CVE/vulnerability
Critical AnythingLLM Vulnerability Exposes Systems to Remote Code Execution
A critical security flaw (CVE-2024-13059) in the open-source AI framework AnythingLLM has raised alarms across cybersecurity communities.
The vulnerability, discovered in February 2025, allows attackers with administrative privileges to execute malicious code...
CVE/vulnerability
PoC Released for Linux Kernel Vulnerability Allowing Privilege Escalation
A security vulnerability, tracked as CVE-2024-53141, has recently come to light in the Linux kernel's ipset component.
This flaw enables out-of-bounds (OOB) write on the kernel...
CVE/vulnerability
Bubble.io 0-Day Flaw Lets Attackers Run Arbitrary Queries on Elasticsearch
A vulnerability in Bubble.io, a leading no-code development platform, has exposed thousands of applications to data breaches.
The flaw allows attackers to bypass security controls...
CVE/vulnerability
CISA Warns of Active Exploitation of Windows NTLM Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) alerted organizations to active exploitation of a newly disclosed Microsoft Windows vulnerability tracked as CVE-2025-24054.
The flaw...
Apple
CISA Issues Alert on Actively Exploited Apple 0-Day Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority warning regarding two critical zero-day vulnerabilities impacting a wide range of Apple devices.
The...
CVE/vulnerability
PoC Released for Critical Erlang/OTP SSH RCE Vulnerability
Security teams across industries are urgently patching systems following the public release of a proof-of-concept (PoC) exploit for a newly disclosed critical remote code...
CVE/vulnerability
Critical Erlang/OTP SSH Vulnerability Allow Hackers Execute Arbitrary Code Remotely
A major security flaw has been uncovered in the widely used Erlang/OTP SSH implementation, drawing urgent attention from the cybersecurity community worldwide.
The vulnerability, tracked...
CVE/vulnerability
CISA Warns of Potential Credential Exploits Linked to Oracle Cloud Hack
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a public warning following reports of possible unauthorized access to a legacy Oracle Cloud environment.
While...
CVE/vulnerability
Critical Flaw in PHP’s extract() Function Enables Arbitrary Code Execution
A critical vulnerability in PHP’s extract() function has been uncovered, enabling attackers to execute arbitrary code by exploiting memory corruption flaws.
The issue affects PHP versions 5.x,...
CVE/vulnerability
CISA Issues Alert on SonicWall Flaw Being Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert after confirming active exploitation of a SonicWall vulnerability.
The flaw, documented as CVE-2021-20035,...
CVE/vulnerability
Cisco Webex Vulnerability Lets Hackers Execute Code Through Malicious Meeting Links
Cisco has disclosed a high-severity vulnerability in its widely used Webex App, warning users that attackers could exploit the flaw to execute arbitrary code...