Overview
- Grafana
- Grafana Enterprise
21 Nov 2025
Published
22 Nov 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.02%
KEV
Description
SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management.
In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric externalId, which in turn could allow to override internal user IDs and lead to impersonation or privilege escalation.
This vulnerability applies only if all of the following conditions are met:
- `enableSCIM` feature flag set to true
- `user_sync_enabled` config option in the `[auth.scim]` block set to true
Statistics
- 3 Posts
- 1 Interaction
Last activity: 1 hour ago
Bluesky
Grafana corregge CVE-2025-41115 con spoofing admin, mentre CISA segnala exploit Oracle e pubblica advisory ICS per rischio su identity e sistemi industriali.
#cisa #grafana #ICS #Oracle
www.matricedigitale.it/2025/11/23/g...
Critical SCIM Flaw in Grafana Enterprise Lets Attackers Hijack Any Account, Including Admins
Introduction: A critical vulnerability, CVE-2025-41115, has been identified in Grafana Enterprise's SCIM (System for Cross-domain Identity Management) implementation, carrying a maximum CVSS score of 10.0.…
Grafana warns of max severity admin spoofing vulnerability (CVE-2025-41115) #patchmanagement
Overview
Description
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager. Successful attacks of this vulnerability can result in takeover of Identity Manager. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Statistics
- 2 Posts
Last activity: 21 hours ago
Fediverse
🚨 CISA warns of CRITICAL, actively exploited zero-day (CVE-2025-61757) in Oracle Identity Manager. Unauth RCE possible—patch 12.2.1.4.0 & 14.1.2.1.0 now. Watch for API abuse (?WSDL, ;.wadl). More: https://radar.offseq.com/threat/cisa-warns-of-actively-exploited-critical-oracle-i-f247f1c1 #OffSeq #Oracle #IAM #Vuln
Bluesky
Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757)
slcyber.io/research-cen...
Overview
- RooCodeInc
- Roo-Code
21 Nov 2025
Published
21 Nov 2025
Updated
CVSS v3.1
HIGH (8.1)
EPSS
0.08%
KEV
Description
Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Prior to version 3.26.7, Due to an error in validation it was possible for Roo to automatically execute commands that did not match the allow list prefixes. This issue has been patched in version 3.26.7.
Statistics
- 1 Post
- 2 Interactions
Last activity: 10 hours ago
Fediverse
🚨 CVE-2025-65946 (HIGH, CVSS 8.1): Roo-Code (<3.26.7) suffers from a command injection flaw (CWE-77). No auth/user input needed; remote code execution is possible. Patch to 3.26.7+ ASAP! Details: https://radar.offseq.com/threat/cve-2025-65946-cwe-77-improper-neutralization-of-s-2fc11be1 #OffSeq #RooCode #vuln #infosec
Overview
Description
This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.
Statistics
- 1 Post
- 1 Interaction
Last activity: 7 hours ago
Bluesky
For the #Fedora and #Linux community: A critical patch for GnuTLS (CVE-2025-9820) is now available on Fedora 43. Read more: 👉 tinyurl.com/3wdmzexx #Security
Overview
Description
In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Statistics
- 1 Post
- 1 Interaction
Last activity: 21 hours ago
Fediverse
CVE-2025-48593: una vulnerabilidad crítica en Bluetooth que afecta a Android 13–16
https://blog.desdelinux.net/vulnerabilidad-bluetooth-android-cve-2025-48593-noviembre/
Overview
Description
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
Statistics
- 1 Post
- 1 Interaction
Last activity: 11 hours ago
Bluesky
When The Impersonation Function Gets Used To Impersonate Users (Fortinet FortiWeb Auth. Bypass CVE-2025-64446)
labs.watchtowr.com/when-the-imp...
Overview
- Microsoft
- Microsoft 365 Copilot's Business Chat
09 Oct 2025
Published
22 Nov 2025
Updated
CVSS v3.1
CRITICAL (9.3)
EPSS
0.08%
KEV
Description
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to perform spoofing over a network.
Statistics
- 1 Post
Last activity: 18 hours ago
Bluesky
CVE-2025-59286 Copilot Spoofing Vulnerability scq.ms/3LWLY2L #SecQube #cybersecurity
Overview
- walterpinem
- OneClick Chat to Order
22 Nov 2025
Published
22 Nov 2025
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.03%
KEV
Description
The OneClick Chat to Order plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0.8 via the 'wa_order_thank_you_override' function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to view sensitive customer information including names, email addresses, phone numbers, billing/shipping addresses, order contents, and payment methods by simply changing the order ID in the URL.
Statistics
- 1 Post
Last activity: 15 hours ago
Fediverse
🚨 CVE-2025-13526 (HIGH): OneClick Chat to Order for WordPress (<=1.0.8) is vulnerable to IDOR. Attackers can fetch PII & payment info by changing order IDs in URLs. Disable plugin or enforce strict access controls now! https://radar.offseq.com/threat/cve-2025-13526-cwe-200-exposure-of-sensitive-infor-c69efaff #OffSeq #WordPress #IDOR #Infosec
Overview
Description
The W3 Total Cache WordPress plugin before 2.8.13 is vulnerable to command injection via the _parse_dynamic_mfunc function, allowing unauthenticated users to execute PHP commands by submitting a comment with a malicious payload to a post.
Statistics
- 1 Post
Last activity: 7 hours ago
Fediverse
Security researchers reveal critical vulnerability in the W3 Total Cache (W3TC) WordPress plugin
Vulnerability:
CVE-2025-9501 - Unauthenticated command injection
Impact: Allows an attacker to run commands on the server, and fully takeover the website
Remediation: Upgrade to W3TC plugin version 2.8.13 ASAP
Overview
- Microsoft
- Windows 10 Version 1809
10 Oct 2023
Published
14 Apr 2025
Updated
CVSS v3.1
HIGH (8.1)
EPSS
0.22%
KEV
Description
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Statistics
- 1 Post
Last activity: 8 hours ago
Bluesky
Unpatched and Powerful: How a Windows Update Tool Became Your Worst Security Nightmare
Introduction: A critical Remote Code Execution (RCE) vulnerability was discovered within the Windows Update Health Tools, a trusted component managed by Microsoft. This flaw, designated as CVE-2023-38166,…