CVE Analysis Center
393 posts | Page 3 of 17
CVE Analysis Center
CVE-2025-55182: Critical Remote Code Execution Vulnerability in React Server Components and Next.js (React2Shell)
CVE Analysis Center
Critical FreePBX Vulnerabilities: SQL Injection, File Upload, and AUTHTYPE Bypass Flaws Enabling Remote Code Execution
CVE Analysis Center
Surge in Ransomware Attacks Targeting Japanese Manufacturing Sector: Qilin and Kawa4096 Exploit OT and IT Systems in 2025
CVE Analysis Center
Fortinet, Ivanti, and SAP Release Critical Security Patches for Authentication Bypass and Remote Code Execution Vulnerabilities – December 2025 Threat Intelligence Report
CVE Analysis Center
Critical Apache Tika CVE-2025-66516: XXE Vulnerability Exposes Over 500 Instances After Incomplete Patch
CVE Analysis Center
ShadyPanda Browser Extension Attack: 4.3 Million Chrome and Edge Users Compromised in Multi-Year Supply Chain Campaign
CVE Analysis Center
Marquis Software Solutions Data Breach: SonicWall Vulnerability Exposes Sensitive Data of 74+ US Banks and Credit Unions
CVE Analysis Center
Malicious Rust Crate evm-units Targets Web3 Developers with OS-Specific Malware via crates.io Supply Chain Attack
CVE Analysis Center
Leroy Merlin France Loyalty Program Data Breach: December 2025 Security Incident Analysis and Technical Report
CVE Analysis Center
CVE-2025-55182: Critical Remote Code Execution Vulnerability in React Server Components and Next.js – Urgent Patch Required
CVE Analysis Center
Critical React2shell Vulnerability (CVE-2025-55182, CVE-2025-66478) Enables Unauthenticated RCE in React Server Components and Next.js
CVE Analysis Center
CISA Issues Urgent Alert on ScadaBR CVE-2021-26829 Vulnerability Exploited by Hacktivists in ICS Attack
CVE Analysis Center
Albiriox Malware-as-a-Service: Advanced Android Threat Targets Over 400 Banking, Fintech, and Crypto Apps with On-Device Fraud and VNC Screen Control
CVE Analysis Center
Critical Privilege Escalation Vulnerabilities in Ivanti Endpoint Manager and Zoom Workplace VDI Client for Windows: Technical Analysis and Remediation Guide
CVE Analysis Center
TARmageddon (CVE-2025-62518): Critical Supply Chain Vulnerability in async-tar and tokio-tar Rust Libraries
CVE Analysis Center
SideWinder Uses ClickOnce to Target South Asian Diplomatic Entities via MagTek ReaderConfiguration.exe Sideloading Attack Chain
CVE Analysis Center
Operation ForumTroll: Italian Spyware Vendor Memento Labs Exploits Chrome Zero-Day (CVE-2025-2783) in Targeted Attacks on Russia and Belarus
CVE Analysis Center
Google Refutes Claims of Massive Gmail Data Breach: Analysis Reveals Stolen Credentials Originated from Infostealer Malware, Not Google Systems
CVE Analysis Center
Chrome Zero-Day Exploited: Memento Spyware Campaign Targets Windows Systems with LeetAgent and Dante Malware
CVE Analysis Center
Too Many Secrets: Huntress Exposes Credential Theft and Sensitive Data Sprawl in Supply Chain and Banking Sectors
CVE Analysis Center
TARmageddon (CVE-2025-62518): Critical RCE Vulnerability in Rust async-tar and tokio-tar Libraries Threatens Software Supply Chains
CVE Analysis Center
Surge in Ransomware and DDoS Attacks Targeting Microsoft, WordPress, and Network Appliances in MENA and Africa
CVE Analysis Center
SessionReaper (CVE-2025-54236): Active Exploitation of Critical Adobe Magento Vulnerability Threatens E-Commerce Security
CVE Analysis Center