Executive Summary CVE-2025-0495 is a medium-severity vulnerability affecting Docker Buildx, a Docker CLI plugin that extends build capabilities using BuildKit. The vulnerability stems from the potential leakage of sensitive credentials, specifically authentication tokens for cache backends, into OpenTelemetry traces. When users configure cache backends by directly setting secrets as attribute
Executive Summary CVE-2025-27364 is a critical Remote Code Execution (RCE) vulnerability affecting MITRE Caldera, a cyber security platform used for automated adversary emulation. The vulnerability exists in the dynamic agent (implant) compilation functionality of the Caldera server. By crafting a malicious web request to the Caldera server API, an unauthenticated
Executive Summary CVE-2025-24813 is a critical vulnerability affecting Apache Tomcat versions 9.0.0.M1 through 9.0.98, 10.1.0-M1 through 10.1.34, and 11.0.0-M1 through 11.0.2. This vulnerability stems from improper path equivalence checks when handling filenames containing internal dots ("."
Executive Summary CVE-2025-1316 is a critical vulnerability affecting the Edimax IC-7100 IP camera. This vulnerability stems from improper neutralization of requests, allowing a remote attacker to inject and execute arbitrary commands on the device. With a CVSS v3.1 score of 9.8 (Critical), this flaw poses a significant risk,
Executive Summary CVE-2025-24016 is a critical remote code execution (RCE) vulnerability affecting Wazuh, a widely used open-source security information and event management (SIEM) platform. This vulnerability stems from unsafe deserialization of DistributedAPI (DAPI) parameters, allowing an attacker with API access to execute arbitrary Python code on the Wazuh server. Specifically,
Executive Summary CVE-2025-25181 is a SQL injection vulnerability affecting Advantive VeraCore versions up to 2025.1.0. The vulnerability resides in the timeoutWarning.asp file and can be exploited by remote attackers to execute arbitrary SQL commands through the PmSess1 parameter. Successful exploitation can lead to unauthorized access to sensitive
Executive Summary CVE-2025-30066 describes a supply chain attack targeting the widely used GitHub Action tj-actions/changed-files. This attack involved a malicious actor compromising the action and injecting code that leaked secrets from affected public repositories into workflow logs. The vulnerability allowed unauthorized access to sensitive information, potentially leading to credential
Executive Summary CVE-2024-0132 is a critical Time-of-Check Time-of-Use (TOCTOU) vulnerability affecting the NVIDIA Container Toolkit versions 1.16.1 and earlier. This vulnerability arises when the toolkit is used with its default configuration, potentially allowing a malicious container image to gain unauthorized access to the host file system. Successful exploitation
Executive Summary CVE-2025-29771 is a cross-site scripting (XSS) vulnerability affecting versions of the HtmlSanitizer library prior to 2.0.3. HtmlSanitizer is a JavaScript library used to sanitize HTML content, often employed in scenarios where user-generated content is rendered in web applications. The vulnerability arises when the library is used
Executive Summary CVE-2025-29774 is a critical vulnerability in the xml-crypto library, an XML digital signature and encryption library for Node.js. This vulnerability, present in versions prior to 6.0.1, 3.2.1, and 2.1.6, allows an attacker to bypass signature verification mechanisms in systems that rely
Executive Summary CVE-2025-21590 is an Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks' Junos OS. This vulnerability allows a local attacker with high privileges to execute arbitrary code, compromising the integrity of the affected device. The issue is exploitable only through shell access and cannot be
Executive Summary CVE-2025-1767 is a medium-severity vulnerability affecting Kubernetes clusters that utilize the deprecated in-tree gitRepo volume feature. This vulnerability allows an attacker with sufficient privileges to exploit the gitRepo volume to access local Git repositories from other pods on the same node. The vulnerability has a CVSS v3.1
Ruby
Executive Summary CVE-2025-27407 is a critical vulnerability in the graphql-ruby library, a popular Ruby implementation of GraphQL. The vulnerability arises from the unsafe handling of schema definitions loaded via GraphQL::Schema.from_introspection or GraphQL::Schema::Loader.load. Systems that load schemas from untrusted JSON sources are particularly at risk.
Apple
Executive Summary CVE-2025-24201 is a critical zero-day vulnerability discovered in Apple's WebKit browser engine, which powers Safari and all other browsers on iOS and iPadOS devices. This vulnerability, categorized as an out-of-bounds write, allows attackers to execute arbitrary code on affected devices by tricking users into visiting maliciously
Web
CVE-2025-26936 is a critical code injection vulnerability (CWE-94: Improper Control of Generation of Code) affecting the Fresh Framework WordPress plugin, versions up to and including 1.70.0. This vulnerability allows unauthenticated attackers to execute arbitrary code remotely on a target system, potentially leading to full compromise of the affected
Executive Summary CVE-2025-25182 is a critical security vulnerability affecting Stroom, a data processing, storage, and analysis platform widely used in enterprise environments. Classified as CWE-290: Authentication Bypass by Spoofing, this flaw occurs when Stroom is misconfigured with AWS Application Load Balancer (ALB) Authentication Integration. It permits attackers to bypass authentication,
Executive Summary CVE-2024-56509 is a critical vulnerability affecting changedetection.io, a popular open-source tool for monitoring webpage changes, restock notifications, and web content updates. This vulnerability arises from improper input validation, which allows attackers to exploit Local File Read (LFR) and Path Traversal attacks. By crafting malicious file paths, such
Backdoor
Executive Summary CVE-2024-3094 is a critical supply chain vulnerability discovered in the XZ Utils compression library, specifically affecting versions 5.6.0 and 5.6.1. This vulnerability involves a malicious backdoor embedded in the upstream tarballs of the xz package. The backdoor was obfuscated within the build process of
Linux
Executive Summary CVE-2024-20328 is a command injection vulnerability discovered in the VirusEvent feature of ClamAV, a widely used open-source antivirus engine. This vulnerability allows a local attacker to execute arbitrary commands on the system with the privileges of the user running the ClamAV daemon (clamd). The root cause lies in
Executive Summary CVE-2024-4885 is a critical unauthenticated Remote Code Execution (RCE) vulnerability affecting Progress WhatsUp Gold versions prior to 2023.1.3. This vulnerability allows an attacker to execute arbitrary commands on the target system with IIS AppPool\NmConsole privileges. Exploitation is achieved through the WhatsUp.ExportUtilities.Export.GetFileWithoutZip method,