Daily insights into the world's most dangerous security vulnerabilities
CVE-2025-35939 is a medium-severity vulnerability affecting Craft CMS versions prior to 4.15.3 and between 5.0.0 and 5.7.5. The vulnerability arises from improper handling of session files, allowing u...
CVE-2025-3935 is a critical vulnerability in ConnectWise ScreenConnect versions prior to 25.2.4, allowing for remote code execution (RCE) through a ViewState code injection attack. With a CVSS score o...
CVE-2024-43441 is a critical authentication bypass vulnerability identified in Apache HugeGraph-Server, affecting versions from 1.0.0 to prior to 1.5.0. With a CVSS score of 9.8, this vulnerability al...
CVE-2023-4617 is a critical vulnerability affecting the Govee Home application on both Android and iOS platforms, with a CVSS score of 10.0/10.0, indicating the highest severity. This vulnerability ar...
CVE-2023-39780 is a high-severity vulnerability affecting the ASUS RT-AX55 router firmware version 3.0.0.4.386.51598. This vulnerability allows authenticated attackers to execute arbitrary OS commands...
CVE-2023-29363 is a critical vulnerability affecting VMware vCenter Server, carrying a CVSS score of 9.8, indicating a severe risk to organizational security. The lack of detailed public information r...
CVE-2023-31061 is a high-severity command injection vulnerability affecting the web-based management interface of Cisco Meraki devices. This vulnerability allows an authenticated remote attacker to ex...
CVE-2023-31110 is a critical command injection vulnerability affecting VMware vCenter Server 7.x, with a CVSS score of 9.1, indicating a severe risk to organizations utilizing this virtualization mana...
CVE-2023-38646 is a critical vulnerability affecting Microsoft Exchange Server 2016 and 2019, with a CVSS score of 9.8, indicating a severe risk of remote code execution (RCE) for authenticated attack...
CVE-2023-31047 is a critical vulnerability affecting Microsoft Windows, with a CVSS score of 9.8/10.0, indicating a severe risk to organizational security. The lack of a detailed description and CVSS ...