24h | 7d | 30d

CVE-2025-53136

Overview

  • Microsoft
  • Windows 10 Version 1809
12 Aug 2025
Published
10 Nov 2025
Updated
CVSS v3.1
MEDIUM (5.5)
EPSS
0.05%
KEV

Description

Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an authorized attacker to disclose information locally.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 15 hours ago

Fediverse

Profile picture
Dark Web Informer :verified_paw: @DarkWebInformer

❗️CVE-2025-53136: Windows Kernel Information Disclosure through Race condition

PoC/Exploit: github.com/nu1lptr0/CVE-2025-5

CVSS: 5.5
CVE Published: Aug 12th, 2025

  • 2
  • 0
  • 0
  • 15h ago

CVE-2025-67399

Overview

  • Pending
14 Jan 2026
Published
14 Jan 2026
Updated
CVSS
Pending
EPSS
0.02%
KEV

Description

An issue in AIRTH SMART HOME AQI MONITOR Bootloader v.1.005 allows a physically proximate attacker to obtain sensitive information via the UART port of the BK7231N controller (Wi-Fi and BLE module) on the device is open to access

Statistics

  • 1 Post
  • 3 Interactions
Last activity: 23 hours ago

Fediverse

Profile picture
cR0w @cR0w

I'm not concerned about this as a security concern, but I know people around here like their AQI monitors so this might be handy for folks trying to hack theirs for other functionality.

github.com/rupeshsurve04/CVE-2

  • 1
  • 2
  • 0
  • 23h ago

CVE-2025-14847

Overview

  • MongoDB Inc.
  • MongoDB Server
19 Dec 2025
Published
12 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
57.25%
KEV

Description

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0.

Statistics

  • 1 Post
  • 3 Interactions
Last activity: 16 hours ago

Bluesky

Profile picture
piyokango @piyokango.bsky.social
脅威概要: MongoDB の脆弱性 (CVE-2025-14847) #CybersecurityNews unit42.paloaltonetworks.com/mongobleed-c...
  • 1
  • 2
  • 0
  • 16h ago

CVE-2025-8677

Overview

  • ISC
  • BIND 9
22 Oct 2025
Published
04 Nov 2025
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.06%
KEV

Description

Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.

Statistics

  • 1 Post
  • 3 Interactions
Last activity: 20 hours ago

Fediverse

Profile picture
cR0w @cR0w

Still no fix in BIG-IP DNS for CVE-2025-8677.

my.f5.com/manage/s/article/K00

  • 1
  • 2
  • 0
  • 20h ago

CVE-2025-52691

Overview

  • SmarterTools
  • SmarterMail
29 Dec 2025
Published
09 Jan 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
10.87%
KEV

Description

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.

Statistics

  • 1 Post
  • 8 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture
Dr. Christopher Kunz @christopherkunz

@ljrk I see your ../../../../../ and raise you one ../../../../../../../../../../../../../../../
labs.watchtowr.com/do-smart-pe

  • 0
  • 8
  • 0
  • 9h ago

CVE-2026-22907

Overview

  • SICK AG
  • TDC-X401GL
15 Jan 2026
Published
15 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.9)
EPSS
Pending
KEV

Description

An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 1 hour ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2026-22907 - Critical (9.9)

An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 2h ago
Profile picture
cR0w @cR0w

SICK vulns, bro.

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

  • 0
  • 1
  • 0
  • 1h ago

CVE-2026-0712

Overview

  • SICK AG
  • Incoming Goods Suite
15 Jan 2026
Published
15 Jan 2026
Updated
CVSS v3.1
HIGH (7.6)
EPSS
Pending
KEV

Description

An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 1 hour ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2026-0712 - High (7.6)

An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XS...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 2h ago
Profile picture
cR0w @cR0w

SICK vulns, bro.

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

  • 0
  • 1
  • 0
  • 1h ago

CVE-2026-22908

Overview

  • SICK AG
  • TDC-X401GL
15 Jan 2026
Published
15 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
Pending
KEV

Description

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 1 hour ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2026-22908 - Critical (9.1)

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 2h ago
Profile picture
cR0w @cR0w

SICK vulns, bro.

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

  • 0
  • 1
  • 0
  • 1h ago

CVE-2026-22643

Overview

  • SICK AG
  • Incoming Goods Suite
15 Jan 2026
Published
15 Jan 2026
Updated
CVSS v3.1
HIGH (8.3)
EPSS
Pending
KEV

Description

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 1 hour ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2026-22643 - High (8.3)

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 1h ago
Profile picture
cR0w @cR0w

SICK vulns, bro.

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

  • 0
  • 1
  • 0
  • 1h ago

CVE-2026-22910

Overview

  • SICK AG
  • TDC-X401GL
15 Jan 2026
Published
15 Jan 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
Pending
KEV

Description

The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 1 hour ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2026-22910 - High (7.5)

The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 2h ago
Profile picture
cR0w @cR0w

SICK vulns, bro.

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

  • 0
  • 1
  • 0
  • 1h ago
Showing 11 to 20 of 95 CVEs