Activity

Latest CVE events and analysis as they emerge

  1. CVE-2025-55182

    05 Dec 2025, 00:00

    Reactreact2shell

    Added to CISA KEV catalog

    Vulnerability name
    Meta React Server Components Remote Code Execution Vulnerability
    Product
    Meta React Server Components

    CVE-2025-55182 is a critical unauthenticated remote code execution (RCE) vulnerability found in React Server Components (RSC) versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0. This vulnerability affects packages including `react-server-dom-parcel`, `react-server-dom-turbopack`, and `react-server-dom-webpack`. The flaw stems from insecure deserialization in the RSC payload handling logic, allowing attacker-controlled data to influence server-side execution. Exploitation requires only a crafted HTTP request. Patches are available for React and Next.js. It is recommended to upgrade to patched React versions such as 19.0.1, 19.1.2, or 19.2.1, and to update frameworks like Next.js to their corresponding patched versions.

  2. CVE-2021-26828

    03 Dec 2025, 00:00

    Added to CISA KEV catalog

    Vulnerability name
    OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability
    Product
    OpenPLC ScadaBR

    OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.

  3. CVE-2025-48633

    02 Dec 2025, 00:00

    Added to CISA KEV catalog

    Vulnerability name
    Android Framework Information Disclosure Vulnerability
    Product
    Android Framework

    CVE-2025-48633 is an information disclosure vulnerability affecting the Android Framework component in Android versions 13 through 16. It is one of two zero-day vulnerabilities that Google addressed in its December 2025 Android Security Bulletin. The vulnerability could allow attackers to access sensitive information without elevated privileges, potentially exposing user data. There are indications that it may be under limited, targeted exploitation. Google has released security patches to address the vulnerability.

  4. CVE-2025-48572

    02 Dec 2025, 00:00

    Added to CISA KEV catalog

    Vulnerability name
    Android Framework Privilege Escalation Vulnerability
    Product
    Android Framework

    CVE-2025-48572 is a high-severity elevation-of-privilege (EoP) vulnerability affecting Android versions 13 through 16. It exists within the Android Framework component. Google's security team has indicated that this vulnerability is under limited, targeted exploitation in the wild. Successful exploitation of CVE-2025-48572 could allow attackers to gain administrative control over affected devices. Google has released security patches as part of the December 2025 Android Security Bulletin to address this and other vulnerabilities. Users are advised to update their devices to the latest patch level as soon as the updates are available.