vulnerability

CISA this week added two high‑risk flaws to its Known Exploited Vulnerabilities (KEV) catalog — a critical OS command‑injection in the React Native Community CLI’s Metro development server (CVE‑2025‑11953) and an unauthenticated remote‑code‑execution (RCE) flaw in SmarterTools SmarterMail’s...

A newly disclosed memory-safety bug in the open-source OPC UA stack open62541 — tracked as CVE-2026-1301 — has been flagged by U.S. cyber authorities as a medium-severity vulnerability that can be triggered before authentication and that reliably causes process crashes and heap corruption in...

Microsoft has assigned CVE-2026-20959 to a SharePoint Server presentation‑layer (spoofing) vulnerability, and administrators should treat the entry as a vendor‑tracked, high‑urgency condition that requires immediate triage and likely patching or mitigations depending on the MSRC mapping for each...

Microsoft has assigned CVE-2026-20925 to an information-disclosure / spoofing defect in NTLM authentication — a File Explorer–adjacent weakness that, based on the vendor entry and community precedent, can cause a Windows host to leak NTLM negotiation material (NTLMv2 challenge/response blobs) to...

Microsoft’s Security Update Guide lists dozens of CSC/Offline Files fixes over the past two years, but a clear, verifiable vendor entry for CVE-2026-20839 could not be located in public vendor and national vulnerability feeds at the time of writing — treat that identifier as unverified until the...

Microsoft has recorded CVE‑2026‑20827 — an information disclosure vulnerability in the Tablet Windows User Interface (TWINUI) subsystem — and it is included in the vendor’s Update Guide as part of the January 2026 security rollup, meaning administrators and power users should treat this as an...

The Linux kernel CVE-2025-38483 disclosure fixes a small but meaningful defensive-programming error in the COMEDI das16m1 driver that could lead to an out‑of‑bounds left-shift when a user-supplied IRQ number is used without sanity checks. The upstream patch enforces explicit bounds on the...

A recently recorded Linux-kernel vulnerability affects the FORE200E ATM driver: a small but meaningful synchronization bug in fore200e_open that can corrupt the driver’s bandwidth accounting when error paths run concurrently with normal control operations. The upstream fix is straightforward —...

A remotely triggerable NULL pointer dereference in FRRouting’s OSPF implementation has been cataloged as CVE-2025-61099 and can crash the OSPF daemon (ospfd) when a crafted Link-State (LS) Update packet is processed while detailed OSPF packet debugging is enabled. The bug, present in upstream...

FRRouting's OSPF implementation contains a NULL-pointer dereference that can be triggered by a crafted OSPF packet, allowing remote attackers to crash the OSPF daemon (ospfd) and cause a Denial of Service (DoS) for routers and appliances using vulnerable FRR releases. Background FRRouting (FRR)...

FRRouting has been flagged for a serious Denial-of-Service hole: a NULL pointer dereference in OSPF packet handling (CVE-2025-61107) that can crash the ospfd daemon when a crafted LSA Update containing an opaque LSA is processed, and the problem was patched upstream via a targeted set of checks...

filelock, the widely used platform‑independent file‑locking library for Python, is the subject of a newly public vulnerability — CVE‑2025‑68146 — that exposes a classic Time‑of‑Check‑Time‑of‑Use (TOCTOU) race condition in lock file creation. The flaw allows a local attacker who can create...

A stack-based buffer overflow affecting libcoap’s address-resolution path has been publicly disclosed as CVE-2025-34468; the defect allows attacker-controlled hostnames to overflow a fixed 256-byte stack buffer in certain code paths, producing reliable Denial‑of‑Service and an...

A small but concrete libpcap memory-safety bug—assigned CVE‑2025‑11964—was disclosed at the end of December 2025: on Windows systems, the library’s UTF-16LE → UTF-8 conversion helper can undercount the space consumed by four‑byte UTF‑8 sequences and write past the end of a provided buffer. The...

Libsodium's ed25519 point-validation routine contains a subtle but important bug that can let malformed points slip past validation in niche workflows, a flaw tracked as CVE-2025-69277 and fixed in the commit ad3004e. Background Libsodium has long been the portable, easy-to-use cryptography...

GNU GRUB (GRUB2) contains a timing side‑channel in its cryptographic comparison routine: CVE‑2024‑56738 identifies that versions through 2.12 implement grub_crypto_memcmp in a non‑constant‑time way, which can leak sensitive verification information via timing differences and has prompted vendor...

InfluxDB OSS contains a business‑logic weakness — tracked as CVE‑2024‑30896 — that allowed an authorized user with an allAccess token in the same organization to enumerate and retrieve the administrative operator token, effectively enabling full administrative takeover of affected InfluxDB OSS...

MariaDB servers across multiple release lines are vulnerable to a denial‑of‑service crash (CVE‑2023‑52970) when processing certain queries that exercise the Item_direct_view_ref::derived_field_transformer_for_where logic, and operators should treat this as an immediate patching priority...

A subtle formatting quirk in GnuPG’s clearsign handling lets an attacker append unsigned data to a signed message while still passing GnuPG’s verification routine — a signature‑verification bypass tracked as CVE‑2025‑68972 that affects GnuPG releases up to and including 2.4.8 and has been...

A new Linux kernel vulnerability, tracked as CVE‑2025‑68374, corrects a subtle but serious RCU lifetime bug in the md (multiple‑device / software RAID) subsystem: maintainers attempted to use RCU to protect a pointer named thread, but passed that raw pointer into md_wakeup_thread before entering...