Security Vulnerabilities

The latest Security Vulnerabilities

NewsSecurity Vulnerabilities

Apple macOS AppleIntelKBLGraphics Out-Of-Bounds Read Information Disclosure Vulnerability (CVE-2025-43283)

Kerry Dean 763 Views 0 Comments 0 min read

CVE number = CVE-2025-43283 This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An

Read More
NewsSecurity Vulnerabilities

Samsung MagicINFO 9 Server – database account and password are hardcoded (CVE-2026-25202)

Jason Davies 733 Views 0 Comments 0 min read

– The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.

Read More
NewsSecurity Vulnerabilities

Hancom Office DOC File Parsing Type Confusion Remote Code Execution Vulnerability (CVE-2025-29867)

Kerry Dean 767 Views 0 Comments 0 min read

– This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office.

Read More
NewsSecurity Vulnerabilities

Vulnerability in WordPress File Uploads Addon for WooCommerce plugin (CVE-2026-24625)

Jason Davies 655 Views 0 Comments 0 min read

– Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.

Read More
NewsSecurity VulnerabilitiesUncategorized

Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability (CVE-2026-20092)

Jason Davies 810 Views 0 Comments 1 min read

– A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could allow an authenticated, local attacker with administrative privileges to elevate privileges to root on the virtual appliance.

Read More
NewsSecurity Vulnerabilities

Cisco Unified Communications Products Remote Code Execution Vulnerability (CVE-2026-20045)

Jason Davies 1138 Views 0 Comments 1 min read

CVE number = CVE-2026-20045 A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition

Read More
NewsSecurity Vulnerabilities

Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability (CVE-2026-0778)

Luke Simmonds 717 Views 0 Comments 0 min read

– This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations.

Read More
NewsSecurity Vulnerabilities

WordPress Modular DS Plugin 2.5.2 is vulnerable to a high priority Privilege Escalation (CVE-2026-23800)

Jason Davies 821 Views 0 Comments 0 min read

CVE number = CVE-2026-23800 This could allow a malicious actor to escalate their low privileged account to something with higher

Read More
NewsSecurity Vulnerabilities

Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager

Luke Simmonds 1037 Views 0 Comments 1 min read

– On December 10th 2025 Cisco became aware of a new cyberattack campaign targeting a limited subset of appliances with certain ports open to the internet that are running Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager.

Read More
NewsSecurity Vulnerabilities

npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability (CVE-2026-0775)

Jason Davies 734 Views 0 Comments 0 min read

– This vulnerability allows local attackers to escalate privileges on affected installations of npm cli.

Read More