A serious vulnerability has been identified in multiple versions of the Apache Struts 2 framework, tracked as CVE-2025-68493. This XML external entity injection flaw could allow attackers to gain unauthorized access to sensitive data, cause denial-of-service attacks, or execute server-side request forgery (SSRF) attacks. Organizations using affected versions of Apache Struts 2 are at risk, which could lead to significant data breaches and disruptions. The issue emphasizes the need for developers and system administrators to ensure their applications are updated and secure against such vulnerabilities. Immediate action is necessary to mitigate potential exploitation.
Articles tagged "CVE"
Found 342 articles
The Cybersecurity and Infrastructure Security Agency (CISA) has added a serious vulnerability in the open-source Git service Gogs to its Known Exploited Vulnerabilities catalog. This flaw, identified as CVE-2025-8110, is a path traversal issue that attackers are actively exploiting. Organizations using Gogs should be particularly vigilant, as this vulnerability allows unauthorized access to sensitive files on affected systems. The inclusion in CISA's catalog highlights the urgency for users to address this issue promptly, as it can lead to significant security breaches if not mitigated. Companies relying on Gogs for version control must prioritize patching this vulnerability to protect their data.
The Hacker News
ServiceNow has reported a serious security vulnerability in its AI Platform that could allow an unauthenticated user to impersonate another user and take actions on their behalf. This flaw, identified as CVE-2025-12420, has a high severity rating of 9.3 out of 10, indicating a significant risk to users. The potential for impersonation means that attackers could exploit this weakness to gain unauthorized access to sensitive information or perform harmful actions. Organizations using ServiceNow's AI Platform should prioritize applying the patch to mitigate this risk and protect their users. The quick response from ServiceNow in addressing this vulnerability is crucial to maintaining trust in their services.
Trend Micro has addressed three vulnerabilities in its Apex Central management console that could potentially allow attackers to execute remote code or launch denial-of-service attacks. These flaws, identified as CVE-2025-69258, CVE-2025-69259, and CVE-2025-69260, were discovered by security researchers from Tenable in August 2025. The vulnerabilities were made public after Tenable released proof-of-concept code, which could enable malicious actors to exploit the weaknesses. Organizations using Apex Central should apply the patches provided by Trend Micro to prevent potential attacks. It is crucial for users to ensure their systems are updated to mitigate any risks associated with these vulnerabilities.
Cisco has released updates to address a medium-severity vulnerability in its Identity Services Engine (ISE) and ISE Passive Identity Connector, identified as CVE-2026-20029. This flaw was brought to light following the publication of a proof-of-concept exploit, raising concerns about its potential exploitation. Organizations using these Cisco products are at risk, as the vulnerability could allow unauthorized access or manipulation of identity services. It’s crucial for affected users to apply the updates promptly to safeguard their networks and data from possible attacks. The quick response from Cisco highlights the ongoing need for vigilance in cybersecurity practices.
Help Net Security
Trend Micro has issued a critical patch addressing multiple vulnerabilities in its Apex Central management platform, specifically focusing on CVE-2025-69258. This flaw allows unauthenticated attackers to execute arbitrary code on affected installations, posing a significant risk to organizations using this software. The vulnerabilities were discovered by Tenable's security researchers last year and have now been detailed publicly alongside proof-of-concept exploits. Companies relying on Apex Central for IT and security management should prioritize applying the patch to protect their systems from potential exploitation. This incident underscores the importance of timely updates in maintaining cybersecurity defenses.
The Hacker News
Researchers have identified 11 critical security vulnerabilities in Coolify, an open-source platform for self-hosting applications. These flaws could allow attackers to bypass authentication and execute arbitrary code on affected servers. Notably, one of the vulnerabilities, CVE-2025-66209, has a maximum severity score of 10.0, indicating the potential for severe exploitation if left unaddressed. Users of Coolify need to take immediate action to secure their installations, as these vulnerabilities could lead to full server compromise. This incident underscores the importance of regularly updating and monitoring open-source software to mitigate risks.
A serious vulnerability in n8n, known as Ni8mare (CVE-2026-21858), has been identified, allowing attackers to gain full control over affected instances without any authentication. This flaw has a maximum severity score of 10.0, indicating a high level of risk for users. Researchers from Cyera discovered this vulnerability, raising concerns about the security of workflow automation processes that many organizations rely on. If exploited, this could lead to unauthorized access, data breaches, and significant operational disruptions. Users and companies utilizing n8n should take immediate steps to secure their systems to prevent potential exploitation.
The Hacker News
Researchers have identified a severe vulnerability in n8n, a widely-used workflow automation platform, allowing unauthenticated attackers to take full control of affected instances. This flaw, tracked as CVE-2026-21858 and given a maximum CVSS score of 10.0, has been named Ni8mare by Cyera Research Labs. The issue poses a significant risk as it could enable attackers to manipulate workflows and access sensitive data without any authentication. Users of n8n need to take this threat seriously, as the implications of such a breach could be extensive, impacting data integrity and privacy. Immediate action is recommended to safeguard systems until a patch is made available.
Veeam has addressed a serious remote code execution (RCE) vulnerability in its Backup & Replication software, identified as CVE-2025-59470, which has a high severity score of 9.0 on the CVSS scale. This flaw allows Backup or Tape Operators to execute arbitrary code remotely as the postgres user, potentially leading to significant security breaches. Alongside this critical issue, Veeam also patched several other vulnerabilities in the same software suite. Users of Veeam Backup & Replication should prioritize applying these patches to safeguard their systems from potential exploitation. The swift response by Veeam reflects the importance of maintaining updated software to prevent unauthorized access and data breaches.
The open-source workflow automation platform n8n has alerted users to a serious security vulnerability, identified as CVE-2026-21877, which carries a CVSS score of 10.0. This flaw could allow authenticated users to execute untrusted code remotely, posing a significant risk to both self-hosted and cloud versions of the software. Users and organizations utilizing n8n need to be aware of this vulnerability as it could lead to unauthorized access and potential data breaches. The company recommends that affected users take immediate action to secure their systems. As of now, the specific details regarding patches or updates have not been disclosed, but users should monitor official channels for further instructions.
Hackers are exploiting a serious vulnerability in older D-Link DSL routers, identified as CVE-2026-0625. This flaw allows attackers to execute commands remotely, potentially compromising users' devices and networks. The vulnerability has a high severity score of 9.3, which indicates that it poses a significant risk. Users of legacy D-Link DSL routers need to be aware of this issue as it could lead to unauthorized access and control over their internet-connected devices. As attackers actively exploit this flaw, it is crucial for affected users to take immediate action to protect their systems.
The Hacker News
A serious security vulnerability has been identified in legacy D-Link DSL gateway routers, specifically affecting the 'dnscfg.cgi' endpoint. This flaw, known as CVE-2026-0625, has a high severity score of 9.3 and allows unauthenticated remote attackers to execute commands through improper handling of user-provided DNS configuration inputs. Current reports indicate that this vulnerability is actively being exploited in the wild, putting users of these older routers at risk. It is crucial for individuals and organizations using these devices to be aware of the potential for unauthorized access and control. The situation underscores the need for users to assess their network security and consider upgrading their hardware to mitigate these risks.
CERT/CC has issued a warning about a serious vulnerability in the TOTOLINK EX200 Wi-Fi range extender, identified as CVE-2025-65606. This flaw allows a remote authenticated attacker to take complete control of the device, posing a significant risk to users. As this vulnerability remains unpatched, anyone using the TOTOLINK EX200 is advised to take immediate action to secure their networks. The potential for exploitation means that attackers could manipulate settings, access sensitive data, or use the device as a foothold into larger networks. Users need to be aware of this threat and consider alternative security measures while awaiting a fix.
A serious vulnerability in Dolby's software for Android devices has been identified, tracked as CVE-2025-54957. Discovered by Google researchers in October 2025, this flaw could potentially allow attackers to exploit the Dolby audio processing capabilities on affected devices. Users of Android devices utilizing Dolby technology should be particularly cautious, as the vulnerability poses risks to their audio functionality and overall device security. Immediate action is recommended to ensure that devices are updated to the latest software versions that include the necessary patches to fix this issue. This discovery emphasizes the need for regular updates and vigilance among users and security teams alike.