Lightnews — Scholar-powered news

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-13417 - High (8.6)

The Plugin Organizer WordPress plugin before 10.2.4 does not sanitize and escape a parameter befo...

https://www.thehackerwire.com/vulnerability/CVE-2025-13417/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 9:29 PM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-55061 - High (8.8)

CWE-434 Unrestricted Upload of File with Dangerous Type

https://www.thehackerwire.com/vulnerability/CVE-2025-55061/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 7:00 PM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-68870 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclu...

https://www.thehackerwire.com/vulnerability/CVE-2025-68870/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 6:00 PM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-69200 - High (7.5)

phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated r...

https://www.thehackerwire.com/vulnerability/CVE-2025-69200/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 4:24 PM

TheHackerWire

@thehackerwire.bsky.social

🔴 CVE-2025-15194 - Critical (9.8)

A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an...

https://www.thehackerwire.com/vulnerability/CVE-2025-15194/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 4:23 PM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-68877 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclu...

https://www.thehackerwire.com/vulnerability/CVE-2025-68877/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 4:23 PM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-69200 - High (7.5)

phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated r...

https://www.thehackerwire.com/vulnerability/CVE-2025-69200/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 4:22 PM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-69200 - High (7.5)

phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated r...

https://www.thehackerwire.com/vulnerability/CVE-2025-69200/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 4:22 PM

TheHackerWire

@thehackerwire.bsky.social

🔴 CVE-2025-68897 - Critical (9.9)

Improper Control of Generation of Code ('Code Injection') vulnerability in Mohammad I. Okfie IF A...

https://www.thehackerwire.com/vulnerability/CVE-2025-68897/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 4:22 PM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-15193 - High (8.8)

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the function sub_42384...

https://www.thehackerwire.com/vulnerability/CVE-2025-15193/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 4:00 PM

TheHackerWire

@thehackerwire.bsky.social

🔴 CVE-2025-68929 - Critical (9)

Frappe is a full-stack web application framework. Prior to versions 14.99.6 and 15.88.1, an authe...

https://www.thehackerwire.com/vulnerability/CVE-2025-68929/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 4:00 PM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-15190 - High (8.8)

A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. Impacted is the function sub...

https://www.thehackerwire.com/vulnerability/CVE-2025-15190/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 2:23 PM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-15189 - High (8.8)

A vulnerability was identified in D-Link DWR-M920 up to 1.1.50. This issue affects the function s...

https://www.thehackerwire.com/vulnerability/CVE-2025-15189/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 1:22 PM

TheHackerWire

@thehackerwire.bsky.social

🔴 CVE-2025-15228 - Critical (9.8)

BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Upload vulnerability, allowin...

https://www.thehackerwire.com/vulnerability/CVE-2025-15228/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 8:38 AM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-15227 - High (7.5)

BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Read vulnerability, allowing ...

https://www.thehackerwire.com/vulnerability/CVE-2025-15227/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 8:38 AM

TheHackerWire

@thehackerwire.bsky.social

🔴 CVE-2025-15226 - Critical (9.8)

WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated rem...

https://www.thehackerwire.com/vulnerability/CVE-2025-15226/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 8:00 AM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-15225 - High (7.5)

WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remo...

https://www.thehackerwire.com/vulnerability/CVE-2025-15225/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 8:00 AM

TheHackerWire

@thehackerwire.bsky.social

🔴 CVE-2025-15226 - Critical (9.8)

WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated rem...

https://www.thehackerwire.com/vulnerability/CVE-2025-15226/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 8:00 AM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-15225 - High (7.5)

WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remo...

https://www.thehackerwire.com/vulnerability/CVE-2025-15225/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 8:00 AM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-15068 - High (7.7)

Missing Authorization vulnerability in Gmission Web Fax allows Privilege Abuse, Session Credentia...

https://www.thehackerwire.com/vulnerability/CVE-2025-15068/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 6:58 AM

TheHackerWire

@thehackerwire.bsky.social

🔴 CVE-2025-52691 - Critical (10)

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload ar...

https://www.thehackerwire.com/vulnerability/CVE-2025-52691/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 3:20 AM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-15067 - High (7.7)

Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload...

https://www.thehackerwire.com/vulnerability/CVE-2025-15067/

#infosec #cybersecurity #CVE #vulnerability #security

December 29, 2025 at 1:29 AM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-68973 - High (7.8)

In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where...

https://www.thehackerwire.com/vulnerability/CVE-2025-68973/

#infosec #cybersecurity #CVE #vulnerability #security

December 28, 2025 at 6:00 PM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-15137 - High (8.8)

A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the...

https://www.thehackerwire.com/vulnerability/CVE-2025-15137/

#infosec #cybersecurity #CVE #vulnerability #security

December 28, 2025 at 3:00 PM

TheHackerWire

@thehackerwire.bsky.social

🟠 CVE-2025-15137 - High (8.8)

A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the...

https://www.thehackerwire.com/vulnerability/CVE-2025-15137/

#infosec #cybersecurity #CVE #vulnerability #security

December 28, 2025 at 3:00 PM

Add to Home Screen

Light up
your news

Add to Home Screen

Light upyour news

Sign in to Lightnews

Sign up to start reading

Connect Bluesky

Connect with Bluesky

Light up
your news