24h | 7d | 30d

CVE-2025-68493

Overview

  • Apache Software Foundation
  • Apache Struts
  • com.opensymphony:xwork
11 Jan 2026
Published
12 Jan 2026
Updated
CVSS
Pending
EPSS
0.06%
KEV

Description

Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users are recommended to upgrade to version 6.1.1, which fixes the issue.

Statistics

  • 3 Posts
Last activity: 18 hours ago

Fediverse

Profile picture
geeknik @geeknik

CVE-2025-68493 turns your XML config into a confession booth: one malicious entity and the server doxxes itself. Patch to 6.1.1 or keep streaming internal secrets to the outside like it’s reality TV.
gbhackers.com/critical-apache-

  • 0
  • 0
  • 1
  • 18h ago

Bluesky

Profile picture
キタきつね @kitafox.bsky.social
XMLトラップ:Struts 2の重大な欠陥CVE-2025-68493がデータを公開 The XML Trap: Critical Struts 2 Flaw CVE-2025-68493 Exposes Data #DailyCyberSecurity (Jan 12) securityonline.info/the-xml-trap...
  • 0
  • 0
  • 0
  • 18h ago

CVE-2025-69258

Overview

  • Trend Micro, Inc.
  • Trend Micro Apex Central
08 Jan 2026
Published
09 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.15%
KEV

Description

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations.

Statistics

  • 3 Posts
  • 1 Interaction
Last activity: 12 hours ago

Fediverse

Profile picture
Dark Web Informer :verified_paw: @DarkWebInformer

‼️Trend Micro Apex Central Multiple Vulnerabilities

CVE:

CVE-2025-69258 (CVSS: 9.8)
CVE-2025-69259 (CVSS: 7.5)
CVE-2025-69260 (CVSS: 7.5)

CWE: CWE-1285, CWE-306, CWE-641

PoC/Writeup: tenable.com/security/research/

Disclosure Date: January 7. 2026

Disclosure: success.trendmicro.com/en-US/s

  • 1
  • 0
  • 0
  • 20h ago

Bluesky

Profile picture
セキュリティ対策Lab @securitylab-jp.bsky.social
トレンドマイクロ Apex Centralに複数の脆弱性(CVE-2025-69258 / 69259 / 69260) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #サイバー攻撃
  • 0
  • 0
  • 0
  • 16h ago
Profile picture
OpsMatters @opsmatters.com
The latest update for #ArcticWolf includes "CVE-2025-69258: Trend Micro Apex Central Remote Code Execution Vulnerability" and "CVE-2026-21858: Critical Unauthenticated File Access Vulnerability in n8n 'Ni8mare'". #cybersecurity #infosec #networks https://opsmtrs.com/2ZFbaTl
  • 0
  • 0
  • 0
  • 12h ago

CVE-2025-68613

Overview

  • n8n-io
  • n8n
19 Dec 2025
Published
22 Dec 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
8.42%
KEV

Description

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. This issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly advised to upgrade to a patched version, which introduces additional safeguards to restrict expression evaluation. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only; and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully eliminate the risk and should only be used as short-term measures.

Statistics

  • 3 Posts
  • 11 Interactions
Last activity: 4 hours ago

Fediverse

Profile picture
CERT-Bund @certbund

CERT-Bund benachrichtigt seit dem 09.01.2026 deutsche Netzbetreiber zu im Internet exponierten veraltete Instanzen der Open-Source Workflow-Automatisierungsplattform n8n, die noch für mindestens eine der kritischen Schwachstellen CVE-2025-68613, CVE-2025-68668, CVE-2026-21858 oder CVE-2026-21877 verwundbar sind.

Aktuell sind uns rund 24.000 n8n-Systeme bei deutschen Netzbetreibern bekannt, von denen ca. 13.800 (58%) noch verwundbar sind.

  • 5
  • 5
  • 0
  • 4h ago

Bluesky

Profile picture
CyberHub @cyberhub.blog
📌 Critical Expression Injection in n8n (CVE-2025-68613): CVSS 9.9 flaw allows authenticated RCE via JavaScript code execution. #Cybersecurity #CVE https://tinyurl.com/263ezryu
  • 0
  • 0
  • 0
  • 17h ago
Profile picture
The Shadowserver Foundation @shadowserver.bsky.social
You can also track different scan results for recent n8n vulns (not just CVE-2026-21858 but also CVE-2025-68668, CVE-2025-68613, CVE-2026-21877) on Dashboard: dashboard.shadowserver.org/statistics/c... dashboard.shadowserver.org/statistics/c...
  • 0
  • 1
  • 0
  • 21h ago

CVE-2025-66177

Overview

  • Hikvision
  • DS-96xxxNI-Hx
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.02%
KEV

Description

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: Last hour

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2025-66177 - High (8.8)

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially craft...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 11h ago
Profile picture
cR0w @cR0w

Hikvision

cve.org/CVERecord?id=CVE-2025-

cve.org/CVERecord?id=CVE-2025-

cc: @Dio9sys @da_667

  • 0
  • 1
  • 0
  • Last hour

CVE-2025-66176

Overview

  • Hikvision
  • DS-K1T331
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.02%
KEV

Description

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: Last hour

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2025-66176 - High (8.8)

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially craf...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 11h ago
Profile picture
cR0w @cR0w

Hikvision

cve.org/CVERecord?id=CVE-2025-

cve.org/CVERecord?id=CVE-2025-

cc: @Dio9sys @da_667

  • 0
  • 1
  • 0
  • Last hour

CVE-2025-55182

Overview

  • Meta
  • react-server-dom-webpack
03 Dec 2025
Published
11 Dec 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
62.33%
KEV

Description

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 16 hours ago

Fediverse

Profile picture
Andrew 🌻 Brandt 🐇 @threatresearch

I had a chance last week to chat with Benjamin Read of . Last month, Read and other members of his team published a deep dive into the
(CVE-2025-55182) vulnerability, and I was curious to see what has been hitting my honeypot, so I took a closer look.

This is doing some weird stuff, friends.

As is normally the case with exploits targeting internet-facing devices, once the exploit becomes known, it ends up in the automated scanners used by threat actors and security researchers. What I've seen over the past week is a combination of both.

In just a few hours of operation, I identified a small number of source IP addresses exploiting React2Shell by pointing the vulnerable system at URLs hosting BASH scripts. These scripts are really familiar to anyone who routinely looks at honeypot data - they contain a series of commands that pull down and execute malicious payloads.

And as I've seen in the past, some of these payloads use racially inflammatory language in their malware. It's weird and gross, but unfortunately, really common.

But while most of these payloads were "the usual suspects" - remote shells, cryptocurrency miners - there was one payload that stuck out.

It's an exploit file, based on this proof-of-concept [github.com/iotwar/FIVEM-POC/bl] designed to DDoS a modded server running "FiveM," a popular version of the game Grand Theft Auto V.

Let that one sink in: among the earliest adopters of a brand new exploit are...people trying to mess with other people's online game servers.

I've long said that exploits like these are the canaries in the datacenter coal mine. After all, if an attacker can force your server to run a cryptominer (or a game DDoS tool), they can force it to run far more malicious code.

I guess someone, or a group of someones, just want to ruin everyone's good time, no matter how or what form that takes. And they'll do it in the most offensive way possible.

Anyway, patch your servers, please, if only to stick it to these people who want to be the reason we can't have nice things.

  • 2
  • 2
  • 0
  • 16h ago

CVE-2025-66689

Overview

  • Pending
12 Jan 2026
Published
12 Jan 2026
Updated
CVSS
Pending
EPSS
0.04%
KEV

Description

A path traversal vulnerability exists in Zen MCP Server before 9.8.2 that allows authenticated attackers to read arbitrary files on the system. The vulnerability is caused by flawed logic in the is_dangerous_path() validation function that uses exact string matching against a blacklist of system directories. Attackers can bypass these restrictions by accessing subdirectories of blacklisted paths.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 22 hours ago

Fediverse

Profile picture
cR0w @cR0w

Go ../ more MCP shit. 🤘

github.com/Team-Off-course/MCP

  • 1
  • 3
  • 0
  • 22h ago

CVE-2023-53574

Overview

  • Linux
  • Linux
04 Oct 2025
Published
06 Oct 2025
Updated
CVSS
Pending
EPSS
0.03%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtw_core_deinit()', shrink critical section in the latter by freeing COEX queue out of TX report lock scope.

Statistics

  • 3 Posts
  • 1 Interaction
Last activity: 5 hours ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
New technical analysis: Comprehensive Analysis of #SUSE Linux Kernel Security Update 2026-0090-1 (CVE-2023-53574). Read more: 👉 tinyurl.com/3u2zue6y #Security
  • 0
  • 1
  • 0
  • 20h ago
Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
🚨 CRITICAL: Kernel privilege escalation flaw CVE-2023-53574 patched by #SUSE (SUSE-2026-0107-1). Read more: 👉 tinyurl.com/8xz3b7jx #Security
  • 0
  • 0
  • 0
  • 21h ago
Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
Critical kernel vulnerability patched in #openSUSE (CVE-2023-53574). Allows local privilege escalation. Read more: 👉 tinyurl.com/y84e6rr3 #Security
  • 0
  • 0
  • 0
  • 5h ago

CVE-2025-63314

Overview

  • Pending
12 Jan 2026
Published
12 Jan 2026
Updated
CVSS
Pending
EPSS
0.04%
KEV

Description

A static password reset token in the password reset function of DDSN Interactive Acora CMS v10.7.1 allows attackers to arbitrarily reset the user password and execute a full account takeover via a replay attack.

Statistics

  • 1 Post
Last activity: 18 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2025-63314 - Critical (10)

A static password reset token in the password reset function of DDSN Interactive Acora CMS v10.7.1 allows attackers to arbitrarily reset the user password and execute a full account takeover via a replay attack.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 18h ago

CVE-2025-11250

Overview

  • Zohocorp
  • ManageEngine ADSelfService Plus
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
Pending
KEV

Description

Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication Bypass due to improper filter configurations.

Statistics

  • 1 Post
Last activity: Last hour

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2025-11250 - Critical (9.1)

Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication Bypass due to improper filter configurations.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • Last hour
Showing 11 to 20 of 80 CVEs