A critical vulnerability in Control Web Panel (CWP), tracked as CVE-2025-48703, allows remote, unauthenticated command execution.
The post CISA Warns of CWP Vulnerability Exploited in the Wild appeared first on SecurityWeek.
CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog
Broadcom has updated its advisory on CVE-2025-41244 to mention the vulnerability’s in-the-wild exploitation.
The post CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog appeared first on SecurityWeek.
CISA Warns of Exploited DELMIA Factory Software Vulnerabilities
Two DELMIA Apriso flaws can be chained together to gain privileged access to the application and execute arbitrary code remotely.
The post CISA Warns of Exploited DELMIA Factory Software Vulnerabilities appeared first on SecurityWeek.
CISA Warns of Exploited Apple, Kentico, Microsoft Vulnerabilities
Leading to code execution, authentication bypass, and privilege escalation, the flaws were added to CISA’s KEV list.
The post CISA Warns of Exploited Apple, Kentico, Microsoft Vulnerabilities appeared first on SecurityWeek.
CISA Confirms Exploitation of Latest Oracle EBS Vulnerability
The cybersecurity agency has added CVE-2025-61884 to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Confirms Exploitation of Latest Oracle EBS Vulnerability appeared first on SecurityWeek.
Organizations Warned of Exploited Adobe AEM Forms Vulnerability
A public PoC existed when Adobe patched the Experience Manager Forms (AEM Forms) bug in early August.
The post Organizations Warned of Exploited Adobe AEM Forms Vulnerability appeared first on SecurityWeek.
Organizations Warned of Exploited Meteobridge Vulnerability
Patched in mid-May, the security defect allows remote unauthenticated attackers to execute arbitrary commands with root privileges.
The post Organizations Warned of Exploited Meteobridge Vulnerability appeared first on SecurityWeek.
Organizations Warned of Exploited Sudo Vulnerability
The vulnerability could allow local, low-privileged attackers to execute commands with root privileges, leading to full system compromise.
The post Organizations Warned of Exploited Sudo Vulnerability appeared first on SecurityWeek.
Organizations Warned of Exploited Git Vulnerability
CISA urges federal agencies to immediately patch an exploited arbitrary file write vulnerability in Git that leads to remote code execution.
The post Organizations Warned of Exploited Git Vulnerability appeared first on SecurityWeek.
CISA Warns of Attacks Exploiting N-able Vulnerabilities
CISA reported becoming aware of attacks exploiting CVE-2025-8875 and CVE-2025-8876 in N-able N-central on the day they were patched.
The post CISA Warns of Attacks Exploiting N-able Vulnerabilities appeared first on SecurityWeek.
