SecurityVulnerability.io
Collecting, Enriching,
and Displaying
Cyber Security Vulnerabilities
Trending
Vulnerabilities
If it's trending, then it's probably important. Patch quicker!
Sandbox Escape Vulnerability in Firefox for Windows
Ingress-nginx Configuration Vulnerability in Kubernetes
Unauthenticated Access Vulnerability in CrushFTP by CrushFTP, Inc.
Deserialization of Untrusted Data Vulnerability in Sitecore CMS and XP
Sandbox Escape Vulnerability in Mojo of Google Chrome
Security Feature Bypass in Microsoft Management Console
Stack-Based Buffer Overflow in Ivanti Connect Secure and Policy Secure
Vite Frontend Development Tool Susceptible to File Access Vulnerability
Remote Code Execution and Information Disclosure Vulnerability in Apache Tomcat Software
Get Notified When
SecurityVulnerability.io
Launches Alerting 🔔
Well keep you posted 📧
Trending Cyber News
Read about it, before you get ransomware!
Pete Hegseth, Mike Waltz, Tulsi Gabbard: Private Data and Passwords of Senior U.S. Security Officials Found Online
Donald Trump's most important security advisers used Signal to discuss an imminent military strike. Now, reporting by DER SPIEGEL has found that the contact data of some of those officials, including mobile phone numbers, is freely accessible on the internet.

Trump issues executive order seeking greater federal control of elections
The order seeks to withhold federal funding from states that don’t comply, sparking a heated backlash from legal and election experts.
Cybersecurity Professor Mysteriously Disappears as FBI Raids His Homes
Xiaofeng Wang, a longtime computer science professor at Indiana University, has disappeared along with his wife, and their profiles on the school's website were wiped ahead of recent FBI raids.
Oracle Health breach compromises patient data at US hospitals
A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers.

Singapore's new Shared Responsibility Framework compels banks & telcos to prevent phishing scams - TNGlobal
Under the SRF, financial institutions and telcos are required to implement a number of safeguards to protect and monitor fraudulent activities, as well as scam filtering tools and real-time alerts to warn consumers.

I drove 300 miles in rural Virginia, then asked police to send me their public surveillance footage of my car. Here's what I learned.
Two police officers walked into a doughnut shop. It’s not the opening line of a joke; it’s what I saw as I was working on an early draft of this story in March at the Staunton Dunkin’, about a quarter mile...
Oracle customers confirm data stolen in alleged cloud breach is valid
Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid.

Trump’s ‘preparedness’ executive order would shift cyber defense burden where it doesn’t belong, experts say
Many cyber experts are panning a new Trump administration executive order that would shift more responsibilities for responding to cyberattacks to state and local governments.

Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
Water Gamayun exploited CVE-2025-26633 to deploy SilentPrism, DarkWisp, and stealers with persistence.
Apache Tomcat: CVE-2025-24813: Active Exploitation
Learn about CVE-2025-24813 affecting Apache Tomcat products. Patch now to prevent remote code execution.
The Blog
Advice from the first line...