CVE Alert: CVE-2025-27095
Vulnerability Summary: CVE-2025-27095 JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to...
Month: April 2025
Cobalt Strike Beacon Detected – 121[.]41[.]63[.]119:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 44[.]193[.]202[.]139:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 39[.]100[.]65[.]83:9090
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]116[.]208[.]81:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]92[.]71[.]92:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-3047
Vulnerability Summary: CVE-2025-3047 When running the AWS Serverless Application Model Command Line Interface (SAM CLI) build process with Docker and...
CVE Alert: CVE-2025-30149
Vulnerability Summary: CVE-2025-30149 OpenEMR is a free and open source electronic health records and medical practice management application. OpenEMR allows...
CVE Alert: CVE-2025-3002
Vulnerability Summary: CVE-2025-3002 A vulnerability, which was classified as critical, has been found in Digital China DCME-520 up to 20250320....
CVE Alert: CVE-2025-30155
Vulnerability Summary: CVE-2025-30155 Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap does not...
CVE Alert: CVE-2025-3048
Vulnerability Summary: CVE-2025-3048 After completing a build with AWS Serverless Application Model Command Line Interface (SAM CLI) which include symlinks,...
CVE Alert: CVE-2025-30005
Vulnerability Summary: CVE-2025-30005 Xorcom CompletePBX is vulnerable to a path traversal via the Diagnostics reporting module, which will allow reading...
CVE Alert: CVE-2025-2794
Vulnerability Summary: CVE-2025-2794 An unsafe reflection vulnerability in Kentico Xperience allows an unauthenticated attacker to kill the current process, leading...
CVE Alert: CVE-2025-2292
Vulnerability Summary: CVE-2025-2292 Xorcom CompletePBX is vulnerable to an authenticated path traversal, allowing for arbitrary file reads via the Backup...
CVE Alert: CVE-2025-3001
Vulnerability Summary: CVE-2025-3001 A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The...
CVE Alert: CVE-2025-30004
Vulnerability Summary: CVE-2025-30004 Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to...
CVE Alert: CVE-2025-30369
Vulnerability Summary: CVE-2025-30369 Zulip is an open-source team collaboration tool. The API for deleting an organization custom profile field is...
CVE Alert: CVE-2025-31116
Vulnerability Summary: CVE-2025-31116 Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static...
CVE Alert: CVE-2025-30223
Vulnerability Summary: CVE-2025-30223 Beego is an open-source web framework for the Go programming language. Prior to 2.3.6, a Cross-Site Scripting...
CVE Alert: CVE-2025-30368
Vulnerability Summary: CVE-2025-30368 Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to...
CVE Alert: CVE-2025-30006
Vulnerability Summary: CVE-2025-30006 Xorcom CompletePBX is vulnerable to a reflected cross-site scripting (XSS) in the administrative control panel. This issue...
CVE Alert: CVE-2025-3004
Vulnerability Summary: CVE-2025-3004 A vulnerability has been found in Sayski ForestBlog up to 20250321 and classified as problematic. Affected by...
CVE Alert: CVE-2025-31125
Vulnerability Summary: CVE-2025-31125 Vite is a frontend tooling framework for javascript. Vite exposes content of non-allowed files using ?inline&import or...
CVE Alert: CVE-2025-3006
Vulnerability Summary: CVE-2025-3006 A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been declared as critical. This...
