

A high-severity vulnerability in FileZen, a file transfer solution developed by Soliton Systems K.K., enables authenticated attackers to remotely execute arbitrary operating system commands on affected systems. The security flaw, tracked as CVE-2026-25…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CISA Issues Alert on ZLAN ICS Flaws Enabling Full Device Takeover

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory regarding significant security flaws discovered in industrial networking equipment manufactured by ZLAN Information Technology Co. The alert, identified as ICSA-…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Attackers Exploit Critical BeyondTrust Flaw to Seize Full Active Directory Control

A critical vulnerability, CVE-2026-1731, affecting self-hosted BeyondTrust Remote Support and Privileged Remote Access deployments. This security flaw allows unauthenticated attackers to inject operating system commands, effectively granting them remot…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Chrome 0-Day Enables Remote Code Execution in Ongoing Campaign

Google has released an urgent security update for the Chrome desktop web browser to address a severe high-severity vulnerability that is currently being exploited in the wild. The search giant rolled out the fix on Friday, updating the Stable channel t…

·

Chrome, CVE/vulnerability, cyber security, Cyber Security News, Google, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CVE-2025-64712 in Unstructured.io Puts Amazon, Google, and Tech Giants at Risk of Remote Code Execution

A newly disclosed critical flaw, CVE-2025-64712 (CVSS 9.8), in Unstructured.io’s “unstructured” ETL library could let attackers perform arbitrary file writes and potentially achieve remote code execution (RCE) on systems that process untrusted document…

·

AI, CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CISA Alerts Users to Notepad++ Flaw Allowing Code Execution

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in the popular Notepad++ text editor to its Known Exploited Vulnerabilities catalog, warning users of a flaw that could allow attackers to execute malicious …

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CISA Issues Urgent Warning on Microsoft Configuration Manager SQL Injection Vulnerability Under Active Exploitation

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical SQL injection vulnerability in Microsoft Configuration Manager to its Known Exploited Vulnerabilities (KEV) catalogue. The threat actors are actively exploiting the flaw i…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

1010.cx

1010.cx

Category: CVE/vulnerability

Joomla Vulnerabilities in Novarain/Tassos Framework Expose SQL Injection Risks

CleanTalk Plugin for WordPress Exposes Sites to Authorization Bypass via Reverse DNS

Critical Airleader Vulnerability Exposes Systems to Exploitable Remote Attacks

FileZen Flaw Allows Attackers to Execute Commands Remotely

CISA Issues Alert on ZLAN ICS Flaws Enabling Full Device Takeover

Attackers Exploit Critical BeyondTrust Flaw to Seize Full Active Directory Control

Chrome 0-Day Enables Remote Code Execution in Ongoing Campaign

CVE-2025-64712 in Unstructured.io Puts Amazon, Google, and Tech Giants at Risk of Remote Code Execution

CISA Alerts Users to Notepad++ Flaw Allowing Code Execution

CISA Issues Urgent Warning on Microsoft Configuration Manager SQL Injection Vulnerability Under Active Exploitation