SecurityVulnerability.io

Collecting, Enriching,
and Displaying
Cyber Security Vulnerabilities

Trending
Vulnerabilities

If it's trending, then it's probably important. Patch quicker!

Authentication Bypass in Palo Alto Networks PAN-OS Software

CVE-2025-0108
Palo Alto...Cloud Ngfw💰👾🟡5.9MEDIUM

Authorization Issue in iPadOS and iOS by Apple

CVE-2025-24200
AppleiPad OS💰👾🟡6.1MEDIUM

SQL Injection Vulnerability in PostgreSQL libpq Functions and Command Line Utilities

CVE-2025-1094
PostgreSQLPostgresql👾🟡8.1HIGH

OpenSSH Vulnerability Allows Man-in-the-Middle Attack via Host Key Verification Flaw

CVE-2025-26465
Red HatRed Hat Ente...👾🟡6.8MEDIUM

LDAP Authentication Bypass in Xerox Products

CVE-2024-12510
XeroxVersalink B4006.7MEDIUM

Reverse Port Forwarding Flaw in Sliver Adversary Emulation Framework

CVE-2025-27090
BishopfoxSliver6.9MEDIUM

Information Disclosure Vulnerability in AnyDesk

CVE-2024-12754
AnydeskAnydesk👾🟡5.5MEDIUM

Privilege Escalation Vulnerability in NetScaler Console and Agent by Citrix

CVE-2024-12284
NetscalerConsole👾8.8HIGH

Stack-Based Buffer Overflow in Ivanti Connect Secure and Policy Secure

CVE-2025-0282
IvantiConnect Secure💰👾🟡9CRITICAL

Trending Cyber News

Read about it, before you get ransomware!

favicon imagehttps://www.nytimes.com/by/jonathan-swan

U.S. Is Releasing Russian Cybercriminal to Moscow, Officials Say

The release is part of a swap with the Kremlin that freed an American schoolteacher being held in a Russian prison.

favicon imageWIRED

Top US Election Security Watchdog Forced to Stop Election Security Work

The US Cybersecurity and Infrastructure Security Agency has frozen efforts to aid states in securing elections, according to an internal memo viewed by WIRED

favicon imageThe Daily Dot

Hackers leak cop manuals for departments nationwide

Lexipol data leak: A 'puppygirl hacker polycule' shared thousands of files from a firm providing policy manuals to law enforcement.

I'm a security expert and I almost fell for this IT job scam

Twice, over the past two months, Dawid Moczadło has interviewed purported job seekers only to discover that these "software developers" were scammers using AI-based tools — likely to get hired at a security...

favicon imageCyberInsider

Chinese Hackers Breach Cisco Devices in Global Telecom Attacks

Salt Typhoon compromised vulnerable Cisco devices worldwide, targeting telecommunications providers across multiple countries.

favicon imageWIRED

China’s Salt Typhoon Spies Are Still Hacking Telecoms—Now by Exploiting Cisco Routers

Despite high-profile attention and even US sanctions, the group hasn’t stopped or even slowed its operation, including the breach of two more US telecoms.

favicon imageInfosecurity Magazine

Apple Update Mitigates “Extremely Sophisticated” Zero-Day Exploit

Apple has patched a zero-day vulnerability being exploited in targeted attacks

favicon imageCybersecurity and Infrastructure Security Agency CISA

CISA and FBI Warn of Malicious Cyber Actors Using Buffer Overflow Vulnerabilities to Compromise Software | CISA

CISA and the Federal Bureau of Investigation (FBI) have released a Secure by Design Alert, Eliminating Buffer Overflow Vulnerabilities, as part of their cooperative Secure by Design Alert series—an ongoing...

The Blog

Advice from the first line...