CVE Analysis Center

404 posts | Page 3 of 17

CVE-2025-59718/59719: Fortinet FortiCloud SSO Authentication Bypass Actively Exploited on Fully Patched FortiGate Firewalls
CVE Analysis Center

CVE-2025-59718/59719: Fortinet FortiCloud SSO Authentication Bypass Actively Exploited on Fully Patched FortiGate Firewalls

Jan 25, 2026 Read →
Critical GNU InetUtils telnetd Vulnerability (CVE-2026-24061) Allows Remote Root Access via Authentication Bypass
CVE Analysis Center

Critical GNU InetUtils telnetd Vulnerability (CVE-2026-24061) Allows Remote Root Access via Authentication Bypass

Jan 25, 2026 Read →
Critical Cisco Unified Communications Zero-Day (CVE-2024-20253) Actively Exploited: Millions of Enterprises at Risk
CVE Analysis Center

Critical Cisco Unified Communications Zero-Day (CVE-2024-20253) Actively Exploited: Millions of Enterprises at Risk

Jan 25, 2026 Read →
Comprehensive Analysis of the European Vulnerability Database (EUVD) Launch: Technical Architecture, GCVE Integration, and Cybersecurity Impact
CVE Analysis Center

Comprehensive Analysis of the European Vulnerability Database (EUVD) Launch: Technical Architecture, GCVE Integration, and Cybersecurity Impact

Jan 25, 2026 Read →
ATM Jackpotting Attack: Tren de Aragua Gang Exploits Ploutus Malware on Legacy Windows XP ATMs in US, Leading to Multi-State Indictments and Deportations
CVE Analysis Center

ATM Jackpotting Attack: Tren de Aragua Gang Exploits Ploutus Malware on Legacy Windows XP ATMs in US, Leading to Multi-State Indictments and Deportations

Jan 25, 2026 Read →
PLUGGYAPE Malware Campaign: Signal and WhatsApp Used by Void Blizzard to Target Ukrainian Defense Forces
CVE Analysis Center

PLUGGYAPE Malware Campaign: Signal and WhatsApp Used by Void Blizzard to Target Ukrainian Defense Forces

Jan 14, 2026 Read →
Monroe University 2024 Data Breach Exposes Sensitive Information of 320,973 Individuals: Analysis and Impact
CVE Analysis Center

Monroe University 2024 Data Breach Exposes Sensitive Information of 320,973 Individuals: Analysis and Impact

Jan 14, 2026 Read →
Microsoft Patch Tuesday January 2026: Critical Windows, Office, Firefox, and Chrome Vulnerabilities Exploited in the Wild
CVE Analysis Center

Microsoft Patch Tuesday January 2026: Critical Windows, Office, Firefox, and Chrome Vulnerabilities Exploited in the Wild

Jan 14, 2026 Read →
CVE-2025-59466: Critical Node.js AsyncLocalStorage and async_hooks Vulnerability Enables Easy Denial-of-Service Attacks
CVE Analysis Center

CVE-2025-59466: Critical Node.js AsyncLocalStorage and async_hooks Vulnerability Enables Easy Denial-of-Service Attacks

Jan 14, 2026 Read →
CVE-2025-55182: Critical Remote Code Execution Vulnerability in React Server Components and Next.js (React2Shell)
CVE Analysis Center

CVE-2025-55182: Critical Remote Code Execution Vulnerability in React Server Components and Next.js (React2Shell)

Dec 16, 2025 Read →
Critical FreePBX Vulnerabilities: SQL Injection, File Upload, and AUTHTYPE Bypass Flaws Enabling Remote Code Execution
CVE Analysis Center

Critical FreePBX Vulnerabilities: SQL Injection, File Upload, and AUTHTYPE Bypass Flaws Enabling Remote Code Execution

Dec 16, 2025 Read →
Surge in Ransomware Attacks Targeting Japanese Manufacturing Sector: Qilin and Kawa4096 Exploit OT and IT Systems in 2025
CVE Analysis Center

Surge in Ransomware Attacks Targeting Japanese Manufacturing Sector: Qilin and Kawa4096 Exploit OT and IT Systems in 2025

Dec 10, 2025 Read →
Fortinet, Ivanti, and SAP Release Critical Security Patches for Authentication Bypass and Remote Code Execution Vulnerabilities – December 2025 Threat Intelligence Report
CVE Analysis Center

Fortinet, Ivanti, and SAP Release Critical Security Patches for Authentication Bypass and Remote Code Execution Vulnerabilities – December 2025 Threat Intelligence Report

Dec 10, 2025 Read →
Critical Apache Tika CVE-2025-66516: XXE Vulnerability Exposes Over 500 Instances After Incomplete Patch
CVE Analysis Center

Critical Apache Tika CVE-2025-66516: XXE Vulnerability Exposes Over 500 Instances After Incomplete Patch

Dec 10, 2025 Read →
ShadyPanda Browser Extension Attack: 4.3 Million Chrome and Edge Users Compromised in Multi-Year Supply Chain Campaign
CVE Analysis Center

ShadyPanda Browser Extension Attack: 4.3 Million Chrome and Edge Users Compromised in Multi-Year Supply Chain Campaign

Dec 4, 2025 Read →
Marquis Software Solutions Data Breach: SonicWall Vulnerability Exposes Sensitive Data of 74+ US Banks and Credit Unions
CVE Analysis Center

Marquis Software Solutions Data Breach: SonicWall Vulnerability Exposes Sensitive Data of 74+ US Banks and Credit Unions

Dec 4, 2025 Read →
Malicious Rust Crate evm-units Targets Web3 Developers with OS-Specific Malware via crates.io Supply Chain Attack
CVE Analysis Center

Malicious Rust Crate evm-units Targets Web3 Developers with OS-Specific Malware via crates.io Supply Chain Attack

Dec 4, 2025 Read →
Leroy Merlin France Loyalty Program Data Breach: December 2025 Security Incident Analysis and Technical Report
CVE Analysis Center

Leroy Merlin France Loyalty Program Data Breach: December 2025 Security Incident Analysis and Technical Report

Dec 4, 2025 Read →
CVE-2025-55182: Critical Remote Code Execution Vulnerability in React Server Components and Next.js – Urgent Patch Required
CVE Analysis Center

CVE-2025-55182: Critical Remote Code Execution Vulnerability in React Server Components and Next.js – Urgent Patch Required

Dec 4, 2025 Read →
Critical React2shell Vulnerability (CVE-2025-55182, CVE-2025-66478) Enables Unauthenticated RCE in React Server Components and Next.js
CVE Analysis Center

Critical React2shell Vulnerability (CVE-2025-55182, CVE-2025-66478) Enables Unauthenticated RCE in React Server Components and Next.js

Dec 4, 2025 Read →
CISA Issues Urgent Alert on ScadaBR CVE-2021-26829 Vulnerability Exploited by Hacktivists in ICS Attack
CVE Analysis Center

CISA Issues Urgent Alert on ScadaBR CVE-2021-26829 Vulnerability Exploited by Hacktivists in ICS Attack

Dec 1, 2025 Read →
Albiriox Malware-as-a-Service: Advanced Android Threat Targets Over 400 Banking, Fintech, and Crypto Apps with On-Device Fraud and VNC Screen Control
CVE Analysis Center

Albiriox Malware-as-a-Service: Advanced Android Threat Targets Over 400 Banking, Fintech, and Crypto Apps with On-Device Fraud and VNC Screen Control

Dec 1, 2025 Read →
Critical Privilege Escalation Vulnerabilities in Ivanti Endpoint Manager and Zoom Workplace VDI Client for Windows: Technical Analysis and Remediation Guide
CVE Analysis Center

Critical Privilege Escalation Vulnerabilities in Ivanti Endpoint Manager and Zoom Workplace VDI Client for Windows: Technical Analysis and Remediation Guide

Nov 12, 2025 Read →
TARmageddon (CVE-2025-62518): Critical Supply Chain Vulnerability in async-tar and tokio-tar Rust Libraries
CVE Analysis Center

TARmageddon (CVE-2025-62518): Critical Supply Chain Vulnerability in async-tar and tokio-tar Rust Libraries

Oct 28, 2025 Read →