Vulnerability intelligence

Updated 43 minutes ago

Feeds

Trending now

CVEs trending on social media within the last 24 hours

Hypemeter

150100

Current score

These are not the 0days you are looking for

  1. 1

    CVE-2025-55182 Published Dec 3, 2025

    Hype score

    15

    critical 10.0

    Exploit known

    Supply chainBusiness logicCloudnpmReactreact2shell

    CVE-2025-55182 is a critical unauthenticated remote code execution (RCE) vulnerability found in React Server Components (RSC) versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0. This vulnerability affects packages including `react-server-dom-parcel`, `react-server-dom-turbopack`, and `react-server-dom-webpack`. The flaw stems from insecure deserialization in the RSC payload handling logic, allowing attacker-controlled data to influence server-side execution. Exploitation requires only a crafted HTTP request. Patches are available for React and Next.js. It is recommended to upgrade to patched React versions such as 19.0.1, 19.1.2, or 19.2.1, and to update frameworks like Next.js to their corresponding patched versions.

  2. 2

    CVE-2025-53521 Published Oct 15, 2025

    Hype score

    5

    critical 9.3

    Exploit known

    OTBIG-IP APMBIG-IP

    CVE-2025-53521 is a vulnerability affecting F5 BIG-IP Access Policy Manager (APM) systems when an access policy is configured on a virtual server. The flaw, categorized as CWE-770 (Allocation of Resources Without Limits or Throttling), allows undisclosed or specially crafted traffic to cause the Traffic Management Microkernel (TMM) process to terminate. This termination of the TMM process results in a disruption of all traffic handled by the BIG-IP device until the process restarts. The vulnerability can be exploited remotely by an unauthenticated attacker, leading to a denial-of-service condition on the BIG-IP APM system.

  3. 3

    CVE-2025-30208 Published Mar 24, 2025

    Hype score

    4

    medium 5.3

    Vite

    CVE-2025-30208 is a vulnerability affecting Vite, a frontend development tool. It exists in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10. The vulnerability allows bypassing file access restrictions, which are normally in place to prevent access to files outside of a specified allow list. The bypass is achieved by adding "?raw??" or "?import&raw??" to the URL, which circumvents the intended restrictions and returns the file content. This occurs because trailing separators, such as "?", are removed in certain parts of the code but are not properly accounted for in query string regexes. Only applications that explicitly expose the Vite development server to the network (using the `--host` or `server.host` configuration options) are affected.

See more

Known exploited

Sourced from CISA's Known Exploited Vulnerability (KEV) catalog.

  1. CVE-2026-3502 Published Mar 30, 2026

    high 7.8

    Exploit known

    TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.

  2. CVE-2026-5281 Published Apr 1, 2026

    high 8.8

    Exploit known

    Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  3. CVE-2026-3055 Published Mar 23, 2026

    critical 9.3

    Exploit known

    ServerNetworkUbuntu

    Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

See more

Insights

See more

Our Security Team's most recent CVE analysis

  1. CVE-2026-1340

    critical 9.8

    Link to CVE page

    Intruder Insights

    Updated Jan 30, 2026

    This and the similar vulnerability CVE-2026-1281 allow an unauthenticated attacker to execute code remotely on unpatched Ivanti EPMM instances.

    A patch is available from Ivanti here and should be installed immediately. There is a page for defenders who need to check if their instance has been compromised here, though this is a work in progress.

    Note that this is a temporary patch which will be removed with further version updates. If you update the version of your EPMM instance after patching, you must apply the patch again. A fully patched version of EPMM will be available in future which will permanently fix the vulnerability.

    This vulnerability was known to be used in the wild before being disclosed by the vendor. Proof of concept code is now available publicly, so increased attack activity is expected.

    A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

  2. CVE-2026-1281

    critical 9.8

    Exploit known

    Link to CVE page

    Intruder Insights

    Updated Jan 30, 2026

    This and the similar vulnerability CVE-2026-1340 allow an unauthenticated attacker to execute code remotely on unpatched Ivanti EPMM instances.

    A patch is available from Ivanti here and should be installed immediately. There is a page for defenders who need to check if their instance has been compromised here, though this is a work in progress.

    Note that this is a temporary patch which will be removed with further version updates. If you update the version of your EPMM instance after patching, you must apply the patch again. A fully patched version of EPMM will be available in future which will permanently fix the vulnerability.

    This vulnerability was known to be used in the wild before being disclosed by the vendor. Proof of concept code is now available publicly, so increased attack activity is expected.

    A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

  3. CVE-2025-14847

    high 8.7

    Exploit known

    Link to CVE page

    Intruder Insights

    Updated Dec 29, 2025

    This is a serious vulnerability which allows an unauthenticated remote attacker to retrieve information from MongoDB's memory. A proof-of-concept is available to the public.

    Similar to other heap disclosure vulnerabilities such as Heartbleed, the impact of exploitation will vary depending on the information an attacker is able to obtain from the heap. However, it is quite likely that the leaked memory will contain credentials or other sensitive information, especially as attackers learn more about the vulnerability and use it more effectively.

    Regardless of patch status, MongoDB should not be exposed to the internet and access should be restricted by a firewall or similar controls. You should also apply the patch as soon as possible, to avoid the vulnerability being exploited internally.

    Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0.