Trending now

CVE-2025-54135 is a security vulnerability in the Cursor AI code editor that could lead to remote code execution. This vulnerability, dubbed "CurXecute" by Aim Labs, arises from the way Cursor interacts with Model Control Protocol (MCP) servers to access external tools. By feeding malicious prompts to the AI agent, an attacker can trigger the execution of attacker-controlled commands. The vulnerability involves a prompt injection that silently rewrites the "~/.cursor/mcp.json" file. This file is used to configure custom MCP servers in Cursor, and the vulnerability allows the execution of any new entry without requiring confirmation. An attacker can inject a malicious command through a single line of prompting, influencing Cursor's actions and gaining remote code execution under the user's privileges.

CVE-2025-40597 is a heap-based buffer overflow vulnerability found in the SMA100 series web interface. It can be triggered by a remote, unauthenticated attacker. The vulnerability lies in the mod_httprp.so component, which handles HTTP requests. Specifically, it occurs during the parsing of the Host: header. The vulnerability is due to an incorrect use of the "safe" version of the sprintf function, which allows an attacker to write past allocated memory when crafting a malicious Host: header. This can corrupt adjacent memory and potentially lead to a denial of service or remote code execution.

CVE-2025-40596 is a stack-based buffer overflow vulnerability found in the web interface of the SonicWall SMA100 series. This vulnerability allows a remote, unauthenticated attacker to potentially cause a denial of service (DoS) or achieve code execution. The vulnerability is located in the `/usr/src/EasyAccess/bin/httpd` binary, which handles incoming HTTP requests to the SonicWall SSLVPN. The stack-based buffer overflow can be triggered by sending a malformed HTTP request.

CVE-2025-40598 is a reflected cross-site scripting (XSS) vulnerability found in the SMA100 series web interface. It allows a remote, unauthenticated attacker to potentially execute arbitrary JavaScript code. The vulnerability is located in the `radiusChallengeLogin` endpoint and can be triggered by injecting a malicious JavaScript code via the `state` parameter. The injected code is reflected directly into the response without any filtering. The SMA100's built-in web application firewall (WAF) appears to be inactive on management interfaces, which means even basic XSS payloads can be successful. An attacker can inject malicious code into a web page, which will then run in a user's browser if they visit a specially crafted link.

CVE-2025-49704 is a code injection vulnerability in Microsoft Office SharePoint. An authorized attacker could exploit this vulnerability to execute code over a network. To exploit this vulnerability, the attacker needs to be authenticated with at least Site Owner privileges. Successful exploitation of CVE-2025-49704 allows an attacker to write arbitrary code into a vulnerable SharePoint server to gain remote code execution. The attack complexity is low and can be exploited remotely from the internet, potentially leading to complete compromise of affected SharePoint servers.

CVE-2024-38018 is a remote code execution vulnerability affecting Microsoft SharePoint Server. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system. The vulnerability exists because of a flaw in the SharePoint Server software. An attacker could exploit this vulnerability by sending a specially crafted request to the server.

CVE-2025-48384 affects Git, a distributed revision control system. The vulnerability arises from how Git handles carriage return (CR) and line feed (LF) characters when reading and writing configuration values. Git strips trailing CRLF characters when reading a config value. However, when writing a config entry, values with a trailing CR are not quoted, leading to the CR being lost when the config is later read. This can lead to issues when initializing submodules. If a submodule path contains a trailing CR, the altered path (without the CR) is read, causing the submodule to be checked out to an incorrect location. If a symbolic link exists that points the altered path to the submodule's hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout, potentially leading to arbitrary code execution. This vulnerability is fixed in Git versions v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.

CVE-2025-5394 is a vulnerability affecting the Alone – Charity Multipurpose Non-profit WordPress Theme for WordPress. It exists due to a missing capability check in the `alone_import_pack_install_plugin()` function in versions up to and including 7.8.3. This allows unauthenticated attackers to upload arbitrary files, including zip files containing webshells disguised as plugins, from remote locations. Successful exploitation of this vulnerability can lead to remote code execution, potentially giving attackers complete control over the affected website. It has been observed that attackers are exploiting this vulnerability to upload ZIP archives containing PHP-based backdoors, enabling them to execute remote commands, upload additional files, and create rogue administrator accounts.

CVE-2025-30466 is a security vulnerability affecting Apple Safari and related operating systems, including Safari 18.4, iOS 18.4, iPadOS 18.4, visionOS 2.4, and macOS Sequoia 15.4. Discovered by Jaydev Ahire and @RenwaX23, it was publicly disclosed on May 28, 2025. The vulnerability stems from a state management issue in Safari's handling of web content. This vulnerability allows a website to bypass the Same Origin Policy, a security mechanism that prevents websites from accessing data from other domains. Exploitation could lead to cross-site scripting attacks, data theft, and unauthorized access to sensitive information from other websites. Apple has addressed this issue through improved state management in the updated versions of Safari, iOS, iPadOS, visionOS, and macOS.

CVE-2025-30406 is a vulnerability affecting Gladinet CentreStack, a cloud-based enterprise file-sharing platform. It stems from the use of a hard-coded cryptographic key within the application's web configuration files (web.config). This key is used for ViewState integrity verification. Successful exploitation of this flaw allows an attacker to forge ViewState payloads. This enables server-side deserialization, ultimately leading to remote code execution. The vulnerability is classified as CWE-321, which highlights the risks associated with using hard-coded cryptographic keys.