Trending now

CVE-2025-5777 is a vulnerability affecting NetScaler ADC and NetScaler Gateway. It is caused by insufficient input validation, which leads to a memory overread. The vulnerability can be exploited on devices configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or an AAA virtual server. An unauthorized attacker could potentially grab valid session tokens from the memory of internet-facing NetScaler devices by sending a malformed request. Successful exploitation could allow the attacker to gain access to the appliances.

CVE-2025-6543 is a memory overflow vulnerability found in Citrix NetScaler ADC and NetScaler Gateway. It affects appliances configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. The vulnerability stems from improper restriction of operations within the bounds of a memory buffer. Successful exploitation of CVE-2025-6543 could lead to unintended control flow and a denial-of-service (DoS) condition. Exploits targeting this vulnerability have been observed in the wild, prompting Citrix to release security updates.

CVE-2025-31235 is a double free vulnerability affecting Apple's iPadOS and macOS operating systems. Discovered by Dillon Franke working with Google Project Zero, it resides in the Audio component. The vulnerability can be triggered by an application, potentially leading to unexpected system termination. Apple has addressed this issue by improving memory management in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, and macOS Sonoma 14.7.6. Users are advised to update to these versions to mitigate the vulnerability.

CVE-2024-51978 is an authentication bypass vulnerability affecting multiple Brother printer models, as well as some models from FUJIFILM Business Innovation, Ricoh, Konica Minolta, and Toshiba Tec. It stems from a flaw in the default password generation procedure used by these devices, where the default administrator password is derived from the device's serial number during manufacturing. An unauthenticated attacker can exploit this vulnerability by first obtaining the target device's serial number through various means, including exploiting CVE-2024-51977 or querying the device via PJL or SNMP. With the serial number, the attacker can then generate the default administrator password, potentially allowing them to reconfigure the device or abuse functionalities intended for authenticated users.

CVE-2025-36038 is a critical remote code execution (RCE) vulnerability found in IBM WebSphere Application Server versions 8.5 and 9.0. It stems from a deserialization issue where the application doesn't properly validate the type of objects being deserialized. This allows unauthenticated attackers to execute arbitrary code on systems running the affected versions. The vulnerability can be exploited by using a specially crafted sequence of serialized objects. Successful exploitation could lead to complete system compromise, potentially allowing attackers to install malware, steal sensitive data, disrupt business operations, and use the compromised system to attack other systems on the network.

CVE-2025-20282 is a vulnerability affecting Cisco Identity Services Engine (ISE) and Cisco ISE-PIC release 3.4. It stems from a lack of file validation checks in an internal API, which could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. Successful exploitation of this vulnerability could allow the attacker to store malicious files on the system and subsequently execute arbitrary code with root privileges, potentially leading to complete system compromise.

CVE-2025-3699 is a vulnerability affecting Mitsubishi Electric air conditioning systems. It stems from a missing authentication process for critical functions within the affected systems. This vulnerability exists in multiple models, including G-50, AE-200 series, and EW-50 series, specifically impacting versions 3.37 and prior for G-series devices and older versions for AE/EW series devices. Successful exploitation of CVE-2025-3699 could allow an unauthenticated attacker to bypass authentication, illegally control the air conditioning systems, disclose sensitive system information, and potentially tamper with the device firmware. It is recommended to update the firmware to versions newer than 3.37 for G-series devices and 8.01 for AE/EW-series devices.

CVE-2025-20281 is a vulnerability in a specific API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC). It allows an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker doesn't need any valid credentials to exploit this vulnerability. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit it by submitting a crafted API request. Cisco has released software updates to address this vulnerability, and there are no known workarounds. This affects Cisco ISE and ISE-PIC releases 3.3 and later, but not 3.2 or earlier.

CVE-2025-49144 is a privilege escalation vulnerability found in Notepad++ version 8.8.1 and prior. It stems from the installer's insecure handling of executable search paths, which could allow an attacker to gain SYSTEM-level privileges. The vulnerability exists because the installer searches for executable dependencies in the current working directory without proper validation. An attacker could exploit this by using social engineering or clickjacking to trick a user into downloading both the legitimate Notepad++ installer and a malicious executable into the same directory (often the Downloads folder). When the user runs the installer, the malicious executable would be loaded and executed with SYSTEM privileges, granting the attacker control over the system. This issue has been addressed in Notepad++ version 8.8.2 by enforcing absolute paths for critical operations.

CVE-2025-6430 is a security vulnerability found in Mozilla Firefox browsers before version 140 and Firefox ESR (Extended Support Release) before version 128.12. It was discovered by Daniil Satyaev of Positive Technologies and publicly disclosed on June 24, 2025. The vulnerability arises when a file download is specified using the `Content-Disposition` header, but the directive is ignored if the file is included via HTML `<embed>` or `<object>` tags. This can expose websites to cross-site scripting (XSS) attacks, potentially allowing attackers to execute malicious scripts within the context of the vulnerable website, leading to unauthorized access or content manipulation. To mitigate this, users are advised to update their Firefox browsers to version 140 or ESR 128.12 or later.