vulnerability

Libssh contains a memory‑exhaustion defect in its key‑exchange handling (CVE‑2025‑8277) that can, under repeated rekeying attempts with incorrect KEX guesses, leak ephemeral key material and gradually exhaust client memory — a low‑severity but practical availability risk for any software that...

A subtle bug in the Go standard library’s net/http client can restore and transmit sensitive headers after a specific sequence of redirects, potentially leaking Authorization tokens and other credentials to unintended targets—security teams and Go developers must treat this as a material risk...

A subtle caching bug in the OCFS2 kernel code — tracked as CVE-2025-40233 — can leave the filesystem’s extent map cache stale after extent moves or defragmentation, allowing later I/O to observe outdated extent flags and triggering a kernel BUG; maintainers fixed the issue by explicitly clearing...

A stack-buffer overflow in Fluent Bit’s Docker input plugin has been cataloged as CVE-2025-12970, and it’s the kind of flaw that turns a seemingly innocuous container name into a potential foothold for attackers. The vulnerability stems from the in_docker plugin’s extract_name routine copying...

A newly disclosed vulnerability, tracked as CVE-2025-11731, affects libxslt and stems from a type confusion bug in the library’s EXSLT handling routine exsltFuncResultComp, allowing a specially crafted stylesheet to cause unexpected memory reads and application crashes—effectively a...

A recently disclosed vulnerability in the widely used JavaScript cryptography library node-forge—tracked as CVE-2025-66030—allows specially crafted ASN.1 Object Identifier (OID) values to be mis-parsed due to integer truncation, letting an attacker spoof OIDs and potentially bypass downstream...

Johnson Controls has reported a vulnerability in the OpenBlue Mobile Web Application for OpenBlue Workplace — tracked as CVE‑2025‑26381 — that allows direct request (commonly called “forced browsing”) exploitation leading to unauthorized access to sensitive information; Johnson Controls...

Sunbird’s dcTrack and Power IQ DCIM platforms are the subject of a recent industrial-control-systems advisory that assigns two CVEs and warns of remotely exploitable weaknesses — including an authentication bypass via alternate paths and use of hard‑coded credentials — and Sunbird has published...

A subtle ordering bug in the Linux kernel's kprobes cleanup code quietly turned into a denial-of-service risk: CVE-2022-50266 patches a logic error in kill_kprobe so that ftrace-backed probes are properly disarmed before a probe is marked gone, preventing ftrace from referencing invalid probe...

A critical, maximum-severity flaw in React Server Components has been disclosed that allows unauthenticated attackers to execute arbitrary code on vulnerable servers — a vulnerability tracked as CVE‑2025‑55182 that carries a perfect CVSS score of 10.0 and forces an urgent, ecosystem-wide...

A subtle null-pointer check in the Linux DRM driver for Rockchip VOP2 has been fixed after security researchers and maintainers discovered a condition that can be trivially triggered on affected hardware to produce a sustained or persistent denial-of-service, tracked as CVE-2025-38597...

A heap buffer over-read has been disclosed in the libpng library’s simplified write API: CVE-2025-64506 affects libpng versions 1.6.0 through 1.6.50 and is patched in libpng 1.6.51; the flaw stems from an incorrect conditional in png_write_image_8bit that can cause 8-bit image buffers to be...

A recently disclosed vulnerability in the widely used LIBPNG library — tracked as CVE‑2025‑64505 — allows a crafted PNG file with malformed palette indices to provoke a heap buffer over‑read in libpng’s png_do_quantize routine; the issue is fixed in libpng 1.6.51, and maintainers and downstream...

The newly disclosed advisory for Iskra’s iHUB and iHUB Lite smart‑metering gateways warns of a severe, remotely exploitable weakness: the devices’ web management interface can be accessed and used to change critical settings without any authentication, allowing an unauthenticated attacker to...

Rockwell Automation has disclosed a stack‑based buffer overflow in Arena® Simulation that can be triggered when the product parses a malicious DOE file, allowing a local user who opens that file to potentially execute arbitrary code — affected installs are Arena version 16.20.10 and earlier, and...

Microsoft’s advisory listing for CVE-2025-59245 describes an Elevation of Privilege issue in SharePoint Online that raises urgent operational and detection questions for administrators of Microsoft 365 tenants and hybrid SharePoint environments. The vulnerability’s public description centers on...

iCam365 cameras sold under model names P201 (ROBOT PT Camera) and QC021 (Night Vision Camera) have been publicly flagged in a CISA Industrial Control Systems advisory for unauthenticated access to ONVIF and RTSP services, a weakness that can expose live video streams and sensitive configuration...

CISA has added a critical Fortinet FortiWeb vulnerability — tracked as CVE-2025-64446 — to its Known Exploited Vulnerabilities (KEV) catalog after evidence of active, in‑the‑wild exploitation, and federal agencies have been given a condensed remediation window of one week to patch or mitigate...

Fortinet has published an advisory for a critical relative path traversal vulnerability in FortiWeb that is being actively exploited in the wild, and U.S. federal guidance (CISA) has moved the issue into its Known Exploited Vulnerabilities (KEV) catalog—making immediate remediation essential for...

A fresh wave of security advisories has put a spotlight on legacy Windows components — and on the practical reality that many users and organisations still rely on code written for Internet Explorer decades ago — prompting urgent warnings that anyone running certain Windows releases should...