X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 29/Jan 01:36

Dissecting CVE-2026-22709: The Zombie Exploit in Node.js vm2

CVE-2026-22709 represents a critical sandbox escape vulnerability in the widely used vm2 Node.js library, allowing attackers to achieve remote code execution (RCE) on host systems.This flaw revives concerns about vm2’s…

Articles similaires

Sorry! Image not available at this time

Critical sandbox escape flaw found in popular vm2 NodeJS library

bleepingcomputer.com - 27/Jan 16:35

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary...

Sorry! Image not available at this time

Critical sandbox escape flaw found in popular vm2 NodeJS library

bleepingcomputer.com - 27/Jan 16:35

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary...

Sorry! Image not available at this time

SmarterTools patches critical SmarterMail flaw allowing code execution

securityaffairs.co - 30/Jan 11:53

SmarterTools fixed two SmarterMail flaws, including a critical bug (CVE-2026-24423) that could allow arbitrary code execution. SmarterTools fixed two...

Sorry! Image not available at this time

Ingress-NGINX Flaw Enables Arbitrary Code Execution Attacks

itsecuritynews.info - 04/Feb 07:02

A high-severity vulnerability has been discovered in the Kubernetes ingress-nginx controller, allowing attackers to execute arbitrary code and...

Sorry! Image not available at this time

Hackers Actively Exploit React Native Metro Server to Target Software Developers

itsecuritynews.info - 04/Feb 05:38

Threat actors are exploiting a critical remote code execution vulnerability in React Native’s Metro development server to deploy sophisticated...

Sorry! Image not available at this time

CISA Adds SolarWinds Web Help Desk RCE Flaw to Known Exploited Vulnerabilities List

itsecuritynews.info - 04/Feb 08:37

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed vulnerability CVE‑2025‑40551 affecting SolarWinds...

Sorry! Image not available at this time

Critical Vulnerability in Python PLY Library Enables Remote Code Execution – PoC Published

itsecuritynews.info - 27/Jan 10:05

A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through...

Sorry! Image not available at this time

Critical Vulnerability in Python PLY Library Enables Remote Code Execution – PoC Published

itsecuritynews.info - 27/Jan 10:05

A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through...

Sorry! Image not available at this time

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

securityaffairs.co - 04/Feb 22:02

Ransomware groups now exploit VMware ESXi vulnerability CVE-2025-22225, patched by Broadcom in March 2025. The U.S. Cybersecurity and Infrastructure...

Sorry! Image not available at this time

Cisco Meeting Management Vulnerability Let Remote Attacker Upload Arbitrary Files

itsecuritynews.info - 10:36

A high-severity security advisory has been issued for a critical vulnerability in Meeting Management software. This vulnerability allows authenticated...

Les derniers communiqués