2025-12-31
2025-12-31 17:16Z
INFO

v3.6.2

Nuclei releases·github.com

Nuclei v3.6.2 released with TLS session caching, custom Jira OAuth URL support, and multiple bug fixes including JavaScript template execution restoration, pagination improvements for issue detection, and segmentation fault resolution in flow execution.

SRFApplicationVNDProjectdiscoveryTYPTool
35
Edit Score
2025-12-31
2025-12-31 12:00Z
HIGH

Detect Go’s silent arithmetic bugs with go-panikint

Trail of Bits·blog.trailofbits.com

Trail of Bits released go-panikint, a modified Go compiler that converts silent integer overflows into runtime panics, enabling fuzzing to detect a previously invisible class of vulnerabilities. The tool was validated by discovering a live integer overflow in Cosmos SDK's RPC pagination logic where offset+limit wrapping caused empty result sets instead of panicking.

SRFApplicationTACTA0007VNDCosmosTYPResearchTYPToolSTGDiscoveryTECT1592EXPInteger Overflow
78
Edit Score
2025-12-30
2025-12-30 17:15Z
CRIT

CVE-2025-66848 — Jdcloud Ax1800_firmware: JD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-66848

JD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533 and earlier), BE6500 (4.4.1.r4308 and earlier), ER1 (4.5.1.r4518 and earlier), and ER2 (4.5.1.r4518 and earlier) contain an unauthorized remote command execution vulnerability. CVSSv3.1 9.8 (CRITICAL) · EPSS 59th percentile

CWECWE 94VNDCloudVNDJdcloudTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-12-30
2025-12-30 17:15Z
CRIT

CVE-2025-52835 — Site: Cross-Site Request Forgery (CSRF) vulnerability in ConoHa by GMO WING WordPress Migrator wing-migrator allows

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-52835

Cross-Site Request Forgery (CSRF) vulnerability in ConoHa by GMO WING WordPress Migrator wing-migrator allows Upload a Web Shell to a Web Server.This issue affects WING WordPress Migrator: from n/a through <= 1.2.0. CVSSv3.1 9.6 (CRITICAL)

CWECWE 352TYPVulnerability
9.6
CVSS v3.1
98
Edit Score
2025-12-30
2025-12-30 14:00Z
HIGH

GenAI DevOps: More Code, More Problems

Bishop Fox Labs·bishopfox.com

Bishop Fox research examines security risks from GenAI-assisted code generation in DevOps workflows, where non-developers can ship production code without triggering traditional code review safeguards. The article proposes 15 architectural guardrails—templates, centralized auth, secrets management, CI gates, network policies, and least-privilege isolation—to enforce secure defaults at the infrastructure and pipeline level rather than relying on prompt quality.

SRFApplicationTACTA0005TACTA0001TACTA0002SRFCloudTYPResearchTYPTechniqueSTGDefense Evasion
68
Edit Score
2025-12-30
2025-12-30 11:16Z
HIGH

CVE-2025-69034 — Qodeinteractive Lekker: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-69034

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Lekker lekker allows PHP Local File Inclusion.This issue affects Lekker: from n/a through <= 1.8. CVSSv3.1 8.1 (HIGH)

CWECWE 98VNDQodeinteractiveTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-30
2025-12-30 11:15Z
HIGH

CVE-2025-68990 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68990

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in xenioushk BWL Pro Voting Manager bwl-pro-voting-manager allows Blind SQL Injection.This issue affects BWL Pro Voting Manager: from n/a through <= 1.4.9. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
728 × 90 / responsive · programmatic ad slot
2025-12-29
2025-12-29 22:15Z
CRIT

CVE-2025-68860 — Authentication: Bypass Using an Alternate Path or Channel vulnerability in Mobile Builder Mobile builder

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68860

Authentication Bypass Using an Alternate Path or Channel vulnerability in Mobile Builder Mobile builder mobile-builder allows Authentication Abuse.This issue affects Mobile builder: from n/a through <= 1.4.2. CVSSv3.1 9.8 (CRITICAL)

CWECWE 288TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-12-29
2025-12-29 22:15Z
CRIT

CVE-2025-68562 — Upload: Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Upload

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68562

Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through <= 8.7.3. CVSSv3.1 9.9 (CRITICAL)

CWECWE 434TYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2025-12-29
2025-12-29 22:01Z
HIGH

Bugs that survive the heat of continuous fuzzing

GitHub Security Lab researcher Antonio Morales documents how critical vulnerabilities persist in heavily-fuzzed open-source projects (GStreamer, Poppler, Exiv2) despite years of continuous fuzzing via OSS-Fuzz. The analysis reveals systematic gaps: inadequate fuzzer coverage (GStreamer 19% vs OpenSSL 139 fuzzers), unfuzzed dependencies shipped in production (DjVuLibre in Evince), and asymmetric fuzzing focus (decode vs encode paths). Morales proposes a five-step fuzzing workflow emphasizing >90% code coverage, context-sensitive coverage, value coverage, and fault injection to close detection gaps.

SRFApplicationTACTA0043SRFSupply ChainTYPResearchTYPTechniqueSTGDiscovery
82
Edit Score
2025-12-29
2025-12-29 16:15Z
CRIT

CVE-2025-68897 — Control: Improper Control of Generation of Code ('Code Injection') vulnerability in Mohammad I.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68897

Improper Control of Generation of Code ('Code Injection') vulnerability in Mohammad I. Okfie IF AS Shortcode if-as-shortcode allows Code Injection.This issue affects IF AS Shortcode: from n/a through <= 1.2. CVSSv3.1 9.9 (CRITICAL)

CWECWE 94TYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2025-12-26
2025-12-26 16:31Z
HIGH

v1.5.0

NetExec releases·github.comCVE-2025-33073

NetExec v1.5.0 released with 100+ commits adding significant offensive capabilities including raw NTDS dumping via disk mounting (bypassing AV), RDP command execution, ADCS certificate abuse via schtask_as, cross-forest privilege escalation (raisechild module), and expanded credential extraction from event logs, SCCM, Entra ID sync servers, and MSSQL. Major refactoring includes database improvements, module categorization, and support for BloodHound Community Edition.

SRFOsTACTA0004TACTA0005TACTA0001SRFNetworkTACTA0006TACTA0007SRFIdentity
82
Edit Score
2025-12-26
2025-12-26 16:15Z
HIGH

CVE-2025-66738 — Yealink Sip-t21\(p\)e2_firmware: An issue in Yealink T21P_E2 Phone 52.84.0.15 allows a remote normal privileged attacker to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-66738

An issue in Yealink T21P_E2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component. CVSSv3.1 8.8 (HIGH) · EPSS 44th percentile

CWECWE 77VNDYealinkTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-12-24
2025-12-24 15:16Z
HIGH

CVE-2025-2155 — Upload: Specto CM allows Remote Code Inclusion.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-2155

Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Remote Code Inclusion. This issue affects Specto CM: before 17032025. CVSSv3.1 8.8 (HIGH) · EPSS 21th percentile

CWECWE 434TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-12-24
2025-12-24 13:16Z
HIGH

CVE-2025-68519 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68519

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affects Brands for WooCommerce: from n/a through <= 3.8.6.3. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-12-24
2025-12-24 13:16Z
HIGH

CVE-2025-68506 — Control: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68506

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Nawawi Jamili Docket Cache docket-cache allows PHP Local File Inclusion.This issue affects Docket Cache: from n/a through <= 24.07.03. CVSSv3.1 8.1 (HIGH)

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-12-23
2025-12-23 23:15Z
HIGH

CVE-2025-68696 — Jnunemaker Httparty: In versions 0.23.2 and prior, httparty is vulnerable to SSRF.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-68696

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd. CVSSv3.1 8.2 (HIGH) · EPSS 22th percentile

CWECWE 918VNDJnunemakerVNDApiTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2025-12-23
2025-12-23 20:04Z
HIGH

SpicyAD — SpicyAD is a C# Active Directory penetration testing tool designed for authorized security assessments. It combines mult

GitHub · AD attack tooling·github.comGITHUB POC

SpicyAD is a new C# Active Directory penetration testing framework that consolidates enumeration, Kerberos attacks (kerberoasting, AS-REP roasting, targeted kerberoasting), ADCS exploitation (ESC1/ESC4), credential theft (shadow credentials, RBCD), and AD object manipulation into a single tool with both interactive and CLI modes. The tool supports domain-joined and non-domain-joined execution, in-memory reflection loading, and automatic attack chains.

SRFOsTACTA0001TACTA0006TACTA0007SRFIdentityTACTA0043VNDMicrosoftTYPResearch
68
Edit Score
2025-12-23
2025-12-23 17:00Z
INFO

Mapping Deception with BloodHound OpenGraph

SpecterOps·specterops.io

SpecterOps published a comprehensive guide on using BloodHound OpenGraph and deception technologies to map and deploy high-fidelity deceptions across Active Directory and third-party systems. The article covers attack path analysis, the F4keH0und tool for identifying deception opportunities in AD, and introduces deceptionClone—a utility for modeling deceptions within OpenGraph graphs to ensure attackers discover and interact with deception artifacts contextually.

SRFApplicationTACTA0001SRFIdentityTACTA0003SRFCloudVNDBloodhoundVNDSpecteropsTYPResearch
72
Edit Score
2025-12-23
2025-12-23 16:16Z
CRIT

CVE-2025-67109 — Eclipse Cyclone_data_distribution_service: Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-67109

Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges. CVSSv3.1 10.0 (CRITICAL) · EPSS 22th percentile

CWECWE 298VNDEclipseTYPVulnerability
10.0
CVSS v3.1
100
Edit Score
2025-12-23
2025-12-23 16:16Z
CRIT

CVE-2025-67108 — Eprosima Fast_dds: Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections. CVSSv3.1 10.0 (CRITICAL) · EPSS 22th percentile

CWECWE 298CWECWE 370VNDEprosimaVNDFastTYPVulnerability
10.0
CVSS v3.1
100
Edit Score
2025-12-22
2025-12-22 22:16Z
CRIT

CVE-2025-65856 — Xiongmaitech Xm530v200_x6-weq_8m_firmware: Authentication bypass vulnerability in Xiongmai XM530 IP cameras on Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 allows unauthenti

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-65856

Authentication bypass vulnerability in Xiongmai XM530 IP cameras on Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 allows unauthenticated remote attackers to access sensitive device information and live video streams. The ONVIF implementation fails to enforce authentication on 31 critical endpoints, enabling direct unauthorized video stream access. CVSSv3.1 9.8 (CRITICAL) · EPSS 54th percentile

CWECWE 306VNDXiongmaitechTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-12-22
2025-12-22 20:15Z
CRIT

CVE-2025-67418 — Oxygenz Clipbucket: 5.5.2 is affected by an improper access control issue where the product is

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-67418

ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application. CVSSv3.1 9.8 (CRITICAL) · EPSS 43th percentile

CWECWE 798VNDClipbucketVNDOxygenzTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-12-22
2025-12-22 19:15Z
CRIT

CVE-2025-67288 — Umbraco Umbraco_cms: An arbitrary file upload vulnerability in Umbraco CMS v16.3.3 allows attackers to execute arbitrary

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-67288

An arbitrary file upload vulnerability in Umbraco CMS v16.3.3 allows attackers to execute arbitrary code by uploading a crafted PDF file. NOTE: this is disputed by the Supplier because the responsibility for file validation (as shown in the documentation) belongs to the system administrator who is implementing Umbraco CMS in their environment, not to Umbraco CMS itself, a related issue to CVE-2023-49279. CVSSv3.1 10.0 (CRITICAL) · EPSS 39th percentile

CWECWE 434VNDUmbracoTYPVulnerability
10.0
CVSS v3.1
100
Edit Score
2025-12-22
2025-12-22 18:16Z
CRIT

CVE-2025-67289 — Frappe Erpnext: An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-67289

An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code via uploading a crafted XML file. CVSSv3.1 9.6 (CRITICAL) · EPSS 35th percentile

CWECWE 434CWECWE 79VNDFrappeTYPVulnerability
9.6
CVSS v3.1
98
Edit Score