Overview
- Apache Software Foundation
- Apache Struts
- com.opensymphony:xwork
Description
Statistics
- 5 Posts
Fediverse
🟠 CVE-2025-68493 - High (8.1)
Missing XML Validation vulnerability in Apache Struts, Apache Struts.
This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0.
Users are recommended to upgrade to version 6.1.1, which fixes the issue.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68493/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
CVE-2025-68493 turns your XML config into a confession booth: one malicious entity and the server doxxes itself. Patch to 6.1.1 or keep streaming internal secrets to the outside like it’s reality TV.
https://gbhackers.com/critical-apache-struts-2-flaw/
Overview
Description
Statistics
- 4 Posts
- 2 Interactions
Fediverse
Remember that Gogs ../ last month? It's now in the KEV Catalog.
http://wiz.io/blog/wiz-research-gogs-cve-2025-8110-rce-exploit
❗️CISA has added 1 vulnerability to the KEV Catalog:
CVE-2025-8110: Gogs Path Traversal Vulnerability
Latest global tech and cybersecurity news (Jan 12-13, 2026):
The World Economic Forum's 'Global Cybersecurity Outlook 2026' highlights AI, geopolitics, and cyber-fraud as key shapers of risk, with fraud now surpassing ransomware as a top concern. CISA added a Gogs Path Traversal vulnerability (CVE-2025-8110) to its Known Exploited Vulnerabilities Catalog due to active exploitation. A critical vulnerability (CVE-2026-21858) was found in the n8n workflow automation platform, affecting thousands of systems. In technology, Google removed some medical AI Overviews following "alarming" results.
Overview
Description
Statistics
- 5 Posts
- 1 Interaction
Fediverse
Die erste Ausgabe von 60 Sekunden Cyber beschäftigt sich mit dem aktuellen ESA-Hack, der Situation Taiwans, CVE-2026-21858 und dem Schlag gegen Black Axe.
Latest global tech and cybersecurity news (Jan 12-13, 2026):
The World Economic Forum's 'Global Cybersecurity Outlook 2026' highlights AI, geopolitics, and cyber-fraud as key shapers of risk, with fraud now surpassing ransomware as a top concern. CISA added a Gogs Path Traversal vulnerability (CVE-2025-8110) to its Known Exploited Vulnerabilities Catalog due to active exploitation. A critical vulnerability (CVE-2026-21858) was found in the n8n workflow automation platform, affecting thousands of systems. In technology, Google removed some medical AI Overviews following "alarming" results.
Bluesky
Overview
- zlib software
- zlib
Description
Statistics
- 3 Posts
Bluesky
Overview
Description
Statistics
- 3 Posts
- 2 Interactions
Fediverse
🟠 CVE-2026-0855 - High (8.8)
Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0855/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Description
Statistics
- 1 Post
- 24 Interactions
Overview
- craftcms
- cms
Description
Statistics
- 2 Posts
- 1 Interaction
Fediverse
CVE-2025-32432: Unauthenticated Remote Code Execution in Craft CMS:
https://www.opswat.com/blog/cve-2025-32432-unauthenticated-remote-code-execution-in-craft-cms
#exploitation #cms #vulnerability #cybersecurity #informationsecurity #cve
Overview
Description
Statistics
- 2 Posts
Fediverse
🟠 CVE-2025-56225 - High (7.5)
fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_monopoly.c, that can be triggered when loading an invalid midi file.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-56225/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
- Trend Micro, Inc.
- Trend Micro Apex Central
Description
Statistics
- 3 Posts
- 1 Interaction
Fediverse
‼️Trend Micro Apex Central Multiple Vulnerabilities
CVE:
CVE-2025-69258 (CVSS: 9.8)
CVE-2025-69259 (CVSS: 7.5)
CVE-2025-69260 (CVSS: 7.5)
CWE: CWE-1285, CWE-306, CWE-641
PoC/Writeup: https://www.tenable.com/security/research/tra-2026-01
Disclosure Date: January 7. 2026
Disclosure: https://success.trendmicro.com/en-US/solution/KA-0022071
Bluesky
Overview
- Merit LILIN
- DH032
Description
Statistics
- 2 Posts
- 2 Interactions
Fediverse
🟠 CVE-2026-0854 - High (8.8)
Certain DVR/NVR models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0854/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack