24h | 7d | 30d

Overview

  • VMware ESXi

04 Mar 2025
Published
21 Oct 2025
Updated

CVSS v3.1
HIGH (8.2)
EPSS
6.15%

Description

VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.

Statistics

  • 1 Post

Last activity: Last hour

Fediverse

Profile picture fallback

Here's a summary of recent important global, technology, and cybersecurity news:

**Global:**
US-Iran talks continued, with the US demanding nuclear concessions (Feb 7). Italy thwarted suspected Russian cyberattacks targeting government and Olympic-linked websites (Feb 6).

**Technology:**
Big Tech firms (Amazon, Alphabet, Meta, Microsoft) are committing $650B to AI infrastructure in 2026. OpenAI launched Frontier, an enterprise AI agent platform (Feb 6). Intel and AMD warned China of server CPU shortages, citing AI demand and US export rules (Feb 6).

**Cybersecurity:**
CISA ordered US federal agencies to remove unsupported edge network devices to reduce risk (Feb 6). Ransomware groups are actively exploiting a critical VMware ESXi flaw (CVE-2025-22225) (Feb 6). Global cybersecurity laws are tightening, mandating rapid incident reporting (Feb 7).

#News #Anonymous #AnonNews_irc

  • 0
  • 0
  • 0
  • Last hour

Overview

  • Red Hat
  • Red Hat Enterprise Linux 10
  • bootc

27 Jan 2026
Published
03 Feb 2026
Updated

CVSS
Pending
EPSS
0.04%

KEV

Description

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.

Statistics

  • 1 Post

Last activity: 16 hours ago

Bluesky

Profile picture fallback
Critical security advisory: #Fedora 43 mingw-glib2 library contains three severe vulnerabilities (CVE-2026-1484, -1485, -1489) requiring immediate attention. Read more: 👉 tinyurl.com/mveme6zt #Security
  • 0
  • 0
  • 0
  • 16h ago

Overview

  • Unstructured-IO
  • unstructured

04 Feb 2026
Published
04 Feb 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
0.06%

KEV

Description

The unstructured library provides open-source components for ingesting and pre-processing images and text documents, such as PDFs, HTML, Word docs, and many more. Prior to version 0.18.18, a path traversal vulnerability in the partition_msg function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments. This issue has been patched in version 0.18.18.

Statistics

  • 1 Post

Last activity: 7 hours ago

Bluesky

Profile picture fallback
LLM データ前処理ライブラリ「unstructured」に深刻な脆弱性(CVE-2025-64712) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 7h ago

Overview

  • Go toolchain
  • cmd/go
  • cmd/go

28 Jan 2026
Published
29 Jan 2026
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "#cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a "--log-file" argument to this directive, causing pkg-config to write to an attacker-controlled location.

Statistics

  • 1 Post

Last activity: 19 hours ago

Bluesky

Profile picture fallback
🚨 New HIGH CVE detected in AWS Lambda 🚨 CVE-2025-61731 impacts libcap in 20 Lambda base images. Details: https://github.com/aws/aws-lambda-base-images/issues/399 More: https://lambdawatchdog.com/ #AWS #Lambda #CVE #CloudSecurity #Serverless
  • 0
  • 0
  • 0
  • 19h ago

Overview

  • Tenda
  • AC9

08 Feb 2026
Published
08 Feb 2026
Updated

CVSS v4.0
HIGH (8.6)
EPSS
Pending

KEV

Description

A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.

Statistics

  • 1 Post

Last activity: 6 hours ago

Fediverse

Profile picture fallback

🔥 HIGH-severity: CVE-2026-2191 in Tenda AC9 (v15.03.06.42_multi) enables remote, unauthenticated code execution via stack overflow. Public exploit out — segment networks & disable remote admin. No patch yet. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 6h ago

Overview

  • parallax
  • jsPDF

02 Feb 2026
Published
03 Feb 2026
Updated

CVSS v3.1
HIGH (8.1)
EPSS
0.01%

KEV

Description

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following methods or properties, a user can inject arbitrary PDF objects, such as JavaScript actions, which are executed when the victim opens the document. The vulnerable API members are AcroformChoiceField.addOption, AcroformChoiceField.setOptions, AcroFormCheckBox.appearanceState, and AcroFormRadioButton.appearanceState. The vulnerability has been fixed in jsPDF@4.1.0.

Statistics

  • 1 Post

Last activity: 6 hours ago

Bluesky

Profile picture fallback
jsPDFにPDF注入とDoSの高リスクの脆弱性、緊急アップデート呼びかけ(CVE-2026-24737,CVE-2026-24133) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 6h ago

Overview

  • Cisco
  • Cisco RoomOS Software

04 Feb 2026
Published
04 Feb 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.08%

KEV

Description

A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of input received by an affected device. An attacker could exploit this vulnerability by getting the affected device to render crafted text, for example, a crafted meeting invitation. As indicated in the CVSS score, no user interaction is required, such as accepting the meeting invitation. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Statistics

  • 1 Post

Last activity: 1 hour ago

Bluesky

Profile picture fallback
シスコとF5が深刻度の高い脆弱性を複数件修正(CVE-2026-20119、CVE-2026-22548他) | Codebook|Security News https://codebook.machinarecord.com/threatreport/silobreaker-cyber-alert/43806/
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • Google
  • Chrome

03 Feb 2026
Published
04 Feb 2026
Updated

CVSS
Pending
EPSS
0.02%

KEV

Description

Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Statistics

  • 1 Post

Last activity: 14 hours ago

Bluesky

Profile picture fallback
URGENT: #Fedora 43 Chromium update patches critical RCE flaws: heap overflow in libvpx (CVE-2026-1861) and type confusion in V8 (CVE-2026-1862). Exploitable via crafted HTML. Read more: 👉 tinyurl.com/5j2hba73 #Security
  • 0
  • 0
  • 0
  • 14h ago

Overview

  • parallax
  • jsPDF

02 Feb 2026
Published
03 Feb 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.02%

KEV

Description

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP files have large width and/or height entries in their headers, which lead to excessive memory allocation. The html method is also affected. The vulnerability has been fixed in jsPDF@4.1.0.

Statistics

  • 1 Post

Last activity: 6 hours ago

Bluesky

Profile picture fallback
jsPDFにPDF注入とDoSの高リスクの脆弱性、緊急アップデート呼びかけ(CVE-2026-24737,CVE-2026-24133) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 6h ago

Overview

  • Google
  • Chrome

03 Feb 2026
Published
04 Feb 2026
Updated

CVSS
Pending
EPSS
0.02%

KEV

Description

Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Statistics

  • 1 Post

Last activity: 14 hours ago

Bluesky

Profile picture fallback
URGENT: #Fedora 43 Chromium update patches critical RCE flaws: heap overflow in libvpx (CVE-2026-1861) and type confusion in V8 (CVE-2026-1862). Exploitable via crafted HTML. Read more: 👉 tinyurl.com/5j2hba73 #Security
  • 0
  • 0
  • 0
  • 14h ago
Showing 31 to 40 of 44 CVEs