24h | 7d | 30d

CVE-2025-40552

Overview

  • SolarWinds
  • Web Help Desk
28 Jan 2026
Published
29 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.05%
KEV

Description

SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.

Statistics

  • 4 Posts
Last activity: 2 hours ago

Fediverse

Profile picture
Rishi @rxerium

🚨 2 critical authentication bypass and remote command execution vulnerabilities in Solarwinds WHD have been disclosed.

Vulnerability detection scripts can be found below:
CVE-2025-40552:
github.com/rxerium/rxerium-tem

CVE-2025-40554:
github.com/rxerium/rxerium-tem

At the time of writing there are no signs of active exploitation in the wild but it is strongly recommended that you patch as per Solarwind's security advisory:
documentation.solarwinds.com/e

  • 0
  • 0
  • 0
  • 10h ago
Profile picture
TheHackerWire @thehackerwire

SolarWinds has just announced four high-severity vulnerabilities in its Web Help Desk (WHD) software that could lead to full system takeover.

These flaws include unauthenticated Remote Code Execution (RCE) via insecure deserialization and multiple Authentication Bypasses, allowing attackers to execute protected methods without any credentials.

CVE-2025-40551 & CVE-2025-40553 (Unauthenticated RCE)
CVE-2025-40552 & CVE-2025-40554 (Auth Bypass)

thehackerwire.com/solarwinds-p

  • 0
  • 0
  • 0
  • 19h ago
Profile picture
ekiledjian @edwardk

SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
bleepingcomputer.com/news/secu

SolarWinds has released security updates to patch critical authentication
bypass and remote command execution vulnerabilities in its Web Help Desk IT
help desk software.

The authentication bypass security flaws (tracked as CVE-2025-40552 and
CVE-2025-40554) patched today by SolarWinds were reported by watchTowr's Piotr
Bazydlo and can be exploited by remote unauthenticated threat actors in
low-complexity attacks.

Bazydlo also found and reported a critical remote code execution (RCE) flaw
(CVE-2025-40553) stemming from an untrusted data deserialization weakness that
can enable attackers without privileges to run commands on vulnerable hosts.
A second RCE vulnerability (CVE-2025-40551) reported by Horizon3.ai security
researcher Jimi Sebree can also enable unauthenticated attackers to execute
commands remotely.

  • 0
  • 0
  • 0
  • 2h ago

Bluesky

Profile picture
Sami Laiho @samilaiho.com
SolarWinds Web Help Desk Authentication Bypass Vulnerability (CVE-2025-40552) URL: www.solarwinds.com/trust-center... Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
  • 0
  • 0
  • 0
  • 10h ago

CVE-2025-40554

Overview

  • SolarWinds
  • Web Help Desk
28 Jan 2026
Published
29 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.03%
KEV

Description

SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk.

Statistics

  • 4 Posts
Last activity: 2 hours ago

Fediverse

Profile picture
Rishi @rxerium

🚨 2 critical authentication bypass and remote command execution vulnerabilities in Solarwinds WHD have been disclosed.

Vulnerability detection scripts can be found below:
CVE-2025-40552:
github.com/rxerium/rxerium-tem

CVE-2025-40554:
github.com/rxerium/rxerium-tem

At the time of writing there are no signs of active exploitation in the wild but it is strongly recommended that you patch as per Solarwind's security advisory:
documentation.solarwinds.com/e

  • 0
  • 0
  • 0
  • 10h ago
Profile picture
TheHackerWire @thehackerwire

SolarWinds has just announced four high-severity vulnerabilities in its Web Help Desk (WHD) software that could lead to full system takeover.

These flaws include unauthenticated Remote Code Execution (RCE) via insecure deserialization and multiple Authentication Bypasses, allowing attackers to execute protected methods without any credentials.

CVE-2025-40551 & CVE-2025-40553 (Unauthenticated RCE)
CVE-2025-40552 & CVE-2025-40554 (Auth Bypass)

thehackerwire.com/solarwinds-p

  • 0
  • 0
  • 0
  • 19h ago
Profile picture
ekiledjian @edwardk

SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
bleepingcomputer.com/news/secu

SolarWinds has released security updates to patch critical authentication
bypass and remote command execution vulnerabilities in its Web Help Desk IT
help desk software.

The authentication bypass security flaws (tracked as CVE-2025-40552 and
CVE-2025-40554) patched today by SolarWinds were reported by watchTowr's Piotr
Bazydlo and can be exploited by remote unauthenticated threat actors in
low-complexity attacks.

Bazydlo also found and reported a critical remote code execution (RCE) flaw
(CVE-2025-40553) stemming from an untrusted data deserialization weakness that
can enable attackers without privileges to run commands on vulnerable hosts.
A second RCE vulnerability (CVE-2025-40551) reported by Horizon3.ai security
researcher Jimi Sebree can also enable unauthenticated attackers to execute
commands remotely.

  • 0
  • 0
  • 0
  • 2h ago

Bluesky

Profile picture
Sami Laiho @samilaiho.com
SolarWinds Web Help Desk Authentication Bypass Vulnerability (CVE-2025-40554) Download PDF URL: www.solarwinds.com/trust-center... Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
  • 0
  • 0
  • 0
  • 10h ago

CVE-2026-21509

Overview

  • Microsoft
  • Microsoft Office 2019
26 Jan 2026
Published
27 Jan 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
4.74%
KEV

Description

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.

Statistics

  • 3 Posts
Last activity: 7 hours ago

Fediverse

Profile picture
GĂĽnter Born @gborn

In allen Versionen von Microsoft Office gibt es die Schwachstelle CVE-2026-21509. Es ist nicht ganz klar, was Microsoft mit Notfall-Patches genau gemacht hat. ACROS Security hat mit 0patch das Ăśbel bei der Wurzel gepackt und sperrt das OLE-Objekt.

borncity.com/blog/2026/01/29/0

  • 0
  • 0
  • 1
  • 7h ago

Bluesky

Profile picture
Philippe Vynckier @pvynckier.bsky.social
Microsoft publie un correctif hors cycle pour la vulnérabilité CVE-2026-21509 d’Office - IT SOCIAL itsocial.fr/cybersecurit...
  • 0
  • 0
  • 0
  • 8h ago

CVE-2025-40553

Overview

  • SolarWinds
  • Web Help Desk
28 Jan 2026
Published
29 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.65%
KEV

Description

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

Statistics

  • 3 Posts
Last activity: 2 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

SolarWinds has just announced four high-severity vulnerabilities in its Web Help Desk (WHD) software that could lead to full system takeover.

These flaws include unauthenticated Remote Code Execution (RCE) via insecure deserialization and multiple Authentication Bypasses, allowing attackers to execute protected methods without any credentials.

CVE-2025-40551 & CVE-2025-40553 (Unauthenticated RCE)
CVE-2025-40552 & CVE-2025-40554 (Auth Bypass)

thehackerwire.com/solarwinds-p

  • 0
  • 0
  • 0
  • 19h ago
Profile picture
ekiledjian @edwardk

SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
bleepingcomputer.com/news/secu

SolarWinds has released security updates to patch critical authentication
bypass and remote command execution vulnerabilities in its Web Help Desk IT
help desk software.

The authentication bypass security flaws (tracked as CVE-2025-40552 and
CVE-2025-40554) patched today by SolarWinds were reported by watchTowr's Piotr
Bazydlo and can be exploited by remote unauthenticated threat actors in
low-complexity attacks.

Bazydlo also found and reported a critical remote code execution (RCE) flaw
(CVE-2025-40553) stemming from an untrusted data deserialization weakness that
can enable attackers without privileges to run commands on vulnerable hosts.
A second RCE vulnerability (CVE-2025-40551) reported by Horizon3.ai security
researcher Jimi Sebree can also enable unauthenticated attackers to execute
commands remotely.

  • 0
  • 0
  • 0
  • 2h ago

Bluesky

Profile picture
Sami Laiho @samilaiho.com
SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2025-40553) URL: www.solarwinds.com/trust-center... Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8
  • 0
  • 0
  • 0
  • 10h ago

CVE-2026-0863

Overview

  • n8n
18 Jan 2026
Published
23 Jan 2026
Updated
CVSS v3.1
HIGH (8.5)
EPSS
0.06%
KEV

Description

Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissions and can lead to a full n8n instance takeover on instances operating under "Internal" execution mode. If the instance is operating under the "External" execution mode (ex. n8n's official Docker image) - arbitrary code execution occurs inside a Sidecar container and not the main node, which significantly reduces the vulnerability impact.

Statistics

  • 3 Posts
Last activity: 7 hours ago

Fediverse

Profile picture
Rishi @rxerium

🚨 2 new vulnerability scripts created for the n8n vulnerabilities disclosed today:

CVE-2026-1470:
github.com/rxerium/rxerium-tem

CVE-2026-0863:
github.com/rxerium/rxerium-tem

Happy hunting.

  • 0
  • 0
  • 0
  • 10h ago
Profile picture
benzogaga33 :verified: @benzogaga33

n8n – CVE-2026-1470 et CVE-2026-0863 : deux nouvelles failles patchĂ©es, comment se protĂ©ger ? it-connect.fr/n8n-cve-2026-147 #ActuCybersĂ©curitĂ© #CybersĂ©curitĂ© #VulnĂ©rabilitĂ©

  • 0
  • 0
  • 0
  • 7h ago

Bluesky

Profile picture
IT-Connect @it-connect.bsky.social
n8n - CVE-2026-1470 et CVE-2026-0863 : deux nouvelles failles patchées, comment se protéger ? 👇 Les détails dans l'article de Florian : - www.it-connect.fr/n8n-cve-2026... #n8n #infosec #cybersecurite
  • 0
  • 0
  • 0
  • 10h ago

CVE-2026-1470

Overview

  • n8n
27 Jan 2026
Published
27 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.9)
EPSS
0.31%
KEV

Description

n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations.

Statistics

  • 3 Posts
Last activity: 7 hours ago

Fediverse

Profile picture
Rishi @rxerium

🚨 2 new vulnerability scripts created for the n8n vulnerabilities disclosed today:

CVE-2026-1470:
github.com/rxerium/rxerium-tem

CVE-2026-0863:
github.com/rxerium/rxerium-tem

Happy hunting.

  • 0
  • 0
  • 0
  • 10h ago
Profile picture
benzogaga33 :verified: @benzogaga33

n8n – CVE-2026-1470 et CVE-2026-0863 : deux nouvelles failles patchĂ©es, comment se protĂ©ger ? it-connect.fr/n8n-cve-2026-147 #ActuCybersĂ©curitĂ© #CybersĂ©curitĂ© #VulnĂ©rabilitĂ©

  • 0
  • 0
  • 0
  • 7h ago

Bluesky

Profile picture
IT-Connect @it-connect.bsky.social
n8n - CVE-2026-1470 et CVE-2026-0863 : deux nouvelles failles patchées, comment se protéger ? 👇 Les détails dans l'article de Florian : - www.it-connect.fr/n8n-cve-2026... #n8n #infosec #cybersecurite
  • 0
  • 0
  • 0
  • 10h ago

CVE-2025-64328

Overview

  • FreePBX
  • security-reporting
07 Nov 2025
Published
07 Nov 2025
Updated
CVSS v4.0
HIGH (8.6)
EPSS
0.46%
KEV

Description

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions 17.0.2.36 and above before 17.0.3, the filestore module within the Administrative interface is vulnerable to a post-authentication command injection by an authenticated known user via the testconnection -> check_ssh_connect() function. An attacker can leverage this vulnerability to obtain remote access to the system as an asterisk user. This issue is fixed in version 17.0.3.

Statistics

  • 2 Posts
Last activity: 2 hours ago

Fediverse

Profile picture
ekiledjian @edwardk

Unveiling the Weaponized Web Shell EncystPHP
fortinet.com/blog/threat-resea

FortiGuard Labs has discovered a web shell that we named “EncystPHP.” It
features several advanced capabilities, including remote command execution,
persistence mechanisms, and web shell deployment. Incidents were launched in
early December last year and propagated via exploitation of the FreePBX
vulnerability CVE-2025-64328.

Its malicious activity appears to be associated with the hacker group
INJ3CTOR3, first identified in 2020, which targeted CVE-2019-19006. In 2022,
the threat actor shifted its focus to the Elastix system via CVE-2021-45461.
These incidents begin with the exploitation of a FreePBX vulnerability,
followed by the deployment of a PHP web shell in the target environments. We
assess that this campaign represents recent attack activity and behavior
patterns associated with INJ3CTOR3.

  • 0
  • 0
  • 0
  • 2h ago

Bluesky

Profile picture
Virus Bulletin @virusbtn.bsky.social
FortiGuard Labs analyses EncystPHP, a weaponized web shell delivering remote command execution, persistence and further web shell deployment. It spreads by exploiting FreePBX vulnerability CVE-2025-64328 and is linked to the INJ3CTOR3 actor. www.fortinet.com/blog/threat-...
  • 0
  • 0
  • 0
  • 7h ago

CVE-2025-68160

Overview

  • OpenSSL
  • OpenSSL
27 Jan 2026
Published
29 Jan 2026
Updated
CVSS
Pending
EPSS
0.03%
KEV

Description

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading to Denial of Service for an application. The line-buffering BIO filter (BIO_f_linebuffer) is not used by default in TLS/SSL data paths. In OpenSSL command-line applications, it is typically only pushed onto stdout/stderr on VMS systems. Third-party applications that explicitly use this filter with a BIO chain that can short-write and that write large, newline-free data influenced by an attacker would be affected. However, the circumstances where this could happen are unlikely to be under attacker control, and BIO_f_linebuffer is unlikely to be handling non-curated data controlled by an attacker. For that reason the issue was assessed as Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the BIO implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 4 hours ago

Fediverse

Profile picture
Dark Web Informer :verified_paw: @DarkWebInformer

‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection

CVEs Published: January 27th, 2026

High and Moderate Severity Flaws:

▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions

▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow

Low Severity Flaws:

▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)

"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.

Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."

Writeup: aisle.com/blog/aisle-discovere

  • 0
  • 1
  • 0
  • 17h ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
🚨 #SUSE #OpenSSL 1.1 Security Update Alert! 🚨 Patch now: SUSE-SU-2026:0331-1 fixes 7 flaws (CVSS up to 6.2). Includes heap OOB write (CVE-2025-68160) & multiple ASN.1 type validation issues. Read more: 👉 tinyurl.com/2ke7dauh #Security
  • 0
  • 0
  • 0
  • 4h ago

CVE-2025-69420

Overview

  • OpenSSL
  • OpenSSL
27 Jan 2026
Published
28 Jan 2026
Updated
CVSS
Pending
EPSS
0.06%
KEV

Description

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An application calling TS_RESP_verify_response() with a malformed TimeStamp Response can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2() access the signing cert attribute value without validating its type. When the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed TimeStamp Response to an application that verifies timestamp responses. The TimeStamp protocol (RFC 3161) is not widely used and the impact of the exploit is just a Denial of Service. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the TimeStamp Response implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 15 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

đźź  CVE-2025-69420 - High (7.5)

Issue summary: A type confusion vulnerability exists in the TimeStamp Response
verification code where an ASN1_TYPE union member is accessed without first
validating the type, causing an invalid or NULL pointer dereference when
processing a malfor...

đź”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 15h ago
Profile picture
Dark Web Informer :verified_paw: @DarkWebInformer

‼️AISLE Goes 12-for-12 on OpenSSL Vulnerability Detection

CVEs Published: January 27th, 2026

High and Moderate Severity Flaws:

▪️CVE-2025-15467: Stack Buffer Overflow in CMS AuthEnvelopedData Parsing (High): A vulnerability with the potential to enable remote code execution under specific conditions

▪️CVE-2025-11187: PBMAC1 Parameter Validation in PKCS#12 (Moderate): Missing validation that could trigger a stack-based buffer overflow

Low Severity Flaws:

▪️CVE-2025-15468: Crash in QUIC protocol cipher handling
▪️CVE-2025-15469: Silent truncation bug affecting post-quantum signature algorithms (ML-DSA)
▪️CVE-2025-66199: Memory exhaustion via TLS 1.3 certificate compression
▪️CVE-2025-68160: Memory corruption in line-buffering (affects code back to OpenSSL 1.0.2)
▪️CVE-2025-69418: Encryption flaw in OCB mode on hardware-accelerated paths
▪️CVE-2025-69419: Memory corruption in PKCS#12 character encoding
▪️CVE-2025-69420: Crash in TimeStamp Response verification
▪️CVE-2025-69421: Crash in PKCS#12 decryption
▪️CVE-2026-22795: Crash in PKCS#12 parsing
▪️CVE-2026-22796: Crash in PKCS#7 signature verification (affects code back to OpenSSL 1.0.2)

"When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs.

Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk."

Writeup: aisle.com/blog/aisle-discovere

  • 0
  • 1
  • 0
  • 17h ago

CVE-2025-52691

Overview

  • SmarterTools
  • SmarterMail
29 Dec 2025
Published
27 Jan 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
77.81%
KEV

Description

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 20 hours ago

Fediverse

Profile picture
Dark Web Informer :verified_paw: @DarkWebInformer

❗️CVE-2025-52691: SmarterMail Authentication Bypass and RCE PoC

darkwebinformer.com/cve-2025-5

  • 0
  • 1
  • 0
  • 20h ago
Showing 11 to 20 of 89 CVEs