24h | 7d | 30d

CVE-2025-11001

Overview

  • 7-Zip
  • 7-Zip
19 Nov 2025
Published
21 Nov 2025
Updated
CVSS v3.0
HIGH (7.0)
EPSS
0.34%
KEV

Description

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of symbolic links in ZIP files. Crafted data in a ZIP file can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of a service account. Was ZDI-CAN-26753.

Statistics

  • 8 Posts
  • 2 Interactions
Last activity: 4 hours ago

Fediverse

Profile picture
3NCR1PT4D0 @3ncr1pt4d0

🧩 3️⃣ Vulnerabilidad crítica en 7-Zip: hackers la están explotando ahora.

Una falla grave en el popular programa de compresión 7-Zip (CVE-2025-11001) permite a atacantes ejecutar código de forma remota cuando un usuario descomprime un archivo ZIP malicioso.

El problema radica en cómo 7-Zip maneja enlaces simbólicos (symlinks): un ZIP confeccionado puede hacer que el programa acceda a carpetas no deseadas y ejecute código con permisos elevados.

La vulnerabilidad afecta a todas las versiones anteriores a la 25.00 (es decir, versiones usadas desde 21.02 hasta 24.09).

Ya existe un exploit de prueba de concepto (PoC) público, lo que facilita que delincuentes lo usen en ataques reales.

Aunque 7-Zip lanzó el parche en julio de 2025, muchos sistemas siguen sin actualizarlo: la recomendación urgente es que actualices a la versión 25.00 o superior lo antes posible.

🔒 ¿Herramienta de compresión útil o puerta de entrada para malware?

#Privacidad #Ciberseguridad #7Zip #Vulnerabilidad #Actualiza

thehackernews.com/2025/11/hack

  • 1
  • 0
  • 0
  • 5h ago
Profile picture
Dragster Systems @Dragster_Systems

Advierten sobre un exploit PoC para una vulnerabilidad en 7-Zip (CVE-2025-11001)

Vía: @seguinfo

blog.segu-info.com.ar/2025/11/

  • 0
  • 1
  • 1
  • 9h ago

Bluesky

Profile picture
Cyber Threat Zip @cyberthreat.zip
⚠️ 7-Zip RCE Vulnerability CVE-2025-11001: Critical vulnerability in 7-Zip! A malicious ZIP file can allow remote code execution on your computer. Simply opening the file is enough. ❕ Users are advised to update to 7-Zip version 25.00 or later.
  • 0
  • 0
  • 0
  • 15h ago
Profile picture
Sean C Higgins @seanchiggins.com
Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)
  • 0
  • 0
  • 0
  • 7h ago
Profile picture
elhacker.NET @elhacker.net
Blog: "Exploit PoC para una vulnerabilidad en 7-Zip (CVE-2025-11001)"
  • 0
  • 0
  • 1
  • 7h ago
Profile picture
セキュリティ対策Lab @securitylab-jp.bsky.social
7-Zipの脆弱性 CVE-2025-11001 のPoCが公開-引き続きアップデート推奨 rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security
  • 0
  • 0
  • 0
  • 4h ago

CVE-2025-49752

Overview

  • Microsoft
  • Azure Bastion Developer
20 Nov 2025
Published
26 Nov 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.10%
KEV

Description

Azure Bastion Elevation of Privilege Vulnerability

Statistics

  • 1 Post
  • 42 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture
Matt Organ @Slater450413

CVSS 10, you say. 🧐😩

Azure Bastion (CVE-2025-49752)
cybersecuritynews.com/azure-ba

  • 18
  • 24
  • 0
  • 19h ago

CVE-2025-61757

Overview

  • Oracle Corporation
  • Identity Manager
21 Oct 2025
Published
22 Nov 2025
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
60.96%
KEV

Description

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager. Successful attacks of this vulnerability can result in takeover of Identity Manager. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Statistics

  • 3 Posts
  • 1 Interaction
Last activity: 12 hours ago

Fediverse

Profile picture
Niels Heinen @heinen

Seeing first scans for Oracle's CVE-2025-61757

slcyber.io/research-center/bre

  • 0
  • 0
  • 0
  • 13h ago

Bluesky

Profile picture
guardian360.bsky.social @guardian360.bsky.social
A critical flaw in Oracle's Identity Manager has been exploited in the wild, marking the latest threat for customers of the enterprise software giant. CVE-2025-61757 is a remote code execution (RCE) vulnerability in the Identity Manager solution for Oracle Fusion Middleware.
  • 0
  • 1
  • 0
  • 12h ago
Profile picture
Eyal Estrin ☁️ @eyalestrin.bsky.social
Oracle OIM zero‑day: Pre‑auth RCE forces rapid patching across enterprises (CVE-2025-61757) #patchmanagement
  • 0
  • 0
  • 0
  • 14h ago

CVE-2025-13016

Overview

  • Mozilla
  • Firefox
11 Nov 2025
Published
25 Nov 2025
Updated
CVSS
Pending
EPSS
0.05%
KEV

Description

Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.

Statistics

  • 2 Posts
  • 6 Interactions
Last activity: 16 hours ago

Fediverse

Profile picture
Hackread.com @Hackread

🚨 Attention all Firefox users: A vulnerability (CVE‑2025‑13016) in WebAssembly handling could let attackers execute code on your device. Researchers say over 180 million users might have been exposed. The fix is live, update immediately.

Read: hackread.com/update-firefox-pa

#Cybersecurity #Infosec #Firefox #Vulnerability #Privacy

  • 3
  • 3
  • 0
  • 16h ago
Profile picture
corq @corq

Update Firefox to Patch CVE-2025-13016 Vulnerability Affecting 180 Million Users hackread.com/update-firefox-pa

  • 0
  • 0
  • 0
  • 16h ago

CVE-2025-59373

Overview

  • ASUS
  • MyASUS
25 Nov 2025
Published
25 Nov 2025
Updated
CVSS v4.0
HIGH (8.5)
EPSS
0.01%
KEV

Description

A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM. For more information, please refer to section Security Update for MyASUS in the ASUS Security Advisory.

Statistics

  • 2 Posts
  • 2 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture
cR0w h0 h0 @cR0w

ASUS

cve.org/CVERecord?id=CVE-2025-

cc: @Dio9sys @da_667

  • 1
  • 0
  • 0
  • 14h ago
Profile picture
maniabel @maniabel

Asus veröffentlichte drängend-dringende SicherheitsUpdates für alle (!) AUSUS-PCs

Wenn sie einen Asus-PC nutzen, sollten Sie sofort handeln und die empfohlenen Updates einspielen!
ASUS hat wichtige Sicherheitsupdates für den ASUS System Control Interface Service in MyASUS veröffentlicht. Konkret geht es um die Schwachstelle CVE-2025-59373 (Score von 8,5).

Mehr: maniabel.work/archiv/568

#MyAsus #Asus #infosec #infosecnews #BeDiS

  • 1
  • 0
  • 0
  • 9h ago

CVE-2025-34152

Overview

  • Shenzhen Aitemi E Commerce Co. Ltd.
  • M300 Wi-Fi Repeater
07 Aug 2025
Published
21 Nov 2025
Updated
CVSS v4.0
CRITICAL (9.4)
EPSS
34.82%
KEV

Description

An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike other injection points, this vector allows remote compromise without triggering visible configuration changes.

Statistics

  • 1 Post
  • 7 Interactions
Last activity: 7 hours ago

Fediverse

Profile picture
cR0w h0 h0 @cR0w

Shenzhen WiFi repeater command injection is EITW.

cve.org/CVERecord?id=CVE-2025-

An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike other injection points, this vector allows remote compromise without triggering visible configuration changes.

attackerkb.com/topics/vOQYG5Nn

Unlike many consumer IoT vulnerabilities that remain purely theoretical, CVE-2025-34152 has been observed actively exploited in the wild. In September 2025, multiple Aitemi M300 devices exposed to the internet were found compromised.

cc: @Dio9sys @da_667

  • 3
  • 4
  • 0
  • 7h ago

CVE-2025-12816

Overview

  • Digital Bazaar
  • node-forge
25 Nov 2025
Published
25 Nov 2025
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture
cR0w h0 h0 @cR0w

Resetting the "It has been __ days since an ASN.1 vuln."

cve.org/CVERecord?id=CVE-2025-

An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.

  • 1
  • 3
  • 0
  • 9h ago

CVE-2025-34299

Overview

  • Monsta Limited of New Zealand
  • Monsta FTP
07 Nov 2025
Published
19 Nov 2025
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
0.04%
KEV

Description

Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitrary code by uploading a specially crafted file from a malicious (S)FTP server.

Statistics

  • 3 Posts
  • 4 Interactions
Last activity: 16 hours ago

Bluesky

Profile picture
BaseFortify.eu @basefortify.bsky.social
🚨 A critical Monsta FTP flaw (CVE-2025-34299) is still exposing hundreds of servers weeks after disclosure. Many remain unpatched and internet-facing. Full article 👉 basefortify.eu/posts/2025/1... #CyberSecurity #CVE2025 #MonstaFTP #RCE #BaseFortify
  • 0
  • 2
  • 0
  • 16h ago
Profile picture
BaseFortify.eu @basefortify.bsky.social
🛡️ Want automated detection of risks like CVE-2025-34299? BaseFortify maps threats to your systems and gives clear mitigation guidance. Register free 👉 basefortify.eu/register #BaseFortify #CyberSecurity #VulnManagement #BlueTeam
  • 0
  • 1
  • 0
  • 16h ago
Profile picture
BaseFortify.eu @basefortify.bsky.social
⚠️ CVE-2025-34299 lets attackers upload malicious files and gain remote code execution. Shadowserver still sees ~800 vulnerable Monsta FTP servers exposed today. More technical details here ⬇️ basefortify.eu/cve_reports/... #InfoSec #CVE2025 #MonstaFTP #RCE #CyberAlert
  • 0
  • 1
  • 0
  • 16h ago

CVE-2025-9803

Overview

  • lunary-ai
  • lunary-ai/lunary
25 Nov 2025
Published
25 Nov 2025
Updated
CVSS v3.0
CRITICAL (9.3)
EPSS
0.07%
KEV

Description

lunary-ai/lunary version 1.9.34 is vulnerable to an account takeover due to improper authentication in the Google OAuth integration. The application fails to verify the 'aud' (audience) field in the access token issued by Google, which is crucial for ensuring the token is intended for the application. This oversight allows attackers to use tokens issued to malicious applications to gain unauthorized access to user accounts. The issue is resolved in version 1.9.35.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 20 hours ago

Bluesky

Profile picture
BaseFortify.eu @basefortify.bsky.social
⚡ CVE-2025-9803 — Lunary AI Flawed Google OAuth validation lets attackers hijack accounts using tokens from rogue apps. Update to 1.9.35! 🔗 basefortify.eu/cve_reports/... #CVE #Lunary #OAuth #AccountTakeover #Infosec
  • 0
  • 2
  • 0
  • 20h ago

CVE-2025-41115

Overview

  • Grafana
  • Grafana Enterprise
21 Nov 2025
Published
24 Nov 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.02%
KEV

Description

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric externalId, which in turn could allow to override internal user IDs and lead to impersonation or privilege escalation. This vulnerability applies only if all of the following conditions are met: - `enableSCIM` feature flag set to true - `user_sync_enabled` config option in the `[auth.scim]` block set to true

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 7 hours ago

Bluesky

Profile picture
Checkmarx Zero @checkmarxzero.bsky.social
🚨 #CVE-2025-41115: critical vulnerability in #Grafana user identity handling. Update to the latest platform version. #Vulnerable versions with #SCIM provisioning enabled can let a malicious SCIM client use a numeric “externalId" to override user IDs, risking impersonation or privilege escalation.
  • 0
  • 1
  • 0
  • 7h ago
Showing 1 to 10 of 36 CVEs