Activity
Latest CVE events and analysis as they emerge
CVE-2025-6965 16 Jul 2025, 23:17
SQLiteTrended on social media
Hype increased to 30
CVE-2025-6965 is a vulnerability that exists in SQLite versions prior to 3.50.2. The vulnerability occurs because the number of aggregate terms in a query can exceed the available number of columns. This can lead to memory corruption. To resolve this vulnerability, it is recommended to upgrade to SQLite version 3.50.2 or later. This update mitigates the risk of memory corruption and potential instability within applications using the affected SQLite versions.
high 7.2
Hype score
34
CVE-2024-2887 16 Jul 2025, 20:17
WebAssemblyGoogle ChromeTrended on social media
Hype increased to 37
CVE-2024-2887 is a type confusion vulnerability found in WebAssembly in Google Chrome versions prior to 123.0.6312.86. It can be triggered by a remote attacker who crafts a malicious HTML page. The vulnerability stems from how WebAssembly handles recursive type groups, which can lead to exceeding the maximum number of declared heap types and create opportunities for type confusion. Successful exploitation of CVE-2024-2887 allows a remote attacker to execute arbitrary code. This can lead to arbitrary read/write within the V8 memory sandbox, the ability to obtain addresses of JavaScript objects, and manipulation of object pointers. It was demonstrated at the Pwn2Own Vancouver 2024 hacking competition. Google patched this vulnerability in Chrome version 123.0.6312.86.
high 7.7
Hype score
46
CVE-2025-6558 16 Jul 2025, 18:17
Google ChromeTrended on social media
Hype increased to 65
CVE-2025-6558 is a vulnerability affecting Google Chrome, specifically versions prior to 138.0.7204.157. It stems from insufficient validation of untrusted input in the ANGLE and GPU components of the browser. Clément Lecigne and Vlad Stolyarov from Google's Threat Analysis Group discovered and reported the zero-day vulnerability on June 23, 2025. Successful exploitation of CVE-2025-6558 could allow a remote attacker to perform a sandbox escape via a crafted HTML page. ANGLE, which stands for "Almost Native Graphics Layer Engine," translates between Chrome's rendering engine and device-specific graphics drivers; therefore, vulnerabilities in ANGLE can allow attackers to escape Chrome's security sandbox by abusing low-level GPU operations. Google has released a security update to address this vulnerability, which they report has been actively exploited in the wild.
high 8.8
Hype score
72
CVE-2025-6558 16 Jul 2025, 12:17
Google ChromeTrended on social media
Hype increased to 47
CVE-2025-6558 is a vulnerability affecting Google Chrome, specifically versions prior to 138.0.7204.157. It stems from insufficient validation of untrusted input in the ANGLE and GPU components of the browser. Clément Lecigne and Vlad Stolyarov from Google's Threat Analysis Group discovered and reported the zero-day vulnerability on June 23, 2025. Successful exploitation of CVE-2025-6558 could allow a remote attacker to perform a sandbox escape via a crafted HTML page. ANGLE, which stands for "Almost Native Graphics Layer Engine," translates between Chrome's rendering engine and device-specific graphics drivers; therefore, vulnerabilities in ANGLE can allow attackers to escape Chrome's security sandbox by abusing low-level GPU operations. Google has released a security update to address this vulnerability, which they report has been actively exploited in the wild.
high 8.8
Hype score
72
CVE-2025-53833 16 Jul 2025, 10:17
LaRecipeTrended on social media
Hype increased to 30
CVE-2025-53833 is a Server-Side Template Injection (SSTI) vulnerability affecting LaRecipe, a documentation generator tool for Laravel applications. Versions prior to 2.8.1 are vulnerable. The vulnerability stems from improper input validation in LaRecipe's template processing system, which allows attackers to inject malicious code into server-side templates. Successful exploitation of this vulnerability could lead to Remote Code Execution (RCE). An attacker could execute arbitrary commands on the server, access sensitive environment variables, and potentially escalate privileges. It is recommended that users upgrade to version 2.8.1 or later to patch this flaw.
critical 10.0
Hype score
7
CVE-2025-49706 15 Jul 2025, 02:17
Microsoft Office SharePointTrended on social media
Hype increased to 30
CVE-2025-49706 is a vulnerability affecting Microsoft Office SharePoint. It stems from improper authentication within the software. This vulnerability could allow an authorized attacker to perform spoofing attacks over a network, potentially compromising the integrity of SharePoint services. Microsoft has released a security update (KB5002751) to address this vulnerability.
medium 6.3
Hype score
37
CVE-2025-49704 15 Jul 2025, 02:17
Microsoft Office SharePointTrended on social media
Hype increased to 30
CVE-2025-49704 is a code injection vulnerability in Microsoft Office SharePoint. An authorized attacker could exploit this vulnerability to execute code over a network. To exploit this vulnerability, the attacker needs to be authenticated with at least Site Owner privileges. Successful exploitation of CVE-2025-49704 allows an attacker to write arbitrary code into a vulnerable SharePoint server to gain remote code execution. The attack complexity is low and can be exploited remotely from the internet, potentially leading to complete compromise of affected SharePoint servers.
high 8.8
Hype score
1
CVE-2025-47812 14 Jul 2025, 00:00
Wing FTP ServerAdded to CISA KEV catalog
- Vulnerability name
- Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability
- Product
- Wing FTP Server Wing FTP Server
CVE-2025-47812 is a remote code execution vulnerability in Wing FTP Server. The vulnerability arises because the application doesn't properly handle NULL bytes in usernames. By appending a NULL byte to the username, an attacker can bypass authentication and inject Lua code into session files. Specifically, when a user authenticates with a NULL-byte injected username, the server creates a new session ID and stores the NULL byte in the session variable. This allows an attacker to inject arbitrary Lua code, leading to remote code execution with root privileges on Linux systems and SYSTEM rights on Windows systems because the wftpserver runs with elevated privileges by default.
critical 10.0
Hype score
0
CVE-2025-25257 13 Jul 2025, 10:17
FortinetFortiWebTrended on social media
Hype increased to 30
CVE-2025-25257 is a critical SQL injection vulnerability found in Fortinet's FortiWeb web application firewall. This vulnerability, classified as CWE-89, stems from improper neutralization of special elements used in SQL commands. The vulnerability allows unauthenticated attackers to execute unauthorized SQL code or commands by sending crafted HTTP or HTTPS requests to the FortiWeb management interface. Successful exploitation could lead to attackers accessing sensitive data, altering database contents, or compromising backend systems.
Hype score
0
CVE-2025-6554 12 Jul 2025, 02:17
Google Chrome V8Trended on social media
Hype increased to 32
CVE-2025-6554 is a type confusion vulnerability found in the V8 JavaScript engine, which is used in Chrome and other Chromium-based browsers. This vulnerability can be exploited by remote, unauthenticated attackers by serving crafted HTML pages to targeted users. If successful, the attacker can trick V8 into misinterpreting memory types, potentially leading to arbitrary read/write operations. In some scenarios, this could allow for full remote code execution. Google is aware that the vulnerability is being actively exploited in the wild. A security update has been released for Chrome to address this zero-day vulnerability. The vulnerability was discovered by Clément Lecigne of Google's Threat Analysis Group (TAG) on June 25, 2025.
high 8.1
Hype score
0
CVE-2025-5777 11 Jul 2025, 22:17
CitrixNetScaler ADCNetScaler GatewayTrended on social media
Hype increased to 30
CVE-2025-5777 is a vulnerability affecting NetScaler ADC and NetScaler Gateway. It is caused by insufficient input validation, which leads to a memory overread. The vulnerability can be exploited on devices configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or an AAA virtual server. An unauthorized attacker could potentially grab valid session tokens from the memory of internet-facing NetScaler devices by sending a malformed request. Successful exploitation could allow the attacker to gain access to the appliances.
critical 9.3
Hype score
0
CVE-2025-25257 11 Jul 2025, 20:17
FortinetFortiWebTrended on social media
Hype increased to 30
CVE-2025-25257 is a critical SQL injection vulnerability found in Fortinet's FortiWeb web application firewall. This vulnerability, classified as CWE-89, stems from improper neutralization of special elements used in SQL commands. The vulnerability allows unauthenticated attackers to execute unauthorized SQL code or commands by sending crafted HTTP or HTTPS requests to the FortiWeb management interface. Successful exploitation could lead to attackers accessing sensitive data, altering database contents, or compromising backend systems.
Hype score
0
CVE-2025-47812 11 Jul 2025, 18:17
Wing FTP ServerTrended on social media
Hype increased to 31
CVE-2025-47812 is a remote code execution vulnerability in Wing FTP Server. The vulnerability arises because the application doesn't properly handle NULL bytes in usernames. By appending a NULL byte to the username, an attacker can bypass authentication and inject Lua code into session files. Specifically, when a user authenticates with a NULL-byte injected username, the server creates a new session ID and stores the NULL byte in the session variable. This allows an attacker to inject arbitrary Lua code, leading to remote code execution with root privileges on Linux systems and SYSTEM rights on Windows systems because the wftpserver runs with elevated privileges by default.
critical 10.0
Hype score
0
CVE-2024-30088 11 Jul 2025, 06:17
Trended on social media
Hype increased to 30
CVE-2024-30088 is an elevation of privilege vulnerability in the Windows Kernel. It is a Time-Of-Check Time-Of-Use (TOCTOU) race condition, meaning that the state of a resource can change between when it is checked and when it is used, which can lead to unexpected actions. An attacker can exploit this vulnerability to run code with elevated privileges on a vulnerable system. This vulnerability has been actively exploited in the wild, including by the OilRig APT group, which is known for cyber espionage. Successful exploitation could allow an attacker to gain complete control over the affected system. It is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, which requires timely patching.
high 7.0
Hype score
0
CVE-2025-3648 10 Jul 2025, 09:17
Now PlatformTrended on social media
Hype increased to 34
CVE-2025-3648 is a vulnerability in the Now Platform that could allow unauthorized data inference. It stems from conditional access control list (ACL) configurations. Unauthenticated and authenticated users could exploit this vulnerability using range query requests to infer instance data that they should not have access to. The vulnerability impacts the record count UI element on list pages. By exploiting this, malicious actors could gain unauthorized access to sensitive information, including personally identifiable information (PII) and credentials. ServiceNow has introduced additional access control frameworks and a security update in May 2025 to help customers enhance access controls.
high 8.2
Hype score
0
CVE-2025-47978 10 Jul 2025, 09:17
Windows KerberosTrended on social media
Hype increased to 33
CVE-2025-47978 is an out-of-bounds read vulnerability affecting Windows Kerberos. An authorized attacker can exploit this vulnerability to trigger a denial-of-service (DoS) condition over a network. The vulnerability lies within the Windows Kerberos authentication system. Successful exploitation could disrupt network authentication services, potentially causing system unavailability for legitimate users. A security update addressing this vulnerability has been available since July 8, 2025, for Windows Server 2022, Windows Server 2025, and Windows Server 23H2.
medium 6.5
Hype score
0
CVE-2025-5777 10 Jul 2025, 00:00
CitrixNetScaler ADCNetScaler GatewayAdded to CISA KEV catalog
- Vulnerability name
- Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability
- Product
- Citrix NetScaler ADC and Gateway
CVE-2025-5777 is a vulnerability affecting NetScaler ADC and NetScaler Gateway. It is caused by insufficient input validation, which leads to a memory overread. The vulnerability can be exploited on devices configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or an AAA virtual server. An unauthorized attacker could potentially grab valid session tokens from the memory of internet-facing NetScaler devices by sending a malformed request. Successful exploitation could allow the attacker to gain access to the appliances.
critical 9.3
Hype score
0