24h | 7d | 30d

CVE-2025-62582

Overview

  • Delta Electronics
  • DIAView
16 Jan 2026
Published
16 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.04%
KEV

Description

Delta Electronics DIAView has multiple vulnerabilities.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 17 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2025-62582 - Critical (9.8)

Delta Electronics DIAView has multiple vulnerabilities.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 1
  • 0
  • 17h ago

CVE-2025-13601

Overview

  • glib
26 Nov 2025
Published
27 Nov 2025
Updated
CVSS
Pending
EPSS
0.02%
KEV

Description

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 21 hours ago

Bluesky

Profile picture
Lambda Watchdog @lambdawatchdog.bsky.social
🔍 Lambda Watchdog detected that CVE-2025-13601 is no longer present in latest AWS Lambda base image scans. https://github.com/aws/aws-lambda-base-images/issues/360 #AWS #Lambda #Security #CVE #DevOps #SecOps
  • 0
  • 1
  • 0
  • 21h ago

CVE-2026-20805

Overview

  • Microsoft
  • Windows 10 Version 1809
13 Jan 2026
Published
16 Jan 2026
Updated
CVSS v3.1
MEDIUM (5.5)
EPSS
5.16%
KEV

Description

Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 3 hours ago

Fediverse

Profile picture
Mathrubhumi English @Mathrubhumi_English

CERT-In issues high-severity alert for Windows 10, Windows 11 and Microsoft Office over CVE-2026-20805 vulnerability. Microsoft confirms exploit in the wild, urges urgent updates. english.mathrubhumi.com/techno #WindowsSecurity #MicrosoftAlert #CERTIn #CyberSecurity

  • 0
  • 1
  • 0
  • 3h ago

CVE-2025-55182

Overview

  • Meta
  • react-server-dom-webpack
03 Dec 2025
Published
11 Dec 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
55.12%
KEV

Description

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Statistics

  • 1 Post
Last activity: 13 hours ago

Bluesky

Profile picture
CyberVeille @cyberveille-ch.bsky.social
📢 Next.js/NextAuth : forger des cookies d’authentification via le NEXTAUTH_SECRET 📝 Dans un billet technique publié le 14 janvier 2026, l’auteur détaill… https://cyberveille.ch/posts/2026-01-16-next-js-nextauth-forger-des-cookies-dauthentification-via-le-nextauth-secret/ #CVE_2025_55182 #Cyberveille
  • 0
  • 0
  • 0
  • 13h ago

CVE-2025-6966

Overview

  • Canonical
  • python-apt
  • python-apt
05 Dec 2025
Published
15 Dec 2025
Updated
CVSS v4.0
MEDIUM (6.9)
EPSS
0.02%
KEV

Description

NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.

Statistics

  • 1 Post
Last activity: 17 hours ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
Critical: #Ubuntu 20.04 LTS #python-apt vulnerability CVE-2025-6966 patched in USN-7916-2. DoS flaw + regression fix. Read more: 👉 tinyurl.com/3vtebxuy #Security
  • 0
  • 0
  • 0
  • 17h ago

CVE-2025-68921

Overview

  • Pending
16 Jan 2026
Published
16 Jan 2026
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

SteelSeries Nahimic 3 1.10.7 allows Directory traversal.

Statistics

  • 1 Post
Last activity: 16 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2025-68921 - High (7.8)

SteelSeries Nahimic 3 1.10.7 allows Directory traversal.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 16h ago

CVE-2026-1022

Overview

  • Gotac
  • Statistics Database System
16 Jan 2026
Published
16 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.07%
KEV

Description

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

Statistics

  • 1 Post
Last activity: 19 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2026-1022 - High (7.5)

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 19h ago

CVE-2026-22812

Overview

  • anomalyco
  • opencode
12 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.10%
KEV

Description

OpenCode is an open source AI coding agent. Prior to 1.0.216, OpenCode automatically starts an unauthenticated HTTP server that allows any local process (or any website via permissive CORS) to execute arbitrary shell commands with the user's privileges. This vulnerability is fixed in 1.0.216.

Statistics

  • 1 Post
Last activity: 8 hours ago

Fediverse

Profile picture
Dark Web Informer :verified_paw: @DarkWebInformer

‼️CVE-2026-22812: OpenCode's Unauthenticated HTTP Server Allows Arbitrary Command Execution

PoC/Exploit: github.com/rohmatariow/CVE-202

CVSS: 8.8
CVE Published: January 12th, 2026
Exploit Published: January 16th, 2026
Advisory: github.com/anomalyco/opencode/

OpenCode is an open source AI coding agent. Prior to 1.0.216, OpenCode automatically starts an unauthenticated HTTP server that allows any local process (or any website via permissive CORS) to execute arbitrary shell commands with the user's privileges. This vulnerability is fixed in 1.0.216.

  • 0
  • 0
  • 0
  • 8h ago

CVE-2025-33073

Overview

  • Microsoft
  • Windows 10 Version 1809
10 Jun 2025
Published
21 Oct 2025
Updated
CVSS v3.1
HIGH (8.8)
EPSS
51.19%
KEV

Description

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

Statistics

  • 2 Posts
Last activity: 19 hours ago

Bluesky

Profile picture
r/purpleteamsec bot @r-purpleteamsec.bsky.social
Using NTLM Reflection to Own Active Directory (CVE-2025-33073)
  • 0
  • 0
  • 1
  • 19h ago

CVE-2026-23744

Overview

  • MCPJam
  • inspector
16 Jan 2026
Published
16 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
Pending
KEV

Description

MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. Since MCPJam inspector by default listens on 0.0.0.0 instead of 127.0.0.1, an attacker can trigger the RCE remotely via a simple HTTP request. Version 1.4.3 contains a patch.

Statistics

  • 2 Posts
Last activity: 12 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2026-23744 - Critical (9.8)

MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installatio...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 1
  • 12h ago
Showing 11 to 20 of 66 CVEs