ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control
Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated remote attacker to gain complete control over
Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication
Veeam has released security updates to address multiple flaws in its Backup & Replication software, including a "critical" issue that could result in remote code execution (RCE). The vulnerability, tracked as CVE-2025-59
Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers
A newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0625 (CVSS score: 9.3), concerns a case of command inj
RondoDox botnet exploits React2Shell flaw to breach Next.js servers
The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. [...]
Critical IBM API Connect Vulnerability Let Attackers Bypass Logins
A critical security alert regarding a severe vulnerability in the IBM API Connect platform that could allow remote attackers to bypass authentication mechanisms. Discovered during internal testing, the flaw poses a signi
IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass
IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915, is rated 9.8 out of a maximum of 10.
NeuroSploitv2 – AI-Powered Pentesting Tool With Claude, GPT, and Gemini models to Detect vulnerabilities
NeuroSploitv2 is an AI-powered penetration testing framework that automates critical aspects of offensive security operations through advanced language models. The framework, available on GitHub, integrates with multiple
IBM warns of critical API Connect auth bypass vulnerability
IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could allow attackers to access apps remotely. [...]
MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs
MongoBleed (CVE-2025-14847) lets attackers remotely leak memory from unpatched MongoDB servers using zlib compression, without authentication. A critical vulnerability, CVE-2025-14847 (MongoBleed), was disclosed right af
Critical Apache StreamPipes Vulnerability Let Attackers Seize Admin Control
A security patch addressing a critical privilege escalation vulnerability that allows unauthorized users to gain administrative access to the data streaming platform. The flaw, tracked as CVE-2025-47411 and rated importa
CVE-2025-15114 - Ksenia Security Lares 4.0 Home Automation 1.6 PIN Exposure Vulnerability
CVE ID : CVE-2025-15114 Published : Dec. 30, 2025, 11:15 p.m. | 21 minutes ago Description : Ksenia Security Lares 4.0 Home Automation version 1.6 contains a critical security flaw that exposes the alarm system PIN in
CVE-2023-53983 - Anevia Flamingo XL/XS 3.6.20 Default Credentials Authentication Bypass
CVE ID : CVE-2023-53983 Published : Dec. 30, 2025, 11:15 p.m. | 21 minutes ago Description : Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easi
CVE-2022-50803 - JM-DATA ONU JF511-TV 1.0.67 Default Credentials Vulnerability
CVE ID : CVE-2022-50803 Published : Dec. 30, 2025, 11:15 p.m. | 21 minutes ago Description : JM-DATA ONU JF511-TV version 1.0.67 uses default credentials that allow attackers to gain unauthorized access to the device
ESET Warns AI-driven Malware Attack and Rapidly Growing Ransomware Economy
The cybersecurity landscape has reached a critical turning point as artificial intelligence moves from theoretical threat to operational reality. In their H2 2025 Threat Report, ESET researchers have documented a disturb
CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution
The Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that could be exploited to achieve remote code execution. The vuln
Critical Vulnerability in SmarterMail Let Attackers Execute Remote Code
SmarterTools has issued an urgent security advisory addressing a critical vulnerability in SmarterMail that could allow attackers to execute remote code on mail servers. The flaw, tracked as CVE-2025-52691, poses a sever
CISA Warns of MongoDB Server Vulnerability(CVE-2025-14847) Exploited in Attacks
CISA has added a critical MongoDB Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively exploited in cyberattacks. CVE-2025-14847 affects MongoDB Server and al
70,000+ MongoDB Servers Vulnerable to MongoBleed Exploit – PoC Released
A critical vulnerability in MongoDB Server is putting tens of thousands of databases worldwide at risk. Dubbed MongoBleed and tracked as CVE-2025-14847, this high-severity flaw allows unauthenticated attackers to remotel
Critical 0-Day RCE Vulnerability in Networking Devices Exposes 70,000+ Hosts
A critical zero-day vulnerability has been discovered in XSpeeder’s SXZOS firmware, affecting tens of thousands of SD-WAN appliances, edge routers, and smart TV controllers deployed globally. The vulnerability, designate
CVE-2025-15102 - DVP-12SE11T - Password Protection Bypass
CVE ID : CVE-2025-15102 Published : Dec. 30, 2025, 9:15 a.m. | 20 minutes ago Description : DVP-12SE11T - Password Protection Bypass Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, af