Updated 16 minutes ago
FeedsCVEs trending on social media within the last 24 hours
Current score
Worth a look
1
CVE-2025-6554 Published Jun 30, 2025Hype score
64
high 8.1
Exploit known
CVE-2025-6554 is a type confusion vulnerability found in the V8 JavaScript engine, which is used in Chrome and other Chromium-based browsers. This vulnerability can be exploited by remote, unauthenticated attackers by serving crafted HTML pages to targeted users. If successful, the attacker can trick V8 into misinterpreting memory types, potentially leading to arbitrary read/write operations. In some scenarios, this could allow for full remote code execution. Google is aware that the vulnerability is being actively exploited in the wild. A security update has been released for Chrome to address this zero-day vulnerability. The vulnerability was discovered by Clément Lecigne of Google's Threat Analysis Group (TAG) on June 25, 2025.
2
CVE-2025-32463 Published Jun 30, 2025Hype score
63
critical 9.3
CVE-2025-32463 is a vulnerability that affects Sudo versions 1.9.14 to 1.9.17 inclusive. It allows a local user to gain root access. This is possible because the `/etc/nsswitch.conf` file from a user-controlled directory is used with the `--chroot` option. An attacker can exploit this vulnerability by using Sudo's `-R` or `--chroot` option to execute arbitrary commands as root, even if they are not listed in the `sudoers` file. The vulnerability was fixed in Sudo version 1.9.17p1.
3
CVE-2025-47812Hype score
44
CVE-2025-47812 is a remote code execution vulnerability in Wing FTP Server. The vulnerability arises because the application doesn't properly handle NULL bytes in usernames. By appending a NULL byte to the username, an attacker can bypass authentication and inject Lua code into session files. Specifically, when a user authenticates with a NULL-byte injected username, the server creates a new session ID and stores the NULL byte in the session variable. This allows an attacker to inject arbitrary Lua code, leading to remote code execution with root privileges on Linux systems and SYSTEM rights on Windows systems because the wftpserver runs with elevated privileges by default.
Sourced from CISA's Known Exploited Vulnerability (KEV) catalog.
medium 4.0
Exploit known
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
medium 5.3
Exploit known
The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.
Hype score
64
high 8.1
Exploit known
CVE-2025-6554 is a type confusion vulnerability found in the V8 JavaScript engine, which is used in Chrome and other Chromium-based browsers. This vulnerability can be exploited by remote, unauthenticated attackers by serving crafted HTML pages to targeted users. If successful, the attacker can trick V8 into misinterpreting memory types, potentially leading to arbitrary read/write operations. In some scenarios, this could allow for full remote code execution. Google is aware that the vulnerability is being actively exploited in the wild. A security update has been released for Chrome to address this zero-day vulnerability. The vulnerability was discovered by Clément Lecigne of Google's Threat Analysis Group (TAG) on June 25, 2025.
Our Security Team's most recent CVE analysis
critical 9.3
Updated Jul 2, 2025
This is a serious local privilege escalation vulnerability in the sudo tool, which is present on most Unix systems. You should update this as soon as possible if your version is less than 1.9.14.
Exploiting this vulnerability requires an attacker to have access to the machine already - so it's most serious in environments where lower-privileged users routinely have access to systems. However, all vulnerable systems should be patched.
high 7.2
Exploit known
Updated May 19, 2025
This CVE references a Java Expression Language injection vulnerability in Ivanti EPMM, which allows a user with access to a particular API to execute arbitrary code.
In conjunction with CVE-2025-4427 - an auth bypass vulnerability which gives access to the API in question - this can be used by an unauthenticated attacker.
More information on exact vulnerable versions can be found here - you should patch immediately if vulnerable. Note that in the recommended deployment of EPMM, where the API is not accessible to the internet, the impact is reduced.
high 8.2
Updated Apr 28, 2025
If caching is in use on this application, it is likely this can be used to poison the cache, causing the modified data to be shown to other users.
There is also potential to then use this for cross-site scripting, although, this would depend on how the data is processed by the client, and will not be the case for all applications.
In order for this application to be vulnerable, React Router must be used in Framework mode.
