X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 06/01/2025 09:17

CVE-2024-10957: UpdraftPlus WordPress Plugin Vulnerability

CVE-2024-10957 is a high-severity vulnerability affecting the UpdraftPlus: WP Backup & Migration Plugin for WordPress. This vulnerability, present in versions up to and including 1.24.11, enables attackers to perform PHP Object Injection through the deserialization of untrusted input in the recursive_unserialized_replace function. Here’s a comprehensive analysis of this vulnerability, its potential impact, and mitigation strategies. […]

Articles similaires

Sorry! Image not available at this time

MongoBleed (CVE-2025-14847) Now Exploited in the Wild: MongoDB Servers at Critical Risk

itsecuritynews.info - 28/12/2025 16:31

A high-severity unauthenticated information-leak vulnerability in MongoDB Server, dubbed MongoBleed after the infamous Heartbleed bug, is now being...

Sorry! Image not available at this time

Ni8mare flaw gives unauthenticated control of n8n instances

securityaffairs.co - 07/Jan 21:15

A critical n8n flaw (CVE-2026-21858, CVSS 10.0), dubbed Ni8mare, allows unauthenticated attackers to fully take over vulnerable instances. Researchers...

Sorry! Image not available at this time

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

bleepingcomputer.com - 28/12/2025 20:38

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited in the wild, with over...

Sorry! Image not available at this time

Singapore CSA warns of maximun severity SmarterMail RCE flaw

securityaffairs.co - 31/12/2025 14:23

Singapore’s CSA warns of CVE-2025-52691, a critical SmarterMail flaw enabling unauthenticated remote code execution via arbitrary file upload....

Sorry! Image not available at this time

Singapore CSA warns of maximun severity SmarterMail RCE flaw

securityaffairs.co - 31/12/2025 14:23

Singapore’s CSA warns of CVE-2025-52691, a critical SmarterMail flaw enabling unauthenticated remote code execution via arbitrary file upload....

Sorry! Image not available at this time

87,000+ MongoDB Instances Vulnerable to MongoBleed Flaw Exposed Online – PoC Exploit Released

itsecuritynews.info - 28/12/2025 04:31

A high-severity vulnerability in MongoDB Server that allows unauthenticated remote attackers to siphon sensitive data from database memory. Dubbed...

Sorry! Image not available at this time

Max severity Ni8mare flaw lets hackers hijack n8n servers

bleepingcomputer.com - 07/Jan 17:41

A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally deployed instances of the...

Sorry! Image not available at this time

Max severity Ni8mare flaw lets hackers hijack n8n servers

bleepingcomputer.com - 07/Jan 17:41

A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally deployed instances of the...

Sorry! Image not available at this time

LangChain core vulnerability allows prompt injection and data exposure

securityaffairs.co - 27/12/2025 18:20

A critical flaw in LangChain Core could allow attackers to steal sensitive secrets and manipulate LLM responses via prompt injection. LangChain Core...

Sorry! Image not available at this time

OWASP CRS Vulnerability Enables Charset Validation Bypass

itsecuritynews.info - 09/Jan 17:32

A newly disclosed vulnerability in the OWASP Core Rule Set (CRS) allows attackers to bypass charset validation in web application firewalls (WAFs),...

Les derniers communiqués