CVE-2025-12972

Overview

FluentBit
FluentBit

24 Nov 2025

Published

24 Nov 2025

Updated

CVSS

Pending

EPSS

0.10%

MITRE

KEV

Description

Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause Fluent Bit to write files outside the intended output directory.

Statistics

1 Post

Last activity: 5 hours ago

Bluesky

CyberVeille @cyberveille-ch.bsky.social

📢 Chaîne de 5 vulnérabilités critiques dans Fluent Bit expose les environnements cloud à une prise de contrôle 📝 Selon O… https://cyberveille.ch/posts/2025-11-25-chaine-de-5-vulnerabilites-critiques-dans-fluent-bit-expose-les-environnements-cloud-a-une-prise-de-controle/ #CVE_2025_12972 #Cyberveille

0
0
0
5h ago

CVE-2025-24016

Overview

wazuh
wazuh

10 Feb 2025

Published

21 Oct 2025

Updated

CVSS v3.1

CRITICAL (9.9)

EPSS

93.80%

MITRE

KEV

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix.

Statistics

2 Posts

Last activity: 19 hours ago

Fediverse

leakix @leakix

🚨 New plugin: WazuhPlugin (CVE-2025-24016).

Wazuh default credentials and RCE vulnerability detection - RCE possible on multi-node configurations, versions 4.4.0 to 4.9.1 affected.

Results: https://leakix.net/search?q=%2Bplugin%3AWazuhPlugin&scope=leak

0
0
1
19h ago

CVE-2025-26633

Overview

Microsoft
Windows 10 Version 1809

11 Mar 2025

Published

21 Oct 2025

Updated

CVSS v3.1

HIGH (7.0)

EPSS

9.34%

MITRE

KEV

Description

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

CyberNetsecIO @netsecio

📰 Water Gamayun APT Exploits Novel 'MSC EvilTwin' Windows Flaw in Stealthy Attacks

⚠️ Russia-aligned APT Water Gamayun exploits novel 'MSC EvilTwin' Windows flaw (CVE-2025-26633). The attack uses malicious .msc files to proxy PowerShell execution via mmc.exe, bypassing defenses. #APT #Vulnerability #CyberAttack #WaterGamayun

🔗 https://cyber.netsecops.io/articles/water-gamayun-apt-exploits-windows-msc-eviltwin-vulnerability/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

0
0
0
10h ago

CVE-2025-62593

Overview

ray-project
ray

26 Nov 2025

Published

26 Nov 2025

Updated

CVSS v4.0

CRITICAL (9.4)

EPSS

Pending

MITRE

KEV

Description

Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense uses the User-Agent header starting with the string "Mozilla" as a defense mechanism. This defense is insufficient as the fetch specification allows the User-Agent header to be modified. Combined with a DNS rebinding attack against the browser, and this vulnerability is exploitable against a developer running Ray who inadvertently visits a malicious website, or is served a malicious advertisement (malvertising). This issue has been patched in version 2.52.0.

Statistics

1 Post

Last activity: 3 hours ago

Fediverse

Offensive Sequence @offseq

🚨 CVE-2025-62593 (CRITICAL): Ray AI <2.52.0 is vulnerable to RCE via DNS rebinding attacks (Firefox/Safari). Exploit enables unauthenticated code execution. Patch to 2.52.0+ ASAP! Details: https://radar.offseq.com/threat/cve-2025-62593-cwe-94-improper-control-of-generati-15eefc0a #OffSeq #RayAI #Vuln #Infosec

0
0
0
3h ago

CVE-2025-54956

Overview

r-lib
gh

03 Aug 2025

Published

25 Nov 2025

Updated

CVSS v3.1

LOW (3.2)

EPSS

0.02%

MITRE

KEV

Description

The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request.

Statistics

1 Post

Last activity: 15 hours ago

Bluesky

ferramentaslinux.bsky.social @ferramentaslinux.bsky.social

Security update for #Debian and R users. The vulnerability CVE-2025-54956 concerned the 'gh' package, which could inadvertently expose authorization headers. Read more: 👉 tinyurl.com/bt9w2xj5 #Security

0
0
0
15h ago

CVE-2025-33203

Overview

NVIDIA
NeMo Agent ToolKit

25 Nov 2025

Published

26 Nov 2025

Updated

CVSS v3.1

HIGH (7.6)

EPSS

0.03%

MITRE

KEV

Description

NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

CyberNetsecIO @netsecio

📰 NVIDIA AI Toolkit and WordPress Plugins Hit with High-Severity Flaws

Vulnerability alert: NVIDIA's NeMo AI toolkit is exposed to a high-severity SSRF flaw (CVE-2025-33203). Meanwhile, WordPress plugins 'Just Highlight' & 'Locker Content' are hit with XSS & info disclosure bugs. PATCH NOW! #Vulnerability #NVIDIA #Wor...

🔗 https://cyber.netsecops.io/articles/nvidia-and-wordpress-plugins-hit-with-ssrf-and-xss-vulnerabilities/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

0
0
0
10h ago

CVE-2025-64657

Overview

Microsoft
Azure App Gateway

26 Nov 2025

Published

26 Nov 2025

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.09%

MITRE

KEV

Description

Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate privileges over a network.

Statistics

1 Post

Last activity: 18 hours ago

Bluesky

BaseFortify.eu @basefortify.bsky.social

🚨 CVE-2025-64657 — Azure Application Gateway A stack buffer overflow allows remote attackers to escalate privileges across the network. Cloud admins should patch immediately. 🔗 basefortify.eu/cve_reports/... #CVE #Azure #CloudSecurity #PrivilegeEscalation

0
0
0
18h ago

CVE-2025-59287

Overview

Microsoft
Windows Server 2019

14 Oct 2025

Published

22 Nov 2025

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

64.04%

MITRE

KEV

Description

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

Statistics

1 Post

Last activity: 6 hours ago

Bluesky

CyberVeille @cyberveille-ch.bsky.social

📢 CVE-2025-59287 : une faille WSUS exploitée pour déployer le malware ShadowPad 📝 Selon l’AhnLab Security Intelligence Center (ASEC), dans un rapport pub… https://cyberveille.ch/posts/2025-11-25-cve-2025-59287-une-faille-wsus-exploitee-pour-deployer-le-malware-shadowpad/ #CVE_2025_59287 #Cyberveille

0
0
0
6h ago

CVE-2023-48733

Overview

Canonical Ltd.
Ubuntu EDK II
edk2

14 Feb 2024

Published

08 May 2025

Updated

CVSS v3.1

MEDIUM (6.7)

EPSS

0.01%

MITRE

KEV

Description

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.

Statistics

1 Post
3 Interactions

Last activity: 9 hours ago

Fediverse

cR0w h0 h0 @cR0w

Not the most confidence-inspiring CVE description.

https://www.cve.org/CVERecord?id=CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based decision to continue running inside the Shell itself, which is believed to be sufficient to enforce Secure Boot restrictions. This is an additional repair on top of the incomplete fix for CVE-2023-48733.

2
1
0
9h ago

CVE-2025-2486

Overview

Ubuntu
edk2

26 Nov 2025

Published

26 Nov 2025

Updated

CVSS v4.0

LOW (3.7)

EPSS

Pending

MITRE

KEV

Description

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based decision to continue running inside the Shell itself, which is believed to be sufficient to enforce Secure Boot restrictions. This is an additional repair on top of the incomplete fix for CVE-2023-48733.

Statistics

1 Post
3 Interactions

Last activity: 9 hours ago

Fediverse

cR0w h0 h0 @cR0w

Not the most confidence-inspiring CVE description.

https://www.cve.org/CVERecord?id=CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based decision to continue running inside the Shell itself, which is believed to be sufficient to enforce Secure Boot restrictions. This is an additional repair on top of the incomplete fix for CVE-2023-48733.

2
1
0
9h ago