Trending now

CVE-2025-33073 is an elevation of privilege vulnerability affecting the Windows Server Message Block (SMB) client. It stems from improper access control within Windows SMB, potentially allowing an authorized attacker to elevate privileges over a network. To exploit this vulnerability, an attacker could execute a specially crafted script. This script would coerce the victim machine to connect back to the attacker's system using SMB and authenticate, potentially resulting in the attacker gaining SYSTEM privileges.

CVE-2025-33070 is an elevation of privilege vulnerability affecting Windows Netlogon. It stems from the use of an uninitialized resource within the Netlogon service. An unauthorized attacker can exploit this vulnerability to elevate their privileges over a network. This can be achieved by sending specially crafted authentication requests to affected domain controllers. Successful exploitation could allow an attacker to gain domain administrator privileges, potentially giving them significant control over the domain controller.

CVE-2025-24201 is a zero-day vulnerability found in Apple's WebKit browser engine. This vulnerability allows attackers to bypass the Web Content sandbox using maliciously crafted web content. It affects various Apple devices and operating systems, including iOS, macOS, iPadOS, visionOS, and Safari, as well as Linux and Windows systems where WebKit is utilized. The vulnerability is an out-of-bounds write issue, and Apple has addressed it with improved checks in updates iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, visionOS 2.3.2, and Safari 18.3.1. This zero-day vulnerability was reportedly exploited in highly sophisticated attacks targeting specific individuals before the release of iOS 17.2, which contained a partial mitigation. While the attacks were not widespread, Apple urges users to install the latest security updates to prevent further exploitation attempts. The vulnerability was discovered by Bill Marczak of The Citizen Lab at the University of Toronto. It affects a wide range of Apple devices, including iPhone XS and later, several iPad models, Macs running macOS Sequoia, and Apple Vision Pro.

CVE-2024-57727 is a path traversal vulnerability in SimpleHelp remote support software, affecting versions 5.5.7 and older. This flaw allows unauthenticated attackers to download arbitrary files from SimpleHelp servers via specially crafted HTTP requests. The types of files that could be accessed include server configuration files and potentially hashed passwords. This vulnerability, when combined with CVE-2024-57728 and CVE-2024-57726, can lead to full system compromise. Exploitation of this vulnerability chain has been observed in the wild, with threat actors using it to gain initial access to systems. It's recommended to update SimpleHelp to the latest version or uninstall it if no longer needed.

CVE-2025-33053 is a remote code execution vulnerability affecting the WebDAV client in Microsoft Windows. It stems from insufficient input validation in WebDAV file path handling, allowing an attacker to execute arbitrary code over a network. Successful exploitation requires a user to click on a specially crafted WebDAV URL, potentially leading to unauthorized access to sensitive system resources, compromise of system integrity and confidentiality, or even full control of the affected system. This vulnerability has been actively exploited in the wild.

CVE-2025-21420 is an elevation of privilege vulnerability that exists in the Windows Disk Cleanup tool. Successful exploitation could allow an attacker to elevate their privileges to SYSTEM level. As of February 18, 2025, the CVSS v3 score is 7.8, considered High. Microsoft has addressed this vulnerability. It is recommended to apply the necessary security updates to mitigate the risk.

CVE-2025-32717 is a heap-based buffer overflow vulnerability in Microsoft Office Word. It allows an unauthorized attacker to execute code locally on a vulnerable system. The vulnerability can be exploited through a maliciously crafted RTF file, which could be triggered via the Preview Pane without requiring user interaction. Successful exploitation of this vulnerability could allow an attacker to compromise the system. A security update was released on June 10, 2025, to address this vulnerability in Microsoft 365 Apps.

CVE-2024-4367 is a vulnerability in PDF.js, a JavaScript-based PDF viewer. It stems from a missing type check when handling fonts, specifically during glyph path compilation for Type 1 fonts. The issue occurs in the FontFaceObject.getPathGenerator method, where font matrix values from PDF dictionaries are not properly validated before being used in JavaScript code generation. Successful exploitation of this vulnerability allows an attacker to execute arbitrary JavaScript code within the PDF.js context. This could enable malicious actors to perform actions such as spying on user activity, triggering unauthorized downloads (including file:// URLs), and leaking PDF file paths. Web applications that utilize PDF.js may be susceptible to stored Cross-Site Scripting (XSS) attacks. The vulnerability affects Firefox versions prior to 126, Firefox ESR versions earlier than 115.11, and Thunderbird versions before 115.11.

CVE-2025-32711 is a command injection vulnerability affecting Microsoft 365 Copilot. It allows an unauthorized attacker to disclose information over a network. The vulnerability, dubbed "EchoLeak," is a zero-click AI vulnerability, meaning it can be exploited without any user interaction. The attack involves embedding a malicious prompt payload within markdown-formatted content, such as an email. When the AI system's retrieval-augmented generation (RAG) engine parses this content, the payload silently triggers the LLM to extract and return private information from the user's current context. This could potentially expose sensitive data, including chat histories, OneDrive documents, SharePoint content, and Teams conversations. Microsoft has addressed this vulnerability.

CVE-2025-37899 is a use-after-free vulnerability found in the ksmbd component of the Linux kernel, which is an in-kernel server implementing the SMB3 protocol for file sharing over networks. Specifically, the vulnerability exists in the session logoff handler. The vulnerability occurs because the `sess->user` object can be freed by one thread processing a logoff command while another thread, handling a new connection's session setup request, might still be accessing the same `sess->user` object. This concurrent access can lead to memory corruption and potentially allow attackers to execute arbitrary code with kernel privileges.