Trending now

CVE-2025-53770 involves a deserialization of untrusted data vulnerability within on-premises Microsoft SharePoint Server. This flaw allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for this vulnerability is currently in the wild. Microsoft is actively preparing and testing a comprehensive update to address CVE-2025-53770. In the meantime, it is recommended that organizations review and apply the mitigations specified in Microsoft's CVE documentation to protect against potential exploitation.

CVE-2025-53771 is a spoofing vulnerability affecting Microsoft Office SharePoint. It stems from an improper limitation of a pathname to a restricted directory, also known as a 'path traversal'. This vulnerability allows an authorized attacker to perform spoofing over a network. The vulnerability exists in on-premises SharePoint Servers and does not impact SharePoint Online in Microsoft 365. Microsoft has released updates to address this vulnerability, with the update including more robust protections than previous updates for similar vulnerabilities. It is related to other SharePoint vulnerabilities like CVE-2025-49706, and can be chained with other vulnerabilities to achieve remote code execution.

CVE-2025-53816 is a vulnerability affecting 7-Zip, a file archiving tool. Specifically, it's a heap buffer overflow found in the RAR5 decoder component. This flaw can be triggered when 7-Zip attempts to process specially crafted RAR5 archive files. The vulnerability stems from a miscalculation in memory operations during the recovery of corrupted archive items, leading to a write of zero bytes beyond the allocated buffer. By exploiting this, an attacker can cause memory corruption and potentially crash the application or system, resulting in a denial-of-service condition. 7-Zip version 25.0.0 addresses this vulnerability.

CVE-2025-37103 is a vulnerability found in HPE Networking Instant On Access Points. It involves hard-coded login credentials that allow anyone with knowledge of them to bypass normal device authentication. Successful exploitation of this vulnerability could allow a remote attacker to gain administrative access to the system. This access could then be used to inject arbitrary commands into the CLI, exfiltrate data, or disable security features.

CVE-2025-6554 is a type confusion vulnerability found in the V8 JavaScript engine, which is used in Chrome and other Chromium-based browsers. This vulnerability can be exploited by remote, unauthenticated attackers by serving crafted HTML pages to targeted users. If successful, the attacker can trick V8 into misinterpreting memory types, potentially leading to arbitrary read/write operations. In some scenarios, this could allow for full remote code execution. Google is aware that the vulnerability is being actively exploited in the wild. A security update has been released for Chrome to address this zero-day vulnerability. The vulnerability was discovered by Clément Lecigne of Google's Threat Analysis Group (TAG) on June 25, 2025.

CVE-2025-5777 is a vulnerability affecting NetScaler ADC and NetScaler Gateway. It is caused by insufficient input validation, which leads to a memory overread. The vulnerability can be exploited on devices configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or an AAA virtual server. An unauthorized attacker could potentially grab valid session tokens from the memory of internet-facing NetScaler devices by sending a malformed request. Successful exploitation could allow the attacker to gain access to the appliances.

CVE-2025-54309 is a vulnerability in CrushFTP versions before 10.8.5 and 11.3.4_23. It stems from improper validation of the AS2 (Applicability Statement 2) protocol over HTTPS when the DMZ proxy feature is not in use. This mishandling allows unauthenticated remote attackers to gain administrative access to the system. Specifically, the server fails to correctly validate remote requests made to AS2 endpoints, which allows attackers to forge requests that the system interprets as coming from a trusted source, bypassing authentication checks. By sending malicious AS2 payloads over HTTPS to the exposed CrushFTP endpoint, an attacker can send administrative commands and potentially escalate privileges to execute arbitrary commands.

CVE-2025-49704 is a code injection vulnerability in Microsoft Office SharePoint. An authorized attacker could exploit this vulnerability to execute code over a network. To exploit this vulnerability, the attacker needs to be authenticated with at least Site Owner privileges. Successful exploitation of CVE-2025-49704 allows an attacker to write arbitrary code into a vulnerable SharePoint server to gain remote code execution. The attack complexity is low and can be exploited remotely from the internet, potentially leading to complete compromise of affected SharePoint servers.

CVE-2025-49706 is a vulnerability affecting Microsoft Office SharePoint. It stems from improper authentication within the software. This vulnerability could allow an authorized attacker to perform spoofing attacks over a network, potentially compromising the integrity of SharePoint services. Microsoft has released a security update (KB5002751) to address this vulnerability.

CVE-2025-48927 is a vulnerability found in the TeleMessage TM SGNL platform. It is due to an insecure default configuration of the Spring Boot Actuator, which exposes the `/heapdump` endpoint. This flaw is categorized as an Initialization of a Resource with an Insecure Default (CWE-1188). Attackers can exploit this exposed endpoint to access sensitive memory dumps. This could lead to unauthorized data access or privilege escalation. CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog and has issued an urgent advisory, setting a remediation deadline of July 22, 2025, for federal agencies.