SecurityVulnerability.io

Collecting, Enriching,
and Displaying
Cyber Security Vulnerabilities

Trending
Vulnerabilities

If it's trending, then it's probably important. Patch quicker!

Authorization Issue in iPadOS and iOS by Apple

CVE-2025-24200
AppleiPad OS💰👾🟡6.1MEDIUM

Authentication Bypass in Palo Alto Networks PAN-OS Software

CVE-2025-0108
Palo Alto...Cloud Ngfw👾🟡5.9MEDIUM

SQL Injection Vulnerability in PostgreSQL libpq Functions and Command Line Utilities

CVE-2025-1094
PostgreSQLPostgresql👾8.1HIGH

Mark-of-the-Web Bypass Vulnerability in 7-Zip by 7-Zip

CVE-2025-0411
7-zip7-zip💰👾🟡7HIGH

Windows Storage Elevation of Privilege Vulnerability in Microsoft Products

CVE-2025-21391
MicrosoftWindows 10 V...👾7.1HIGH

Authentication Bypass Vulnerability in FortiOS and FortiProxy Products

CVE-2025-24472
FortinetFortiOS👾8.1HIGH

Trending Cyber News

Read about it, before you get ransomware!

favicon imagehttps://www.nytimes.com/by/jonathan-swan

U.S. Is Releasing Russian Cybercriminal to Moscow, Officials Say

The release is part of a swap with the Kremlin that freed an American schoolteacher being held in a Russian prison.

favicon imageWIRED

Top US Election Security Watchdog Forced to Stop Election Security Work

The US Cybersecurity and Infrastructure Security Agency has frozen efforts to aid states in securing elections, according to an internal memo viewed by WIRED

favicon imageCybernews

Russia vanishing from the internet behind an Iron Firewall

Russia is isolating its internet-facing infrastructure as in less than a half year, two-thirds of services and devices have vanished.

favicon imageThe Daily Dot

Hackers leak cop manuals for departments nationwide

Lexipol data leak: A 'puppygirl hacker polycule' shared thousands of files from a firm providing policy manuals to law enforcement.

I'm a security expert and I almost fell for this IT job scam

Twice, over the past two months, Dawid Moczadło has interviewed purported job seekers only to discover that these "software developers" were scammers using AI-based tools — likely to get hired at a security...

favicon imageBleepingComputer

Brave now lets you inject custom JavaScript to tweak websites

Brave Browser is getting a new feature called 'custom scriptlets' that lets advanced users inject their own JavaScript into websites, allowing deep customization and control over their browsing experience.

favicon imageWIRED

China’s Salt Typhoon Spies Are Still Hacking Telecoms—Now by Exploiting Cisco Routers

Despite high-profile attention and even US sanctions, the group hasn’t stopped or even slowed its operation, including the breach of two more US telecoms.

favicon imageInfosecurity Magazine

Apple Update Mitigates “Extremely Sophisticated” Zero-Day Exploit

Apple has patched a zero-day vulnerability being exploited in targeted attacks

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) - Help Net Security

Palo Alto Networks has fixed a high-severity PAN-OS authentication bypass vulnerability (CVE-2025-0108), with a public PoC.