24h | 7d | 30d

CVE-2025-36911

Overview

  • Google
  • Android
15 Jan 2026
Published
15 Jan 2026
Updated
CVSS
Pending
EPSS
0.00%
KEV

Description

In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to remote (proximal/adjacent) information disclosure of user's conversations and location with no additional execution privileges needed. User interaction is not needed for exploitation.

Statistics

  • 1 Post
  • 10 Interactions
Last activity: 7 hours ago

Fediverse

Profile picture
Christoph Schmees @PC_Fluesterer

Google „Fast Pair“ ist Sicherheitsrisiko

Hier kann man wieder sehen, dass "Komfort" (oder was auch immer die Amerikaner dafür halten) ein natürlicher Feind der Sicherheit ist. Google hatte ein Verfahren namens Fast Pair ersonnen, das die Kopplung von Bluetooth (BT) Zubehörgeräten mit Android vereinfachen soll. Gut gedacht, schlecht gemacht. Forschende der Uni Leuven (Belgien) haben schon im vorigen Jahr eine Schwachstelle in dem System gefunden und vertraulich an Google gemeldet. Wann genau das war, ist nirgends dokumentiert. Die zugeordnete Fehlernummer CVE-2025-36911 muss (aus der Zahl zu schließen) ungefähr um die Jahresmitte vergeben worden sein.
Die Schwachstelle

pc-fluesterer.info/wordpress/2

#Empfehlung #Mobilfunk #Warnung #android #bluetooth #google #hersteller #sicherheit #vorbeugen

  • 4
  • 6
  • 0
  • 7h ago

CVE-2025-68285

Overview

  • Linux
  • Linux
16 Dec 2025
Published
02 Jan 2026
Updated
CVSS
Pending
EPSS
0.06%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: libceph: fix potential use-after-free in have_mon_and_osd_map() The wait loop in __ceph_open_session() can race with the client receiving a new monmap or osdmap shortly after the initial map is received. Both ceph_monc_handle_map() and handle_one_map() install a new map immediately after freeing the old one kfree(monc->monmap); monc->monmap = monmap; ceph_osdmap_destroy(osdc->osdmap); osdc->osdmap = newmap; under client->monc.mutex and client->osdc.lock respectively, but because neither is taken in have_mon_and_osd_map() it's possible for client->monc.monmap->epoch and client->osdc.osdmap->epoch arms in client->monc.monmap && client->monc.monmap->epoch && client->osdc.osdmap && client->osdc.osdmap->epoch; condition to dereference an already freed map. This happens to be reproducible with generic/395 and generic/397 with KASAN enabled: BUG: KASAN: slab-use-after-free in have_mon_and_osd_map+0x56/0x70 Read of size 4 at addr ffff88811012d810 by task mount.ceph/13305 CPU: 2 UID: 0 PID: 13305 Comm: mount.ceph Not tainted 6.14.0-rc2-build2+ #1266 ... Call Trace: <TASK> have_mon_and_osd_map+0x56/0x70 ceph_open_session+0x182/0x290 ceph_get_tree+0x333/0x680 vfs_get_tree+0x49/0x180 do_new_mount+0x1a3/0x2d0 path_mount+0x6dd/0x730 do_mount+0x99/0xe0 __do_sys_mount+0x141/0x180 do_syscall_64+0x9f/0x100 entry_SYSCALL_64_after_hwframe+0x76/0x7e </TASK> Allocated by task 13305: ceph_osdmap_alloc+0x16/0x130 ceph_osdc_init+0x27a/0x4c0 ceph_create_client+0x153/0x190 create_fs_client+0x50/0x2a0 ceph_get_tree+0xff/0x680 vfs_get_tree+0x49/0x180 do_new_mount+0x1a3/0x2d0 path_mount+0x6dd/0x730 do_mount+0x99/0xe0 __do_sys_mount+0x141/0x180 do_syscall_64+0x9f/0x100 entry_SYSCALL_64_after_hwframe+0x76/0x7e Freed by task 9475: kfree+0x212/0x290 handle_one_map+0x23c/0x3b0 ceph_osdc_handle_map+0x3c9/0x590 mon_dispatch+0x655/0x6f0 ceph_con_process_message+0xc3/0xe0 ceph_con_v1_try_read+0x614/0x760 ceph_con_workfn+0x2de/0x650 process_one_work+0x486/0x7c0 process_scheduled_works+0x73/0x90 worker_thread+0x1c8/0x2a0 kthread+0x2ec/0x300 ret_from_fork+0x24/0x40 ret_from_fork_asm+0x1a/0x30 Rewrite the wait loop to check the above condition directly with client->monc.mutex and client->osdc.lock taken as appropriate. While at it, improve the timeout handling (previously mount_timeout could be exceeded in case wait_event_interruptible_timeout() slept more than once) and access client->auth_err under client->monc.mutex to match how it's set in finish_auth(). monmap_show() and osdmap_show() now take the respective lock before accessing the map as well.

Statistics

  • 1 Post
  • 10 Interactions
Last activity: 3 hours ago

Fediverse

Profile picture
Jan Wildeboer 😷:krulorange: @jwildeboer

Heads up for my fellow Red Hat Enterprise Linux (RHEL) 10 users:

Important: kernel security update

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map() (CVE-2025-68285)

So do your `dnf update` ASAP :)

More details: access.redhat.com/errata/RHSA-

#SelfHost #Security #CVE2025_68285 @homelab

  • 3
  • 7
  • 0
  • 3h ago

CVE-2025-14847

Overview

  • MongoDB Inc.
  • MongoDB Server
19 Dec 2025
Published
12 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
51.95%
KEV

Description

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0.

Statistics

  • 1 Post
  • 7 Interactions
Last activity: 11 hours ago

Fediverse

Profile picture
Brad @malware_traffic

2026-01-19 (Monday): Catching up on two infections in my lab from last week, and I added an entry with a of scans and probes and web traffic hitting my web server.

I attempted to set up MongoDB on my server to detect any "MongoBleed" CVE-2025-14847 activity, but I was unable to configure the server properly.

I opened TCP port 27017 on my Apache web server, and I'm only receiving web scans/probes on that port.

Feel free to check out my latest posts at malware-traffic-analysis.net/2

Or not. I'm not your parent. I can't tell you what to do.

  • 3
  • 4
  • 0
  • 11h ago

CVE-2025-8581

Overview

  • Google
  • Chrome
07 Aug 2025
Published
07 Aug 2025
Updated
CVSS
Pending
EPSS
0.04%
KEV

Description

Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 22 hours ago

Fediverse

Profile picture
OWASP Ottawa @OWASP_Ottawa

Reminder this Wednesday.

🚨 OWASP Ottawa January Meetup – Featuring Vincent Dragnea! 🚨

is excited to announce that we are hosting our first monthly meetup of the year! We’re thrilled to welcome Vincent Dragnea to our in-person meetup at the University of Ottawa on January 21, 2026.

RSVP at:

meetup.com/owasp-ottawa/events/312793912

📅 Date: January 21, 2026
⏰ Time: 6:00 PM EST – Arrival, networking & pizza 🍕
6:30 PM EST – Technical Talks
📍 Location: 150 Louis-Pasteur Private, University of Ottawa, Room 117
🎙️ Talk: "SameSite...or not? Bypassing SameSite cookie protections in browsers"

SameSite cookies are often relied upon too heavily to prevent cross-site request forgery, yet, due to browser implementations, these cookies can be included in unexpected requests. This talk demonstrates novel techniques to attach SameSite=Strict cookies to GET requests originating from another site, including a Google Chrome vulnerability (CVE-2025-8581) discovered while researching these methods. This material aims to help researchers identify insecure behaviors, as well as teach developers how to avoid them.

📺 Can’t make it in person? Watch live on the YouTube channel at youtube.com/@OWASP_Ottawa

  • 3
  • 1
  • 0
  • 22h ago

CVE-2025-41768

Overview

  • Beckhoff Automation
  • TwinCAT.HMI.Server
20 Jan 2026
Published
20 Jan 2026
Updated
CVSS v3.1
MEDIUM (5.5)
EPSS
0.03%
KEV

Description

On an instance of TwinCAT 3 HMI Server running on a device an authenticated administrator can inject arbitrary content into the custom CSS field which is persisted on the device and later returned via the login page and error page.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 7 hours ago

Fediverse

Profile picture
CERT@VDE @certvde

VDE-2025-106
Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server

On an instance of TwinCAT 3 HMI Server running on a device an authenticated administrator can inject arbitrary content into the custom CSS field which is persisted on the device and later returned via the login page and error page.
CVE-2025-41768

certvde.com/en/advisories/vde-

beckhoff.csaf-tp.certvde.com/.

  • 1
  • 1
  • 0
  • 7h ago

CVE-2025-14533

Overview

  • hwk-fr
  • Advanced Custom Fields: Extended
20 Jan 2026
Published
20 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.06%
KEV

Description

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 0.9.2.1. This is due to the 'insert_user' function not restricting the roles with which a user can register. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site. Note: The vulnerability can only be exploited if 'role' is mapped to the custom field.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 4 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2025-14533 - Critical (9.8)

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 0.9.2.1. This is due to the 'insert_user' function not restricting the roles with which a user can register. This...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 1
  • 1
  • 0
  • 4h ago

CVE-2017-20149

Overview

  • Pending
15 Oct 2022
Published
14 May 2025
Updated
CVSS
Pending
EPSS
1.72%
KEV

Description

The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on the affected system, as exploited in the wild in mid-2017 and later.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 6 hours ago

Fediverse

Profile picture
hrbrmstr 🇺🇦 🇬🇱 🇨🇦 @hrbrmstr

This looks to be Hajime only going after Mikrotik routers in some scanner's inventory. Highly targeted (only hitting our Mikrotiks), low and slow over time.

Definitely coming from a wide array of other compromised edge devices.

viz.greynoise.io/tags/mikrotik

  • 1
  • 1
  • 0
  • 6h ago

CVE-2026-23838

Overview

  • NixOS
  • nixpkgs
19 Jan 2026
Published
19 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.12%
KEV

Description

Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version 26.05, when using the default configuration of Tandoor Recipes, specifically using SQLite and default `MEDIA_ROOT`, the full database file may be externally accessible, potentially on the Internet. The root cause is that the NixOS module configures the working directory of Tandoor Recipes, as well as the value of `MEDIA_ROOT`, to be `/var/lib/tandoor-recipes`. This causes Tandoor Recipes to create its `db.sqlite3` database file in the same directory as `MEDIA_ROOT` causing it to be accessible without authentication through HTTP like any other media file. This is the case when using `GUNICORN_MEDIA=1` or when using a web server like nginx to serve media files. NixOS 26.05 changes the default value of `MEDIA_ROOT` to a sub folder of the data directory. This only applies to configurations with `system.stateVersion` >= 26.05. For older configurations, one of the workarounds should be applied instead. NixOS 25.11 has received a backport of this patch, though it doesn't fix this vulnerability without user intervention. A recommended workaround is to move `MEDIA_ROOT` into a subdirectory. Non-recommended workarounds include switching to PostgreSQL or disallowing access to `db.sqlite3`.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 21 hours ago

Bluesky

Profile picture
nixpkgs security changes @nixpkgssecuritychanges.gerbet.me
Security Advisory: SQLite database externally accessible with the default settings of Tandoor Recipes module (CVE-2026-23838) discourse.nixos.org/t/security-a... #security #nixos #nixpkgs
  • 0
  • 1
  • 0
  • 21h ago

CVE-2026-20965

Overview

  • Microsoft
  • Windows Admin Center in Azure Portal
13 Jan 2026
Published
16 Jan 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.02%
KEV

Description

Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 19 hours ago

Fediverse

Profile picture
Dark Web Informer :verified_paw: @DarkWebInformer

‼️CVE-2026-20965: Windows Admin Center Azure SSO Flaw Risks Tenant-Wide Compromise

Details: Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.

CVSS: 7.5
CVE Published: January 13th, 2026

Advisory: msrc.microsoft.com/update-guid

Writeup: cymulate.com/blog/cve-2026-209

  • 0
  • 1
  • 0
  • 19h ago

CVE-2026-23842

Overview

  • gunthercox
  • ChatterBot
19 Jan 2026
Published
19 Jan 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.04%
KEV

Description

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the get_response() method can exhaust the underlying SQLAlchemy connection pool, resulting in persistent service unavailability and requiring a manual restart to recover. Version 1.2.11 fixes the issue.

Statistics

  • 1 Post
Last activity: 19 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2026-23842 - High (7.5)

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 19h ago
Showing 1 to 10 of 148 CVEs