SecurityVulnerability.io

Collecting, Enriching,
and Displaying
Cyber Security Vulnerabilities

Trending
Vulnerabilities

If it's trending, then it's probably important. Patch quicker!

Spoofing Vulnerability in Windows NTLM by Microsoft

CVE-2025-24054
MicrosoftWindows 10 V...💰👾🟡5.4MEDIUM

Stack-Based Buffer Overflow in Active! mail by Qualitia

CVE-2025-42599
Qualitia ...Active! Mail 69.8CRITICAL

Remote Code Execution Vulnerability in Erlang/OTP SSH Server

CVE-2025-32433
ErlangOtp💰👾🟡10CRITICAL

Deserialization Vulnerability in Gladinet CentreStack Portal

CVE-2025-30406
GladinetCentrestack💰👾🟣9.8CRITICAL

Apple Patches Race Condition Flaws in macOS, iOS, iPadOS, and Other Systems

CVE-2024-27876
AppleMac OS👾🟡5.5MEDIUM

Improper Authentication Control in AiCloud by ASUS

CVE-2025-2492
ASUSAiCloud💰👾

Trending Cyber News

Read about it, before you get ransomware!

Update PyTorch ASAP

The CVE-2025-32434 vulnerability in PyTorch can lead to remote code execution (RCE). Update the PyTorch framework to 2.6.0 version ASAP.

favicon imageBleepingComputer

Hertz confirms customer info, drivers' licenses stolen in data breach

Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks.

favicon imageSentinelOne

An Official Statement in Response to the April 9, 2025 Executive Order

Read SentinelOne's response to President Donald Trump's Executive Order dated April 9, 2025 here.

favicon imageBleepingComputer

CISA extends funding to ensure 'no lapse in critical CVE services'

CISA says the U.S. government has extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program.

favicon imageNBC News

Federal employee alleges DOGE activity resulted in data breach at labor board

A federal cybersecurity specialist has alleged in a whistleblower statement made public Tuesday that President Donald Trump’s Department of Government Efficiency (DOGE) caused a security breach at the National Labor Relations Board and may have illegally removed sensitive data from the board.

favicon imageBloomberg.com

Avoid Traveling to US or Use Burner Devices, Canadian Executives Tell Staff

Major public institutions in Canada, including a pension management firm and a leading hospital, are advising staff against traveling to the US, marking a greater erosion in the country’s longstanding trust with its neighbor.

favicon imageBleepingComputer

Over 16,000 Fortinet devices compromised with symlink backdoor

Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices.

favicon imageTechNadu

MITRE CVE Updates to Stop After U.S. Funding Expires - TechNadu

MITRE will stop adding new vulnerabilities to its database after the U.S. Government funding for the same expires on April 16.