CVE/vulnerability – Page 28

CISA Alerts Exploited React Native Community Security Flaw

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the React Native Community CLI to its Known Exploited Vulnerabilities (KEV) catalog. Identified as CVE-2025-11953, this vulnerability is…

·

CVE/vulnerability, cyber security, Cyber Security News, React, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CentOS 9 Security Flaw Enables Privilege Escalation – PoC Released

A critical security flaw has been identified in CentOS 9 that allows a local user to escalate their privileges to root. The vulnerability, which stems from a Use-After-Free (UAF) condition in the Linux kernel’s networking subsystem, was awarded f…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponiz…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
n8n Vulnerability Allows Remote Attackers to Hijack Systems via Malicious Workflow Execution

n8n has released urgent security updates to address a critical vulnerability that exposes host systems to Remote Code Execution (RCE). Tracked as CVE-2026-25049, this flaw allows authenticated attackers to escape the expression evaluation sandbox and e…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Moxa Switches Vulnerability Enables Unauthorized Access through Authentication Bypass

Moxa has released a critical security advisory addressing a severe vulnerability affecting multiple series of its industrial Ethernet switches. Tracked as CVE-2024-12297, this flaw allows remote attackers to bypass authentication mechanisms, potentiall…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Go 1.25.7 and Go 1.24.13 Released With Patches for Multiple Security Vulnerabilities

The Go team has officially released versions 1.25.7 and 1.24.13. These minor point releases address two distinct security vulnerabilities affecting the cmd/cgo command and the crypto/tls library. The updates are recommended for all users to prevent pot…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability, what is New

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
WatchGuard VPN Client Flaw on Windows Enables SYSTEM‑Level Command Execution

WatchGuard has released a critical security update for its Mobile VPN with IPSec client for Windows to address a privilege escalation vulnerability. The flaw, originating in the underlying software provided by NCP engineering, allows local attackers to…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability, Windows

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
Cisco Warns of Meeting Management Flaw Enabling Arbitrary File Upload by Remote Attackers

Cisco has released a security advisory detailing a high-severity vulnerability in Cisco Meeting Management (CMM). The flaw, caused by improper input validation, allows authenticated remote attackers to upload arbitrary files and potentially execute com…

·

Cisco, CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
CISA Confirms VMware ESXi 0-Day Vulnerability Exploited in Ransomware Operations

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting VMware ESXi to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-22225, this zero-day flaw allows attackers to esca…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶
TP-Link Vulnerabilities Let Hackers Take Full Control of Devices

TP-Link has disclosed multiple critical authenticated command injection vulnerabilities affecting the Archer BE230 v1.2 Wi-Fi router, enabling attackers with administrative access to execute arbitrary commands and seize complete control of affected dev…

·

CVE/vulnerability, cyber security, Cyber Security News, vulnerability

¶¶¶¶¶

¶¶¶¶¶

¶¶¶¶¶

1010.cx

1010.cx

Category: CVE/vulnerability

CISA Alerts Exploited React Native Community Security Flaw

CentOS 9 Security Flaw Enables Privilege Escalation – PoC Released

CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks

n8n Vulnerability Allows Remote Attackers to Hijack Systems via Malicious Workflow Execution

Moxa Switches Vulnerability Enables Unauthorized Access through Authentication Bypass

Go 1.25.7 and Go 1.24.13 Released With Patches for Multiple Security Vulnerabilities

WatchGuard VPN Client Flaw on Windows Enables SYSTEM‑Level Command Execution

Cisco Warns of Meeting Management Flaw Enabling Arbitrary File Upload by Remote Attackers

CISA Confirms VMware ESXi 0-Day Vulnerability Exploited in Ransomware Operations

TP-Link Vulnerabilities Let Hackers Take Full Control of Devices