24h | 7d | 30d

CVE-2025-69258

Overview

  • Trend Micro, Inc.
  • Trend Micro Apex Central
08 Jan 2026
Published
09 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.15%
KEV

Description

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 1 hour ago

Fediverse

Profile picture
Dark Web Informer :verified_paw: @DarkWebInformer

‼️Trend Micro Apex Central Multiple Vulnerabilities

CVE:

CVE-2025-69258 (CVSS: 9.8)
CVE-2025-69259 (CVSS: 7.5)
CVE-2025-69260 (CVSS: 7.5)

CWE: CWE-1285, CWE-306, CWE-641

PoC/Writeup: tenable.com/security/research/

Disclosure Date: January 7. 2026

Disclosure: success.trendmicro.com/en-US/s

  • 1
  • 0
  • 0
  • 5h ago

Bluesky

Profile picture
セキュリティ対策Lab @securitylab-jp.bsky.social
トレンドマイクロ Apex Centralに複数の脆弱性(CVE-2025-69258 / 69259 / 69260) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #サイバー攻撃
  • 0
  • 0
  • 0
  • 1h ago

CVE-2025-68613

Overview

  • n8n-io
  • n8n
19 Dec 2025
Published
22 Dec 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
8.42%
KEV

Description

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. This issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly advised to upgrade to a patched version, which introduces additional safeguards to restrict expression evaluation. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only; and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully eliminate the risk and should only be used as short-term measures.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 1 hour ago

Bluesky

Profile picture
CyberHub @cyberhub.blog
📌 Critical Expression Injection in n8n (CVE-2025-68613): CVSS 9.9 flaw allows authenticated RCE via JavaScript code execution. #Cybersecurity #CVE https://tinyurl.com/263ezryu
  • 0
  • 0
  • 0
  • 1h ago
Profile picture
The Shadowserver Foundation @shadowserver.bsky.social
You can also track different scan results for recent n8n vulns (not just CVE-2026-21858 but also CVE-2025-68668, CVE-2025-68613, CVE-2026-21877) on Dashboard: dashboard.shadowserver.org/statistics/c... dashboard.shadowserver.org/statistics/c...
  • 0
  • 1
  • 0
  • 6h ago

CVE-2026-0841

Overview

  • UTT
  • 进取 520W
11 Jan 2026
Published
12 Jan 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.04%
KEV

Description

A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 2 Posts
  • 2 Interactions
Last activity: 9 hours ago

Fediverse

Profile picture
cR0w @cR0w

UTT

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

cve.org/CVERecord?id=CVE-2026-

Luxul

cve.org/CVERecord?id=CVE-2025-

cc: @Dio9sys @da_667

  • 0
  • 2
  • 0
  • 9h ago

Bluesky

Profile picture
malwarEvangelist @malwarevangelist.com
In our cybersecurity chronicles, CVE-2026-0841 mirrors the intensity of the Heartbleed bug but with a more localized impact on home devices. Its buffer overflow potential could spread like wildfire if not contained. How do you see us addressing such vulnerabilities moving forward?
  • 0
  • 0
  • 0
  • 20h ago

CVE-2025-66689

Overview

  • Pending
12 Jan 2026
Published
12 Jan 2026
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

A path traversal vulnerability exists in Zen MCP Server before 9.8.2 that allows authenticated attackers to read arbitrary files on the system. The vulnerability is caused by flawed logic in the is_dangerous_path() validation function that uses exact string matching against a blacklist of system directories. Attackers can bypass these restrictions by accessing subdirectories of blacklisted paths.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 7 hours ago

Fediverse

Profile picture
cR0w @cR0w

Go ../ more MCP shit. 🤘

github.com/Team-Off-course/MCP

  • 1
  • 3
  • 0
  • 7h ago

CVE-2025-55182

Overview

  • Meta
  • react-server-dom-webpack
03 Dec 2025
Published
11 Dec 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
62.33%
KEV

Description

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Statistics

  • 1 Post
  • 3 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture
Andrew 🌻 Brandt 🐇 @threatresearch

I had a chance last week to chat with Benjamin Read of . Last month, Read and other members of his team published a deep dive into the
(CVE-2025-55182) vulnerability, and I was curious to see what has been hitting my honeypot, so I took a closer look.

This is doing some weird stuff, friends.

As is normally the case with exploits targeting internet-facing devices, once the exploit becomes known, it ends up in the automated scanners used by threat actors and security researchers. What I've seen over the past week is a combination of both.

In just a few hours of operation, I identified a small number of source IP addresses exploiting React2Shell by pointing the vulnerable system at URLs hosting BASH scripts. These scripts are really familiar to anyone who routinely looks at honeypot data - they contain a series of commands that pull down and execute malicious payloads.

And as I've seen in the past, some of these payloads use racially inflammatory language in their malware. It's weird and gross, but unfortunately, really common.

But while most of these payloads were "the usual suspects" - remote shells, cryptocurrency miners - there was one payload that stuck out.

It's an exploit file, based on this proof-of-concept [github.com/iotwar/FIVEM-POC/bl] designed to DDoS a modded server running "FiveM," a popular version of the game Grand Theft Auto V.

Let that one sink in: among the earliest adopters of a brand new exploit are...people trying to mess with other people's online game servers.

I've long said that exploits like these are the canaries in the datacenter coal mine. After all, if an attacker can force your server to run a cryptominer (or a game DDoS tool), they can force it to run far more malicious code.

I guess someone, or a group of someones, just want to ruin everyone's good time, no matter how or what form that takes. And they'll do it in the most offensive way possible.

Anyway, patch your servers, please, if only to stick it to these people who want to be the reason we can't have nice things.

  • 1
  • 2
  • 0
  • 1h ago

CVE-2023-38408

Overview

  • Pending
20 Jul 2023
Published
15 Oct 2024
Updated
CVSS
Pending
EPSS
68.75%
KEV

Description

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 16 hours ago

Bluesky

Profile picture
Sami Laiho @samilaiho.com
CVE-2023-38408: OpenSSH Vulnerability in Ethernet Switches URL: www.moxa.com/en/support/p... Classification: Critical, Solution: Official Fix, Exploit Maturity: Functional, CVSSv3.1: 9.8
  • 0
  • 1
  • 0
  • 16h ago

CVE-2023-53574

Overview

  • Linux
  • Linux
04 Oct 2025
Published
06 Oct 2025
Updated
CVSS
Pending
EPSS
0.03%
KEV

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtw_core_deinit()', shrink critical section in the latter by freeing COEX queue out of TX report lock scope.

Statistics

  • 2 Posts
  • 1 Interaction
Last activity: 5 hours ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
New technical analysis: Comprehensive Analysis of #SUSE Linux Kernel Security Update 2026-0090-1 (CVE-2023-53574). Read more: 👉 tinyurl.com/3u2zue6y #Security
  • 0
  • 1
  • 0
  • 5h ago
Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
🚨 CRITICAL: Kernel privilege escalation flaw CVE-2023-53574 patched by #SUSE (SUSE-2026-0107-1). Read more: 👉 tinyurl.com/8xz3b7jx #Security
  • 0
  • 0
  • 0
  • 6h ago

CVE-2026-22783

Overview

  • dfir-iris
  • iris-web
12 Jan 2026
Published
12 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.6)
EPSS
Pending
KEV

Description

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to 2.4.24, the DFIR-IRIS datastore file management system has a vulnerability where mass assignment of the file_local_name field combined with path trust in the delete operation enables authenticated users to delete arbitrary filesystem paths. The vulnerability manifests through a three-step attack chain: authenticated users upload a file to the datastore, update the file's file_local_name field to point to an arbitrary filesystem path through mass assignment, then trigger the delete operation which removes the target file without path validation. This vulnerability is fixed in 2.4.24.

Statistics

  • 1 Post
Last activity: 4 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2026-22783 - Critical (9.6)

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to 2.4.24, the DFIR-IRIS datastore file management system has a vulnerability where mass assignment of the file_local_name fie...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 4h ago

CVE-2025-62235

Overview

  • Apache Software Foundation
  • Apache Mynewt NimBLE
10 Jan 2026
Published
12 Jan 2026
Updated
CVSS
Pending
EPSS
0.05%
KEV

Description

Authentication Bypass by Spoofing vulnerability in Apache NimBLE. Receiving specially crafted Security Request could lead to removal of original bond and re-bond with impostor. This issue affects Apache NimBLE: through 1.8.0. Users are recommended to upgrade to version 1.9.0, which fixes the issue.

Statistics

  • 1 Post
Last activity: 6 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2025-62235 - High (8.1)

Authentication Bypass by Spoofing vulnerability in Apache NimBLE.

Receiving specially crafted Security Request could lead to removal of original bond and re-bond with impostor.
This issue affects Apache NimBLE: through 1.8.0.

Users are recommen...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 6h ago

CVE-2026-22794

Overview

  • appsmithorg
  • appsmith
12 Jan 2026
Published
12 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.7)
EPSS
Pending
KEV

Description

Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin value from the request headers as the email link baseUrl without validation. If an attacker controls the Origin, password reset / email verification links in emails can be generated pointing to the attacker’s domain, causing authentication tokens to be exposed and potentially leading to account takeover. This vulnerability is fixed in 1.93.

Statistics

  • 1 Post
Last activity: 1 hour ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2026-22794 - Critical (9.6)

Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin value from the request headers as the email link baseUrl without validation. If an attacker controls the Origin, password reset...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 1h ago
Showing 11 to 20 of 79 CVEs